summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGreg Hudson <ghudson@mit.edu>2009-11-14 18:56:43 +0000
committerGreg Hudson <ghudson@mit.edu>2009-11-14 18:56:43 +0000
commitbe4e9d973c2717872663010c9c02f8bc75cb18a5 (patch)
tree7e9080437aebd7807d08a27ac454a3144ef5ec1d
parent8852050c9361822bd182634ee2ce833d4d9f14e8 (diff)
downloadkrb5-be4e9d973c2717872663010c9c02f8bc75cb18a5.tar.gz
krb5-be4e9d973c2717872663010c9c02f8bc75cb18a5.tar.xz
krb5-be4e9d973c2717872663010c9c02f8bc75cb18a5.zip
Reindent include directory, reformatting prototypes as necessary.
Exclude include/gssrpc due to its Sun origin and k5-platform.h due to macros too hairy for emacs c-mode to handle. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23180 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat
-rw-r--r--src/Makefile.in3
-rw-r--r--src/include/CredentialsCache.h589
-rw-r--r--src/include/CredentialsCache2.h111
-rw-r--r--src/include/adm.h275
-rw-r--r--src/include/adm_proto.h114
-rw-r--r--src/include/cm.h25
-rw-r--r--src/include/copyright.h1
-rw-r--r--src/include/fake-addrinfo.h121
-rw-r--r--src/include/foreachaddr.h13
-rw-r--r--src/include/gssapi.h1
-rw-r--r--src/include/iprop.h237
-rw-r--r--src/include/iprop_hdr.h25
-rw-r--r--src/include/k5-buf.h2
-rw-r--r--src/include/k5-err.h19
-rw-r--r--src/include/k5-gmt_mktime.h3
-rw-r--r--src/include/k5-int-pkinit.h249
-rw-r--r--src/include/k5-int.h3240
-rw-r--r--src/include/k5-ipc_stream.h29
-rw-r--r--src/include/k5-platform.h285
-rw-r--r--src/include/k5-plugin.h13
-rw-r--r--src/include/k5-thread.h327
-rw-r--r--src/include/k5-unicode.h11
-rw-r--r--src/include/k5-utf8.h105
-rw-r--r--src/include/k5-util.h21
-rw-r--r--src/include/kdb.h779
-rw-r--r--src/include/kdb_ext.h89
-rw-r--r--src/include/kdb_kt.h1
-rw-r--r--src/include/kdb_log.h117
-rw-r--r--src/include/kim/kim.h1
-rw-r--r--src/include/kim/kim_ccache.h25
-rw-r--r--src/include/kim/kim_credential.h3
-rw-r--r--src/include/kim/kim_identity.h35
-rw-r--r--src/include/kim/kim_library.h1
-rw-r--r--src/include/kim/kim_options.h1
-rw-r--r--src/include/kim/kim_preferences.h35
-rw-r--r--src/include/kim/kim_selection_hints.h25
-rw-r--r--src/include/kim/kim_string.h3
-rw-r--r--src/include/kim/kim_types.h1
-rw-r--r--src/include/kim/kim_ui_plugin.h3
-rw-r--r--src/include/krb5.h1
-rw-r--r--src/include/krb5/authdata_plugin.h203
-rw-r--r--src/include/krb5/krb5.hin2940
-rw-r--r--src/include/krb5/locate_plugin.h13
-rw-r--r--src/include/krb5/preauth_plugin.h221
-rw-r--r--src/include/osconf.hin76
-rw-r--r--src/include/pkinit_apple_utils.h39
-rw-r--r--src/include/pkinit_asn1.h85
-rw-r--r--src/include/pkinit_cert_store.h41
-rw-r--r--src/include/pkinit_client.h41
-rw-r--r--src/include/pkinit_cms.h65
-rw-r--r--src/include/port-sockets.h127
-rw-r--r--src/include/socket-utils.h1
-rw-r--r--src/include/spnego-asn1.h19
-rw-r--r--src/include/win-mac.h31
54 files changed, 5219 insertions, 5622 deletions
diff --git a/src/Makefile.in b/src/Makefile.in
index 92969b35b5..7d6e05eb8a 100644
--- a/src/Makefile.in
+++ b/src/Makefile.in
@@ -662,6 +662,7 @@ PYTHON = python
INDENTDIRS = \
clients \
+ include \
kadmin \
kdc \
lib/kadm5 \
@@ -684,6 +685,8 @@ BSDFILES = \
slave/kpropd_rpc.c
OTHEREXCLUDES = \
+ include/k5-platform.h \
+ include/gssrpc \
lib/krb5/asn.1/asn1_decode.h \
lib/krb5/asn.1/asn1_encode.h \
lib/krb5/asn.1/asn1_k_encode.c \
diff --git a/src/include/CredentialsCache.h b/src/include/CredentialsCache.h
index 656b436255..75c4ce7642 100644
--- a/src/include/CredentialsCache.h
+++ b/src/include/CredentialsCache.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* $Header$
*
@@ -57,7 +58,7 @@ extern "C" {
#endif
#if defined(_WIN32)
-#define CCACHE_API __declspec(dllexport)
+#define CCACHE_API __declspec(dllexport)
#if _INTEGRAL_MAX_BITS >= 64 && _MSC_VER >= 1500 && !defined(_WIN64) && !defined(_USE_32BIT_TIME_T)
#if defined(_TIME_T_DEFINED) || defined(_INC_IO) || defined(_INC_TIME) || defined(_INC_WCHAR)
@@ -268,7 +269,7 @@ enum {
ccErrInvalidCCache, /*!< CCache is invalid (e.g., it was released or destroyed). */
/* 206 */
- ccErrInvalidString, /*!< String is invalid (e.g., it was released). */
+ ccErrInvalidString, /*!< String is invalid (e.g., it was released). */
ccErrInvalidCredentials, /*!< Credentials are invalid (e.g., they were released), or they have a bad version. */
ccErrInvalidCCacheIterator, /*!< CCache iterator is invalid (e.g., it was released). */
ccErrInvalidCredentialsIterator, /*!< Credentials iterator is invalid (e.g., it was released). */
@@ -282,7 +283,7 @@ enum {
ccErrContextUnlocked, /*!< Context is not locked by the caller. */
/* 216 */
- ccErrCCacheLocked, /*!< CCache is already locked. */
+ ccErrCCacheLocked, /*!< CCache is already locked. */
ccErrCCacheUnlocked, /*!< CCache is not locked by the caller. */
ccErrBadLockType, /*!< Bad lock type. */
ccErrNeverDefault, /*!< CCache was never default. */
@@ -359,7 +360,7 @@ enum cc_lock_modes {
enum {
/* Make sure all of these are multiples of four (for alignment sanity) */
cc_v4_name_size = 40,
- cc_v4_instance_size = 40,
+ cc_v4_instance_size = 40,
cc_v4_realm_size = 40,
cc_v4_ticket_size = 1254,
cc_v4_key_size = 8
@@ -552,11 +553,11 @@ typedef struct cc_credentials_v4_t cc_credentials_v4_t;
*/
struct cc_data {
/*! The type of the data as defined by the krb5_data structure. */
- cc_uint32 type;
+ cc_uint32 type;
/*! The length of \a data. */
- cc_uint32 length;
+ cc_uint32 length;
/*! The data buffer. */
- void* data;
+ void* data;
};
typedef struct cc_data cc_data;
@@ -599,14 +600,14 @@ typedef struct cc_credentials_v5_t cc_credentials_v5_t;
struct cc_credentials_union {
/*! The credentials version of this credentials object. */
- cc_uint32 version;
+ cc_uint32 version;
/*! The credentials. */
union {
- /*! If \a version is #cc_credentials_v4, a pointer to a cc_credentials_v4_t. */
- cc_credentials_v4_t* credentials_v4;
- /*! If \a version is #cc_credentials_v5, a pointer to a cc_credentials_v5_t. */
- cc_credentials_v5_t* credentials_v5;
- } credentials;
+ /*! If \a version is #cc_credentials_v4, a pointer to a cc_credentials_v4_t. */
+ cc_credentials_v4_t* credentials_v4;
+ /*! If \a version is #cc_credentials_v5, a pointer to a cc_credentials_v5_t. */
+ cc_credentials_v5_t* credentials_v5;
+ } credentials;
};
typedef struct cc_credentials_union cc_credentials_union;
@@ -756,224 +757,224 @@ struct cc_context_f {
const char *in_name,
cc_ccache_t *out_ccache);
- /*!
- * \param in_context the context object for the cache collection.
- * \param out_ccache on exit, a ccache object for the default ccache
- * \return On success, #ccNoError. If no default ccache exists,
- * #ccErrCCacheNotFound. On failure, an error code representing the failure.
- * \brief \b cc_context_open_default_ccache(): Open the default ccache.
- *
- * Opens the default ccache. It returns a reference to the ccache in *ccache.
- *
- * This function performs the same function as calling
- * cc_context_get_default_ccache_name followed by cc_context_open_ccache,
- * but it performs it atomically.
- */
+ /*!
+ * \param in_context the context object for the cache collection.
+ * \param out_ccache on exit, a ccache object for the default ccache
+ * \return On success, #ccNoError. If no default ccache exists,
+ * #ccErrCCacheNotFound. On failure, an error code representing the failure.
+ * \brief \b cc_context_open_default_ccache(): Open the default ccache.
+ *
+ * Opens the default ccache. It returns a reference to the ccache in *ccache.
+ *
+ * This function performs the same function as calling
+ * cc_context_get_default_ccache_name followed by cc_context_open_ccache,
+ * but it performs it atomically.
+ */
cc_int32 (*open_default_ccache) (cc_context_t in_context,
cc_ccache_t *out_ccache);
- /*!
- * \param in_context the context object for the cache collection.
- * \param in_name the name of the new ccache to create
- * \param in_cred_vers the version of the credentials the new ccache will hold
- * \param in_principal the client principal of the credentials the new ccache will hold
- * \param out_ccache on exit, a ccache object for the newly created ccache
- * \return On success, #ccNoError. On failure, an error code representing the failure.
- * \brief \b cc_context_create_ccache(): Create a new ccache.
- *
- * Create a new credentials cache. The ccache is uniquely identified by its name.
- * The principal given is also associated with the ccache and the credentials
- * version specified. A NULL name is not allowed (and ccErrBadName is returned
- * if one is passed in). Only cc_credentials_v4 and cc_credentials_v5 are valid
- * input values for cred_vers. If you want to create a new ccache that will hold
- * both versions of credentials, call cc_context_create_ccache() with one version,
- * and then cc_ccache_set_principal() with the other version.
- *
- * If you want to create a new ccache (with a unique name), you should use
- * cc_context_create_new_ccache() instead. If you want to create or reinitialize
- * the default cache, you should use cc_context_create_default_ccache().
- *
- * If name is non-NULL and there is already a ccache named name:
- *
- * \li the credentials in the ccache whose version is cred_vers are removed
- * \li the principal (of the existing ccache) associated with cred_vers is set to principal
- * \li a handle for the existing ccache is returned and all existing handles for the ccache remain valid
- *
- * If no ccache named name already exists:
- *
- * \li a new empty ccache is created
- * \li the principal of the new ccache associated with cred_vers is set to principal
- * \li a handle for the new ccache is returned
- *
- * For a new ccache, the name should be any unique string. The name is not
- * intended to be presented to users.
- *
- * If the created ccache is the first ccache in the collection, it is made
- * the default ccache. Note that normally it is undesirable to create the first
- * ccache with a name different from the default ccache name (as returned by
- * cc_context_get_default_ccache_name()); see the description of
- * cc_context_get_default_ccache_name() for details.
- *
- * The principal should be a C string containing an unparsed Kerberos principal
- * in the format of the appropriate Kerberos version, i.e. \verbatim foo.bar/@BAZ
- * \endverbatim for Kerberos v4 and \verbatim foo/bar/@BAZ \endverbatim
- * for Kerberos v5.
- */
- cc_int32 (*create_ccache) (cc_context_t in_context,
+ /*!
+ * \param in_context the context object for the cache collection.
+ * \param in_name the name of the new ccache to create
+ * \param in_cred_vers the version of the credentials the new ccache will hold
+ * \param in_principal the client principal of the credentials the new ccache will hold
+ * \param out_ccache on exit, a ccache object for the newly created ccache
+ * \return On success, #ccNoError. On failure, an error code representing the failure.
+ * \brief \b cc_context_create_ccache(): Create a new ccache.
+ *
+ * Create a new credentials cache. The ccache is uniquely identified by its name.
+ * The principal given is also associated with the ccache and the credentials
+ * version specified. A NULL name is not allowed (and ccErrBadName is returned
+ * if one is passed in). Only cc_credentials_v4 and cc_credentials_v5 are valid
+ * input values for cred_vers. If you want to create a new ccache that will hold
+ * both versions of credentials, call cc_context_create_ccache() with one version,
+ * and then cc_ccache_set_principal() with the other version.
+ *
+ * If you want to create a new ccache (with a unique name), you should use
+ * cc_context_create_new_ccache() instead. If you want to create or reinitialize
+ * the default cache, you should use cc_context_create_default_ccache().
+ *
+ * If name is non-NULL and there is already a ccache named name:
+ *
+ * \li the credentials in the ccache whose version is cred_vers are removed
+ * \li the principal (of the existing ccache) associated with cred_vers is set to principal
+ * \li a handle for the existing ccache is returned and all existing handles for the ccache remain valid
+ *
+ * If no ccache named name already exists:
+ *
+ * \li a new empty ccache is created
+ * \li the principal of the new ccache associated with cred_vers is set to principal
+ * \li a handle for the new ccache is returned
+ *
+ * For a new ccache, the name should be any unique string. The name is not
+ * intended to be presented to users.
+ *
+ * If the created ccache is the first ccache in the collection, it is made
+ * the default ccache. Note that normally it is undesirable to create the first
+ * ccache with a name different from the default ccache name (as returned by
+ * cc_context_get_default_ccache_name()); see the description of
+ * cc_context_get_default_ccache_name() for details.
+ *
+ * The principal should be a C string containing an unparsed Kerberos principal
+ * in the format of the appropriate Kerberos version, i.e. \verbatim foo.bar/@BAZ
+ * \endverbatim for Kerberos v4 and \verbatim foo/bar/@BAZ \endverbatim
+ * for Kerberos v5.
+ */
+ cc_int32 (*create_ccache) (cc_context_t in_context,
const char *in_name,
cc_uint32 in_cred_vers,
const char *in_principal,
cc_ccache_t *out_ccache);
- /*!
- * \param in_context the context object for the cache collection.
- * \param in_cred_vers the version of the credentials the new default ccache will hold
- * \param in_principal the client principal of the credentials the new default ccache will hold
- * \param out_ccache on exit, a ccache object for the newly created default ccache
- * \return On success, #ccNoError. On failure, an error code representing the failure.
- * \brief \b cc_context_create_default_ccache(): Create a new default ccache.
- *
- * Create the default credentials cache. The behavior of this function is
- * similar to that of cc_create_ccache(). If there is a default ccache
- * (which is always the case except when there are no ccaches at all in
- * the collection), it is initialized with the specified credentials version
- * and principal, as per cc_create_ccache(); otherwise, a new ccache is
- * created, and its name is the name returned by
- * cc_context_get_default_ccache_name().
- */
- cc_int32 (*create_default_ccache) (cc_context_t in_context,
+ /*!
+ * \param in_context the context object for the cache collection.
+ * \param in_cred_vers the version of the credentials the new default ccache will hold
+ * \param in_principal the client principal of the credentials the new default ccache will hold
+ * \param out_ccache on exit, a ccache object for the newly created default ccache
+ * \return On success, #ccNoError. On failure, an error code representing the failure.
+ * \brief \b cc_context_create_default_ccache(): Create a new default ccache.
+ *
+ * Create the default credentials cache. The behavior of this function is
+ * similar to that of cc_create_ccache(). If there is a default ccache
+ * (which is always the case except when there are no ccaches at all in
+ * the collection), it is initialized with the specified credentials version
+ * and principal, as per cc_create_ccache(); otherwise, a new ccache is
+ * created, and its name is the name returned by
+ * cc_context_get_default_ccache_name().
+ */
+ cc_int32 (*create_default_ccache) (cc_context_t in_context,
cc_uint32 in_cred_vers,
const char *in_principal,
cc_ccache_t *out_ccache);
- /*!
- * \param in_context the context object for the cache collection.
- * \param in_cred_vers the version of the credentials the new ccache will hold
- * \param in_principal the client principal of the credentials the new ccache will hold
- * \param out_ccache on exit, a ccache object for the newly created ccache
- * \return On success, #ccNoError. On failure, an error code representing the failure.
- * \brief \b cc_context_create_new_ccache(): Create a new uniquely named ccache.
- *
- * Create a new unique credentials cache. The behavior of this function
- * is similar to that of cc_create_ccache(). If there are no ccaches, and
- * therefore no default ccache, the new ccache is created with the default
- * ccache name as would be returned by get_default_ccache_name(). If there
- * are some ccaches, and therefore there is a default ccache, the new ccache
- * is created with a new unique name. Clearly, this function never reinitializes
- * a ccache, since it always uses a unique name.
- */
- cc_int32 (*create_new_ccache) (cc_context_t in_context,
+ /*!
+ * \param in_context the context object for the cache collection.
+ * \param in_cred_vers the version of the credentials the new ccache will hold
+ * \param in_principal the client principal of the credentials the new ccache will hold
+ * \param out_ccache on exit, a ccache object for the newly created ccache
+ * \return On success, #ccNoError. On failure, an error code representing the failure.
+ * \brief \b cc_context_create_new_ccache(): Create a new uniquely named ccache.
+ *
+ * Create a new unique credentials cache. The behavior of this function
+ * is similar to that of cc_create_ccache(). If there are no ccaches, and
+ * therefore no default ccache, the new ccache is created with the default
+ * ccache name as would be returned by get_default_ccache_name(). If there
+ * are some ccaches, and therefore there is a default ccache, the new ccache
+ * is created with a new unique name. Clearly, this function never reinitializes
+ * a ccache, since it always uses a unique name.
+ */
+ cc_int32 (*create_new_ccache) (cc_context_t in_context,
cc_uint32 in_cred_vers,
const char *in_principal,
cc_ccache_t *out_ccache);
- /*!
- * \param in_context the context object for the cache collection.
- * \param out_iterator on exit, a ccache iterator object for the ccache collection.
- * \return On success, #ccNoError. On failure, an error code representing the failure.
- * \brief \b cc_context_new_ccache_iterator(): Get an iterator for the cache collection.
- *
- * Used to allocate memory and initialize iterator. Successive calls to iterator's
- * next() function will return ccaches in the collection.
- *
- * If changes are made to the collection while an iterator is being used
- * on it, the iterator must return at least the intersection, and at most
- * the union, of the set of ccaches that were present when the iteration
- * began and the set of ccaches that are present when it ends.
- */
- cc_int32 (*new_ccache_iterator) (cc_context_t in_context,
+ /*!
+ * \param in_context the context object for the cache collection.
+ * \param out_iterator on exit, a ccache iterator object for the ccache collection.
+ * \return On success, #ccNoError. On failure, an error code representing the failure.
+ * \brief \b cc_context_new_ccache_iterator(): Get an iterator for the cache collection.
+ *
+ * Used to allocate memory and initialize iterator. Successive calls to iterator's
+ * next() function will return ccaches in the collection.
+ *
+ * If changes are made to the collection while an iterator is being used
+ * on it, the iterator must return at least the intersection, and at most
+ * the union, of the set of ccaches that were present when the iteration
+ * began and the set of ccaches that are present when it ends.
+ */
+ cc_int32 (*new_ccache_iterator) (cc_context_t in_context,
cc_ccache_iterator_t *out_iterator);
- /*!
- * \param in_context the context object for the cache collection.
- * \param in_lock_type the type of lock to obtain.
- * \param in_block whether or not the function should block if the lock cannot be obtained immediately.
- * \return On success, #ccNoError. On failure, an error code representing the failure.
- * \brief \b cc_context_lock(): Lock the cache collection.
- *
- * Attempts to acquire an advisory lock for the ccache collection. Allowed values
- * for lock_type are:
- *
- * \li cc_lock_read: a read lock.
- * \li cc_lock_write: a write lock
- * \li cc_lock_upgrade: upgrade an already-obtained read lock to a write lock
- * \li cc_lock_downgrade: downgrade an already-obtained write lock to a read lock
- *
- * If block is cc_lock_block, lock() will not return until the lock is acquired.
- * If block is cc_lock_noblock, lock() will return immediately, either acquiring
- * the lock and returning ccNoError, or failing to acquire the lock and returning
- * an error explaining why.
- *
- * Locks apply only to the list of ccaches, not the contents of those ccaches. To
- * prevent callers participating in the advisory locking from changing the credentials
- * in a cache you must also lock that ccache with cc_ccache_lock(). This is so
- * that you can get the list of ccaches without preventing applications from
- * simultaneously obtaining service tickets.
- *
- * To avoid having to deal with differences between thread semantics on different
- * platforms, locks are granted per context, rather than per thread or per process.
- * That means that different threads of execution have to acquire separate contexts
- * in order to be able to synchronize with each other.
- *
- * The lock should be unlocked by using cc_context_unlock().
- *
- * \note All locks are advisory. For example, callers which do not call
- * cc_context_lock() and cc_context_unlock() will not be prevented from writing
- * to the cache collection when you have a read lock. This is because the CCAPI
- * locking was added after the first release and thus adding mandatory locks would
- * have changed the user experience and performance of existing applications.
- */
- cc_int32 (*lock) (cc_context_t in_context,
+ /*!
+ * \param in_context the context object for the cache collection.
+ * \param in_lock_type the type of lock to obtain.
+ * \param in_block whether or not the function should block if the lock cannot be obtained immediately.
+ * \return On success, #ccNoError. On failure, an error code representing the failure.
+ * \brief \b cc_context_lock(): Lock the cache collection.
+ *
+ * Attempts to acquire an advisory lock for the ccache collection. Allowed values
+ * for lock_type are:
+ *
+ * \li cc_lock_read: a read lock.
+ * \li cc_lock_write: a write lock
+ * \li cc_lock_upgrade: upgrade an already-obtained read lock to a write lock
+ * \li cc_lock_downgrade: downgrade an already-obtained write lock to a read lock
+ *
+ * If block is cc_lock_block, lock() will not return until the lock is acquired.
+ * If block is cc_lock_noblock, lock() will return immediately, either acquiring
+ * the lock and returning ccNoError, or failing to acquire the lock and returning
+ * an error explaining why.
+ *
+ * Locks apply only to the list of ccaches, not the contents of those ccaches. To
+ * prevent callers participating in the advisory locking from changing the credentials
+ * in a cache you must also lock that ccache with cc_ccache_lock(). This is so
+ * that you can get the list of ccaches without preventing applications from
+ * simultaneously obtaining service tickets.
+ *
+ * To avoid having to deal with differences between thread semantics on different
+ * platforms, locks are granted per context, rather than per thread or per process.
+ * That means that different threads of execution have to acquire separate contexts
+ * in order to be able to synchronize with each other.
+ *
+ * The lock should be unlocked by using cc_context_unlock().
+ *
+ * \note All locks are advisory. For example, callers which do not call
+ * cc_context_lock() and cc_context_unlock() will not be prevented from writing
+ * to the cache collection when you have a read lock. This is because the CCAPI
+ * locking was added after the first release and thus adding mandatory locks would
+ * have changed the user experience and performance of existing applications.
+ */
+ cc_int32 (*lock) (cc_context_t in_context,
cc_uint32 in_lock_type,
cc_uint32 in_block);
- /*!
- * \param in_context the context object for the cache collection.
- * \return On success, #ccNoError. On failure, an error code representing the failure.
- * \brief \b cc_context_unlock(): Unlock the cache collection.
- */
- cc_int32 (*unlock) (cc_context_t in_cc_context);
-
- /*!
- * \param in_context a context object.
- * \param in_compare_to_context a context object to compare with \a in_context.
- * \param out_equal on exit, whether or not the two contexts refer to the same cache collection.
- * \return On success, #ccNoError. On failure, an error code representing the failure.
- * \brief \b cc_context_compare(): Compare two context objects.
- */
- cc_int32 (*compare) (cc_context_t in_cc_context,
- cc_context_t in_compare_to_context,
- cc_uint32 *out_equal);
-
- /*!
- * \param in_context a context object.
- * \return On success, #ccNoError. On failure, an error code representing the failure.
- * \brief \b cc_context_wait_for_change(): Wait for the next change in the cache collection.
- *
- * This function blocks until the next change is made to the cache collection
- * ccache collection. By repeatedly calling cc_context_wait_for_change() from
- * a worker thread the caller can effectively receive callbacks whenever the
- * cache collection changes. This is considerably more efficient than polling
- * with cc_context_get_change_time().
- *
- * cc_context_wait_for_change() will return whenever:
- *
- * \li a ccache is created
- * \li a ccache is destroyed
- * \li a credential is stored
- * \li a credential is removed
- * \li a ccache principal is changed
- * \li the default ccache is changed
- *
- * \note In order to make sure that the caller doesn't miss any changes,
- * cc_context_wait_for_change() always returns immediately after the first time it
- * is called on a new context object. Callers must use the same context object
- * for successive calls to cc_context_wait_for_change() rather than creating a new
- * context for every call.
- *
- * \sa get_change_time
- */
- cc_int32 (*wait_for_change) (cc_context_t in_cc_context);
+ /*!
+ * \param in_context the context object for the cache collection.
+ * \return On success, #ccNoError. On failure, an error code representing the failure.
+ * \brief \b cc_context_unlock(): Unlock the cache collection.
+ */
+ cc_int32 (*unlock) (cc_context_t in_cc_context);
+
+ /*!
+ * \param in_context a context object.
+ * \param in_compare_to_context a context object to compare with \a in_context.
+ * \param out_equal on exit, whether or not the two contexts refer to the same cache collection.
+ * \return On success, #ccNoError. On failure, an error code representing the failure.
+ * \brief \b cc_context_compare(): Compare two context objects.
+ */
+ cc_int32 (*compare) (cc_context_t in_cc_context,
+ cc_context_t in_compare_to_context,
+ cc_uint32 *out_equal);
+
+ /*!
+ * \param in_context a context object.
+ * \return On success, #ccNoError. On failure, an error code representing the failure.
+ * \brief \b cc_context_wait_for_change(): Wait for the next change in the cache collection.
+ *
+ * This function blocks until the next change is made to the cache collection
+ * ccache collection. By repeatedly calling cc_context_wait_for_change() from
+ * a worker thread the caller can effectively receive callbacks whenever the
+ * cache collection changes. This is considerably more efficient than polling
+ * with cc_context_get_change_time().
+ *
+ * cc_context_wait_for_change() will return whenever:
+ *
+ * \li a ccache is created
+ * \li a ccache is destroyed
+ * \li a credential is stored
+ * \li a credential is removed
+ * \li a ccache principal is changed
+ * \li the default ccache is changed
+ *
+ * \note In order to make sure that the caller doesn't miss any changes,
+ * cc_context_wait_for_change() always returns immediately after the first time it
+ * is called on a new context object. Callers must use the same context object
+ * for successive calls to cc_context_wait_for_change() rather than creating a new
+ * context for every call.
+ *
+ * \sa get_change_time
+ */
+ cc_int32 (*wait_for_change) (cc_context_t in_cc_context);
};
/*!
@@ -1462,136 +1463,136 @@ CCACHE_API cc_int32 cc_initialize (cc_context_t *out_context,
* @{ */
/*! Helper macro for cc_context_f release() */
-#define cc_context_release(context) \
- ((context) -> functions -> release (context))
+#define cc_context_release(context) \
+ ((context) -> functions -> release (context))
/*! Helper macro for cc_context_f get_change_time() */
-#define cc_context_get_change_time(context, change_time) \
- ((context) -> functions -> get_change_time (context, change_time))
+#define cc_context_get_change_time(context, change_time) \
+ ((context) -> functions -> get_change_time (context, change_time))
/*! Helper macro for cc_context_f get_default_ccache_name() */
-#define cc_context_get_default_ccache_name(context, name) \
- ((context) -> functions -> get_default_ccache_name (context, name))
+#define cc_context_get_default_ccache_name(context, name) \
+ ((context) -> functions -> get_default_ccache_name (context, name))
/*! Helper macro for cc_context_f open_ccache() */
-#define cc_context_open_ccache(context, name, ccache) \
- ((context) -> functions -> open_ccache (context, name, ccache))
+#define cc_context_open_ccache(context, name, ccache) \
+ ((context) -> functions -> open_ccache (context, name, ccache))
/*! Helper macro for cc_context_f open_default_ccache() */
-#define cc_context_open_default_ccache(context, ccache) \
- ((context) -> functions -> open_default_ccache (context, ccache))
+#define cc_context_open_default_ccache(context, ccache) \
+ ((context) -> functions -> open_default_ccache (context, ccache))
/*! Helper macro for cc_context_f create_ccache() */
-#define cc_context_create_ccache(context, name, version, principal, ccache) \
- ((context) -> functions -> create_ccache (context, name, version, principal, ccache))
+#define cc_context_create_ccache(context, name, version, principal, ccache) \
+ ((context) -> functions -> create_ccache (context, name, version, principal, ccache))
/*! Helper macro for cc_context_f create_default_ccache() */
-#define cc_context_create_default_ccache(context, version, principal, ccache) \
- ((context) -> functions -> create_default_ccache (context, version, principal, ccache))
+#define cc_context_create_default_ccache(context, version, principal, ccache) \
+ ((context) -> functions -> create_default_ccache (context, version, principal, ccache))
/*! Helper macro for cc_context_f create_new_ccache() */
-#define cc_context_create_new_ccache(context, version, principal, ccache) \
- ((context) -> functions -> create_new_ccache (context, version, principal, ccache))
+#define cc_context_create_new_ccache(context, version, principal, ccache) \
+ ((context) -> functions -> create_new_ccache (context, version, principal, ccache))
/*! Helper macro for cc_context_f new_ccache_iterator() */
-#define cc_context_new_ccache_iterator(context, iterator) \
- ((context) -> functions -> new_ccache_iterator (context, iterator))
+#define cc_context_new_ccache_iterator(context, iterator) \
+ ((context) -> functions -> new_ccache_iterator (context, iterator))
/*! Helper macro for cc_context_f lock() */
-#define cc_context_lock(context, type, block) \
- ((context) -> functions -> lock (context, type, block))
+#define cc_context_lock(context, type, block) \
+ ((context) -> functions -> lock (context, type, block))
/*! Helper macro for cc_context_f unlock() */
-#define cc_context_unlock(context) \
- ((context) -> functions -> unlock (context))
+#define cc_context_unlock(context) \
+ ((context) -> functions -> unlock (context))
/*! Helper macro for cc_context_f compare() */
-#define cc_context_compare(context, compare_to, equal) \
- ((context) -> functions -> compare (context, compare_to, equal))
+#define cc_context_compare(context, compare_to, equal) \
+ ((context) -> functions -> compare (context, compare_to, equal))
/*! Helper macro for cc_context_f wait_for_change() */
-#define cc_context_wait_for_change(context) \
- ((context) -> functions -> wait_for_change (context))
+#define cc_context_wait_for_change(context) \
+ ((context) -> functions -> wait_for_change (context))
/*! Helper macro for cc_ccache_f release() */
-#define cc_ccache_release(ccache) \
- ((ccache) -> functions -> release (ccache))
+#define cc_ccache_release(ccache) \
+ ((ccache) -> functions -> release (ccache))
/*! Helper macro for cc_ccache_f destroy() */
-#define cc_ccache_destroy(ccache) \
- ((ccache) -> functions -> destroy (ccache))
+#define cc_ccache_destroy(ccache) \
+ ((ccache) -> functions -> destroy (ccache))
/*! Helper macro for cc_ccache_f set_default() */
-#define cc_ccache_set_default(ccache) \
- ((ccache) -> functions -> set_default (ccache))
+#define cc_ccache_set_default(ccache) \
+ ((ccache) -> functions -> set_default (ccache))
/*! Helper macro for cc_ccache_f get_credentials_version() */
-#define cc_ccache_get_credentials_version(ccache, version) \
- ((ccache) -> functions -> get_credentials_version (ccache, version))
+#define cc_ccache_get_credentials_version(ccache, version) \
+ ((ccache) -> functions -> get_credentials_version (ccache, version))
/*! Helper macro for cc_ccache_f get_name() */
-#define cc_ccache_get_name(ccache, name) \
- ((ccache) -> functions -> get_name (ccache, name))
+#define cc_ccache_get_name(ccache, name) \
+ ((ccache) -> functions -> get_name (ccache, name))
/*! Helper macro for cc_ccache_f get_principal() */
-#define cc_ccache_get_principal(ccache, version, principal) \
- ((ccache) -> functions -> get_principal (ccache, version, principal))
+#define cc_ccache_get_principal(ccache, version, principal) \
+ ((ccache) -> functions -> get_principal (ccache, version, principal))
/*! Helper macro for cc_ccache_f set_principal() */
-#define cc_ccache_set_principal(ccache, version, principal) \
- ((ccache) -> functions -> set_principal (ccache, version, principal))
+#define cc_ccache_set_principal(ccache, version, principal) \
+ ((ccache) -> functions -> set_principal (ccache, version, principal))
/*! Helper macro for cc_ccache_f store_credentials() */
-#define cc_ccache_store_credentials(ccache, credentials) \
- ((ccache) -> functions -> store_credentials (ccache, credentials))
+#define cc_ccache_store_credentials(ccache, credentials) \
+ ((ccache) -> functions -> store_credentials (ccache, credentials))
/*! Helper macro for cc_ccache_f remove_credentials() */
-#define cc_ccache_remove_credentials(ccache, credentials) \
- ((ccache) -> functions -> remove_credentials (ccache, credentials))
+#define cc_ccache_remove_credentials(ccache, credentials) \
+ ((ccache) -> functions -> remove_credentials (ccache, credentials))
/*! Helper macro for cc_ccache_f new_credentials_iterator() */
-#define cc_ccache_new_credentials_iterator(ccache, iterator) \
- ((ccache) -> functions -> new_credentials_iterator (ccache, iterator))
+#define cc_ccache_new_credentials_iterator(ccache, iterator) \
+ ((ccache) -> functions -> new_credentials_iterator (ccache, iterator))
/*! Helper macro for cc_ccache_f lock() */
-#define cc_ccache_lock(ccache, type, block) \
- ((ccache) -> functions -> lock (ccache, type, block))
+#define cc_ccache_lock(ccache, type, block) \
+ ((ccache) -> functions -> lock (ccache, type, block))
/*! Helper macro for cc_ccache_f unlock() */
-#define cc_ccache_unlock(ccache) \
- ((ccache) -> functions -> unlock (ccache))
+#define cc_ccache_unlock(ccache) \
+ ((ccache) -> functions -> unlock (ccache))
/*! Helper macro for cc_ccache_f get_last_default_time() */
-#define cc_ccache_get_last_default_time(ccache, last_default_time) \
- ((ccache) -> functions -> get_last_default_time (ccache, last_default_time))
+#define cc_ccache_get_last_default_time(ccache, last_default_time) \
+ ((ccache) -> functions -> get_last_default_time (ccache, last_default_time))
/*! Helper macro for cc_ccache_f get_change_time() */
-#define cc_ccache_get_change_time(ccache, change_time) \
- ((ccache) -> functions -> get_change_time (ccache, change_time))
+#define cc_ccache_get_change_time(ccache, change_time) \
+ ((ccache) -> functions -> get_change_time (ccache, change_time))
/*! Helper macro for cc_ccache_f move() */
-#define cc_ccache_move(source, destination) \
- ((source) -> functions -> move (source, destination))
+#define cc_ccache_move(source, destination) \
+ ((source) -> functions -> move (source, destination))
/*! Helper macro for cc_ccache_f compare() */
-#define cc_ccache_compare(ccache, compare_to, equal) \
- ((ccache) -> functions -> compare (ccache, compare_to, equal))
+#define cc_ccache_compare(ccache, compare_to, equal) \
+ ((ccache) -> functions -> compare (ccache, compare_to, equal))
/*! Helper macro for cc_ccache_f get_kdc_time_offset() */
-#define cc_ccache_get_kdc_time_offset(ccache, version, time_offset) \
- ((ccache) -> functions -> get_kdc_time_offset (ccache, version, time_offset))
+#define cc_ccache_get_kdc_time_offset(ccache, version, time_offset) \
+ ((ccache) -> functions -> get_kdc_time_offset (ccache, version, time_offset))
/*! Helper macro for cc_ccache_f set_kdc_time_offset() */
-#define cc_ccache_set_kdc_time_offset(ccache, version, time_offset) \
- ((ccache) -> functions -> set_kdc_time_offset (ccache, version, time_offset))
+#define cc_ccache_set_kdc_time_offset(ccache, version, time_offset) \
+ ((ccache) -> functions -> set_kdc_time_offset (ccache, version, time_offset))
/*! Helper macro for cc_ccache_f clear_kdc_time_offset() */
-#define cc_ccache_clear_kdc_time_offset(ccache, version) \
- ((ccache) -> functions -> clear_kdc_time_offset (ccache, version))
+#define cc_ccache_clear_kdc_time_offset(ccache, version) \
+ ((ccache) -> functions -> clear_kdc_time_offset (ccache, version))
/*! Helper macro for cc_ccache_f wait_for_change() */
-#define cc_ccache_wait_for_change(ccache) \
- ((ccache) -> functions -> wait_for_change (ccache))
+#define cc_ccache_wait_for_change(ccache) \
+ ((ccache) -> functions -> wait_for_change (ccache))
/*! Helper macro for cc_string_f release() */
-#define cc_string_release(string) \
- ((string) -> functions -> release (string))
+#define cc_string_release(string) \
+ ((string) -> functions -> release (string))
/*! Helper macro for cc_credentials_f release() */
-#define cc_credentials_release(credentials) \
- ((credentials) -> functions -> release (credentials))
+#define cc_credentials_release(credentials) \
+ ((credentials) -> functions -> release (credentials))
/*! Helper macro for cc_credentials_f compare() */
-#define cc_credentials_compare(credentials, compare_to, equal) \
- ((credentials) -> functions -> compare (credentials, compare_to, equal))
+#define cc_credentials_compare(credentials, compare_to, equal) \
+ ((credentials) -> functions -> compare (credentials, compare_to, equal))
/*! Helper macro for cc_ccache_iterator_f release() */
-#define cc_ccache_iterator_release(iterator) \
- ((iterator) -> functions -> release (iterator))
+#define cc_ccache_iterator_release(iterator) \
+ ((iterator) -> functions -> release (iterator))
/*! Helper macro for cc_ccache_iterator_f next() */
-#define cc_ccache_iterator_next(iterator, ccache) \
- ((iterator) -> functions -> next (iterator, ccache))
+#define cc_ccache_iterator_next(iterator, ccache) \
+ ((iterator) -> functions -> next (iterator, ccache))
/*! Helper macro for cc_ccache_iterator_f clone() */
-#define cc_ccache_iterator_clone(iterator, new_iterator) \
- ((iterator) -> functions -> clone (iterator, new_iterator))
+#define cc_ccache_iterator_clone(iterator, new_iterator) \
+ ((iterator) -> functions -> clone (iterator, new_iterator))
/*! Helper macro for cc_credentials_iterator_f release() */
-#define cc_credentials_iterator_release(iterator) \
- ((iterator) -> functions -> release (iterator))
+#define cc_credentials_iterator_release(iterator) \
+ ((iterator) -> functions -> release (iterator))
/*! Helper macro for cc_credentials_iterator_f next() */
-#define cc_credentials_iterator_next(iterator, credentials) \
- ((iterator) -> functions -> next (iterator, credentials))
+#define cc_credentials_iterator_next(iterator, credentials) \
+ ((iterator) -> functions -> next (iterator, credentials))
/*! Helper macro for cc_credentials_iterator_f clone() */
-#define cc_credentials_iterator_clone(iterator, new_iterator) \
- ((iterator) -> functions -> clone (iterator, new_iterator))
+#define cc_credentials_iterator_clone(iterator, new_iterator) \
+ ((iterator) -> functions -> clone (iterator, new_iterator))
/*!@}*/
#if TARGET_OS_MAC
diff --git a/src/include/CredentialsCache2.h b/src/include/CredentialsCache2.h
index e9ea311cfb..687ff43016 100644
--- a/src/include/CredentialsCache2.h
+++ b/src/include/CredentialsCache2.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* $Header$
*
@@ -70,19 +71,19 @@ typedef cc_uint32 cc_flags;
/* Credentials types are visible to the caller so we have to keep binary compatibility */
typedef struct cc_credentials_v5_compat {
- char* client;
- char* server;
- cc_data_compat keyblock;
- cc_time_t authtime;
- cc_time_t starttime;
- cc_time_t endtime;
- cc_time_t renew_till;
- cc_uint32 is_skey;
- cc_uint32 ticket_flags;
- cc_data_compat** addresses;
- cc_data_compat ticket;
- cc_data_compat second_ticket;
- cc_data_compat** authdata;
+ char* client;
+ char* server;
+ cc_data_compat keyblock;
+ cc_time_t authtime;
+ cc_time_t starttime;
+ cc_time_t endtime;
+ cc_time_t renew_till;
+ cc_uint32 is_skey;
+ cc_uint32 ticket_flags;
+ cc_data_compat** addresses;
+ cc_data_compat ticket;
+ cc_data_compat second_ticket;
+ cc_data_compat** authdata;
} cc_credentials_v5_compat;
enum {
@@ -96,21 +97,21 @@ enum {
};
typedef struct cc_credentials_v4_compat {
- unsigned char kversion;
- char principal[KRB_NAME_SZ+1];
- char principal_instance[KRB_INSTANCE_SZ+1];
- char service[KRB_NAME_SZ+1];
- char service_instance[KRB_INSTANCE_SZ+1];
- char realm[KRB_REALM_SZ+1];
- unsigned char session_key[8];
- cc_int32 kvno;
- cc_int32 str_to_key;
- long issue_date;
- cc_int32 lifetime;
- cc_uint32 address;
- cc_int32 ticket_sz;
- unsigned char ticket[MAX_V4_CRED_LEN];
- unsigned long oops;
+ unsigned char kversion;
+ char principal[KRB_NAME_SZ+1];
+ char principal_instance[KRB_INSTANCE_SZ+1];
+ char service[KRB_NAME_SZ+1];
+ char service_instance[KRB_INSTANCE_SZ+1];
+ char realm[KRB_REALM_SZ+1];
+ unsigned char session_key[8];
+ cc_int32 kvno;
+ cc_int32 str_to_key;
+ long issue_date;
+ cc_int32 lifetime;
+ cc_uint32 address;
+ cc_int32 ticket_sz;
+ unsigned char ticket[MAX_V4_CRED_LEN];
+ unsigned long oops;
} cc_credentials_v4_compat;
typedef union cred_ptr_union_compat {
@@ -126,9 +127,9 @@ typedef struct cred_union {
/* NC info structure is gone in v3 */
struct infoNC {
- char* name;
- char* principal;
- cc_int32 vers;
+ char* name;
+ char* principal;
+ cc_int32 vers;
};
typedef struct infoNC infoNC;
@@ -180,17 +181,17 @@ enum {
CCACHE_API cc_int32
cc_shutdown (apiCB **io_context)
-CCAPI_DEPRECATED;
+ CCAPI_DEPRECATED;
CCACHE_API cc_int32
cc_get_NC_info (apiCB *in_context,
infoNC ***out_info)
-CCAPI_DEPRECATED;
+ CCAPI_DEPRECATED;
CCACHE_API cc_int32
cc_get_change_time (apiCB *in_context,
cc_time_t *out_change_time)
-CCAPI_DEPRECATED;
+ CCAPI_DEPRECATED;
CCACHE_API cc_int32
cc_open (apiCB *in_context,
@@ -198,7 +199,7 @@ cc_open (apiCB *in_context,
cc_int32 in_version,
cc_uint32 in_flags,
ccache_p **out_ccache)
-CCAPI_DEPRECATED;
+ CCAPI_DEPRECATED;
CCACHE_API cc_int32
cc_create (apiCB *in_context,
@@ -207,113 +208,113 @@ cc_create (apiCB *in_context,
cc_int32 in_version,
cc_uint32 in_flags,
ccache_p **out_ccache)
-CCAPI_DEPRECATED;
+ CCAPI_DEPRECATED;
CCACHE_API cc_int32
cc_close (apiCB *in_context,
ccache_p **ioCCache)
-CCAPI_DEPRECATED;
+ CCAPI_DEPRECATED;
CCACHE_API cc_int32
cc_destroy (apiCB *in_context,
ccache_p **io_ccache)
-CCAPI_DEPRECATED;
+ CCAPI_DEPRECATED;
CCACHE_API cc_int32
cc_seq_fetch_NCs_begin (apiCB *in_context,
ccache_cit **out_nc_iterator)
-CCAPI_DEPRECATED;
+ CCAPI_DEPRECATED;
CCACHE_API cc_int32
cc_seq_fetch_NCs_next (apiCB *in_context,
ccache_p **out_ccache,
ccache_cit *in_nc_iterator)
-CCAPI_DEPRECATED;
+ CCAPI_DEPRECATED;
CCACHE_API cc_int32
cc_seq_fetch_NCs_end (apiCB *in_context,
ccache_cit **io_nc_iterator)
-CCAPI_DEPRECATED;
+ CCAPI_DEPRECATED;
CCACHE_API cc_int32
cc_get_name (apiCB *in_context,
ccache_p *in_ccache,
char **out_name)
-CCAPI_DEPRECATED;
+ CCAPI_DEPRECATED;
CCACHE_API cc_int32
cc_get_cred_version (apiCB *in_context,
ccache_p *in_ccache,
cc_int32 *out_version)
-CCAPI_DEPRECATED;
+ CCAPI_DEPRECATED;
CCACHE_API cc_int32
cc_set_principal (apiCB *in_context,
ccache_p *in_ccache,
cc_int32 in_version,
char *in_principal)
-CCAPI_DEPRECATED;
+ CCAPI_DEPRECATED;
CCACHE_API cc_int32
cc_get_principal (apiCB *in_context,
ccache_p *in_ccache,
char **out_principal)
-CCAPI_DEPRECATED;
+ CCAPI_DEPRECATED;
CCACHE_API cc_int32
cc_store (apiCB *in_context,
ccache_p *in_ccache,
cred_union in_credentials)
-CCAPI_DEPRECATED;
+ CCAPI_DEPRECATED;
CCACHE_API cc_int32
cc_remove_cred (apiCB *in_context,
ccache_p *in_ccache,
cred_union in_credentials)
-CCAPI_DEPRECATED;
+ CCAPI_DEPRECATED;
CCACHE_API cc_int32
cc_seq_fetch_creds_begin (apiCB *in_context,
const ccache_p *in_ccache,
ccache_cit **out_ccache_iterator)
-CCAPI_DEPRECATED;
+ CCAPI_DEPRECATED;
CCACHE_API cc_int32
cc_seq_fetch_creds_next (apiCB *in_context,
cred_union **out_cred_union,
ccache_cit *in_ccache_iterator)
-CCAPI_DEPRECATED;
+ CCAPI_DEPRECATED;
CCACHE_API cc_int32
cc_seq_fetch_creds_end (apiCB *in_context,
ccache_cit **io_ccache_iterator)
-CCAPI_DEPRECATED;
+ CCAPI_DEPRECATED;
CCACHE_API cc_int32
cc_free_principal (apiCB *in_context,
char **io_principal)
-CCAPI_DEPRECATED;
+ CCAPI_DEPRECATED;
CCACHE_API cc_int32
cc_free_name (apiCB *in_context,
char **io_name)
-CCAPI_DEPRECATED;
+ CCAPI_DEPRECATED;
CCACHE_API cc_int32
cc_free_creds (apiCB *in_context,
cred_union **io_cred_union)
-CCAPI_DEPRECATED;
+ CCAPI_DEPRECATED;
CCACHE_API cc_int32
cc_free_NC_info (apiCB *in_context,
infoNC ***io_info)
-CCAPI_DEPRECATED;
+ CCAPI_DEPRECATED;
CCACHE_API cc_int32
cc_lock_request (apiCB *in_context,
const ccache_p *in_ccache,
const cc_int32 in_lock_type)
-CCAPI_DEPRECATED;
+ CCAPI_DEPRECATED;
#if TARGET_OS_MAC
#pragma pack(pop)
diff --git a/src/include/adm.h b/src/include/adm.h
index 15b42d9ab8..f857d1898b 100644
--- a/src/include/adm.h
+++ b/src/include/adm.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* include/krb5/adm.h
*
@@ -24,38 +25,38 @@
* or implied warranty.
*
*/
-#ifndef KRB5_ADM_H__
-#define KRB5_ADM_H__
+#ifndef KRB5_ADM_H__
+#define KRB5_ADM_H__
/*
* Kerberos V5 Change Password service name
*/
-#define KRB5_ADM_SERVICE_NAME "kpasswd"
-#define KRB5_ADM_DEFAULT_PORT 464
+#define KRB5_ADM_SERVICE_NAME "kpasswd"
+#define KRB5_ADM_DEFAULT_PORT 464
#define KRB5_ADM_SERVICE_INSTANCE "changepw"
/*
* Maximum password length.
*/
-#define KRB5_ADM_MAX_PASSWORD_LEN 512
+#define KRB5_ADM_MAX_PASSWORD_LEN 512
/*
* Protocol command strings.
*/
-#define KRB5_ADM_QUIT_CMD "QUIT"
-#define KRB5_ADM_CHECKPW_CMD "CHECKPW"
-#define KRB5_ADM_CHANGEPW_CMD "CHANGEPW"
-#define KRB5_ADM_MOTD_CMD "MOTD"
-#define KRB5_ADM_MIME_CMD "MIME"
-#define KRB5_ADM_LANGUAGE_CMD "LANGUAGE"
+#define KRB5_ADM_QUIT_CMD "QUIT"
+#define KRB5_ADM_CHECKPW_CMD "CHECKPW"
+#define KRB5_ADM_CHANGEPW_CMD "CHANGEPW"
+#define KRB5_ADM_MOTD_CMD "MOTD"
+#define KRB5_ADM_MIME_CMD "MIME"
+#define KRB5_ADM_LANGUAGE_CMD "LANGUAGE"
-#define KRB5_ADM_ADD_PRINC_CMD "ADD-PRINCIPAL"
-#define KRB5_ADM_DEL_PRINC_CMD "DELETE-PRINCIPAL"
-#define KRB5_ADM_REN_PRINC_CMD "RENAME-PRINCIPAL"
-#define KRB5_ADM_MOD_PRINC_CMD "MODIFY-PRINCIPAL"
-#define KRB5_ADM_INQ_PRINC_CMD "INQUIRE-PRINCIPAL"
-#define KRB5_ADM_EXT_KEY_CMD "EXTRACT-KEY"
+#define KRB5_ADM_ADD_PRINC_CMD "ADD-PRINCIPAL"
+#define KRB5_ADM_DEL_PRINC_CMD "DELETE-PRINCIPAL"
+#define KRB5_ADM_REN_PRINC_CMD "RENAME-PRINCIPAL"
+#define KRB5_ADM_MOD_PRINC_CMD "MODIFY-PRINCIPAL"
+#define KRB5_ADM_INQ_PRINC_CMD "INQUIRE-PRINCIPAL"
+#define KRB5_ADM_EXT_KEY_CMD "EXTRACT-KEY"
/*
* Protocol command strings for the current version of the admin
@@ -73,118 +74,118 @@
/*
* Reply status values.
*/
-#define KRB5_ADM_SUCCESS 0
-#define KRB5_ADM_CMD_UNKNOWN 1
-#define KRB5_ADM_PW_UNACCEPT 2
-#define KRB5_ADM_BAD_PW 3
-#define KRB5_ADM_NOT_IN_TKT 4
-#define KRB5_ADM_CANT_CHANGE 5
-#define KRB5_ADM_LANG_NOT_SUPPORTED 6
+#define KRB5_ADM_SUCCESS 0
+#define KRB5_ADM_CMD_UNKNOWN 1
+#define KRB5_ADM_PW_UNACCEPT 2
+#define KRB5_ADM_BAD_PW 3
+#define KRB5_ADM_NOT_IN_TKT 4
+#define KRB5_ADM_CANT_CHANGE 5
+#define KRB5_ADM_LANG_NOT_SUPPORTED 6
-#define KRB5_ADM_P_ALREADY_EXISTS 64
-#define KRB5_ADM_P_DOES_NOT_EXIST 65
-#define KRB5_ADM_NOT_AUTHORIZED 66
-#define KRB5_ADM_BAD_OPTION 67
-#define KRB5_ADM_VALUE_REQUIRED 68
-#define KRB5_ADM_SYSTEM_ERROR 69
-#define KRB5_ADM_KEY_DOES_NOT_EXIST 70
-#define KRB5_ADM_KEY_ALREADY_EXISTS 71
+#define KRB5_ADM_P_ALREADY_EXISTS 64
+#define KRB5_ADM_P_DOES_NOT_EXIST 65
+#define KRB5_ADM_NOT_AUTHORIZED 66
+#define KRB5_ADM_BAD_OPTION 67
+#define KRB5_ADM_VALUE_REQUIRED 68
+#define KRB5_ADM_SYSTEM_ERROR 69
+#define KRB5_ADM_KEY_DOES_NOT_EXIST 70
+#define KRB5_ADM_KEY_ALREADY_EXISTS 71
/*
* Principal flag keywords.
*/
/* Settable only */
-#define KRB5_ADM_KW_PASSWORD "PASSWORD"
-#define KRB5_ADM_KW_APASSWORD "APASSWORD"
-#define KRB5_ADM_KW_RANDOMKEY "RANDOMKEY"
-#define KRB5_ADM_KW_ARANDOMKEY "ARANDOMKEY"
-#define KRB5_ADM_KW_SETFLAGS "SETFLAGS"
-#define KRB5_ADM_KW_UNSETFLAGS "UNSETFLAGS"
+#define KRB5_ADM_KW_PASSWORD "PASSWORD"
+#define KRB5_ADM_KW_APASSWORD "APASSWORD"
+#define KRB5_ADM_KW_RANDOMKEY "RANDOMKEY"
+#define KRB5_ADM_KW_ARANDOMKEY "ARANDOMKEY"
+#define KRB5_ADM_KW_SETFLAGS "SETFLAGS"
+#define KRB5_ADM_KW_UNSETFLAGS "UNSETFLAGS"
/* Settable and retrievable */
-#define KRB5_ADM_KW_MAXLIFE "MAXLIFE"
-#define KRB5_ADM_KW_MAXRENEWLIFE "MAXRENEWLIFE"
-#define KRB5_ADM_KW_EXPIRATION "EXPIRATION"
-#define KRB5_ADM_KW_PWEXPIRATION "PWEXPIRATION"
-#define KRB5_ADM_KW_FLAGS "FLAGS"
-#define KRB5_ADM_KW_AUXDATA "AUXDATA"
-#define KRB5_ADM_KW_EXTRADATA "EXTRADATA"
+#define KRB5_ADM_KW_MAXLIFE "MAXLIFE"
+#define KRB5_ADM_KW_MAXRENEWLIFE "MAXRENEWLIFE"
+#define KRB5_ADM_KW_EXPIRATION "EXPIRATION"
+#define KRB5_ADM_KW_PWEXPIRATION "PWEXPIRATION"
+#define KRB5_ADM_KW_FLAGS "FLAGS"
+#define KRB5_ADM_KW_AUXDATA "AUXDATA"
+#define KRB5_ADM_KW_EXTRADATA "EXTRADATA"
/* Retrievable only */
-#define KRB5_ADM_KW_LASTPWCHANGE "LASTPWCHANGE"
-#define KRB5_ADM_KW_LASTSUCCESS "LASTSUCCESS"
-#define KRB5_ADM_KW_LASTFAILED "LASTFAILED"
-#define KRB5_ADM_KW_FAILCOUNT "FAILCOUNT"
-#define KRB5_ADM_KW_KEYDATA "KEYDATA"
+#define KRB5_ADM_KW_LASTPWCHANGE "LASTPWCHANGE"
+#define KRB5_ADM_KW_LASTSUCCESS "LASTSUCCESS"
+#define KRB5_ADM_KW_LASTFAILED "LASTFAILED"
+#define KRB5_ADM_KW_FAILCOUNT "FAILCOUNT"
+#define KRB5_ADM_KW_KEYDATA "KEYDATA"
/* Valid mask */
-#define KRB5_ADM_M_PASSWORD 0x00000001
-#define KRB5_ADM_M_MAXLIFE 0x00000002
-#define KRB5_ADM_M_MAXRENEWLIFE 0x00000004
-#define KRB5_ADM_M_EXPIRATION 0x00000008
-#define KRB5_ADM_M_PWEXPIRATION 0x00000010
-#define KRB5_ADM_M_RANDOMKEY 0x00000020
-#define KRB5_ADM_M_FLAGS 0x00000040
-#define KRB5_ADM_M_LASTPWCHANGE 0x00000080
-#define KRB5_ADM_M_LASTSUCCESS 0x00000100
-#define KRB5_ADM_M_LASTFAILED 0x00000200
-#define KRB5_ADM_M_FAILCOUNT 0x00000400
-#define KRB5_ADM_M_AUXDATA 0x00000800
-#define KRB5_ADM_M_KEYDATA 0x00001000
-#define KRB5_ADM_M_APASSWORD 0x00002000
-#define KRB5_ADM_M_ARANDOMKEY 0x00004000
-#define KRB5_ADM_M_UNUSED_15 0x00008000
-#define KRB5_ADM_M_UNUSED_16 0x00010000
-#define KRB5_ADM_M_UNUSED_17 0x00020000
-#define KRB5_ADM_M_UNUSED_18 0x00040000
-#define KRB5_ADM_M_UNUSED_19 0x00080000
-#define KRB5_ADM_M_UNUSED_20 0x00100000
-#define KRB5_ADM_M_UNUSED_21 0x00200000
-#define KRB5_ADM_M_UNUSED_22 0x00400000
-#define KRB5_ADM_M_UNUSED_23 0x00800000
-#define KRB5_ADM_M_UNUSED_24 0x01000000
-#define KRB5_ADM_M_UNUSED_25 0x02000000
-#define KRB5_ADM_M_UNUSED_26 0x04000000
-#define KRB5_ADM_M_UNUSED_27 0x08000000
-#define KRB5_ADM_M_UNUSED_28 0x10000000
-#define KRB5_ADM_M_UNUSED_29 0x20000000
-#define KRB5_ADM_M_GET 0x40000000
-#define KRB5_ADM_M_SET 0x80000000
+#define KRB5_ADM_M_PASSWORD 0x00000001
+#define KRB5_ADM_M_MAXLIFE 0x00000002
+#define KRB5_ADM_M_MAXRENEWLIFE 0x00000004
+#define KRB5_ADM_M_EXPIRATION 0x00000008
+#define KRB5_ADM_M_PWEXPIRATION 0x00000010
+#define KRB5_ADM_M_RANDOMKEY 0x00000020
+#define KRB5_ADM_M_FLAGS 0x00000040
+#define KRB5_ADM_M_LASTPWCHANGE 0x00000080
+#define KRB5_ADM_M_LASTSUCCESS 0x00000100
+#define KRB5_ADM_M_LASTFAILED 0x00000200
+#define KRB5_ADM_M_FAILCOUNT 0x00000400
+#define KRB5_ADM_M_AUXDATA 0x00000800
+#define KRB5_ADM_M_KEYDATA 0x00001000
+#define KRB5_ADM_M_APASSWORD 0x00002000
+#define KRB5_ADM_M_ARANDOMKEY 0x00004000
+#define KRB5_ADM_M_UNUSED_15 0x00008000
+#define KRB5_ADM_M_UNUSED_16 0x00010000
+#define KRB5_ADM_M_UNUSED_17 0x00020000
+#define KRB5_ADM_M_UNUSED_18 0x00040000
+#define KRB5_ADM_M_UNUSED_19 0x00080000
+#define KRB5_ADM_M_UNUSED_20 0x00100000
+#define KRB5_ADM_M_UNUSED_21 0x00200000
+#define KRB5_ADM_M_UNUSED_22 0x00400000
+#define KRB5_ADM_M_UNUSED_23 0x00800000
+#define KRB5_ADM_M_UNUSED_24 0x01000000
+#define KRB5_ADM_M_UNUSED_25 0x02000000
+#define KRB5_ADM_M_UNUSED_26 0x04000000
+#define KRB5_ADM_M_UNUSED_27 0x08000000
+#define KRB5_ADM_M_UNUSED_28 0x10000000
+#define KRB5_ADM_M_UNUSED_29 0x20000000
+#define KRB5_ADM_M_GET 0x40000000
+#define KRB5_ADM_M_SET 0x80000000
-#define KRB5_ADM_M_EXTRADATA 0x00000000 /* Hack to get */
- /* libkadm to compile */
+#define KRB5_ADM_M_EXTRADATA 0x00000000 /* Hack to get */
+ /* libkadm to compile */
-#define KRB5_ADM_M_SET_VALID (KRB5_ADM_M_SET + \
- KRB5_ADM_M_PASSWORD + \
- KRB5_ADM_M_APASSWORD + \
- KRB5_ADM_M_MAXLIFE + \
- KRB5_ADM_M_MAXRENEWLIFE+ \
- KRB5_ADM_M_EXPIRATION + \
- KRB5_ADM_M_PWEXPIRATION+ \
- KRB5_ADM_M_RANDOMKEY + \
- KRB5_ADM_M_ARANDOMKEY + \
- KRB5_ADM_M_FLAGS + \
- KRB5_ADM_M_AUXDATA)
-#define KRB5_ADM_M_GET_VALID (KRB5_ADM_M_GET + \
- KRB5_ADM_M_MAXLIFE + \
- KRB5_ADM_M_MAXRENEWLIFE+ \
- KRB5_ADM_M_EXPIRATION + \
- KRB5_ADM_M_PWEXPIRATION+ \
- KRB5_ADM_M_FLAGS + \
- KRB5_ADM_M_LASTPWCHANGE+ \
- KRB5_ADM_M_LASTSUCCESS + \
- KRB5_ADM_M_LASTFAILED + \
- KRB5_ADM_M_FAILCOUNT + \
- KRB5_ADM_M_AUXDATA + \
- KRB5_ADM_M_KEYDATA)
+#define KRB5_ADM_M_SET_VALID (KRB5_ADM_M_SET + \
+ KRB5_ADM_M_PASSWORD + \
+ KRB5_ADM_M_APASSWORD + \
+ KRB5_ADM_M_MAXLIFE + \
+ KRB5_ADM_M_MAXRENEWLIFE+ \
+ KRB5_ADM_M_EXPIRATION + \
+ KRB5_ADM_M_PWEXPIRATION+ \
+ KRB5_ADM_M_RANDOMKEY + \
+ KRB5_ADM_M_ARANDOMKEY + \
+ KRB5_ADM_M_FLAGS + \
+ KRB5_ADM_M_AUXDATA)
+#define KRB5_ADM_M_GET_VALID (KRB5_ADM_M_GET + \
+ KRB5_ADM_M_MAXLIFE + \
+ KRB5_ADM_M_MAXRENEWLIFE+ \
+ KRB5_ADM_M_EXPIRATION + \
+ KRB5_ADM_M_PWEXPIRATION+ \
+ KRB5_ADM_M_FLAGS + \
+ KRB5_ADM_M_LASTPWCHANGE+ \
+ KRB5_ADM_M_LASTSUCCESS + \
+ KRB5_ADM_M_LASTFAILED + \
+ KRB5_ADM_M_FAILCOUNT + \
+ KRB5_ADM_M_AUXDATA + \
+ KRB5_ADM_M_KEYDATA)
/*
* Keytab reply components.
*/
-#define KRB5_ADM_KT_PRINCIPAL 0
-#define KRB5_ADM_KT_TIMESTAMP 1
-#define KRB5_ADM_KT_VNO 2
-#define KRB5_ADM_KT_KEY_ENCTYPE 3
-#define KRB5_ADM_KT_KEY_KEY 4
-#define KRB5_ADM_KT_NCOMPS 5
+#define KRB5_ADM_KT_PRINCIPAL 0
+#define KRB5_ADM_KT_TIMESTAMP 1
+#define KRB5_ADM_KT_VNO 2
+#define KRB5_ADM_KT_KEY_ENCTYPE 3
+#define KRB5_ADM_KT_KEY_KEY 4
+#define KRB5_ADM_KT_NCOMPS 5
/* for krb5_key_salt_tuple */
#include "kdb.h"
@@ -193,30 +194,30 @@
* Data structure returned by krb5_read_realm_params()
*/
typedef struct __krb5_realm_params {
- char * realm_profile;
- char * realm_dbname;
- char * realm_mkey_name;
- char * realm_stash_file;
- char * realm_kdc_ports;
- char * realm_kdc_tcp_ports;
- char * realm_acl_file;
+ char * realm_profile;
+ char * realm_dbname;
+ char * realm_mkey_name;
+ char * realm_stash_file;
+ char * realm_kdc_ports;
+ char * realm_kdc_tcp_ports;
+ char * realm_acl_file;
char * realm_host_based_services;
char * realm_no_host_referral;
- krb5_int32 realm_kadmind_port;
- krb5_enctype realm_enctype;
- krb5_deltat realm_max_life;
- krb5_deltat realm_max_rlife;
- krb5_timestamp realm_expiration;
- krb5_flags realm_flags;
- krb5_key_salt_tuple *realm_keysalts;
- unsigned int realm_reject_bad_transit:1;
- unsigned int realm_kadmind_port_valid:1;
- unsigned int realm_enctype_valid:1;
- unsigned int realm_max_life_valid:1;
- unsigned int realm_max_rlife_valid:1;
- unsigned int realm_expiration_valid:1;
- unsigned int realm_flags_valid:1;
- unsigned int realm_reject_bad_transit_valid:1;
- krb5_int32 realm_num_keysalts;
+ krb5_int32 realm_kadmind_port;
+ krb5_enctype realm_enctype;
+ krb5_deltat realm_max_life;
+ krb5_deltat realm_max_rlife;
+ krb5_timestamp realm_expiration;
+ krb5_flags realm_flags;
+ krb5_key_salt_tuple *realm_keysalts;
+ unsigned int realm_reject_bad_transit:1;
+ unsigned int realm_kadmind_port_valid:1;
+ unsigned int realm_enctype_valid:1;
+ unsigned int realm_max_life_valid:1;
+ unsigned int realm_max_rlife_valid:1;
+ unsigned int realm_expiration_valid:1;
+ unsigned int realm_flags_valid:1;
+ unsigned int realm_reject_bad_transit_valid:1;
+ krb5_int32 realm_num_keysalts;
} krb5_realm_params;
-#endif /* KRB5_ADM_H__ */
+#endif /* KRB5_ADM_H__ */
diff --git a/src/include/adm_proto.h b/src/include/adm_proto.h
index cd17a2fa6e..9cdd22c678 100644
--- a/src/include/adm_proto.h
+++ b/src/include/adm_proto.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* include/krb5/adm_proto.h
*
@@ -24,16 +25,16 @@
* or implied warranty.
*
*/
-#ifndef KRB5_ADM_PROTO_H__
-#define KRB5_ADM_PROTO_H__
+#ifndef KRB5_ADM_PROTO_H__
+#define KRB5_ADM_PROTO_H__
/*
* This is ugly, but avoids having to include k5-int or kdb.h for this.
*/
-#ifndef KRB5_KDB5__
+#ifndef KRB5_KDB5__
struct _krb5_db_entry;
typedef struct _krb5_db_entry krb5_db_entry;
-#endif /* KRB5_KDB5__ */
+#endif /* KRB5_KDB5__ */
/* Ditto for adm.h */
@@ -44,25 +45,21 @@ typedef struct _krb5_db_entry krb5_db_entry;
#if !defined(KRB5_ADM_H__) && !defined(__KADM5_ADMIN_H__)
struct ___krb5_realm_params;
typedef struct ___krb5_realm_params krb5_realm_params;
-#endif /* KRB5_ADM_H__ */
+#endif /* KRB5_ADM_H__ */
#ifndef KRB5_KDB5__
struct ___krb5_key_salt_tuple;
typedef struct ___krb5_key_salt_tuple krb5_key_salt_tuple;
-#endif /* KRB5_KDB5__ */
+#endif /* KRB5_KDB5__ */
/*
* Function prototypes.
*/
/* logger.c */
-krb5_error_code krb5_klog_init
- (krb5_context,
- char *,
- char *,
- krb5_boolean);
-void krb5_klog_close (krb5_context);
-int krb5_klog_syslog (int, const char *, ...)
+krb5_error_code krb5_klog_init(krb5_context, char *, char *, krb5_boolean);
+void krb5_klog_close(krb5_context);
+int krb5_klog_syslog(int, const char *, ...)
#if !defined(__cplusplus) && (__GNUC__ > 2)
__attribute__((__format__(__printf__, 2, 3)))
#endif
@@ -70,70 +67,41 @@ int krb5_klog_syslog (int, const char *, ...)
void krb5_klog_reopen (krb5_context);
/* alt_prof.c */
-krb5_error_code krb5_aprof_init
- (char *, char *, krb5_pointer *);
-krb5_error_code krb5_aprof_getvals
- (krb5_pointer, const char **, char ***);
-krb5_error_code krb5_aprof_get_boolean
- (krb5_pointer, const char **, int, krb5_boolean *);
-krb5_error_code krb5_aprof_get_deltat
- (krb5_pointer,
- const char **,
- krb5_boolean,
- krb5_deltat *);
-krb5_error_code krb5_aprof_get_string
- (krb5_pointer, const char **, krb5_boolean, char **);
-krb5_error_code krb5_aprof_get_string_all
- (krb5_pointer, const char **, char **);
-krb5_error_code krb5_aprof_get_int32
- (krb5_pointer,
- const char **,
- krb5_boolean,
- krb5_int32 *);
-krb5_error_code krb5_aprof_finish (krb5_pointer);
+krb5_error_code krb5_aprof_init(char *, char *, krb5_pointer *);
+krb5_error_code krb5_aprof_getvals(krb5_pointer, const char **, char ***);
+krb5_error_code krb5_aprof_get_boolean(krb5_pointer, const char **, int,
+ krb5_boolean *);
+krb5_error_code krb5_aprof_get_deltat(krb5_pointer, const char **,
+ krb5_boolean, krb5_deltat *);
+krb5_error_code krb5_aprof_get_string(krb5_pointer, const char **,
+ krb5_boolean, char **);
+krb5_error_code krb5_aprof_get_string_all(krb5_pointer, const char **,
+ char **);
+krb5_error_code krb5_aprof_get_int32(krb5_pointer, const char **,
+ krb5_boolean, krb5_int32 *);
+krb5_error_code krb5_aprof_finish(krb5_pointer);
-krb5_error_code krb5_read_realm_params (krb5_context,
- char *,
- krb5_realm_params **);
-krb5_error_code krb5_free_realm_params (krb5_context,
- krb5_realm_params *);
+krb5_error_code krb5_read_realm_params(krb5_context, char *,
+ krb5_realm_params **);
+krb5_error_code krb5_free_realm_params(krb5_context, krb5_realm_params *);
krb5_boolean krb5_match_config_pattern(const char *, const char *);
/* str_conv.c */
-krb5_error_code
-krb5_string_to_flags (char *,
- const char *,
- const char *,
- krb5_flags *);
-krb5_error_code
-krb5_flags_to_string (krb5_flags,
- const char *,
- char *,
- size_t);
-krb5_error_code
-krb5_input_flag_to_string (int,
- char *,
- size_t);
+krb5_error_code krb5_string_to_flags(char *, const char *, const char *,
+ krb5_flags *);
+krb5_error_code krb5_flags_to_string(krb5_flags, const char *, char *, size_t);
+krb5_error_code krb5_input_flag_to_string (int, char *, size_t);
/* keysalt.c */
-krb5_boolean
-krb5_keysalt_is_present (krb5_key_salt_tuple *,
- krb5_int32,
- krb5_enctype,
- krb5_int32);
-krb5_error_code
-krb5_keysalt_iterate (krb5_key_salt_tuple *,
- krb5_int32,
- krb5_boolean,
- krb5_error_code (*) (krb5_key_salt_tuple *,
- krb5_pointer),
- krb5_pointer);
+krb5_boolean krb5_keysalt_is_present(krb5_key_salt_tuple *, krb5_int32,
+ krb5_enctype, krb5_int32);
+krb5_error_code krb5_keysalt_iterate(krb5_key_salt_tuple *, krb5_int32,
+ krb5_boolean,
+ krb5_error_code (*)(krb5_key_salt_tuple *,
+ krb5_pointer),
+ krb5_pointer);
-krb5_error_code
-krb5_string_to_keysalts (char *,
- const char *,
- const char *,
- krb5_boolean,
- krb5_key_salt_tuple **,
- krb5_int32 *);
-#endif /* KRB5_ADM_PROTO_H__ */
+krb5_error_code krb5_string_to_keysalts(char *, const char *, const char *,
+ krb5_boolean, krb5_key_salt_tuple **,
+ krb5_int32 *);
+#endif /* KRB5_ADM_PROTO_H__ */
diff --git a/src/include/cm.h b/src/include/cm.h
index a317c835a1..240735a3b1 100644
--- a/src/include/cm.h
+++ b/src/include/cm.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* include/cm.h
*
@@ -29,14 +30,14 @@
struct select_state {
int max, nfds;
fd_set rfds, wfds, xfds;
- struct timeval end_time; /* magic: tv_sec==0 => never time out */
+ struct timeval end_time; /* magic: tv_sec==0 => never time out */
};
/* Select state flags. */
-#define SSF_READ 0x01
-#define SSF_WRITE 0x02
-#define SSF_EXCEPTION 0x04
+#define SSF_READ 0x01
+#define SSF_WRITE 0x02
+#define SSF_EXCEPTION 0x04
static const char *const state_strings[] = {
@@ -62,13 +63,13 @@ struct conn_state {
int (*service)(struct conn_state *, struct select_state *, int);
struct addrinfo *addr;
struct {
- struct {
- sg_buf sgbuf[2];
- sg_buf *sgp;
- int sg_count;
- unsigned char msg_len_buf[4];
- } out;
- struct incoming_krb5_message in;
+ struct {
+ sg_buf sgbuf[2];
+ sg_buf *sgp;
+ int sg_count;
+ unsigned char msg_len_buf[4];
+ } out;
+ struct incoming_krb5_message in;
} x;
};
@@ -80,4 +81,4 @@ struct sendto_callback_info {
krb5_error_code krb5int_cm_call_select (const struct select_state *,
- struct select_state *, int *);
+ struct select_state *, int *);
diff --git a/src/include/copyright.h b/src/include/copyright.h
index 68dcfdbdb8..705e0a757e 100644
--- a/src/include/copyright.h
+++ b/src/include/copyright.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1989-1994 by the Massachusetts Institute of Technology,
* Cambridge, MA, USA. All Rights Reserved.
diff --git a/src/include/fake-addrinfo.h b/src/include/fake-addrinfo.h
index d6ba0fb7c7..5063ae8004 100644
--- a/src/include/fake-addrinfo.h
+++ b/src/include/fake-addrinfo.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 2001,2002,2003,2004 by the Massachusetts Institute of Technology,
* Cambridge, MA, USA. All Rights Reserved.
@@ -77,25 +78,25 @@
/* To do, maybe:
+ For AIX 4.3.3, using the RFC 2133 definition: Implement
- AI_NUMERICHOST. It's not defined in the header file.
+ AI_NUMERICHOST. It's not defined in the header file.
- For certain (old?) versions of GNU libc, AI_NUMERICHOST is
- defined but not implemented.
+ For certain (old?) versions of GNU libc, AI_NUMERICHOST is
+ defined but not implemented.
+ Use gethostbyname2, inet_aton and other IPv6 or thread-safe
- functions if available. But, see
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=135182 for one
- gethostbyname2 problem on Linux. And besides, if a platform is
- supporting IPv6 at all, they really should be doing getaddrinfo
- by now.
+ functions if available. But, see
+ http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=135182 for one
+ gethostbyname2 problem on Linux. And besides, if a platform is
+ supporting IPv6 at all, they really should be doing getaddrinfo
+ by now.
+ inet_ntop, inet_pton
+ Conditionally export/import the function definitions, so a
- library can have a single copy instead of multiple.
+ library can have a single copy instead of multiple.
+ Upgrade host requirements to include working implementations of
- these functions, and throw all this away. Pleeease? :-) */
+ these functions, and throw all this away. Pleeease? :-) */
#ifndef FAI_DEFINED
#define FAI_DEFINED
@@ -105,37 +106,37 @@
#if !defined (HAVE_GETADDRINFO)
#undef addrinfo
-#define addrinfo my_fake_addrinfo
+#define addrinfo my_fake_addrinfo
struct addrinfo {
- int ai_family; /* PF_foo */
- int ai_socktype; /* SOCK_foo */
- int ai_protocol; /* 0, IPPROTO_foo */
- int ai_flags; /* AI_PASSIVE etc */
- size_t ai_addrlen; /* real length of socket address */
- char *ai_canonname; /* canonical name of host */
- struct sockaddr *ai_addr; /* pointer to variable-size address */
- struct addrinfo *ai_next; /* next in linked list */
+ int ai_family; /* PF_foo */
+ int ai_socktype; /* SOCK_foo */
+ int ai_protocol; /* 0, IPPROTO_foo */
+ int ai_flags; /* AI_PASSIVE etc */
+ size_t ai_addrlen; /* real length of socket address */
+ char *ai_canonname; /* canonical name of host */
+ struct sockaddr *ai_addr; /* pointer to variable-size address */
+ struct addrinfo *ai_next; /* next in linked list */
};
-#undef AI_PASSIVE
-#define AI_PASSIVE 0x01
-#undef AI_CANONNAME
-#define AI_CANONNAME 0x02
-#undef AI_NUMERICHOST
-#define AI_NUMERICHOST 0x04
+#undef AI_PASSIVE
+#define AI_PASSIVE 0x01
+#undef AI_CANONNAME
+#define AI_CANONNAME 0x02
+#undef AI_NUMERICHOST
+#define AI_NUMERICHOST 0x04
/* RFC 2553 says these are part of the interface for getipnodebyname,
not for getaddrinfo. RFC 3493 says they're part of the interface
for getaddrinfo, and getipnodeby* are deprecated. Our fake
getaddrinfo implementation here does IPv4 only anyways. */
-#undef AI_V4MAPPED
-#define AI_V4MAPPED 0
-#undef AI_ADDRCONFIG
-#define AI_ADDRCONFIG 0
-#undef AI_ALL
-#define AI_ALL 0
-#undef AI_DEFAULT
-#define AI_DEFAULT (AI_V4MAPPED|AI_ADDRCONFIG)
+#undef AI_V4MAPPED
+#define AI_V4MAPPED 0
+#undef AI_ADDRCONFIG
+#define AI_ADDRCONFIG 0
+#undef AI_ALL
+#define AI_ALL 0
+#undef AI_DEFAULT
+#define AI_DEFAULT (AI_V4MAPPED|AI_ADDRCONFIG)
#ifndef NI_MAXHOST
#define NI_MAXHOST 1025
@@ -144,40 +145,40 @@ struct addrinfo {
#define NI_MAXSERV 32
#endif
-#undef NI_NUMERICHOST
-#define NI_NUMERICHOST 0x01
-#undef NI_NUMERICSERV
-#define NI_NUMERICSERV 0x02
-#undef NI_NAMEREQD
-#define NI_NAMEREQD 0x04
-#undef NI_DGRAM
-#define NI_DGRAM 0x08
-#undef NI_NOFQDN
-#define NI_NOFQDN 0x10
+#undef NI_NUMERICHOST
+#define NI_NUMERICHOST 0x01
+#undef NI_NUMERICSERV
+#define NI_NUMERICSERV 0x02
+#undef NI_NAMEREQD
+#define NI_NAMEREQD 0x04
+#undef NI_DGRAM
+#define NI_DGRAM 0x08
+#undef NI_NOFQDN
+#define NI_NOFQDN 0x10
#undef EAI_ADDRFAMILY
-#define EAI_ADDRFAMILY 1
+#define EAI_ADDRFAMILY 1
#undef EAI_AGAIN
-#define EAI_AGAIN 2
+#define EAI_AGAIN 2
#undef EAI_BADFLAGS
-#define EAI_BADFLAGS 3
+#define EAI_BADFLAGS 3
#undef EAI_FAIL
-#define EAI_FAIL 4
+#define EAI_FAIL 4
#undef EAI_FAMILY
-#define EAI_FAMILY 5
+#define EAI_FAMILY 5
#undef EAI_MEMORY
-#define EAI_MEMORY 6
+#define EAI_MEMORY 6
#undef EAI_NODATA
-#define EAI_NODATA 7
+#define EAI_NODATA 7
#undef EAI_NONAME
-#define EAI_NONAME 8
+#define EAI_NONAME 8
#undef EAI_SERVICE
-#define EAI_SERVICE 9
+#define EAI_SERVICE 9
#undef EAI_SOCKTYPE
-#define EAI_SOCKTYPE 10
+#define EAI_SOCKTYPE 10
#undef EAI_SYSTEM
-#define EAI_SYSTEM 11
+#define EAI_SYSTEM 11
#endif /* ! HAVE_GETADDRINFO */
@@ -211,16 +212,16 @@ extern const struct in6_addr krb5int_in6addr_any;
/* Call out to stuff defined in libkrb5support. */
extern int krb5int_getaddrinfo (const char *node, const char *service,
- const struct addrinfo *hints,
- struct addrinfo **aip);
+ const struct addrinfo *hints,
+ struct addrinfo **aip);
extern void krb5int_freeaddrinfo (struct addrinfo *ai);
extern const char *krb5int_gai_strerror(int err);
extern int krb5int_getnameinfo (const struct sockaddr *sa, socklen_t salen,
- char *hbuf, size_t hbuflen,
- char *sbuf, size_t sbuflen,
- int flags);
+ char *hbuf, size_t hbuflen,
+ char *sbuf, size_t sbuflen,
+ int flags);
#ifndef IMPLEMENT_FAKE_GETADDRINFO
-#undef getaddrinfo
+#undef getaddrinfo
#define getaddrinfo krb5int_getaddrinfo
#undef freeaddrinfo
#define freeaddrinfo krb5int_freeaddrinfo
diff --git a/src/include/foreachaddr.h b/src/include/foreachaddr.h
index ae422c7b1b..c46d47195a 100644
--- a/src/include/foreachaddr.h
+++ b/src/include/foreachaddr.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* include/foreachaddr.c
*
@@ -51,13 +52,13 @@
extern int
krb5int_foreach_localaddr (/*@null@*/ void *data,
- int (*pass1fn) (/*@null@*/ void *,
- struct sockaddr *) /*@*/,
- /*@null@*/ int (*betweenfn) (/*@null@*/ void *) /*@*/,
- /*@null@*/ int (*pass2fn) (/*@null@*/ void *,
- struct sockaddr *) /*@*/)
+ int (*pass1fn) (/*@null@*/ void *,
+ struct sockaddr *) /*@*/,
+ /*@null@*/ int (*betweenfn) (/*@null@*/ void *) /*@*/,
+ /*@null@*/ int (*pass2fn) (/*@null@*/ void *,
+ struct sockaddr *) /*@*/)
#if defined(DEBUG) || defined(TEST)
- /*@modifies fileSystem@*/
+/*@modifies fileSystem@*/
#endif
;
diff --git a/src/include/gssapi.h b/src/include/gssapi.h
index 7ce379ac41..9383dabdc0 100644
--- a/src/include/gssapi.h
+++ b/src/include/gssapi.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Wrapper so that #include <gssapi.h> will work without special include
* paths.
diff --git a/src/include/iprop.h b/src/include/iprop.h
index 9cfbb30936..942ad8d605 100644
--- a/src/include/iprop.h
+++ b/src/include/iprop.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Please do not edit this file.
* It was generated using rpcgen.
@@ -15,180 +16,180 @@ extern "C" {
typedef struct {
- u_int utf8str_t_len;
- char *utf8str_t_val;
+ u_int utf8str_t_len;
+ char *utf8str_t_val;
} utf8str_t;
typedef uint32_t kdb_sno_t;
struct kdbe_time_t {
- uint32_t seconds;
- uint32_t useconds;
+ uint32_t seconds;
+ uint32_t useconds;
};
typedef struct kdbe_time_t kdbe_time_t;
struct kdbe_key_t {
- int32_t k_ver;
- int32_t k_kvno;
- struct {
- u_int k_enctype_len;
- int32_t *k_enctype_val;
- } k_enctype;
- struct {
- u_int k_contents_len;
- utf8str_t *k_contents_val;
- } k_contents;
+ int32_t k_ver;
+ int32_t k_kvno;
+ struct {
+ u_int k_enctype_len;
+ int32_t *k_enctype_val;
+ } k_enctype;
+ struct {
+ u_int k_contents_len;
+ utf8str_t *k_contents_val;
+ } k_contents;
};
typedef struct kdbe_key_t kdbe_key_t;
struct kdbe_data_t {
- int32_t k_magic;
- utf8str_t k_data;
+ int32_t k_magic;
+ utf8str_t k_data;
};
typedef struct kdbe_data_t kdbe_data_t;
struct kdbe_princ_t {
- utf8str_t k_realm;
- struct {
- u_int k_components_len;
- kdbe_data_t *k_components_val;
- } k_components;
- int32_t k_nametype;
+ utf8str_t k_realm;
+ struct {
+ u_int k_components_len;
+ kdbe_data_t *k_components_val;
+ } k_components;
+ int32_t k_nametype;
};
typedef struct kdbe_princ_t kdbe_princ_t;
struct kdbe_tl_t {
- int16_t tl_type;
- struct {
- u_int tl_data_len;
- char *tl_data_val;
- } tl_data;
+ int16_t tl_type;
+ struct {
+ u_int tl_data_len;
+ char *tl_data_val;
+ } tl_data;
};
typedef struct kdbe_tl_t kdbe_tl_t;
typedef struct {
- u_int kdbe_pw_hist_t_len;
- kdbe_key_t *kdbe_pw_hist_t_val;
+ u_int kdbe_pw_hist_t_len;
+ kdbe_key_t *kdbe_pw_hist_t_val;
} kdbe_pw_hist_t;
enum kdbe_attr_type_t {
- AT_ATTRFLAGS = 0,
- AT_MAX_LIFE = 1,
- AT_MAX_RENEW_LIFE = 2,
- AT_EXP = 3,
- AT_PW_EXP = 4,
- AT_LAST_SUCCESS = 5,
- AT_LAST_FAILED = 6,
- AT_FAIL_AUTH_COUNT = 7,
- AT_PRINC = 8,
- AT_KEYDATA = 9,
- AT_TL_DATA = 10,
- AT_LEN = 11,
- AT_MOD_PRINC = 12,
- AT_MOD_TIME = 13,
- AT_MOD_WHERE = 14,
- AT_PW_LAST_CHANGE = 15,
- AT_PW_POLICY = 16,
- AT_PW_POLICY_SWITCH = 17,
- AT_PW_HIST_KVNO = 18,
- AT_PW_HIST = 19,
+ AT_ATTRFLAGS = 0,
+ AT_MAX_LIFE = 1,
+ AT_MAX_RENEW_LIFE = 2,
+ AT_EXP = 3,
+ AT_PW_EXP = 4,
+ AT_LAST_SUCCESS = 5,
+ AT_LAST_FAILED = 6,
+ AT_FAIL_AUTH_COUNT = 7,
+ AT_PRINC = 8,
+ AT_KEYDATA = 9,
+ AT_TL_DATA = 10,
+ AT_LEN = 11,
+ AT_MOD_PRINC = 12,
+ AT_MOD_TIME = 13,
+ AT_MOD_WHERE = 14,
+ AT_PW_LAST_CHANGE = 15,
+ AT_PW_POLICY = 16,
+ AT_PW_POLICY_SWITCH = 17,
+ AT_PW_HIST_KVNO = 18,
+ AT_PW_HIST = 19,
};
typedef enum kdbe_attr_type_t kdbe_attr_type_t;
struct kdbe_val_t {
- kdbe_attr_type_t av_type;
- union {
- uint32_t av_attrflags;
- uint32_t av_max_life;
- uint32_t av_max_renew_life;
- uint32_t av_exp;
- uint32_t av_pw_exp;
- uint32_t av_last_success;
- uint32_t av_last_failed;
- uint32_t av_fail_auth_count;
- kdbe_princ_t av_princ;
- struct {
- u_int av_keydata_len;
- kdbe_key_t *av_keydata_val;
- } av_keydata;
- struct {
- u_int av_tldata_len;
- kdbe_tl_t *av_tldata_val;
- } av_tldata;
- int16_t av_len;
- uint32_t av_pw_last_change;
- kdbe_princ_t av_mod_princ;
- uint32_t av_mod_time;
- utf8str_t av_mod_where;
- utf8str_t av_pw_policy;
- bool_t av_pw_policy_switch;
- uint32_t av_pw_hist_kvno;
- struct {
- u_int av_pw_hist_len;
- kdbe_pw_hist_t *av_pw_hist_val;
- } av_pw_hist;
- struct {
- u_int av_extension_len;
- char *av_extension_val;
- } av_extension;
- } kdbe_val_t_u;
+ kdbe_attr_type_t av_type;
+ union {
+ uint32_t av_attrflags;
+ uint32_t av_max_life;
+ uint32_t av_max_renew_life;
+ uint32_t av_exp;
+ uint32_t av_pw_exp;
+ uint32_t av_last_success;
+ uint32_t av_last_failed;
+ uint32_t av_fail_auth_count;
+ kdbe_princ_t av_princ;
+ struct {
+ u_int av_keydata_len;
+ kdbe_key_t *av_keydata_val;
+ } av_keydata;
+ struct {
+ u_int av_tldata_len;
+ kdbe_tl_t *av_tldata_val;
+ } av_tldata;
+ int16_t av_len;
+ uint32_t av_pw_last_change;
+ kdbe_princ_t av_mod_princ;
+ uint32_t av_mod_time;
+ utf8str_t av_mod_where;
+ utf8str_t av_pw_policy;
+ bool_t av_pw_policy_switch;
+ uint32_t av_pw_hist_kvno;
+ struct {
+ u_int av_pw_hist_len;
+ kdbe_pw_hist_t *av_pw_hist_val;
+ } av_pw_hist;
+ struct {
+ u_int av_extension_len;
+ char *av_extension_val;
+ } av_extension;
+ } kdbe_val_t_u;
};
typedef struct kdbe_val_t kdbe_val_t;
typedef struct {
- u_int kdbe_t_len;
- kdbe_val_t *kdbe_t_val;
+ u_int kdbe_t_len;
+ kdbe_val_t *kdbe_t_val;
} kdbe_t;
struct kdb_incr_update_t {
- utf8str_t kdb_princ_name;
- kdb_sno_t kdb_entry_sno;
- kdbe_time_t kdb_time;
- kdbe_t kdb_update;
- bool_t kdb_deleted;
- bool_t kdb_commit;
- struct {
- u_int kdb_kdcs_seen_by_len;
- utf8str_t *kdb_kdcs_seen_by_val;
- } kdb_kdcs_seen_by;
- struct {
- u_int kdb_futures_len;
- char *kdb_futures_val;
- } kdb_futures;
+ utf8str_t kdb_princ_name;
+ kdb_sno_t kdb_entry_sno;
+ kdbe_time_t kdb_time;
+ kdbe_t kdb_update;
+ bool_t kdb_deleted;
+ bool_t kdb_commit;
+ struct {
+ u_int kdb_kdcs_seen_by_len;
+ utf8str_t *kdb_kdcs_seen_by_val;
+ } kdb_kdcs_seen_by;
+ struct {
+ u_int kdb_futures_len;
+ char *kdb_futures_val;
+ } kdb_futures;
};
typedef struct kdb_incr_update_t kdb_incr_update_t;
typedef struct {
- u_int kdb_ulog_t_len;
- kdb_incr_update_t *kdb_ulog_t_val;
+ u_int kdb_ulog_t_len;
+ kdb_incr_update_t *kdb_ulog_t_val;
} kdb_ulog_t;
enum update_status_t {
- UPDATE_OK = 0,
- UPDATE_ERROR = 1,
- UPDATE_FULL_RESYNC_NEEDED = 2,
- UPDATE_BUSY = 3,
- UPDATE_NIL = 4,
- UPDATE_PERM_DENIED = 5,
+ UPDATE_OK = 0,
+ UPDATE_ERROR = 1,
+ UPDATE_FULL_RESYNC_NEEDED = 2,
+ UPDATE_BUSY = 3,
+ UPDATE_NIL = 4,
+ UPDATE_PERM_DENIED = 5,
};
typedef enum update_status_t update_status_t;
struct kdb_last_t {
- kdb_sno_t last_sno;
- kdbe_time_t last_time;
+ kdb_sno_t last_sno;
+ kdbe_time_t last_time;
};
typedef struct kdb_last_t kdb_last_t;
struct kdb_incr_result_t {
- kdb_last_t lastentry;
- kdb_ulog_t updates;
- update_status_t ret;
+ kdb_last_t lastentry;
+ kdb_ulog_t updates;
+ update_status_t ret;
};
typedef struct kdb_incr_result_t kdb_incr_result_t;
struct kdb_fullresync_result_t {
- kdb_last_t lastentry;
- update_status_t ret;
+ kdb_last_t lastentry;
+ update_status_t ret;
};
typedef struct kdb_fullresync_result_t kdb_fullresync_result_t;
@@ -206,8 +207,8 @@ extern kdb_incr_result_t * iprop_get_updates_1_svc(kdb_last_t *, struct svc_req
extern kdb_fullresync_result_t * iprop_full_resync_1(void *, CLIENT *);
extern kdb_fullresync_result_t * iprop_full_resync_1_svc(void *, struct svc_req *);
#define IPROP_FULL_RESYNC_EXT 3
-extern kdb_fullresync_result_t * iprop_full_resync_ext_1(uint32_t *, CLIENT *);
-extern kdb_fullresync_result_t * iprop_full_resync_ext_1_svc(uint32_t *, struct svc_req *);
+extern kdb_fullresync_result_t * iprop_full_resync_ext_1(uint32_t *, CLIENT *);
+extern kdb_fullresync_result_t * iprop_full_resync_ext_1_svc(uint32_t *, struct svc_req *);
extern int krb5_iprop_prog_1_freeresult (SVCXPRT *, xdrproc_t, caddr_t);
#else /* K&R C */
diff --git a/src/include/iprop_hdr.h b/src/include/iprop_hdr.h
index cd6d3b440b..9027c76cf9 100644
--- a/src/include/iprop_hdr.h
+++ b/src/include/iprop_hdr.h
@@ -1,15 +1,16 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright 2004 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
-#ifndef _IPROP_HDR_H
-#define _IPROP_HDR_H
+#ifndef _IPROP_HDR_H
+#define _IPROP_HDR_H
-/* #pragma ident "@(#)iprop_hdr.h 1.1 04/02/20 SMI" */
+/* #pragma ident "@(#)iprop_hdr.h 1.1 04/02/20 SMI" */
-#ifdef __cplusplus
+#ifdef __cplusplus
extern "C" {
#endif
@@ -22,16 +23,16 @@ extern "C" {
* Maximum size for each ulog entry is 2KB and maximum
* possible attribute-value pairs for each ulog entry is 20
*/
-#define MAXENTRY_SIZE 2048
-#define MAXATTRS_SIZE 20
+#define MAXENTRY_SIZE 2048
+#define MAXATTRS_SIZE 20
-#define KIPROP_SVC_NAME "kiprop"
-#define MAX_BACKOFF 300 /* Backoff for a maximum for 5 mts */
+#define KIPROP_SVC_NAME "kiprop"
+#define MAX_BACKOFF 300 /* Backoff for a maximum for 5 mts */
enum iprop_role {
- IPROP_NULL = 0,
- IPROP_MASTER = 1,
- IPROP_SLAVE = 2
+ IPROP_NULL = 0,
+ IPROP_MASTER = 1,
+ IPROP_SLAVE = 2
};
typedef enum iprop_role iprop_role;
@@ -42,7 +43,7 @@ typedef enum iprop_role iprop_role;
#define IPROPX_VERSION_1 1
#define IPROPX_VERSION IPROPX_VERSION_1
-#ifdef __cplusplus
+#ifdef __cplusplus
}
#endif
diff --git a/src/include/k5-buf.h b/src/include/k5-buf.h
index 5f7936fd5b..a6c55c1b76 100644
--- a/src/include/k5-buf.h
+++ b/src/include/k5-buf.h
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* include/k5-buf.h
*
diff --git a/src/include/k5-err.h b/src/include/k5-err.h
index 463125b2c2..7014002c86 100644
--- a/src/include/k5-err.h
+++ b/src/include/k5-err.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* include/k5-err.h
*
@@ -16,7 +17,7 @@
* this permission notice appear in supporting documentation, and that
* the name of M.I.T. not be used in advertising or publicity pertaining
* to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
+ * permission. Furthermore if you modify this software you must label
* your software as modified software and not distribute it in such a
* fashion that it might be confused with the original M.I.T. software.
* M.I.T. makes no representations about the suitability of
@@ -52,31 +53,31 @@ struct errinfo {
void
krb5int_set_error (struct errinfo *ep,
- long code,
- const char *fmt, ...)
+ long code,
+ const char *fmt, ...)
#if !defined(__cplusplus) && (__GNUC__ > 2)
__attribute__((__format__(__printf__, 3, 4)))
#endif
;
void
krb5int_vset_error (struct errinfo *ep, long code,
- const char *fmt, va_list args)
+ const char *fmt, va_list args)
#if !defined(__cplusplus) && (__GNUC__ > 2)
__attribute__((__format__(__printf__, 3, 0)))
#endif
;
void
krb5int_set_error_fl (struct errinfo *ep, long code,
- const char *file, int line,
- const char *fmt, ...)
+ const char *file, int line,
+ const char *fmt, ...)
#if !defined(__cplusplus) && (__GNUC__ > 2)
__attribute__((__format__(__printf__, 5, 6)))
#endif
;
void
krb5int_vset_error_fl (struct errinfo *ep, long code,
- const char *file, int line,
- const char *fmt, va_list args)
+ const char *file, int line,
+ const char *fmt, va_list args)
#if !defined(__cplusplus) && (__GNUC__ > 2)
__attribute__((__format__(__printf__, 5, 0)))
#endif
@@ -91,7 +92,7 @@ void
krb5int_set_error_info_callout_fn (const char *(KRB5_CALLCONV *f)(long));
#ifdef DEBUG_ERROR_LOCATIONS
-#define krb5int_set_error(ep, code, ...) \
+#define krb5int_set_error(ep, code, ...) \
krb5int_set_error_fl(ep, code, __FILE__, __LINE__, __VA_ARGS__)
#endif
diff --git a/src/include/k5-gmt_mktime.h b/src/include/k5-gmt_mktime.h
index e7115a54f4..11cb9dd8d5 100644
--- a/src/include/k5-gmt_mktime.h
+++ b/src/include/k5-gmt_mktime.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* include/k5-gmt_mktime.h
*
@@ -16,7 +17,7 @@
* this permission notice appear in supporting documentation, and that
* the name of M.I.T. not be used in advertising or publicity pertaining
* to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
+ * permission. Furthermore if you modify this software you must label
* your software as modified software and not distribute it in such a
* fashion that it might be confused with the original M.I.T. software.
* M.I.T. makes no representations about the suitability of
diff --git a/src/include/k5-int-pkinit.h b/src/include/k5-int-pkinit.h
index 2acc956f9d..77bd260ffb 100644
--- a/src/include/k5-int-pkinit.h
+++ b/src/include/k5-int-pkinit.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* COPYRIGHT (C) 2006
* THE REGENTS OF THE UNIVERSITY OF MICHIGAN
@@ -37,67 +38,67 @@
/* PKAuthenticator */
typedef struct _krb5_pk_authenticator {
- krb5_int32 cusec; /* (0..999999) */
- krb5_timestamp ctime;
- krb5_int32 nonce; /* (0..4294967295) */
- krb5_checksum paChecksum;
+ krb5_int32 cusec; /* (0..999999) */
+ krb5_timestamp ctime;
+ krb5_int32 nonce; /* (0..4294967295) */
+ krb5_checksum paChecksum;
} krb5_pk_authenticator;
/* PKAuthenticator draft9 */
typedef struct _krb5_pk_authenticator_draft9 {
- krb5_principal kdcName;
- krb5_octet_data kdcRealm;
- krb5_int32 cusec; /* (0..999999) */
- krb5_timestamp ctime;
- krb5_int32 nonce; /* (0..4294967295) */
+ krb5_principal kdcName;
+ krb5_octet_data kdcRealm;
+ krb5_int32 cusec; /* (0..999999) */
+ krb5_timestamp ctime;
+ krb5_int32 nonce; /* (0..4294967295) */
} krb5_pk_authenticator_draft9;
/* AlgorithmIdentifier */
typedef struct _krb5_algorithm_identifier {
- krb5_octet_data algorithm; /* OID */
- krb5_octet_data parameters; /* Optional */
+ krb5_octet_data algorithm; /* OID */
+ krb5_octet_data parameters; /* Optional */
} krb5_algorithm_identifier;
/* SubjectPublicKeyInfo */
typedef struct _krb5_subject_pk_info {
- krb5_algorithm_identifier algorithm;
- krb5_octet_data subjectPublicKey; /* BIT STRING */
+ krb5_algorithm_identifier algorithm;
+ krb5_octet_data subjectPublicKey; /* BIT STRING */
} krb5_subject_pk_info;
/* AuthPack */
typedef struct _krb5_auth_pack {
- krb5_pk_authenticator pkAuthenticator;
- krb5_subject_pk_info *clientPublicValue; /* Optional */
- krb5_algorithm_identifier **supportedCMSTypes; /* Optional */
- krb5_octet_data clientDHNonce; /* Optional */
+ krb5_pk_authenticator pkAuthenticator;
+ krb5_subject_pk_info *clientPublicValue; /* Optional */
+ krb5_algorithm_identifier **supportedCMSTypes; /* Optional */
+ krb5_octet_data clientDHNonce; /* Optional */
} krb5_auth_pack;
/* AuthPack draft9 */
typedef struct _krb5_auth_pack_draft9 {
- krb5_pk_authenticator_draft9 pkAuthenticator;
- krb5_subject_pk_info *clientPublicValue; /* Optional */
+ krb5_pk_authenticator_draft9 pkAuthenticator;
+ krb5_subject_pk_info *clientPublicValue; /* Optional */
} krb5_auth_pack_draft9;
/* ExternalPrincipalIdentifier */
typedef struct _krb5_external_principal_identifier {
- krb5_octet_data subjectName; /* Optional */
- krb5_octet_data issuerAndSerialNumber; /* Optional */
- krb5_octet_data subjectKeyIdentifier; /* Optional */
+ krb5_octet_data subjectName; /* Optional */
+ krb5_octet_data issuerAndSerialNumber; /* Optional */
+ krb5_octet_data subjectKeyIdentifier; /* Optional */
} krb5_external_principal_identifier;
/* TrustedCas */
typedef struct _krb5_trusted_ca {
- enum {
- choice_trusted_cas_UNKNOWN = -1,
- choice_trusted_cas_principalName = 0,
- choice_trusted_cas_caName = 1,
- choice_trusted_cas_issuerAndSerial = 2
- } choice;
- union {
- krb5_principal principalName;
- krb5_octet_data caName; /* fully-qualified X.500 "Name" as defined by X.509 (der-encoded) */
- krb5_octet_data issuerAndSerial; /* Optional -- IssuerAndSerialNumber (der-encoded) */
- } u;
+ enum {
+ choice_trusted_cas_UNKNOWN = -1,
+ choice_trusted_cas_principalName = 0,
+ choice_trusted_cas_caName = 1,
+ choice_trusted_cas_issuerAndSerial = 2
+ } choice;
+ union {
+ krb5_principal principalName;
+ krb5_octet_data caName; /* fully-qualified X.500 "Name" as defined by X.509 (der-encoded) */
+ krb5_octet_data issuerAndSerial; /* Optional -- IssuerAndSerialNumber (der-encoded) */
+ } u;
} krb5_trusted_ca;
/* typed data */
@@ -113,74 +114,74 @@ typedef struct _krb5_typed_data {
/* PA-PK-AS-REQ (Draft 9 -- PA TYPE 14) */
typedef struct _krb5_pa_pk_as_req_draft9 {
- krb5_octet_data signedAuthPack;
- krb5_trusted_ca **trustedCertifiers; /* Optional array */
- krb5_octet_data kdcCert; /* Optional */
- krb5_octet_data encryptionCert;
+ krb5_octet_data signedAuthPack;
+ krb5_trusted_ca **trustedCertifiers; /* Optional array */
+ krb5_octet_data kdcCert; /* Optional */
+ krb5_octet_data encryptionCert;
} krb5_pa_pk_as_req_draft9;
/* PA-PK-AS-REQ (rfc4556 -- PA TYPE 16) */
typedef struct _krb5_pa_pk_as_req {
- krb5_octet_data signedAuthPack;
- krb5_external_principal_identifier **trustedCertifiers; /* Optional array */
- krb5_octet_data kdcPkId; /* Optional */
+ krb5_octet_data signedAuthPack;
+ krb5_external_principal_identifier **trustedCertifiers; /* Optional array */
+ krb5_octet_data kdcPkId; /* Optional */
} krb5_pa_pk_as_req;
/* DHRepInfo */
typedef struct _krb5_dh_rep_info {
- krb5_octet_data dhSignedData;
- krb5_octet_data serverDHNonce; /* Optional */
+ krb5_octet_data dhSignedData;
+ krb5_octet_data serverDHNonce; /* Optional */
} krb5_dh_rep_info;
/* KDCDHKeyInfo */
typedef struct _krb5_kdc_dh_key_info {
- krb5_octet_data subjectPublicKey; /* BIT STRING */
- krb5_int32 nonce; /* (0..4294967295) */
- krb5_timestamp dhKeyExpiration; /* Optional */
+ krb5_octet_data subjectPublicKey; /* BIT STRING */
+ krb5_int32 nonce; /* (0..4294967295) */
+ krb5_timestamp dhKeyExpiration; /* Optional */
} krb5_kdc_dh_key_info;
/* KDCDHKeyInfo draft9*/
typedef struct _krb5_kdc_dh_key_info_draft9 {
- krb5_octet_data subjectPublicKey; /* BIT STRING */
- krb5_int32 nonce; /* (0..4294967295) */
+ krb5_octet_data subjectPublicKey; /* BIT STRING */
+ krb5_int32 nonce; /* (0..4294967295) */
} krb5_kdc_dh_key_info_draft9;
/* ReplyKeyPack */
typedef struct _krb5_reply_key_pack {
- krb5_keyblock replyKey;
- krb5_checksum asChecksum;
+ krb5_keyblock replyKey;
+ krb5_checksum asChecksum;
} krb5_reply_key_pack;
/* ReplyKeyPack */
typedef struct _krb5_reply_key_pack_draft9 {
- krb5_keyblock replyKey;
- krb5_int32 nonce;
+ krb5_keyblock replyKey;
+ krb5_int32 nonce;
} krb5_reply_key_pack_draft9;
/* PA-PK-AS-REP (Draft 9 -- PA TYPE 15) */
typedef struct _krb5_pa_pk_as_rep_draft9 {
- enum {
- choice_pa_pk_as_rep_draft9_UNKNOWN = -1,
- choice_pa_pk_as_rep_draft9_dhSignedData = 0,
- choice_pa_pk_as_rep_draft9_encKeyPack = 1
- } choice;
- union {
- krb5_octet_data dhSignedData;
- krb5_octet_data encKeyPack;
- } u;
+ enum {
+ choice_pa_pk_as_rep_draft9_UNKNOWN = -1,
+ choice_pa_pk_as_rep_draft9_dhSignedData = 0,
+ choice_pa_pk_as_rep_draft9_encKeyPack = 1
+ } choice;
+ union {
+ krb5_octet_data dhSignedData;
+ krb5_octet_data encKeyPack;
+ } u;
} krb5_pa_pk_as_rep_draft9;
/* PA-PK-AS-REP (rfc4556 -- PA TYPE 17) */
typedef struct _krb5_pa_pk_as_rep {
- enum {
- choice_pa_pk_as_rep_UNKNOWN = -1,
- choice_pa_pk_as_rep_dhInfo = 0,
- choice_pa_pk_as_rep_encKeyPack = 1
- } choice;
- union {
- krb5_dh_rep_info dh_Info;
- krb5_octet_data encKeyPack;
- } u;
+ enum {
+ choice_pa_pk_as_rep_UNKNOWN = -1,
+ choice_pa_pk_as_rep_dhInfo = 0,
+ choice_pa_pk_as_rep_encKeyPack = 1
+ } choice;
+ union {
+ krb5_dh_rep_info dh_Info;
+ krb5_octet_data encKeyPack;
+ } u;
} krb5_pa_pk_as_rep;
/*
@@ -191,84 +192,94 @@ typedef struct _krb5_pa_pk_as_rep {
* Prototypes for pkinit asn.1 encode routines
*************************************************************************/
-krb5_error_code encode_krb5_pa_pk_as_req
- (const krb5_pa_pk_as_req *rep, krb5_data **code);
+krb5_error_code
+encode_krb5_pa_pk_as_req(const krb5_pa_pk_as_req *rep, krb5_data **code);
-krb5_error_code encode_krb5_pa_pk_as_req_draft9
- (const krb5_pa_pk_as_req_draft9 *rep, krb5_data **code);
+krb5_error_code
+encode_krb5_pa_pk_as_req_draft9(const krb5_pa_pk_as_req_draft9 *rep,
+ krb5_data **code);
-krb5_error_code encode_krb5_pa_pk_as_rep
- (const krb5_pa_pk_as_rep *rep, krb5_data **code);
+krb5_error_code
+encode_krb5_pa_pk_as_rep(const krb5_pa_pk_as_rep *rep, krb5_data **code);
-krb5_error_code encode_krb5_pa_pk_as_rep_draft9
- (const krb5_pa_pk_as_rep_draft9 *rep, krb5_data **code);
+krb5_error_code
+encode_krb5_pa_pk_as_rep_draft9(const krb5_pa_pk_as_rep_draft9 *rep,
+ krb5_data **code);
-krb5_error_code encode_krb5_auth_pack
- (const krb5_auth_pack *rep, krb5_data **code);
+krb5_error_code
+encode_krb5_auth_pack(const krb5_auth_pack *rep, krb5_data **code);
-krb5_error_code encode_krb5_auth_pack_draft9
- (const krb5_auth_pack_draft9 *rep, krb5_data **code);
+krb5_error_code
+encode_krb5_auth_pack_draft9(const krb5_auth_pack_draft9 *rep,
+ krb5_data **code);
-krb5_error_code encode_krb5_kdc_dh_key_info
- (const krb5_kdc_dh_key_info *rep, krb5_data **code);
+krb5_error_code
+encode_krb5_kdc_dh_key_info(const krb5_kdc_dh_key_info *rep, krb5_data **code);
-krb5_error_code encode_krb5_reply_key_pack
- (const krb5_reply_key_pack *, krb5_data **code);
+krb5_error_code
+encode_krb5_reply_key_pack(const krb5_reply_key_pack *, krb5_data **code);
-krb5_error_code encode_krb5_reply_key_pack_draft9
- (const krb5_reply_key_pack_draft9 *, krb5_data **code);
+krb5_error_code
+encode_krb5_reply_key_pack_draft9(const krb5_reply_key_pack_draft9 *,
+ krb5_data **code);
-krb5_error_code encode_krb5_typed_data
- (const krb5_typed_data **, krb5_data **code);
+krb5_error_code
+encode_krb5_typed_data(const krb5_typed_data **, krb5_data **code);
-krb5_error_code encode_krb5_td_trusted_certifiers
- (const krb5_external_principal_identifier **, krb5_data **code);
+krb5_error_code
+encode_krb5_td_trusted_certifiers(const krb5_external_principal_identifier **,
+ krb5_data **code);
-krb5_error_code encode_krb5_td_dh_parameters
- (const krb5_algorithm_identifier **, krb5_data **code);
+krb5_error_code
+encode_krb5_td_dh_parameters(const krb5_algorithm_identifier **,
+ krb5_data **code);
/*************************************************************************
* Prototypes for pkinit asn.1 decode routines
*************************************************************************/
-krb5_error_code decode_krb5_pa_pk_as_req
- (const krb5_data *, krb5_pa_pk_as_req **);
+krb5_error_code
+decode_krb5_pa_pk_as_req(const krb5_data *, krb5_pa_pk_as_req **);
-krb5_error_code decode_krb5_pa_pk_as_req_draft9
- (const krb5_data *, krb5_pa_pk_as_req_draft9 **);
+krb5_error_code
+decode_krb5_pa_pk_as_req_draft9(const krb5_data *,
+ krb5_pa_pk_as_req_draft9 **);
-krb5_error_code decode_krb5_pa_pk_as_rep
- (const krb5_data *, krb5_pa_pk_as_rep **);
+krb5_error_code
+decode_krb5_pa_pk_as_rep(const krb5_data *, krb5_pa_pk_as_rep **);
-krb5_error_code decode_krb5_pa_pk_as_rep_draft9
- (const krb5_data *, krb5_pa_pk_as_rep_draft9 **);
+krb5_error_code
+decode_krb5_pa_pk_as_rep_draft9(const krb5_data *,
+ krb5_pa_pk_as_rep_draft9 **);
-krb5_error_code decode_krb5_auth_pack
- (const krb5_data *, krb5_auth_pack **);
+krb5_error_code
+decode_krb5_auth_pack(const krb5_data *, krb5_auth_pack **);
-krb5_error_code decode_krb5_auth_pack_draft9
- (const krb5_data *, krb5_auth_pack_draft9 **);
+krb5_error_code
+decode_krb5_auth_pack_draft9(const krb5_data *, krb5_auth_pack_draft9 **);
-krb5_error_code decode_krb5_kdc_dh_key_info
- (const krb5_data *, krb5_kdc_dh_key_info **);
+krb5_error_code
+decode_krb5_kdc_dh_key_info(const krb5_data *, krb5_kdc_dh_key_info **);
-krb5_error_code decode_krb5_principal_name
- (const krb5_data *, krb5_principal_data **);
+krb5_error_code
+decode_krb5_principal_name(const krb5_data *, krb5_principal_data **);
-krb5_error_code decode_krb5_reply_key_pack
- (const krb5_data *, krb5_reply_key_pack **);
+krb5_error_code
+decode_krb5_reply_key_pack(const krb5_data *, krb5_reply_key_pack **);
-krb5_error_code decode_krb5_reply_key_pack_draft9
- (const krb5_data *, krb5_reply_key_pack_draft9 **);
+krb5_error_code
+decode_krb5_reply_key_pack_draft9(const krb5_data *,
+ krb5_reply_key_pack_draft9 **);
-krb5_error_code decode_krb5_typed_data
- (const krb5_data *, krb5_typed_data ***);
+krb5_error_code
+decode_krb5_typed_data(const krb5_data *, krb5_typed_data ***);
-krb5_error_code decode_krb5_td_trusted_certifiers
- (const krb5_data *, krb5_external_principal_identifier ***);
+krb5_error_code
+decode_krb5_td_trusted_certifiers(const krb5_data *,
+ krb5_external_principal_identifier ***);
-krb5_error_code decode_krb5_td_dh_parameters
- (const krb5_data *, krb5_algorithm_identifier ***);
+krb5_error_code
+decode_krb5_td_dh_parameters(const krb5_data *, krb5_algorithm_identifier ***);
void krb5_free_typed_data(krb5_context, krb5_typed_data **);
diff --git a/src/include/k5-int.h b/src/include/k5-int.h
index a9769234cd..01f76de609 100644
--- a/src/include/k5-int.h
+++ b/src/include/k5-int.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1989,1990,1991,1992,1993,1994,1995,2000,2001, 2003,2006,2007,2008,2009 by the Massachusetts Institute of Technology,
* Cambridge, MA, USA. All Rights Reserved.
@@ -84,9 +85,9 @@
#include "osconf.h"
#if defined(__MACH__) && defined(__APPLE__)
-# include <TargetConditionals.h>
+# include <TargetConditionals.h>
# if TARGET_RT_MAC_CFM
-# error "Use KfM 4.0 SDK headers for CFM compilation."
+# error "Use KfM 4.0 SDK headers for CFM compilation."
# endif
#endif
@@ -104,10 +105,10 @@
#include "win-mac.h"
/* Kerberos Windows initialization file */
-#define KERBEROS_INI "kerberos.ini"
-#define INI_FILES "Files"
-#define INI_KRB_CCACHE "krb5cc" /* Location of the ccache */
-#define INI_KRB5_CONF "krb5.ini" /* Location of krb5.conf file */
+#define KERBEROS_INI "kerberos.ini"
+#define INI_FILES "Files"
+#define INI_KRB_CCACHE "krb5cc" /* Location of the ccache */
+#define INI_KRB5_CONF "krb5.ini" /* Location of krb5.conf file */
#define ANSI_STDIO
#endif
@@ -116,13 +117,13 @@
#ifndef KRB5_SYSTYPES__
#define KRB5_SYSTYPES__
-#ifdef HAVE_SYS_TYPES_H /* From autoconf.h */
+#ifdef HAVE_SYS_TYPES_H /* From autoconf.h */
#include <sys/types.h>
#else /* HAVE_SYS_TYPES_H */
-typedef unsigned long u_long;
-typedef unsigned int u_int;
-typedef unsigned short u_short;
-typedef unsigned char u_char;
+typedef unsigned long u_long;
+typedef unsigned int u_int;
+typedef unsigned short u_short;
+typedef unsigned char u_char;
#endif /* HAVE_SYS_TYPES_H */
#endif /* KRB5_SYSTYPES__ */
@@ -136,9 +137,9 @@ typedef INT64_TYPE krb5_int64;
#define DEFAULT_PWD_STRING1 "Enter password"
#define DEFAULT_PWD_STRING2 "Re-enter password for verification"
-#define KRB5_KDB_MAX_LIFE (60*60*24) /* one day */
-#define KRB5_KDB_MAX_RLIFE (60*60*24*7) /* one week */
-#define KRB5_KDB_EXPIRATION 2145830400 /* Thu Jan 1 00:00:00 2038 UTC */
+#define KRB5_KDB_MAX_LIFE (60*60*24) /* one day */
+#define KRB5_KDB_MAX_RLIFE (60*60*24*7) /* one week */
+#define KRB5_KDB_EXPIRATION 2145830400 /* Thu Jan 1 00:00:00 2038 UTC */
/*
* Windows requires a different api interface to each function. Here
@@ -262,95 +263,95 @@ typedef INT64_TYPE krb5_int64;
(which allows non-ambiguous error codes between subsystems) */
/* KDC errors */
-#define KDC_ERR_NONE 0 /* No error */
-#define KDC_ERR_NAME_EXP 1 /* Client's entry in DB expired */
-#define KDC_ERR_SERVICE_EXP 2 /* Server's entry in DB expired */
-#define KDC_ERR_BAD_PVNO 3 /* Requested pvno not supported */
-#define KDC_ERR_C_OLD_MAST_KVNO 4 /* C's key encrypted in old master */
-#define KDC_ERR_S_OLD_MAST_KVNO 5 /* S's key encrypted in old master */
-#define KDC_ERR_C_PRINCIPAL_UNKNOWN 6 /* Client not found in Kerberos DB */
-#define KDC_ERR_S_PRINCIPAL_UNKNOWN 7 /* Server not found in Kerberos DB */
-#define KDC_ERR_PRINCIPAL_NOT_UNIQUE 8 /* Multiple entries in Kerberos DB */
-#define KDC_ERR_NULL_KEY 9 /* The C or S has a null key */
-#define KDC_ERR_CANNOT_POSTDATE 10 /* Tkt ineligible for postdating */
-#define KDC_ERR_NEVER_VALID 11 /* Requested starttime > endtime */
-#define KDC_ERR_POLICY 12 /* KDC policy rejects request */
-#define KDC_ERR_BADOPTION 13 /* KDC can't do requested opt. */
-#define KDC_ERR_ENCTYPE_NOSUPP 14 /* No support for encryption type */
-#define KDC_ERR_SUMTYPE_NOSUPP 15 /* No support for checksum type */
-#define KDC_ERR_PADATA_TYPE_NOSUPP 16 /* No support for padata type */
-#define KDC_ERR_TRTYPE_NOSUPP 17 /* No support for transited type */
-#define KDC_ERR_CLIENT_REVOKED 18 /* C's creds have been revoked */
-#define KDC_ERR_SERVICE_REVOKED 19 /* S's creds have been revoked */
-#define KDC_ERR_TGT_REVOKED 20 /* TGT has been revoked */
-#define KDC_ERR_CLIENT_NOTYET 21 /* C not yet valid */
-#define KDC_ERR_SERVICE_NOTYET 22 /* S not yet valid */
-#define KDC_ERR_KEY_EXP 23 /* Password has expired */
-#define KDC_ERR_PREAUTH_FAILED 24 /* Preauthentication failed */
-#define KDC_ERR_PREAUTH_REQUIRED 25 /* Additional preauthentication */
- /* required */
-#define KDC_ERR_SERVER_NOMATCH 26 /* Requested server and */
- /* ticket don't match*/
-#define KDC_ERR_MUST_USE_USER2USER 27 /* Server principal valid for */
- /* user2user only */
-#define KDC_ERR_PATH_NOT_ACCEPTED 28 /* KDC policy rejected transited */
- /* path */
-#define KDC_ERR_SVC_UNAVAILABLE 29 /* A service is not
- * available that is
- * required to process the
- * request */
+#define KDC_ERR_NONE 0 /* No error */
+#define KDC_ERR_NAME_EXP 1 /* Client's entry in DB expired */
+#define KDC_ERR_SERVICE_EXP 2 /* Server's entry in DB expired */
+#define KDC_ERR_BAD_PVNO 3 /* Requested pvno not supported */
+#define KDC_ERR_C_OLD_MAST_KVNO 4 /* C's key encrypted in old master */
+#define KDC_ERR_S_OLD_MAST_KVNO 5 /* S's key encrypted in old master */
+#define KDC_ERR_C_PRINCIPAL_UNKNOWN 6 /* Client not found in Kerberos DB */
+#define KDC_ERR_S_PRINCIPAL_UNKNOWN 7 /* Server not found in Kerberos DB */
+#define KDC_ERR_PRINCIPAL_NOT_UNIQUE 8 /* Multiple entries in Kerberos DB */
+#define KDC_ERR_NULL_KEY 9 /* The C or S has a null key */
+#define KDC_ERR_CANNOT_POSTDATE 10 /* Tkt ineligible for postdating */
+#define KDC_ERR_NEVER_VALID 11 /* Requested starttime > endtime */
+#define KDC_ERR_POLICY 12 /* KDC policy rejects request */
+#define KDC_ERR_BADOPTION 13 /* KDC can't do requested opt. */
+#define KDC_ERR_ENCTYPE_NOSUPP 14 /* No support for encryption type */
+#define KDC_ERR_SUMTYPE_NOSUPP 15 /* No support for checksum type */
+#define KDC_ERR_PADATA_TYPE_NOSUPP 16 /* No support for padata type */
+#define KDC_ERR_TRTYPE_NOSUPP 17 /* No support for transited type */
+#define KDC_ERR_CLIENT_REVOKED 18 /* C's creds have been revoked */
+#define KDC_ERR_SERVICE_REVOKED 19 /* S's creds have been revoked */
+#define KDC_ERR_TGT_REVOKED 20 /* TGT has been revoked */
+#define KDC_ERR_CLIENT_NOTYET 21 /* C not yet valid */
+#define KDC_ERR_SERVICE_NOTYET 22 /* S not yet valid */
+#define KDC_ERR_KEY_EXP 23 /* Password has expired */
+#define KDC_ERR_PREAUTH_FAILED 24 /* Preauthentication failed */
+#define KDC_ERR_PREAUTH_REQUIRED 25 /* Additional preauthentication */
+ /* required */
+#define KDC_ERR_SERVER_NOMATCH 26 /* Requested server and */
+ /* ticket don't match*/
+#define KDC_ERR_MUST_USE_USER2USER 27 /* Server principal valid for */
+ /* user2user only */
+#define KDC_ERR_PATH_NOT_ACCEPTED 28 /* KDC policy rejected transited */
+ /* path */
+#define KDC_ERR_SVC_UNAVAILABLE 29 /* A service is not
+ * available that is
+ * required to process the
+ * request */
/* Application errors */
-#define KRB_AP_ERR_BAD_INTEGRITY 31 /* Decrypt integrity check failed */
-#define KRB_AP_ERR_TKT_EXPIRED 32 /* Ticket expired */
-#define KRB_AP_ERR_TKT_NYV 33 /* Ticket not yet valid */
-#define KRB_AP_ERR_REPEAT 34 /* Request is a replay */
-#define KRB_AP_ERR_NOT_US 35 /* The ticket isn't for us */
-#define KRB_AP_ERR_BADMATCH 36 /* Ticket/authenticator don't match */
-#define KRB_AP_ERR_SKEW 37 /* Clock skew too great */
-#define KRB_AP_ERR_BADADDR 38 /* Incorrect net address */
-#define KRB_AP_ERR_BADVERSION 39 /* Protocol version mismatch */
-#define KRB_AP_ERR_MSG_TYPE 40 /* Invalid message type */
-#define KRB_AP_ERR_MODIFIED 41 /* Message stream modified */
-#define KRB_AP_ERR_BADORDER 42 /* Message out of order */
-#define KRB_AP_ERR_BADKEYVER 44 /* Key version is not available */
-#define KRB_AP_ERR_NOKEY 45 /* Service key not available */
-#define KRB_AP_ERR_MUT_FAIL 46 /* Mutual authentication failed */
-#define KRB_AP_ERR_BADDIRECTION 47 /* Incorrect message direction */
-#define KRB_AP_ERR_METHOD 48 /* Alternative authentication */
- /* method required */
-#define KRB_AP_ERR_BADSEQ 49 /* Incorrect sequence numnber */
- /* in message */
-#define KRB_AP_ERR_INAPP_CKSUM 50 /* Inappropriate type of */
- /* checksum in message */
-#define KRB_AP_PATH_NOT_ACCEPTED 51 /* Policy rejects transited path */
-#define KRB_ERR_RESPONSE_TOO_BIG 52 /* Response too big for UDP, */
- /* retry with TCP */
+#define KRB_AP_ERR_BAD_INTEGRITY 31 /* Decrypt integrity check failed */
+#define KRB_AP_ERR_TKT_EXPIRED 32 /* Ticket expired */
+#define KRB_AP_ERR_TKT_NYV 33 /* Ticket not yet valid */
+#define KRB_AP_ERR_REPEAT 34 /* Request is a replay */
+#define KRB_AP_ERR_NOT_US 35 /* The ticket isn't for us */
+#define KRB_AP_ERR_BADMATCH 36 /* Ticket/authenticator don't match */
+#define KRB_AP_ERR_SKEW 37 /* Clock skew too great */
+#define KRB_AP_ERR_BADADDR 38 /* Incorrect net address */
+#define KRB_AP_ERR_BADVERSION 39 /* Protocol version mismatch */
+#define KRB_AP_ERR_MSG_TYPE 40 /* Invalid message type */
+#define KRB_AP_ERR_MODIFIED 41 /* Message stream modified */
+#define KRB_AP_ERR_BADORDER 42 /* Message out of order */
+#define KRB_AP_ERR_BADKEYVER 44 /* Key version is not available */
+#define KRB_AP_ERR_NOKEY 45 /* Service key not available */
+#define KRB_AP_ERR_MUT_FAIL 46 /* Mutual authentication failed */
+#define KRB_AP_ERR_BADDIRECTION 47 /* Incorrect message direction */
+#define KRB_AP_ERR_METHOD 48 /* Alternative authentication */
+ /* method required */
+#define KRB_AP_ERR_BADSEQ 49 /* Incorrect sequence numnber */
+ /* in message */
+#define KRB_AP_ERR_INAPP_CKSUM 50 /* Inappropriate type of */
+ /* checksum in message */
+#define KRB_AP_PATH_NOT_ACCEPTED 51 /* Policy rejects transited path */
+#define KRB_ERR_RESPONSE_TOO_BIG 52 /* Response too big for UDP, */
+ /* retry with TCP */
/* other errors */
-#define KRB_ERR_GENERIC 60 /* Generic error (description */
- /* in e-text) */
-#define KRB_ERR_FIELD_TOOLONG 61 /* Field is too long for impl. */
+#define KRB_ERR_GENERIC 60 /* Generic error (description */
+ /* in e-text) */
+#define KRB_ERR_FIELD_TOOLONG 61 /* Field is too long for impl. */
/* PKINIT server-reported errors */
-#define KDC_ERR_CLIENT_NOT_TRUSTED 62 /* client cert not trusted */
-#define KDC_ERR_KDC_NOT_TRUSTED 63
-#define KDC_ERR_INVALID_SIG 64 /* client signature verify failed */
-#define KDC_ERR_DH_KEY_PARAMETERS_NOT_ACCEPTED 65 /* invalid Diffie-Hellman parameters */
-#define KDC_ERR_CERTIFICATE_MISMATCH 66
-#define KRB_AP_ERR_NO_TGT 67
-#define KDC_ERR_WRONG_REALM 68
-#define KRB_AP_ERR_USER_TO_USER_REQUIRED 69
-#define KDC_ERR_CANT_VERIFY_CERTIFICATE 70 /* client cert not verifiable to */
- /* trusted root cert */
-#define KDC_ERR_INVALID_CERTIFICATE 71 /* client cert had invalid signature */
-#define KDC_ERR_REVOKED_CERTIFICATE 72 /* client cert was revoked */
-#define KDC_ERR_REVOCATION_STATUS_UNKNOWN 73 /* client cert revoked, reason unknown */
-#define KDC_ERR_REVOCATION_STATUS_UNAVAILABLE 74
-#define KDC_ERR_CLIENT_NAME_MISMATCH 75 /* mismatch between client cert and */
- /* principal name */
-#define KDC_ERR_INCONSISTENT_KEY_PURPOSE 77 /* bad extended key use */
-#define KDC_ERR_DIGEST_IN_CERT_NOT_ACCEPTED 78 /* bad digest algorithm in client cert */
-#define KDC_ERR_PA_CHECKSUM_MUST_BE_INCLUDED 79 /* missing paChecksum in PA-PK-AS-REQ */
+#define KDC_ERR_CLIENT_NOT_TRUSTED 62 /* client cert not trusted */
+#define KDC_ERR_KDC_NOT_TRUSTED 63
+#define KDC_ERR_INVALID_SIG 64 /* client signature verify failed */
+#define KDC_ERR_DH_KEY_PARAMETERS_NOT_ACCEPTED 65 /* invalid Diffie-Hellman parameters */
+#define KDC_ERR_CERTIFICATE_MISMATCH 66
+#define KRB_AP_ERR_NO_TGT 67
+#define KDC_ERR_WRONG_REALM 68
+#define KRB_AP_ERR_USER_TO_USER_REQUIRED 69
+#define KDC_ERR_CANT_VERIFY_CERTIFICATE 70 /* client cert not verifiable to */
+ /* trusted root cert */
+#define KDC_ERR_INVALID_CERTIFICATE 71 /* client cert had invalid signature */
+#define KDC_ERR_REVOKED_CERTIFICATE 72 /* client cert was revoked */
+#define KDC_ERR_REVOCATION_STATUS_UNKNOWN 73 /* client cert revoked, reason unknown */
+#define KDC_ERR_REVOCATION_STATUS_UNAVAILABLE 74
+#define KDC_ERR_CLIENT_NAME_MISMATCH 75 /* mismatch between client cert and */
+ /* principal name */
+#define KDC_ERR_INCONSISTENT_KEY_PURPOSE 77 /* bad extended key use */
+#define KDC_ERR_DIGEST_IN_CERT_NOT_ACCEPTED 78 /* bad digest algorithm in client cert */
+#define KDC_ERR_PA_CHECKSUM_MUST_BE_INCLUDED 79 /* missing paChecksum in PA-PK-AS-REQ */
#define KDC_ERR_DIGEST_IN_SIGNED_DATA_NOT_ACCEPTED 80 /* bad digest algorithm in SignedData */
#define KDC_ERR_PUBLIC_KEY_ENCRYPTION_NOT_SUPPORTED 81
@@ -360,10 +361,10 @@ typedef INT64_TYPE krb5_int64;
* authentication is returned, KRB_AP_METHOD.
*/
typedef struct _krb5_alt_method {
- krb5_magic magic;
- krb5_int32 method;
- unsigned int length;
- krb5_octet *data;
+ krb5_magic magic;
+ krb5_int32 method;
+ unsigned int length;
+ krb5_octet *data;
} krb5_alt_method;
/*
@@ -374,10 +375,10 @@ typedef struct _krb5_alt_method {
* but s2kparams must be null when encoding etype-info.
*/
typedef struct _krb5_etype_info_entry {
- krb5_magic magic;
- krb5_enctype etype;
- unsigned int length;
- krb5_octet *salt;
+ krb5_magic magic;
+ krb5_enctype etype;
+ unsigned int length;
+ krb5_octet *salt;
krb5_data s2kparams;
} krb5_etype_info_entry;
@@ -393,33 +394,33 @@ typedef krb5_etype_info_entry ** krb5_etype_info;
/* RFC 4537 */
typedef struct _krb5_etype_list {
- int length;
- krb5_enctype *etypes;
+ int length;
+ krb5_enctype *etypes;
} krb5_etype_list;
/*
* a sam_challenge is returned for alternate preauth
*/
/*
- SAMFlags ::= BIT STRING {
- use-sad-as-key[0],
- send-encrypted-sad[1],
- must-pk-encrypt-sad[2]
- }
- */
+ SAMFlags ::= BIT STRING {
+ use-sad-as-key[0],
+ send-encrypted-sad[1],
+ must-pk-encrypt-sad[2]
+ }
+*/
/*
- PA-SAM-CHALLENGE ::= SEQUENCE {
- sam-type[0] INTEGER,
- sam-flags[1] SAMFlags,
- sam-type-name[2] GeneralString OPTIONAL,
- sam-track-id[3] GeneralString OPTIONAL,
- sam-challenge-label[4] GeneralString OPTIONAL,
- sam-challenge[5] GeneralString OPTIONAL,
- sam-response-prompt[6] GeneralString OPTIONAL,
- sam-pk-for-sad[7] EncryptionKey OPTIONAL,
- sam-nonce[8] INTEGER OPTIONAL,
- sam-cksum[9] Checksum OPTIONAL
- }
+ PA-SAM-CHALLENGE ::= SEQUENCE {
+ sam-type[0] INTEGER,
+ sam-flags[1] SAMFlags,
+ sam-type-name[2] GeneralString OPTIONAL,
+ sam-track-id[3] GeneralString OPTIONAL,
+ sam-challenge-label[4] GeneralString OPTIONAL,
+ sam-challenge[5] GeneralString OPTIONAL,
+ sam-response-prompt[6] GeneralString OPTIONAL,
+ sam-pk-for-sad[7] EncryptionKey OPTIONAL,
+ sam-nonce[8] INTEGER OPTIONAL,
+ sam-cksum[9] Checksum OPTIONAL
+ }
*/
/* sam_type values -- informational only */
#define PA_SAM_TYPE_ENIGMA 1 /* Enigma Logic */
@@ -434,89 +435,89 @@ typedef struct _krb5_etype_list {
#define PA_SAM_TYPE_DIGI_PATH_HEX 8 /* Digital Pathways hex mode */
#endif
#define PA_SAM_TYPE_EXP_BASE 128 /* experimental */
-#define PA_SAM_TYPE_GRAIL (PA_SAM_TYPE_EXP_BASE+0) /* testing */
-#define PA_SAM_TYPE_SECURID_PREDICT (PA_SAM_TYPE_EXP_BASE+1) /* special */
+#define PA_SAM_TYPE_GRAIL (PA_SAM_TYPE_EXP_BASE+0) /* testing */
+#define PA_SAM_TYPE_SECURID_PREDICT (PA_SAM_TYPE_EXP_BASE+1) /* special */
typedef struct _krb5_predicted_sam_response {
- krb5_magic magic;
- krb5_keyblock sam_key;
- krb5_flags sam_flags; /* Makes key munging easier */
- krb5_timestamp stime; /* time on server, for replay detection */
- krb5_int32 susec;
- krb5_principal client;
- krb5_data msd; /* mechanism specific data */
+ krb5_magic magic;
+ krb5_keyblock sam_key;
+ krb5_flags sam_flags; /* Makes key munging easier */
+ krb5_timestamp stime; /* time on server, for replay detection */
+ krb5_int32 susec;
+ krb5_principal client;
+ krb5_data msd; /* mechanism specific data */
} krb5_predicted_sam_response;
typedef struct _krb5_sam_challenge {
- krb5_magic magic;
- krb5_int32 sam_type; /* information */
- krb5_flags sam_flags; /* KRB5_SAM_* values */
- krb5_data sam_type_name;
- krb5_data sam_track_id;
- krb5_data sam_challenge_label;
- krb5_data sam_challenge;
- krb5_data sam_response_prompt;
- krb5_data sam_pk_for_sad;
- krb5_int32 sam_nonce;
- krb5_checksum sam_cksum;
+ krb5_magic magic;
+ krb5_int32 sam_type; /* information */
+ krb5_flags sam_flags; /* KRB5_SAM_* values */
+ krb5_data sam_type_name;
+ krb5_data sam_track_id;
+ krb5_data sam_challenge_label;
+ krb5_data sam_challenge;
+ krb5_data sam_response_prompt;
+ krb5_data sam_pk_for_sad;
+ krb5_int32 sam_nonce;
+ krb5_checksum sam_cksum;
} krb5_sam_challenge;
-typedef struct _krb5_sam_key { /* reserved for future use */
- krb5_magic magic;
- krb5_keyblock sam_key;
+typedef struct _krb5_sam_key { /* reserved for future use */
+ krb5_magic magic;
+ krb5_keyblock sam_key;
} krb5_sam_key;
typedef struct _krb5_enc_sam_response_enc {
- krb5_magic magic;
- krb5_int32 sam_nonce;
- krb5_timestamp sam_timestamp;
- krb5_int32 sam_usec;
- krb5_data sam_sad;
+ krb5_magic magic;
+ krb5_int32 sam_nonce;
+ krb5_timestamp sam_timestamp;
+ krb5_int32 sam_usec;
+ krb5_data sam_sad;
} krb5_enc_sam_response_enc;
typedef struct _krb5_sam_response {
- krb5_magic magic;
- krb5_int32 sam_type; /* informational */
- krb5_flags sam_flags; /* KRB5_SAM_* values */
- krb5_data sam_track_id; /* copied */
- krb5_enc_data sam_enc_key; /* krb5_sam_key - future use */
- krb5_enc_data sam_enc_nonce_or_ts; /* krb5_enc_sam_response_enc */
- krb5_int32 sam_nonce;
- krb5_timestamp sam_patimestamp;
+ krb5_magic magic;
+ krb5_int32 sam_type; /* informational */
+ krb5_flags sam_flags; /* KRB5_SAM_* values */
+ krb5_data sam_track_id; /* copied */
+ krb5_enc_data sam_enc_key; /* krb5_sam_key - future use */
+ krb5_enc_data sam_enc_nonce_or_ts; /* krb5_enc_sam_response_enc */
+ krb5_int32 sam_nonce;
+ krb5_timestamp sam_patimestamp;
} krb5_sam_response;
typedef struct _krb5_sam_challenge_2 {
- krb5_data sam_challenge_2_body;
- krb5_checksum **sam_cksum; /* Array of checksums */
+ krb5_data sam_challenge_2_body;
+ krb5_checksum **sam_cksum; /* Array of checksums */
} krb5_sam_challenge_2;
typedef struct _krb5_sam_challenge_2_body {
- krb5_magic magic;
- krb5_int32 sam_type; /* information */
- krb5_flags sam_flags; /* KRB5_SAM_* values */
- krb5_data sam_type_name;
- krb5_data sam_track_id;
- krb5_data sam_challenge_label;
- krb5_data sam_challenge;
- krb5_data sam_response_prompt;
- krb5_data sam_pk_for_sad;
- krb5_int32 sam_nonce;
- krb5_enctype sam_etype;
+ krb5_magic magic;
+ krb5_int32 sam_type; /* information */
+ krb5_flags sam_flags; /* KRB5_SAM_* values */
+ krb5_data sam_type_name;
+ krb5_data sam_track_id;
+ krb5_data sam_challenge_label;
+ krb5_data sam_challenge;
+ krb5_data sam_response_prompt;
+ krb5_data sam_pk_for_sad;
+ krb5_int32 sam_nonce;
+ krb5_enctype sam_etype;
} krb5_sam_challenge_2_body;
typedef struct _krb5_sam_response_2 {
- krb5_magic magic;
- krb5_int32 sam_type; /* informational */
- krb5_flags sam_flags; /* KRB5_SAM_* values */
- krb5_data sam_track_id; /* copied */
- krb5_enc_data sam_enc_nonce_or_sad; /* krb5_enc_sam_response_enc */
- krb5_int32 sam_nonce;
+ krb5_magic magic;
+ krb5_int32 sam_type; /* informational */
+ krb5_flags sam_flags; /* KRB5_SAM_* values */
+ krb5_data sam_track_id; /* copied */
+ krb5_enc_data sam_enc_nonce_or_sad; /* krb5_enc_sam_response_enc */
+ krb5_int32 sam_nonce;
} krb5_sam_response_2;
typedef struct _krb5_enc_sam_response_enc_2 {
- krb5_magic magic;
- krb5_int32 sam_nonce;
- krb5_data sam_sad;
+ krb5_magic magic;
+ krb5_int32 sam_nonce;
+ krb5_data sam_sad;
} krb5_enc_sam_response_enc_2;
/*
@@ -547,17 +548,17 @@ extern char *strdup (const char *);
#endif
#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h> /* struct stat, stat() */
+#include <sys/stat.h> /* struct stat, stat() */
#endif
#ifdef HAVE_SYS_PARAM_H
-#include <sys/param.h> /* MAXPATHLEN */
+#include <sys/param.h> /* MAXPATHLEN */
#endif
#ifdef HAVE_SYS_FILE_H
-#include <sys/file.h> /* prototypes for file-related
- syscalls; flags for open &
- friends */
+#include <sys/file.h> /* prototypes for file-related
+ syscalls; flags for open &
+ friends */
#endif
#ifdef HAVE_FCNTL_H
@@ -572,68 +573,72 @@ struct addrlist;
struct sendto_callback_info;
/* libos.spec */
-krb5_error_code krb5_lock_file (krb5_context, int, int);
-krb5_error_code krb5_unlock_file (krb5_context, int);
-krb5_error_code krb5_sendto_kdc (krb5_context, const krb5_data *,
- const krb5_data *, krb5_data *, int *, int);
-
-krb5_error_code krb5int_sendto (krb5_context context, const krb5_data *message,
- const struct addrlist *addrs, struct sendto_callback_info* callback_info,
- krb5_data *reply, struct sockaddr *localaddr, socklen_t *localaddrlen,
- struct sockaddr *remoteaddr, socklen_t *remoteaddrlen, int *addr_used,
- int (*msg_handler)(krb5_context, const krb5_data *, void *),
- void *msg_handler_data);
+krb5_error_code krb5_lock_file(krb5_context, int, int);
+krb5_error_code krb5_unlock_file(krb5_context, int);
+krb5_error_code krb5_sendto_kdc(krb5_context, const krb5_data *,
+ const krb5_data *, krb5_data *, int *, int);
-krb5_error_code krb5_get_krbhst (krb5_context, const krb5_data *, char *** );
-krb5_error_code krb5_free_krbhst (krb5_context, char * const * );
-krb5_error_code krb5_create_secure_file (krb5_context, const char * pathname);
-krb5_error_code krb5_sync_disk_file (krb5_context, FILE *fp);
-
-krb5_error_code krb5int_get_fq_local_hostname (char *, size_t);
+krb5_error_code
+krb5int_sendto(krb5_context context, const krb5_data *message,
+ const struct addrlist *addrs,
+ struct sendto_callback_info* callback_info,
+ krb5_data *reply, struct sockaddr *localaddr,
+ socklen_t *localaddrlen,
+ struct sockaddr *remoteaddr, socklen_t *remoteaddrlen,
+ int *addr_used,
+ int (*msg_handler)(krb5_context, const krb5_data *, void *),
+ void *msg_handler_data);
+
+krb5_error_code krb5_get_krbhst(krb5_context, const krb5_data *, char *** );
+krb5_error_code krb5_free_krbhst(krb5_context, char * const * );
+krb5_error_code krb5_create_secure_file(krb5_context, const char * pathname);
+krb5_error_code krb5_sync_disk_file(krb5_context, FILE *fp);
+
+krb5_error_code krb5int_get_fq_local_hostname(char *, size_t);
krb5_error_code krb5int_init_context_kdc(krb5_context *);
-krb5_error_code krb5_os_init_context (krb5_context, krb5_boolean);
+krb5_error_code krb5_os_init_context(krb5_context, krb5_boolean);
-void krb5_os_free_context (krb5_context);
+void krb5_os_free_context(krb5_context);
/* This function is needed by KfM's KerberosPreferences API
* because it needs to be able to specify "secure" */
-krb5_error_code os_get_default_config_files
- (profile_filespec_t **pfiles, krb5_boolean secure);
+krb5_error_code
+os_get_default_config_files(profile_filespec_t **pfiles, krb5_boolean secure);
-krb5_error_code krb5_os_hostaddr
- (krb5_context, const char *, krb5_address ***);
+krb5_error_code
+krb5_os_hostaddr(krb5_context, const char *, krb5_address ***);
-krb5_error_code krb5int_get_domain_realm_mapping
- (krb5_context , const char *, char ***);
+krb5_error_code
+krb5int_get_domain_realm_mapping(krb5_context , const char *, char ***);
/* N.B.: You need to include fake-addrinfo.h *before* k5-int.h if you're
going to use this structure. */
struct addrlist {
struct {
#ifdef FAI_DEFINED
- struct addrinfo *ai;
+ struct addrinfo *ai;
#else
- struct undefined_addrinfo *ai;
+ struct undefined_addrinfo *ai;
#endif
- void (*freefn)(void *);
- void *data;
+ void (*freefn)(void *);
+ void *data;
} *addrs;
size_t naddrs;
size_t space;
};
#define ADDRLIST_INIT { 0, 0, 0 }
-extern void krb5int_free_addrlist (struct addrlist *);
-extern int krb5int_grow_addrlist (struct addrlist *, int);
-extern int krb5int_add_host_to_list (struct addrlist *, const char *,
- int, int, int, int);
+extern void krb5int_free_addrlist(struct addrlist *);
+extern int krb5int_grow_addrlist(struct addrlist *, int);
+extern int krb5int_add_host_to_list(struct addrlist *, const char *,
+ int, int, int, int);
#include <krb5/locate_plugin.h>
krb5_error_code
-krb5int_locate_server (krb5_context, const krb5_data *realm,
- struct addrlist *, enum locate_service_type svc,
- int sockettype, int family);
+krb5int_locate_server(krb5_context, const krb5_data *realm,
+ struct addrlist *, enum locate_service_type svc,
+ int sockettype, int family);
struct derived_key {
krb5_data constant;
@@ -656,34 +661,26 @@ struct krb5_enc_provider {
size_t block_size, keybytes, keylength;
/* cipher-state == 0 fresh state thrown away at end */
- krb5_error_code (*encrypt) (krb5_key key,
- const krb5_data *cipher_state,
- const krb5_data *input,
- krb5_data *output);
+ krb5_error_code (*encrypt)(krb5_key key, const krb5_data *cipher_state,
+ const krb5_data *input, krb5_data *output);
- krb5_error_code (*decrypt) (krb5_key key,
- const krb5_data *ivec,
- const krb5_data *input,
- krb5_data *output);
+ krb5_error_code (*decrypt)(krb5_key key, const krb5_data *ivec,
+ const krb5_data *input, krb5_data *output);
- krb5_error_code (*make_key) (const krb5_data *randombits,
- krb5_keyblock *key);
+ krb5_error_code (*make_key)(const krb5_data *randombits,
+ krb5_keyblock *key);
- krb5_error_code (*init_state) (const krb5_keyblock *key,
- krb5_keyusage keyusage, krb5_data *out_state);
- krb5_error_code (*free_state) (krb5_data *state);
+ krb5_error_code (*init_state)(const krb5_keyblock *key,
+ krb5_keyusage keyusage,
+ krb5_data *out_state);
+ krb5_error_code (*free_state)(krb5_data *state);
/* In-place encryption/decryption of multiple buffers */
- krb5_error_code (*encrypt_iov) (krb5_key key,
- const krb5_data *cipher_state,
- krb5_crypto_iov *data,
- size_t num_data);
-
+ krb5_error_code (*encrypt_iov)(krb5_key key, const krb5_data *cipher_state,
+ krb5_crypto_iov *data, size_t num_data);
- krb5_error_code (*decrypt_iov) (krb5_key key,
- const krb5_data *cipher_state,
- krb5_crypto_iov *data,
- size_t num_data);
+ krb5_error_code (*decrypt_iov)(krb5_key key, const krb5_data *cipher_state,
+ krb5_crypto_iov *data, size_t num_data);
};
@@ -692,99 +689,81 @@ struct krb5_hash_provider {
size_t hashsize, blocksize;
/* this takes multiple inputs to avoid lots of copying. */
- krb5_error_code (*hash) (unsigned int icount, const krb5_data *input,
- krb5_data *output);
+ krb5_error_code (*hash)(unsigned int icount, const krb5_data *input,
+ krb5_data *output);
};
struct krb5_keyhash_provider {
size_t hashsize;
- krb5_error_code (*hash) (krb5_key key,
- krb5_keyusage keyusage,
- const krb5_data *ivec,
- const krb5_data *input,
- krb5_data *output);
-
- krb5_error_code (*verify) (krb5_key key,
- krb5_keyusage keyusage,
- const krb5_data *ivec,
- const krb5_data *input,
- const krb5_data *hash,
- krb5_boolean *valid);
-
- krb5_error_code (*hash_iov) (krb5_key key,
- krb5_keyusage keyusage,
- const krb5_data *ivec,
- const krb5_crypto_iov *data,
- size_t num_data,
- krb5_data *output);
-
- krb5_error_code (*verify_iov) (krb5_key key,
- krb5_keyusage keyusage,
- const krb5_data *ivec,
- const krb5_crypto_iov *data,
- size_t num_data,
- const krb5_data *hash,
- krb5_boolean *valid);
+ krb5_error_code (*hash)(krb5_key key, krb5_keyusage keyusage,
+ const krb5_data *ivec, const krb5_data *input,
+ krb5_data *output);
+
+ krb5_error_code (*verify)(krb5_key key, krb5_keyusage keyusage,
+ const krb5_data *ivec, const krb5_data *input,
+ const krb5_data *hash, krb5_boolean *valid);
+
+ krb5_error_code (*hash_iov)(krb5_key key, krb5_keyusage keyusage,
+ const krb5_data *ivec,
+ const krb5_crypto_iov *data, size_t num_data,
+ krb5_data *output);
+
+ krb5_error_code (*verify_iov)(krb5_key key, krb5_keyusage keyusage,
+ const krb5_data *ivec,
+ const krb5_crypto_iov *data,
+ size_t num_data, const krb5_data *hash,
+ krb5_boolean *valid);
};
struct krb5_aead_provider {
- krb5_error_code (*crypto_length) (const struct krb5_aead_provider *aead,
- const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_cryptotype type,
- unsigned int *length);
- krb5_error_code (*encrypt_iov) (const struct krb5_aead_provider *aead,
- const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key,
- krb5_keyusage keyusage,
- const krb5_data *ivec,
- krb5_crypto_iov *data,
- size_t num_data);
- krb5_error_code (*decrypt_iov) (const struct krb5_aead_provider *aead,
- const struct krb5_enc_provider *enc,
- const struct krb5_hash_provider *hash,
- krb5_key key,
- krb5_keyusage keyusage,
- const krb5_data *ivec,
- krb5_crypto_iov *data,
- size_t num_data);
+ krb5_error_code (*crypto_length)(const struct krb5_aead_provider *aead,
+ const struct krb5_enc_provider *enc,
+ const struct krb5_hash_provider *hash,
+ krb5_cryptotype type,
+ unsigned int *length);
+ krb5_error_code (*encrypt_iov)(const struct krb5_aead_provider *aead,
+ const struct krb5_enc_provider *enc,
+ const struct krb5_hash_provider *hash,
+ krb5_key key, krb5_keyusage keyusage,
+ const krb5_data *ivec,
+ krb5_crypto_iov *data, size_t num_data);
+ krb5_error_code (*decrypt_iov)(const struct krb5_aead_provider *aead,
+ const struct krb5_enc_provider *enc,
+ const struct krb5_hash_provider *hash,
+ krb5_key key, krb5_keyusage keyusage,
+ const krb5_data *ivec,
+ krb5_crypto_iov *data, size_t num_data);
};
/*
* in here to deal with stuff from lib/crypto
*/
-void krb5int_nfold
-(unsigned int inbits, const unsigned char *in,
- unsigned int outbits, unsigned char *out);
+void krb5int_nfold(unsigned int inbits, const unsigned char *in,
+ unsigned int outbits, unsigned char *out);
-krb5_error_code krb5int_hmac
-(const struct krb5_hash_provider *hash,
- krb5_key key, unsigned int icount,
- const krb5_data *input, krb5_data *output);
+krb5_error_code krb5int_hmac(const struct krb5_hash_provider *hash,
+ krb5_key key, unsigned int icount,
+ const krb5_data *input, krb5_data *output);
-krb5_error_code krb5int_hmac_iov
-(const struct krb5_hash_provider *hash,
- krb5_key key,
- const krb5_crypto_iov *data, size_t num_data,
- krb5_data *output);
+krb5_error_code krb5int_hmac_iov(const struct krb5_hash_provider *hash,
+ krb5_key key, const krb5_crypto_iov *data,
+ size_t num_data, krb5_data *output);
-krb5_error_code krb5int_hmac_keyblock
-(const struct krb5_hash_provider *hash,
- const krb5_keyblock *key, unsigned int icount,
- const krb5_data *input, krb5_data *output);
+krb5_error_code
+krb5int_hmac_keyblock(const struct krb5_hash_provider *hash,
+ const krb5_keyblock *key, unsigned int icount,
+ const krb5_data *input, krb5_data *output);
-krb5_error_code krb5int_hmac_iov_keyblock
-(const struct krb5_hash_provider *hash,
- const krb5_keyblock *key,
- const krb5_crypto_iov *data, size_t num_data,
- krb5_data *output);
+krb5_error_code
+krb5int_hmac_iov_keyblock(const struct krb5_hash_provider *hash,
+ const krb5_keyblock *key,
+ const krb5_crypto_iov *data, size_t num_data,
+ krb5_data *output);
-krb5_error_code krb5int_pbkdf2_hmac_sha1 (const krb5_data *, unsigned long,
- const krb5_data *,
- const krb5_data *);
+krb5_error_code krb5int_pbkdf2_hmac_sha1(const krb5_data *, unsigned long,
+ const krb5_data *, const krb5_data *);
/* Make this a function eventually? */
#ifdef _WIN32
@@ -805,8 +784,8 @@ static inline void
zapfree(void *ptr, size_t len)
{
if (ptr != NULL) {
- zap(ptr, len);
- free(ptr);
+ zap(ptr, len);
+ free(ptr);
}
}
@@ -814,41 +793,39 @@ zapfree(void *ptr, size_t len)
* sets up an 8-byte IV of all zeros
*/
-krb5_error_code krb5int_des_init_state
-(const krb5_keyblock *key, krb5_keyusage keyusage, krb5_data *new_state);
+krb5_error_code
+krb5int_des_init_state(const krb5_keyblock *key, krb5_keyusage keyusage,
+ krb5_data *new_state);
/*
* normally to free a cipher_state you can just memset the length to zero and
* free it.
*/
-krb5_error_code krb5int_default_free_state
-(krb5_data *state);
+krb5_error_code krb5int_default_free_state(krb5_data *state);
/*
* Combine two keys (normally used by the hardware preauth mechanism)
*/
-krb5_error_code krb5int_c_combine_keys
-(krb5_context context, krb5_keyblock *key1, krb5_keyblock *key2,
- krb5_keyblock *outkey);
-
-
-void krb5int_c_free_keyblock
-(krb5_context, krb5_keyblock *key);
-void krb5int_c_free_keyblock_contents
- (krb5_context, krb5_keyblock *);
-krb5_error_code krb5int_c_init_keyblock
- (krb5_context, krb5_enctype enctype,
- size_t length, krb5_keyblock **out);
-krb5_error_code krb5int_c_copy_keyblock
-(krb5_context context, const krb5_keyblock *from, krb5_keyblock **to);
-krb5_error_code krb5int_c_copy_keyblock_contents
-(krb5_context context, const krb5_keyblock *from, krb5_keyblock *to);
+krb5_error_code
+krb5int_c_combine_keys(krb5_context context, krb5_keyblock *key1,
+ krb5_keyblock *key2, krb5_keyblock *outkey);
+
+void krb5int_c_free_keyblock(krb5_context, krb5_keyblock *key);
+void krb5int_c_free_keyblock_contents(krb5_context, krb5_keyblock *);
+krb5_error_code krb5int_c_init_keyblock(krb5_context, krb5_enctype enctype,
+ size_t length, krb5_keyblock **out);
+krb5_error_code krb5int_c_copy_keyblock(krb5_context context,
+ const krb5_keyblock *from,
+ krb5_keyblock **to);
+krb5_error_code krb5int_c_copy_keyblock_contents(krb5_context context,
+ const krb5_keyblock *from,
+ krb5_keyblock *to);
/*
* Internal - for cleanup.
*/
-extern void krb5int_prng_cleanup (void);
+extern void krb5int_prng_cleanup(void);
/*
@@ -863,37 +840,34 @@ extern const struct krb5_hash_provider krb5int_hash_md5;
#ifdef KRB5_OLD_CRYPTO
/* old provider api */
-krb5_error_code krb5_crypto_os_localaddr
- (krb5_address ***);
+krb5_error_code krb5_crypto_os_localaddr(krb5_address ***);
-krb5_error_code krb5_crypto_us_timeofday
- (krb5_int32 *,
- krb5_int32 *);
+krb5_error_code krb5_crypto_us_timeofday(krb5_int32 *, krb5_int32 *);
#endif /* KRB5_OLD_CRYPTO */
/* this helper fct is in libkrb5, but it makes sense declared here. */
-krb5_error_code krb5_encrypt_helper
-(krb5_context context, const krb5_keyblock *key,
- krb5_keyusage keyusage, const krb5_data *plain,
- krb5_enc_data *cipher);
+krb5_error_code
+krb5_encrypt_helper(krb5_context context, const krb5_keyblock *key,
+ krb5_keyusage keyusage, const krb5_data *plain,
+ krb5_enc_data *cipher);
-krb5_error_code krb5_encrypt_keyhelper
-(krb5_context context, krb5_key key,
- krb5_keyusage keyusage, const krb5_data *plain,
- krb5_enc_data *cipher);
+krb5_error_code
+krb5_encrypt_keyhelper(krb5_context context, krb5_key key,
+ krb5_keyusage keyusage, const krb5_data *plain,
+ krb5_enc_data *cipher);
/*
* End "los-proto.h"
*/
typedef struct _krb5_os_context {
- krb5_magic magic;
- krb5_int32 time_offset;
- krb5_int32 usec_offset;
- krb5_int32 os_flags;
- char * default_ccname;
+ krb5_magic magic;
+ krb5_int32 time_offset;
+ krb5_int32 usec_offset;
+ krb5_int32 os_flags;
+ char * default_ccname;
} *krb5_os_context;
/*
@@ -910,31 +884,31 @@ typedef struct _krb5_os_context {
* returned as the time by the krb5 time routines. This should only
* be used for testing purposes (obviously!)
*/
-#define KRB5_OS_TOFFSET_VALID 1
-#define KRB5_OS_TOFFSET_TIME 2
+#define KRB5_OS_TOFFSET_VALID 1
+#define KRB5_OS_TOFFSET_TIME 2
/* lock mode flags */
-#define KRB5_LOCKMODE_SHARED 0x0001
-#define KRB5_LOCKMODE_EXCLUSIVE 0x0002
-#define KRB5_LOCKMODE_DONTBLOCK 0x0004
-#define KRB5_LOCKMODE_UNLOCK 0x0008
+#define KRB5_LOCKMODE_SHARED 0x0001
+#define KRB5_LOCKMODE_EXCLUSIVE 0x0002
+#define KRB5_LOCKMODE_DONTBLOCK 0x0004
+#define KRB5_LOCKMODE_UNLOCK 0x0008
/*
* Define our view of the size of a DES key.
*/
-#define KRB5_MIT_DES_KEYSIZE 8
-#define KRB5_MIT_DES3_KEYSIZE 24
-#define KRB5_MIT_DES3_KEY_BYTES 21
+#define KRB5_MIT_DES_KEYSIZE 8
+#define KRB5_MIT_DES3_KEYSIZE 24
+#define KRB5_MIT_DES3_KEY_BYTES 21
/*
* Check if des_int.h has been included before us. If so, then check to see
* that our view of the DES key size is the same as des_int.h's.
*/
-#ifdef MIT_DES_KEYSIZE
-#if MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE
+#ifdef MIT_DES_KEYSIZE
+#if MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE
error(MIT_DES_KEYSIZE does not equal KRB5_MIT_DES_KEYSIZE)
-#endif /* MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE */
-#endif /* MIT_DES_KEYSIZE */
+#endif /* MIT_DES_KEYSIZE != KRB5_MIT_DES_KEYSIZE */
+#endif /* MIT_DES_KEYSIZE */
/*
* Begin "preauth.h"
@@ -958,9 +932,9 @@ error(MIT_DES_KEYSIZE does not equal KRB5_MIT_DES_KEYSIZE)
* requested information. It is opaque to the plugin code and can be
* expanded in the future as new types of requests are defined which
* may require other things to be passed through. */
- struct krb5int_fast_request_state;
+struct krb5int_fast_request_state;
typedef struct _krb5_preauth_client_rock {
- krb5_magic magic;
+ krb5_magic magic;
krb5_enctype *etype;
struct krb5int_fast_request_state *fast_state;
} krb5_preauth_client_rock;
@@ -971,65 +945,65 @@ typedef struct _krb5_preauth_client_rock {
typedef struct _krb5_preauth_context {
int n_modules;
struct _krb5_preauth_context_module {
- /* Which of the possibly more than one preauth types which the
- * module supports we're using at this point in the list. */
- krb5_preauthtype pa_type;
- /* Encryption types which the client claims to support -- we
- * copy them directly into the krb5_kdc_req structure during
- * krb5_preauth_prepare_request(). */
- krb5_enctype *enctypes;
- /* The plugin's per-plugin context and a function to clear it. */
- void *plugin_context;
- preauth_client_plugin_fini_proc client_fini;
- /* The module's table, and some of its members, copied here for
- * convenience when we populated the list. */
- struct krb5plugin_preauth_client_ftable_v1 *ftable;
- const char *name;
- int flags, use_count;
- preauth_client_process_proc client_process;
- preauth_client_tryagain_proc client_tryagain;
- preauth_client_supply_gic_opts_proc client_supply_gic_opts;
- preauth_client_request_init_proc client_req_init;
- preauth_client_request_fini_proc client_req_fini;
- /* The per-request context which the client_req_init() function
- * might allocate, which we'll need to clean up later by
- * calling the client_req_fini() function. */
- void *request_context;
- /* A pointer to the request_context pointer. All modules within
- * a plugin will point at the request_context of the first
- * module within the plugin. */
- void **request_context_pp;
+ /* Which of the possibly more than one preauth types which the
+ * module supports we're using at this point in the list. */
+ krb5_preauthtype pa_type;
+ /* Encryption types which the client claims to support -- we
+ * copy them directly into the krb5_kdc_req structure during
+ * krb5_preauth_prepare_request(). */
+ krb5_enctype *enctypes;
+ /* The plugin's per-plugin context and a function to clear it. */
+ void *plugin_context;
+ preauth_client_plugin_fini_proc client_fini;
+ /* The module's table, and some of its members, copied here for
+ * convenience when we populated the list. */
+ struct krb5plugin_preauth_client_ftable_v1 *ftable;
+ const char *name;
+ int flags, use_count;
+ preauth_client_process_proc client_process;
+ preauth_client_tryagain_proc client_tryagain;
+ preauth_client_supply_gic_opts_proc client_supply_gic_opts;
+ preauth_client_request_init_proc client_req_init;
+ preauth_client_request_fini_proc client_req_fini;
+ /* The per-request context which the client_req_init() function
+ * might allocate, which we'll need to clean up later by
+ * calling the client_req_fini() function. */
+ void *request_context;
+ /* A pointer to the request_context pointer. All modules within
+ * a plugin will point at the request_context of the first
+ * module within the plugin. */
+ void **request_context_pp;
} *modules;
} krb5_preauth_context;
typedef struct _krb5_pa_enc_ts {
- krb5_timestamp patimestamp;
- krb5_int32 pausec;
+ krb5_timestamp patimestamp;
+ krb5_int32 pausec;
} krb5_pa_enc_ts;
typedef struct _krb5_pa_for_user {
- krb5_principal user;
- krb5_checksum cksum;
- krb5_data auth_package;
+ krb5_principal user;
+ krb5_checksum cksum;
+ krb5_data auth_package;
} krb5_pa_for_user;
typedef struct _krb5_s4u_userid {
- krb5_int32 nonce;
- krb5_principal user;
- krb5_data subject_cert;
- krb5_flags options;
+ krb5_int32 nonce;
+ krb5_principal user;
+ krb5_data subject_cert;
+ krb5_flags options;
} krb5_s4u_userid;
-#define KRB5_S4U_OPTS_CHECK_LOGON_HOURS 0x40000000 /* check logon hour restrictions */
-#define KRB5_S4U_OPTS_USE_REPLY_KEY_USAGE 0x20000000 /* sign with usage 27 instead of 26 */
+#define KRB5_S4U_OPTS_CHECK_LOGON_HOURS 0x40000000 /* check logon hour restrictions */
+#define KRB5_S4U_OPTS_USE_REPLY_KEY_USAGE 0x20000000 /* sign with usage 27 instead of 26 */
typedef struct _krb5_pa_s4u_x509_user {
- krb5_s4u_userid user_id;
- krb5_checksum cksum;
+ krb5_s4u_userid user_id;
+ krb5_checksum cksum;
} krb5_pa_s4u_x509_user;
enum {
- KRB5_FAST_ARMOR_AP_REQUEST = 0x1
+ KRB5_FAST_ARMOR_AP_REQUEST = 0x1
};
typedef struct _krb5_fast_armor {
@@ -1047,7 +1021,7 @@ typedef struct _krb5_fast_req {
krb5_magic magic;
krb5_flags fast_options;
/* padata from req_body is used*/
- krb5_kdc_req *req_body;
+ krb5_kdc_req *req_body;
} krb5_fast_req;
/* Bits 0-15 are critical in fast options.*/
@@ -1090,91 +1064,69 @@ typedef struct _krb5_ad_signedpath {
krb5_pa_data **method_data;
} krb5_ad_signedpath;
-typedef krb5_error_code (*krb5_preauth_obtain_proc)
- (krb5_context,
- krb5_pa_data *,
- krb5_etype_info,
- krb5_keyblock *,
- krb5_error_code ( * )(krb5_context,
- const krb5_enctype,
- krb5_data *,
- krb5_const_pointer,
- krb5_keyblock **),
- krb5_const_pointer,
- krb5_creds *,
- krb5_kdc_req *,
- krb5_pa_data **);
-
-typedef krb5_error_code (*krb5_preauth_process_proc)
- (krb5_context,
- krb5_pa_data *,
- krb5_kdc_req *,
- krb5_kdc_rep *,
- krb5_error_code ( * )(krb5_context,
- const krb5_enctype,
- krb5_data *,
- krb5_const_pointer,
- krb5_keyblock **),
- krb5_const_pointer,
- krb5_error_code ( * )(krb5_context,
- const krb5_keyblock *,
- krb5_const_pointer,
- krb5_kdc_rep * ),
- krb5_keyblock **,
- krb5_creds *,
- krb5_int32 *,
- krb5_int32 *);
+typedef krb5_error_code
+(*krb5_preauth_obtain_proc)(krb5_context, krb5_pa_data *,
+ krb5_etype_info, krb5_keyblock *,
+ krb5_error_code (*)(krb5_context,
+ const krb5_enctype,
+ krb5_data *,
+ krb5_const_pointer,
+ krb5_keyblock **),
+ krb5_const_pointer, krb5_creds *,
+ krb5_kdc_req *, krb5_pa_data **);
+
+typedef krb5_error_code
+(*krb5_preauth_process_proc)(krb5_context, krb5_pa_data *, krb5_kdc_req *,
+ krb5_kdc_rep *,
+ krb5_error_code (*)(krb5_context,
+ const krb5_enctype,
+ krb5_data *,
+ krb5_const_pointer,
+ krb5_keyblock **),
+ krb5_const_pointer,
+ krb5_error_code (*)(krb5_context,
+ const krb5_keyblock *,
+ krb5_const_pointer,
+ krb5_kdc_rep * ),
+ krb5_keyblock **, krb5_creds *, krb5_int32 *,
+ krb5_int32 *);
typedef struct _krb5_preauth_ops {
krb5_magic magic;
int type;
- int flags;
- krb5_preauth_obtain_proc obtain;
- krb5_preauth_process_proc process;
+ int flags;
+ krb5_preauth_obtain_proc obtain;
+ krb5_preauth_process_proc process;
} krb5_preauth_ops;
-krb5_error_code krb5_obtain_padata
- (krb5_context,
- krb5_pa_data **,
- krb5_error_code ( * )(krb5_context,
- const krb5_enctype,
- krb5_data *,
- krb5_const_pointer,
- krb5_keyblock **),
- krb5_const_pointer,
- krb5_creds *,
- krb5_kdc_req *);
-
-krb5_error_code krb5_process_padata
- (krb5_context,
- krb5_kdc_req *,
- krb5_kdc_rep *,
- krb5_error_code ( * )(krb5_context,
- const krb5_enctype,
- krb5_data *,
- krb5_const_pointer,
- krb5_keyblock **),
- krb5_const_pointer,
- krb5_error_code ( * )(krb5_context,
- const krb5_keyblock *,
- krb5_const_pointer,
- krb5_kdc_rep * ),
- krb5_keyblock **,
- krb5_creds *,
- krb5_int32 *);
-
-krb5_pa_data * krb5int_find_pa_data
-(krb5_context, krb5_pa_data * const *, krb5_preauthtype);
+krb5_error_code
+krb5_obtain_padata(krb5_context, krb5_pa_data **,
+ krb5_error_code (*)(krb5_context, const krb5_enctype,
+ krb5_data *, krb5_const_pointer,
+ krb5_keyblock **),
+ krb5_const_pointer, krb5_creds *, krb5_kdc_req *);
+
+krb5_error_code
+krb5_process_padata(krb5_context, krb5_kdc_req *, krb5_kdc_rep *,
+ krb5_error_code (*)(krb5_context, const krb5_enctype,
+ krb5_data *, krb5_const_pointer,
+ krb5_keyblock **),
+ krb5_const_pointer,
+ krb5_error_code (*)(krb5_context, const krb5_keyblock *,
+ krb5_const_pointer, krb5_kdc_rep *),
+ krb5_keyblock **, krb5_creds *, krb5_int32 *);
+
+krb5_pa_data *
+krb5int_find_pa_data(krb5_context, krb5_pa_data *const *, krb5_preauthtype);
/* Does not return a copy; original padata sequence responsible for freeing*/
-void krb5_free_etype_info
- (krb5_context, krb5_etype_info);
+void krb5_free_etype_info(krb5_context, krb5_etype_info);
/*
* Preauthentication property flags
*/
-#define KRB5_PREAUTH_FLAGS_ENCRYPT 0x00000001
-#define KRB5_PREAUTH_FLAGS_HARDWARE 0x00000002
+#define KRB5_PREAUTH_FLAGS_ENCRYPT 0x00000001
+#define KRB5_PREAUTH_FLAGS_HARDWARE 0x00000002
#endif /* KRB5_PREAUTH__ */
/*
@@ -1210,16 +1162,16 @@ void krb5_free_etype_info
#define KRB5_GET_INIT_CREDS_OPT_EXTENDED 0x80000000
#define KRB5_GET_INIT_CREDS_OPT_SHADOWED 0x40000000
-#define krb5_gic_opt_is_extended(s) \
+#define krb5_gic_opt_is_extended(s) \
((s) && ((s)->flags & KRB5_GET_INIT_CREDS_OPT_EXTENDED) ? 1 : 0)
-#define krb5_gic_opt_is_shadowed(s) \
+#define krb5_gic_opt_is_shadowed(s) \
((s) && ((s)->flags & KRB5_GET_INIT_CREDS_OPT_SHADOWED) ? 1 : 0)
typedef struct _krb5_gic_opt_private {
int num_preauth_data;
krb5_gic_opt_pa_data *preauth_data;
- char * fast_ccache_name;
+ char * fast_ccache_name;
} krb5_gic_opt_private;
/*
@@ -1255,154 +1207,158 @@ typedef struct _krb5_gic_opt_ext {
#endif
krb5_error_code
-krb5int_gic_opt_to_opte(krb5_context context,
- krb5_get_init_creds_opt *opt,
- krb5_gic_opt_ext **opte,
- unsigned int force,
+krb5int_gic_opt_to_opte(krb5_context context, krb5_get_init_creds_opt *opt,
+ krb5_gic_opt_ext **opte, unsigned int force,
const char *where);
krb5_error_code
-krb5int_copy_data_contents (krb5_context, const krb5_data *, krb5_data *);
+krb5int_copy_data_contents(krb5_context, const krb5_data *, krb5_data *);
krb5_error_code
-krb5int_copy_data_contents_add0 (krb5_context, const krb5_data *, krb5_data *);
+krb5int_copy_data_contents_add0(krb5_context, const krb5_data *, krb5_data *);
krb5_error_code
-krb5int_copy_creds_contents (krb5_context, const krb5_creds *, krb5_creds *);
+krb5int_copy_creds_contents(krb5_context, const krb5_creds *, krb5_creds *);
-typedef krb5_error_code (*krb5_gic_get_as_key_fct)
- (krb5_context,
- krb5_principal,
- krb5_enctype,
- krb5_prompter_fct,
- void *prompter_data,
- krb5_data *salt,
- krb5_data *s2kparams,
- krb5_keyblock *as_key,
- void *gak_data);
+typedef krb5_error_code
+(*krb5_gic_get_as_key_fct)(krb5_context, krb5_principal, krb5_enctype,
+ krb5_prompter_fct, void *prompter_data,
+ krb5_data *salt, krb5_data *s2kparams,
+ krb5_keyblock *as_key, void *gak_data);
krb5_error_code KRB5_CALLCONV
-krb5_get_init_creds
-(krb5_context context,
- krb5_creds *creds,
- krb5_principal client,
- krb5_prompter_fct prompter,
- void *prompter_data,
- krb5_deltat start_time,
- char *in_tkt_service,
- krb5_gic_opt_ext *gic_options,
- krb5_gic_get_as_key_fct gak,
- void *gak_data,
- int *master,
- krb5_kdc_rep **as_reply);
-
-krb5_error_code krb5int_populate_gic_opt (
- krb5_context, krb5_gic_opt_ext **,
- krb5_flags options, krb5_address * const *addrs, krb5_enctype *ktypes,
- krb5_preauthtype *pre_auth_types, krb5_creds *creds);
-
-
-krb5_error_code KRB5_CALLCONV krb5_do_preauth
- (krb5_context context,
- krb5_kdc_req *request,
- krb5_data *encoded_request_body,
- krb5_data *encoded_previous_request,
- krb5_pa_data **in_padata, krb5_pa_data ***out_padata,
- krb5_data *salt, krb5_data *s2kparams,
- krb5_enctype *etype, krb5_keyblock *as_key,
- krb5_prompter_fct prompter, void *prompter_data,
- krb5_gic_get_as_key_fct gak_fct, void *gak_data,
- krb5_preauth_client_rock *get_data_rock,
- krb5_gic_opt_ext *opte);
-krb5_error_code KRB5_CALLCONV krb5_do_preauth_tryagain
- (krb5_context context,
- krb5_kdc_req *request,
- krb5_data *encoded_request_body,
- krb5_data *encoded_previous_request,
- krb5_pa_data **in_padata, krb5_pa_data ***out_padata,
- krb5_error *err_reply,
- krb5_data *salt, krb5_data *s2kparams,
- krb5_enctype *etype, krb5_keyblock *as_key,
- krb5_prompter_fct prompter, void *prompter_data,
- krb5_gic_get_as_key_fct gak_fct, void *gak_data,
- krb5_preauth_client_rock *get_data_rock,
- krb5_gic_opt_ext *opte);
-void KRB5_CALLCONV krb5_init_preauth_context
- (krb5_context);
-void KRB5_CALLCONV krb5_free_preauth_context
- (krb5_context);
-void KRB5_CALLCONV krb5_clear_preauth_context_use_counts
- (krb5_context);
-void KRB5_CALLCONV krb5_preauth_prepare_request
- (krb5_context, krb5_gic_opt_ext *, krb5_kdc_req *);
-void KRB5_CALLCONV krb5_preauth_request_context_init
- (krb5_context);
-void KRB5_CALLCONV krb5_preauth_request_context_fini
- (krb5_context);
-
-void KRB5_CALLCONV krb5_free_sam_challenge
- (krb5_context, krb5_sam_challenge * );
-void KRB5_CALLCONV krb5_free_sam_challenge_2
- (krb5_context, krb5_sam_challenge_2 * );
-void KRB5_CALLCONV krb5_free_sam_challenge_2_body
- (krb5_context, krb5_sam_challenge_2_body *);
-void KRB5_CALLCONV krb5_free_sam_response
- (krb5_context, krb5_sam_response * );
-void KRB5_CALLCONV krb5_free_sam_response_2
- (krb5_context, krb5_sam_response_2 * );
-void KRB5_CALLCONV krb5_free_predicted_sam_response
- (krb5_context, krb5_predicted_sam_response * );
-void KRB5_CALLCONV krb5_free_enc_sam_response_enc
- (krb5_context, krb5_enc_sam_response_enc * );
-void KRB5_CALLCONV krb5_free_enc_sam_response_enc_2
- (krb5_context, krb5_enc_sam_response_enc_2 * );
-void KRB5_CALLCONV krb5_free_sam_challenge_contents
- (krb5_context, krb5_sam_challenge * );
-void KRB5_CALLCONV krb5_free_sam_challenge_2_contents
- (krb5_context, krb5_sam_challenge_2 * );
-void KRB5_CALLCONV krb5_free_sam_challenge_2_body_contents
- (krb5_context, krb5_sam_challenge_2_body * );
-void KRB5_CALLCONV krb5_free_sam_response_contents
- (krb5_context, krb5_sam_response * );
-void KRB5_CALLCONV krb5_free_sam_response_2_contents
- (krb5_context, krb5_sam_response_2 *);
-void KRB5_CALLCONV krb5_free_predicted_sam_response_contents
- (krb5_context, krb5_predicted_sam_response * );
-void KRB5_CALLCONV krb5_free_enc_sam_response_enc_contents
- (krb5_context, krb5_enc_sam_response_enc * );
-void KRB5_CALLCONV krb5_free_enc_sam_response_enc_2_contents
- (krb5_context, krb5_enc_sam_response_enc_2 * );
-
-void KRB5_CALLCONV krb5_free_pa_enc_ts
- (krb5_context, krb5_pa_enc_ts *);
-void KRB5_CALLCONV krb5_free_pa_for_user
- (krb5_context, krb5_pa_for_user * );
-void KRB5_CALLCONV krb5_free_s4u_userid_contents
- (krb5_context, krb5_s4u_userid * );
-void KRB5_CALLCONV krb5_free_pa_s4u_x509_user
- (krb5_context, krb5_pa_s4u_x509_user * );
-void KRB5_CALLCONV krb5_free_pa_svr_referral_data
- (krb5_context, krb5_pa_svr_referral_data * );
-void KRB5_CALLCONV krb5_free_pa_server_referral_data
- (krb5_context, krb5_pa_server_referral_data * );
-void KRB5_CALLCONV krb5_free_pa_pac_req
- (krb5_context, krb5_pa_pac_req * );
-void KRB5_CALLCONV krb5_free_etype_list
- (krb5_context, krb5_etype_list * );
-
-void KRB5_CALLCONV krb5_free_fast_armor
-(krb5_context, krb5_fast_armor *);
-void KRB5_CALLCONV krb5_free_fast_armored_req
-(krb5_context, krb5_fast_armored_req *);
+krb5_get_init_creds(krb5_context context, krb5_creds *creds,
+ krb5_principal client, krb5_prompter_fct prompter,
+ void *prompter_data, krb5_deltat start_time,
+ char *in_tkt_service, krb5_gic_opt_ext *gic_options,
+ krb5_gic_get_as_key_fct gak, void *gak_data,
+ int *master, krb5_kdc_rep **as_reply);
+
+krb5_error_code
+krb5int_populate_gic_opt (krb5_context, krb5_gic_opt_ext **,
+ krb5_flags options, krb5_address *const *addrs,
+ krb5_enctype *ktypes,
+ krb5_preauthtype *pre_auth_types, krb5_creds *creds);
+
+
+krb5_error_code KRB5_CALLCONV
+krb5_do_preauth(krb5_context context, krb5_kdc_req *request,
+ krb5_data *encoded_request_body,
+ krb5_data *encoded_previous_request, krb5_pa_data **in_padata,
+ krb5_pa_data ***out_padata, krb5_data *salt,
+ krb5_data *s2kparams, krb5_enctype *etype,
+ krb5_keyblock *as_key, krb5_prompter_fct prompter,
+ void *prompter_data, krb5_gic_get_as_key_fct gak_fct,
+ void *gak_data, krb5_preauth_client_rock *get_data_rock,
+ krb5_gic_opt_ext *opte);
+
+krb5_error_code KRB5_CALLCONV
+krb5_do_preauth_tryagain(krb5_context context, krb5_kdc_req *request,
+ krb5_data *encoded_request_body,
+ krb5_data *encoded_previous_request,
+ krb5_pa_data **in_padata, krb5_pa_data ***out_padata,
+ krb5_error *err_reply,
+ krb5_data *salt, krb5_data *s2kparams,
+ krb5_enctype *etype, krb5_keyblock *as_key,
+ krb5_prompter_fct prompter, void *prompter_data,
+ krb5_gic_get_as_key_fct gak_fct, void *gak_data,
+ krb5_preauth_client_rock *get_data_rock,
+ krb5_gic_opt_ext *opte);
+
+void KRB5_CALLCONV krb5_init_preauth_context(krb5_context);
+void KRB5_CALLCONV krb5_free_preauth_context(krb5_context);
+void KRB5_CALLCONV krb5_clear_preauth_context_use_counts(krb5_context);
+void KRB5_CALLCONV krb5_preauth_prepare_request(krb5_context,
+ krb5_gic_opt_ext *,
+ krb5_kdc_req *);
+void KRB5_CALLCONV krb5_preauth_request_context_init(krb5_context);
+void KRB5_CALLCONV krb5_preauth_request_context_fini(krb5_context);
+
+void KRB5_CALLCONV
+krb5_free_sam_challenge(krb5_context, krb5_sam_challenge *);
+
+void KRB5_CALLCONV
+krb5_free_sam_challenge_2(krb5_context, krb5_sam_challenge_2 *);
+
+void KRB5_CALLCONV
+krb5_free_sam_challenge_2_body(krb5_context, krb5_sam_challenge_2_body *);
+
+void KRB5_CALLCONV
+krb5_free_sam_response(krb5_context, krb5_sam_response *);
+
+void KRB5_CALLCONV
+krb5_free_sam_response_2(krb5_context, krb5_sam_response_2 *);
+
+void KRB5_CALLCONV
+krb5_free_predicted_sam_response(krb5_context, krb5_predicted_sam_response *);
+
+void KRB5_CALLCONV
+krb5_free_enc_sam_response_enc(krb5_context, krb5_enc_sam_response_enc *);
+
+void KRB5_CALLCONV
+krb5_free_enc_sam_response_enc_2(krb5_context, krb5_enc_sam_response_enc_2 *);
+
+void KRB5_CALLCONV
+krb5_free_sam_challenge_contents(krb5_context, krb5_sam_challenge *);
+
+void KRB5_CALLCONV
+krb5_free_sam_challenge_2_contents(krb5_context, krb5_sam_challenge_2 *);
+
+void KRB5_CALLCONV
+krb5_free_sam_challenge_2_body_contents(krb5_context,
+ krb5_sam_challenge_2_body *);
+
+void KRB5_CALLCONV
+krb5_free_sam_response_contents(krb5_context, krb5_sam_response *);
+
+void KRB5_CALLCONV
+krb5_free_sam_response_2_contents(krb5_context, krb5_sam_response_2 *);
+
+void KRB5_CALLCONV
+krb5_free_predicted_sam_response_contents(krb5_context,
+ krb5_predicted_sam_response * );
+
+void KRB5_CALLCONV
+krb5_free_enc_sam_response_enc_contents(krb5_context,
+ krb5_enc_sam_response_enc * );
+
+void KRB5_CALLCONV
+krb5_free_enc_sam_response_enc_2_contents(krb5_context,
+ krb5_enc_sam_response_enc_2 * );
+
+void KRB5_CALLCONV
+krb5_free_pa_enc_ts(krb5_context, krb5_pa_enc_ts *);
+
+void KRB5_CALLCONV
+krb5_free_pa_for_user(krb5_context, krb5_pa_for_user *);
+
+void KRB5_CALLCONV
+krb5_free_s4u_userid_contents(krb5_context, krb5_s4u_userid *);
+
+void KRB5_CALLCONV
+krb5_free_pa_s4u_x509_user(krb5_context, krb5_pa_s4u_x509_user *);
+
+void KRB5_CALLCONV
+krb5_free_pa_svr_referral_data(krb5_context, krb5_pa_svr_referral_data *);
+
+void KRB5_CALLCONV
+krb5_free_pa_server_referral_data(krb5_context,
+ krb5_pa_server_referral_data * );
+
+void KRB5_CALLCONV
+krb5_free_pa_pac_req(krb5_context, krb5_pa_pac_req * );
+
+void KRB5_CALLCONV
+krb5_free_etype_list(krb5_context, krb5_etype_list * );
+
+void KRB5_CALLCONV krb5_free_fast_armor(krb5_context, krb5_fast_armor *);
+void KRB5_CALLCONV krb5_free_fast_armored_req(krb5_context,
+ krb5_fast_armored_req *);
void KRB5_CALLCONV krb5_free_fast_req(krb5_context, krb5_fast_req *);
-void KRB5_CALLCONV krb5_free_fast_finished
-(krb5_context, krb5_fast_finished *);
-void KRB5_CALLCONV krb5_free_fast_response
-(krb5_context, krb5_fast_response *);
-void KRB5_CALLCONV krb5_free_ad_kdcissued
-(krb5_context, krb5_ad_kdcissued *);
-void KRB5_CALLCONV krb5_free_ad_signedpath
-(krb5_context, krb5_ad_signedpath *);
+void KRB5_CALLCONV krb5_free_fast_finished(krb5_context, krb5_fast_finished *);
+void KRB5_CALLCONV krb5_free_fast_response(krb5_context, krb5_fast_response *);
+void KRB5_CALLCONV krb5_free_ad_kdcissued(krb5_context, krb5_ad_kdcissued *);
+void KRB5_CALLCONV krb5_free_ad_signedpath(krb5_context, krb5_ad_signedpath *);
/* #include "krb5/wordsize.h" -- comes in through base-defs.h. */
#include "com_err.h"
@@ -1414,131 +1370,120 @@ struct _krb5_authdata_context {
krb5_magic magic;
int n_modules;
struct _krb5_authdata_context_module {
- krb5_authdatatype ad_type;
- void *plugin_context;
+ krb5_authdatatype ad_type;
+ void *plugin_context;
authdata_client_plugin_fini_proc client_fini;
- krb5_flags flags;
- krb5plugin_authdata_client_ftable_v0 *ftable;
- authdata_client_request_init_proc client_req_init;
- authdata_client_request_fini_proc client_req_fini;
- const char *name;
- void *request_context;
- void **request_context_pp;
+ krb5_flags flags;
+ krb5plugin_authdata_client_ftable_v0 *ftable;
+ authdata_client_request_init_proc client_req_init;
+ authdata_client_request_fini_proc client_req_fini;
+ const char *name;
+ void *request_context;
+ void **request_context_pp;
} *modules;
struct plugin_dir_handle plugins;
};
typedef struct _krb5_authdata_context *krb5_authdata_context;
-void KRB5_CALLCONV krb5int_free_data_list
-(krb5_context context, krb5_data *data);
+void KRB5_CALLCONV
+krb5int_free_data_list(krb5_context context, krb5_data *data);
-krb5_error_code KRB5_CALLCONV krb5_authdata_context_init
-(krb5_context kcontext, krb5_authdata_context *pcontext);
+krb5_error_code KRB5_CALLCONV
+krb5_authdata_context_init(krb5_context kcontext,
+ krb5_authdata_context *pcontext);
void KRB5_CALLCONV
-krb5_authdata_context_free
-(krb5_context kcontext, krb5_authdata_context context);
+krb5_authdata_context_free(krb5_context kcontext,
+ krb5_authdata_context context);
+
+krb5_error_code KRB5_CALLCONV
+krb5_authdata_export_authdata(krb5_context kcontext,
+ krb5_authdata_context context, krb5_flags usage,
+ krb5_authdata ***pauthdata);
+
+krb5_error_code KRB5_CALLCONV
+krb5_authdata_get_attribute_types(krb5_context kcontext,
+ krb5_authdata_context context,
+ krb5_data **attrs);
+
+krb5_error_code KRB5_CALLCONV
+krb5_authdata_get_attribute(krb5_context kcontext,
+ krb5_authdata_context context,
+ const krb5_data *attribute,
+ krb5_boolean *authenticated,
+ krb5_boolean *complete, krb5_data *value,
+ krb5_data *display_value, int *more);
+
+krb5_error_code KRB5_CALLCONV
+krb5_authdata_set_attribute(krb5_context kcontext,
+ krb5_authdata_context context,
+ krb5_boolean complete, const krb5_data *attribute,
+ const krb5_data *value);
+
+krb5_error_code KRB5_CALLCONV
+krb5_authdata_delete_attribute(krb5_context kcontext,
+ krb5_authdata_context context,
+ const krb5_data *attribute);
-krb5_error_code KRB5_CALLCONV krb5_authdata_export_authdata
-(krb5_context kcontext,
- krb5_authdata_context context,
- krb5_flags usage,
- krb5_authdata ***pauthdata);
+krb5_error_code KRB5_CALLCONV
+krb5_authdata_import_attributes(krb5_context kcontext,
+ krb5_authdata_context context,
+ krb5_flags usage, const krb5_data *attributes);
+
+krb5_error_code KRB5_CALLCONV
+krb5_authdata_export_attributes(krb5_context kcontext,
+ krb5_authdata_context context,
+ krb5_flags usage, krb5_data **pattributes);
krb5_error_code KRB5_CALLCONV
-krb5_authdata_get_attribute_types
-(krb5_context kcontext,
- krb5_authdata_context context,
- krb5_data **attrs);
-
-krb5_error_code KRB5_CALLCONV krb5_authdata_get_attribute
-(krb5_context kcontext,
- krb5_authdata_context context,
- const krb5_data *attribute,
- krb5_boolean *authenticated,
- krb5_boolean *complete,
- krb5_data *value,
- krb5_data *display_value,
- int *more);
-
-krb5_error_code KRB5_CALLCONV krb5_authdata_set_attribute
-(krb5_context kcontext,
- krb5_authdata_context context,
- krb5_boolean complete,
- const krb5_data *attribute,
- const krb5_data *value);
+krb5_authdata_export_internal(krb5_context kcontext,
+ krb5_authdata_context context,
+ krb5_boolean restrict_authenticated,
+ const char *module, void **ptr);
krb5_error_code KRB5_CALLCONV
-krb5_authdata_delete_attribute
-(krb5_context kcontext,
- krb5_authdata_context context,
- const krb5_data *attribute);
-
-krb5_error_code KRB5_CALLCONV krb5_authdata_import_attributes
-(krb5_context kcontext,
- krb5_authdata_context context,
- krb5_flags usage,
- const krb5_data *attributes);
-
-krb5_error_code KRB5_CALLCONV krb5_authdata_export_attributes
-(krb5_context kcontext,
- krb5_authdata_context context,
- krb5_flags usage,
- krb5_data **pattributes);
-
-krb5_error_code KRB5_CALLCONV krb5_authdata_export_internal
-(krb5_context kcontext,
- krb5_authdata_context context,
- krb5_boolean restrict_authenticated,
- const char *module,
- void **ptr);
-
-krb5_error_code KRB5_CALLCONV krb5_authdata_context_copy
-(krb5_context kcontext,
- krb5_authdata_context src,
- krb5_authdata_context *dst);
-
-krb5_error_code KRB5_CALLCONV krb5_authdata_free_internal
-(krb5_context kcontext,
- krb5_authdata_context context,
- const char *module,
- void *ptr);
-
-
-struct _kdb5_dal_handle; /* private, in kdb5.h */
+krb5_authdata_context_copy(krb5_context kcontext, krb5_authdata_context src,
+ krb5_authdata_context *dst);
+
+krb5_error_code KRB5_CALLCONV
+krb5_authdata_free_internal(krb5_context kcontext,
+ krb5_authdata_context context, const char *module,
+ void *ptr);
+
+struct _kdb5_dal_handle; /* private, in kdb5.h */
typedef struct _kdb5_dal_handle kdb5_dal_handle;
struct _kdb_log_context;
struct _krb5_context {
- krb5_magic magic;
- krb5_enctype *in_tkt_etypes;
- krb5_enctype *tgs_etypes;
- struct _krb5_os_context os_context;
- char *default_realm;
- profile_t profile;
- kdb5_dal_handle *dal_handle;
- int ser_ctx_count;
- void *ser_ctx;
- /* allowable clock skew */
- krb5_deltat clockskew;
- krb5_cksumtype kdc_req_sumtype;
- krb5_cksumtype default_ap_req_sumtype;
- krb5_cksumtype default_safe_sumtype;
- krb5_flags kdc_default_options;
- krb5_flags library_options;
- krb5_boolean profile_secure;
- int fcc_default_format;
- krb5_prompt_type *prompt_types;
- /* Message size above which we'll try TCP first in send-to-kdc
- type code. Aside from the 2**16 size limit, we put no
- absolute limit on the UDP packet size. */
- int udp_pref_limit;
-
- /* Use the config-file ktypes instead of app-specified? */
- krb5_boolean use_conf_ktypes;
+ krb5_magic magic;
+ krb5_enctype *in_tkt_etypes;
+ krb5_enctype *tgs_etypes;
+ struct _krb5_os_context os_context;
+ char *default_realm;
+ profile_t profile;
+ kdb5_dal_handle *dal_handle;
+ int ser_ctx_count;
+ void *ser_ctx;
+ /* allowable clock skew */
+ krb5_deltat clockskew;
+ krb5_cksumtype kdc_req_sumtype;
+ krb5_cksumtype default_ap_req_sumtype;
+ krb5_cksumtype default_safe_sumtype;
+ krb5_flags kdc_default_options;
+ krb5_flags library_options;
+ krb5_boolean profile_secure;
+ int fcc_default_format;
+ krb5_prompt_type *prompt_types;
+ /* Message size above which we'll try TCP first in send-to-kdc
+ type code. Aside from the 2**16 size limit, we put no
+ absolute limit on the UDP packet size. */
+ int udp_pref_limit;
+
+ /* Use the config-file ktypes instead of app-specified? */
+ krb5_boolean use_conf_ktypes;
#ifdef KRB5_DNS_LOOKUP
- krb5_boolean profile_in_memory;
+ krb5_boolean profile_in_memory;
#endif /* KRB5_DNS_LOOKUP */
/* locate_kdc module stuff */
@@ -1562,43 +1507,40 @@ struct _krb5_context {
/* could be used in a table to find an etype and initialize a block */
-#define KRB5_LIBOPT_SYNC_KDCTIME 0x0001
+#define KRB5_LIBOPT_SYNC_KDCTIME 0x0001
/* internal message representations */
typedef struct _krb5_safe {
krb5_magic magic;
- krb5_data user_data; /* user data */
- krb5_timestamp timestamp; /* client time, optional */
- krb5_int32 usec; /* microsecond portion of time,
- optional */
- krb5_ui_4 seq_number; /* sequence #, optional */
- krb5_address *s_address; /* sender address */
- krb5_address *r_address; /* recipient address, optional */
- krb5_checksum *checksum; /* data integrity checksum */
+ krb5_data user_data; /* user data */
+ krb5_timestamp timestamp; /* client time, optional */
+ krb5_int32 usec; /* microsecond portion of time,
+ optional */
+ krb5_ui_4 seq_number; /* sequence #, optional */
+ krb5_address *s_address; /* sender address */
+ krb5_address *r_address; /* recipient address, optional */
+ krb5_checksum *checksum; /* data integrity checksum */
} krb5_safe;
typedef struct _krb5_priv {
krb5_magic magic;
- krb5_enc_data enc_part; /* encrypted part */
+ krb5_enc_data enc_part; /* encrypted part */
} krb5_priv;
typedef struct _krb5_priv_enc_part {
krb5_magic magic;
- krb5_data user_data; /* user data */
- krb5_timestamp timestamp; /* client time, optional */
- krb5_int32 usec; /* microsecond portion of time, opt. */
- krb5_ui_4 seq_number; /* sequence #, optional */
- krb5_address *s_address; /* sender address */
- krb5_address *r_address; /* recipient address, optional */
+ krb5_data user_data; /* user data */
+ krb5_timestamp timestamp; /* client time, optional */
+ krb5_int32 usec; /* microsecond portion of time, opt. */
+ krb5_ui_4 seq_number; /* sequence #, optional */
+ krb5_address *s_address; /* sender address */
+ krb5_address *r_address; /* recipient address, optional */
} krb5_priv_enc_part;
-void KRB5_CALLCONV krb5_free_safe
- (krb5_context, krb5_safe * );
-void KRB5_CALLCONV krb5_free_priv
- (krb5_context, krb5_priv * );
-void KRB5_CALLCONV krb5_free_priv_enc_part
- (krb5_context, krb5_priv_enc_part * );
+void KRB5_CALLCONV krb5_free_safe(krb5_context, krb5_safe *);
+void KRB5_CALLCONV krb5_free_priv(krb5_context, krb5_priv *);
+void KRB5_CALLCONV krb5_free_priv_enc_part(krb5_context, krb5_priv_enc_part *);
/*
* Begin "asn1.h"
@@ -1626,11 +1568,11 @@ void KRB5_CALLCONV krb5_free_priv_enc_part
EncKrbPrivPart is APPLICATION 28.
EncKrbCredPart is APPLICATION 29.
KRB_ERROR is APPLICATION 30.
- */
+*/
/* allow either constructed or primitive encoding, so check for bit 6
set or reset */
-#define krb5int_is_app_tag(dat,tag)\
- ((dat) && (dat)->length && \
+#define krb5int_is_app_tag(dat,tag) \
+ ((dat) && (dat)->length && \
((((dat)->data[0] & ~0x20) == ((tag) | 0x40))))
#define krb5_is_krb_ticket(dat) krb5int_is_app_tag(dat, 1)
#define krb5_is_krb_authenticator(dat) krb5int_is_app_tag(dat, 2)
@@ -1655,380 +1597,400 @@ void KRB5_CALLCONV krb5_free_priv_enc_part
*************************************************************************/
/*
- krb5_error_code encode_krb5_structure(const krb5_structure *rep,
- krb5_data **code);
- modifies *code
- effects Returns the ASN.1 encoding of *rep in **code.
- Returns ASN1_MISSING_FIELD if a required field is emtpy in *rep.
- Returns ENOMEM if memory runs out.
+ krb5_error_code encode_krb5_structure(const krb5_structure *rep,
+ krb5_data **code);
+ modifies *code
+ effects Returns the ASN.1 encoding of *rep in **code.
+ Returns ASN1_MISSING_FIELD if a required field is emtpy in *rep.
+ Returns ENOMEM if memory runs out.
*/
-krb5_error_code encode_krb5_authenticator
- (const krb5_authenticator *rep, krb5_data **code);
+krb5_error_code
+encode_krb5_authenticator(const krb5_authenticator *rep, krb5_data **code);
-krb5_error_code encode_krb5_ticket
- (const krb5_ticket *rep, krb5_data **code);
+krb5_error_code
+encode_krb5_ticket(const krb5_ticket *rep, krb5_data **code);
-krb5_error_code encode_krb5_encryption_key
- (const krb5_keyblock *rep, krb5_data **code);
+krb5_error_code
+encode_krb5_encryption_key(const krb5_keyblock *rep, krb5_data **code);
-krb5_error_code encode_krb5_enc_tkt_part
- (const krb5_enc_tkt_part *rep, krb5_data **code);
+krb5_error_code
+encode_krb5_enc_tkt_part(const krb5_enc_tkt_part *rep, krb5_data **code);
-krb5_error_code encode_krb5_enc_kdc_rep_part
- (const krb5_enc_kdc_rep_part *rep, krb5_data **code);
+krb5_error_code
+encode_krb5_enc_kdc_rep_part(const krb5_enc_kdc_rep_part *rep,
+ krb5_data **code);
/* yes, the translation is identical to that used for KDC__REP */
-krb5_error_code encode_krb5_as_rep
- (const krb5_kdc_rep *rep, krb5_data **code);
+krb5_error_code
+encode_krb5_as_rep(const krb5_kdc_rep *rep, krb5_data **code);
/* yes, the translation is identical to that used for KDC__REP */
-krb5_error_code encode_krb5_tgs_rep
- (const krb5_kdc_rep *rep, krb5_data **code);
+krb5_error_code
+encode_krb5_tgs_rep(const krb5_kdc_rep *rep, krb5_data **code);
-krb5_error_code encode_krb5_ap_req
- (const krb5_ap_req *rep, krb5_data **code);
+krb5_error_code
+encode_krb5_ap_req(const krb5_ap_req *rep, krb5_data **code);
-krb5_error_code encode_krb5_ap_rep
- (const krb5_ap_rep *rep, krb5_data **code);
+krb5_error_code
+encode_krb5_ap_rep(const krb5_ap_rep *rep, krb5_data **code);
-krb5_error_code encode_krb5_ap_rep_enc_part
- (const krb5_ap_rep_enc_part *rep, krb5_data **code);
+krb5_error_code
+encode_krb5_ap_rep_enc_part(const krb5_ap_rep_enc_part *rep, krb5_data **code);
-krb5_error_code encode_krb5_as_req
- (const krb5_kdc_req *rep, krb5_data **code);
+krb5_error_code
+encode_krb5_as_req(const krb5_kdc_req *rep, krb5_data **code);
-krb5_error_code encode_krb5_tgs_req
- (const krb5_kdc_req *rep, krb5_data **code);
+krb5_error_code
+encode_krb5_tgs_req(const krb5_kdc_req *rep, krb5_data **code);
-krb5_error_code encode_krb5_kdc_req_body
- (const krb5_kdc_req *rep, krb5_data **code);
+krb5_error_code
+encode_krb5_kdc_req_body(const krb5_kdc_req *rep, krb5_data **code);
-krb5_error_code encode_krb5_safe
- (const krb5_safe *rep, krb5_data **code);
+krb5_error_code
+encode_krb5_safe(const krb5_safe *rep, krb5_data **code);
struct krb5_safe_with_body {
krb5_safe *safe;
krb5_data *body;
};
-krb5_error_code encode_krb5_safe_with_body
- (const struct krb5_safe_with_body *rep, krb5_data **code);
+krb5_error_code
+encode_krb5_safe_with_body(const struct krb5_safe_with_body *rep,
+ krb5_data **code);
-krb5_error_code encode_krb5_priv
- (const krb5_priv *rep, krb5_data **code);
+krb5_error_code
+encode_krb5_priv(const krb5_priv *rep, krb5_data **code);
-krb5_error_code encode_krb5_enc_priv_part
- (const krb5_priv_enc_part *rep, krb5_data **code);
+krb5_error_code
+encode_krb5_enc_priv_part(const krb5_priv_enc_part *rep, krb5_data **code);
-krb5_error_code encode_krb5_cred
- (const krb5_cred *rep, krb5_data **code);
+krb5_error_code
+encode_krb5_cred(const krb5_cred *rep, krb5_data **code);
-krb5_error_code encode_krb5_enc_cred_part
- (const krb5_cred_enc_part *rep, krb5_data **code);
+krb5_error_code
+encode_krb5_enc_cred_part(const krb5_cred_enc_part *rep, krb5_data **code);
-krb5_error_code encode_krb5_error
- (const krb5_error *rep, krb5_data **code);
+krb5_error_code
+encode_krb5_error(const krb5_error *rep, krb5_data **code);
-krb5_error_code encode_krb5_authdata
- (krb5_authdata *const *rep, krb5_data **code);
+krb5_error_code
+encode_krb5_authdata(krb5_authdata *const *rep, krb5_data **code);
-krb5_error_code encode_krb5_authdata_elt
- (const krb5_authdata *rep, krb5_data **code);
+krb5_error_code
+encode_krb5_authdata_elt(const krb5_authdata *rep, krb5_data **code);
-krb5_error_code encode_krb5_pwd_sequence
- (const passwd_phrase_element *rep, krb5_data **code);
+krb5_error_code
+encode_krb5_pwd_sequence(const passwd_phrase_element *rep, krb5_data **code);
-krb5_error_code encode_krb5_pwd_data
- (const krb5_pwd_data *rep, krb5_data **code);
+krb5_error_code
+encode_krb5_pwd_data(const krb5_pwd_data *rep, krb5_data **code);
+
+krb5_error_code
+encode_krb5_padata_sequence(krb5_pa_data *const *rep, krb5_data **code);
-krb5_error_code encode_krb5_padata_sequence
- (krb5_pa_data *const *rep, krb5_data **code);
+krb5_error_code
+encode_krb5_alt_method(const krb5_alt_method *, krb5_data **code);
-krb5_error_code encode_krb5_alt_method
- (const krb5_alt_method *, krb5_data **code);
+krb5_error_code
+encode_krb5_etype_info(krb5_etype_info_entry *const *, krb5_data **code);
-krb5_error_code encode_krb5_etype_info
- (krb5_etype_info_entry *const *, krb5_data **code);
-krb5_error_code encode_krb5_etype_info2
- (krb5_etype_info_entry *const *, krb5_data **code);
+krb5_error_code
+encode_krb5_etype_info2(krb5_etype_info_entry *const *, krb5_data **code);
-krb5_error_code encode_krb5_enc_data
- (const krb5_enc_data *, krb5_data **);
+krb5_error_code
+encode_krb5_enc_data(const krb5_enc_data *, krb5_data **);
-krb5_error_code encode_krb5_pa_enc_ts
- (const krb5_pa_enc_ts *, krb5_data **);
+krb5_error_code
+encode_krb5_pa_enc_ts(const krb5_pa_enc_ts *, krb5_data **);
-krb5_error_code encode_krb5_sam_challenge
- (const krb5_sam_challenge * , krb5_data **);
+krb5_error_code
+encode_krb5_sam_challenge(const krb5_sam_challenge * , krb5_data **);
-krb5_error_code encode_krb5_sam_key
- (const krb5_sam_key * , krb5_data **);
+krb5_error_code
+encode_krb5_sam_key(const krb5_sam_key * , krb5_data **);
-krb5_error_code encode_krb5_enc_sam_response_enc
- (const krb5_enc_sam_response_enc * , krb5_data **);
+krb5_error_code
+encode_krb5_enc_sam_response_enc(const krb5_enc_sam_response_enc *,
+ krb5_data **);
-krb5_error_code encode_krb5_sam_response
- (const krb5_sam_response * , krb5_data **);
+krb5_error_code
+encode_krb5_sam_response(const krb5_sam_response *, krb5_data **);
#if 0 /* currently not compiled because we never use them */
-krb5_error_code encode_krb5_sam_challenge_2
- (const krb5_sam_challenge_2 * , krb5_data **);
+krb5_error_code
+encode_krb5_sam_challenge_2(const krb5_sam_challenge_2 * , krb5_data **);
-krb5_error_code encode_krb5_sam_challenge_2_body
- (const krb5_sam_challenge_2_body * , krb5_data **);
+krb5_error_code
+encode_krb5_sam_challenge_2_body(const krb5_sam_challenge_2_body *,
+ krb5_data **);
#endif
-krb5_error_code encode_krb5_enc_sam_response_enc_2
- (const krb5_enc_sam_response_enc_2 * , krb5_data **);
+krb5_error_code
+encode_krb5_enc_sam_response_enc_2(const krb5_enc_sam_response_enc_2 *,
+ krb5_data **);
-krb5_error_code encode_krb5_sam_response_2
- (const krb5_sam_response_2 * , krb5_data **);
+krb5_error_code
+encode_krb5_sam_response_2(const krb5_sam_response_2 * , krb5_data **);
-krb5_error_code encode_krb5_predicted_sam_response
- (const krb5_predicted_sam_response * , krb5_data **);
+krb5_error_code
+encode_krb5_predicted_sam_response(const krb5_predicted_sam_response *,
+ krb5_data **);
struct krb5_setpw_req {
krb5_principal target;
krb5_data password;
};
-krb5_error_code encode_krb5_setpw_req
- (const struct krb5_setpw_req *rep, krb5_data **code);
+krb5_error_code
+encode_krb5_setpw_req(const struct krb5_setpw_req *rep, krb5_data **code);
+
+krb5_error_code
+encode_krb5_pa_for_user(const krb5_pa_for_user *, krb5_data **);
+
+krb5_error_code
+encode_krb5_s4u_userid(const krb5_s4u_userid *, krb5_data **);
+
+krb5_error_code
+encode_krb5_pa_s4u_x509_user(const krb5_pa_s4u_x509_user *, krb5_data **);
+
+krb5_error_code
+encode_krb5_pa_svr_referral_data(const krb5_pa_svr_referral_data *,
+ krb5_data **);
-krb5_error_code encode_krb5_pa_for_user
- (const krb5_pa_for_user * , krb5_data **);
+krb5_error_code
+encode_krb5_pa_server_referral_data(const krb5_pa_server_referral_data *,
+ krb5_data **);
-krb5_error_code encode_krb5_s4u_userid
- (const krb5_s4u_userid * , krb5_data **);
+krb5_error_code
+encode_krb5_pa_pac_req(const krb5_pa_pac_req *, krb5_data **);
-krb5_error_code encode_krb5_pa_s4u_x509_user
- (const krb5_pa_s4u_x509_user * , krb5_data **);
+krb5_error_code
+encode_krb5_etype_list(const krb5_etype_list * , krb5_data **);
-krb5_error_code encode_krb5_pa_svr_referral_data
- (const krb5_pa_svr_referral_data * , krb5_data **);
+krb5_error_code
+encode_krb5_pa_fx_fast_request(const krb5_fast_armored_req *, krb5_data **);
-krb5_error_code encode_krb5_pa_server_referral_data
- (const krb5_pa_server_referral_data * , krb5_data **);
+krb5_error_code
+encode_krb5_fast_req(const krb5_fast_req *, krb5_data **);
-krb5_error_code encode_krb5_pa_pac_req
- (const krb5_pa_pac_req * , krb5_data **);
+krb5_error_code
+encode_krb5_pa_fx_fast_reply(const krb5_enc_data *, krb5_data **);
-krb5_error_code encode_krb5_etype_list
- (const krb5_etype_list * , krb5_data **);
+krb5_error_code
+encode_krb5_fast_response(const krb5_fast_response *, krb5_data **);
-krb5_error_code encode_krb5_pa_fx_fast_request
-(const krb5_fast_armored_req *, krb5_data **);
-krb5_error_code encode_krb5_fast_req
-(const krb5_fast_req *, krb5_data **);
-krb5_error_code encode_krb5_pa_fx_fast_reply
-(const krb5_enc_data *, krb5_data **);
+krb5_error_code
+encode_krb5_ad_kdcissued(const krb5_ad_kdcissued *, krb5_data **);
-krb5_error_code encode_krb5_fast_response
-(const krb5_fast_response *, krb5_data **);
+krb5_error_code
+encode_krb5_ad_signedpath(const krb5_ad_signedpath *, krb5_data **);
-krb5_error_code encode_krb5_ad_kdcissued
-(const krb5_ad_kdcissued *, krb5_data **);
-krb5_error_code encode_krb5_ad_signedpath
-(const krb5_ad_signedpath *, krb5_data **);
-krb5_error_code encode_krb5_ad_signedpath_data
-(const krb5_ad_signedpath_data *, krb5_data **);
+krb5_error_code
+encode_krb5_ad_signedpath_data(const krb5_ad_signedpath_data *, krb5_data **);
/*************************************************************************
* End of prototypes for krb5_encode.c
*************************************************************************/
-krb5_error_code decode_krb5_sam_challenge
- (const krb5_data *, krb5_sam_challenge **);
+krb5_error_code
+decode_krb5_sam_challenge(const krb5_data *, krb5_sam_challenge **);
-krb5_error_code decode_krb5_enc_sam_key
- (const krb5_data *, krb5_sam_key **);
+krb5_error_code
+decode_krb5_enc_sam_key(const krb5_data *, krb5_sam_key **);
-krb5_error_code decode_krb5_enc_sam_response_enc
- (const krb5_data *, krb5_enc_sam_response_enc **);
+krb5_error_code
+decode_krb5_enc_sam_response_enc(const krb5_data *,
+ krb5_enc_sam_response_enc **);
-krb5_error_code decode_krb5_sam_response
- (const krb5_data *, krb5_sam_response **);
+krb5_error_code
+decode_krb5_sam_response(const krb5_data *, krb5_sam_response **);
-krb5_error_code decode_krb5_predicted_sam_response
- (const krb5_data *, krb5_predicted_sam_response **);
+krb5_error_code
+decode_krb5_predicted_sam_response(const krb5_data *,
+ krb5_predicted_sam_response **);
-krb5_error_code decode_krb5_sam_challenge_2
- (const krb5_data *, krb5_sam_challenge_2 **);
+krb5_error_code
+decode_krb5_sam_challenge_2(const krb5_data *, krb5_sam_challenge_2 **);
-krb5_error_code decode_krb5_sam_challenge_2_body
- (const krb5_data *, krb5_sam_challenge_2_body **);
+krb5_error_code
+decode_krb5_sam_challenge_2_body(const krb5_data *,
+ krb5_sam_challenge_2_body **);
-krb5_error_code decode_krb5_enc_sam_response_enc_2
- (const krb5_data *, krb5_enc_sam_response_enc_2 **);
+krb5_error_code
+decode_krb5_enc_sam_response_enc_2(const krb5_data *,
+ krb5_enc_sam_response_enc_2 **);
-krb5_error_code decode_krb5_sam_response_2
- (const krb5_data *, krb5_sam_response_2 **);
+krb5_error_code
+decode_krb5_sam_response_2(const krb5_data *, krb5_sam_response_2 **);
/*************************************************************************
* Prototypes for krb5_decode.c
*************************************************************************/
-krb5_error_code krb5_validate_times
- (krb5_context,
- krb5_ticket_times *);
+krb5_error_code
+krb5_validate_times(krb5_context, krb5_ticket_times *);
/*
- krb5_error_code decode_krb5_structure(const krb5_data *code,
- krb5_structure **rep);
-
- requires Expects **rep to not have been allocated;
- a new *rep is allocated regardless of the old value.
- effects Decodes *code into **rep.
- Returns ENOMEM if memory is exhausted.
- Returns asn1 and krb5 errors.
+ krb5_error_code decode_krb5_structure(const krb5_data *code,
+ krb5_structure **rep);
+
+ requires Expects **rep to not have been allocated;
+ a new *rep is allocated regardless of the old value.
+ effects Decodes *code into **rep.
+ Returns ENOMEM if memory is exhausted.
+ Returns asn1 and krb5 errors.
*/
-krb5_error_code decode_krb5_authenticator
- (const krb5_data *code, krb5_authenticator **rep);
-
-krb5_error_code decode_krb5_ticket
- (const krb5_data *code, krb5_ticket **rep);
+krb5_error_code
+decode_krb5_authenticator(const krb5_data *code, krb5_authenticator **rep);
-krb5_error_code decode_krb5_encryption_key
- (const krb5_data *output, krb5_keyblock **rep);
+krb5_error_code
+decode_krb5_ticket(const krb5_data *code, krb5_ticket **rep);
-krb5_error_code decode_krb5_enc_tkt_part
- (const krb5_data *output, krb5_enc_tkt_part **rep);
+krb5_error_code
+decode_krb5_encryption_key(const krb5_data *output, krb5_keyblock **rep);
-krb5_error_code decode_krb5_enc_kdc_rep_part
- (const krb5_data *output, krb5_enc_kdc_rep_part **rep);
+krb5_error_code
+decode_krb5_enc_tkt_part(const krb5_data *output, krb5_enc_tkt_part **rep);
-krb5_error_code decode_krb5_as_rep
- (const krb5_data *output, krb5_kdc_rep **rep);
+krb5_error_code
+decode_krb5_enc_kdc_rep_part(const krb5_data *output,
+ krb5_enc_kdc_rep_part **rep);
-krb5_error_code decode_krb5_tgs_rep
- (const krb5_data *output, krb5_kdc_rep **rep);
+krb5_error_code
+decode_krb5_as_rep(const krb5_data *output, krb5_kdc_rep **rep);
-krb5_error_code decode_krb5_ap_req
- (const krb5_data *output, krb5_ap_req **rep);
+krb5_error_code
+decode_krb5_tgs_rep(const krb5_data *output, krb5_kdc_rep **rep);
-krb5_error_code decode_krb5_ap_rep
- (const krb5_data *output, krb5_ap_rep **rep);
+krb5_error_code
+decode_krb5_ap_req(const krb5_data *output, krb5_ap_req **rep);
-krb5_error_code decode_krb5_ap_rep_enc_part
- (const krb5_data *output, krb5_ap_rep_enc_part **rep);
+krb5_error_code
+decode_krb5_ap_rep(const krb5_data *output, krb5_ap_rep **rep);
-krb5_error_code decode_krb5_as_req
- (const krb5_data *output, krb5_kdc_req **rep);
+krb5_error_code
+decode_krb5_ap_rep_enc_part(const krb5_data *output,
+ krb5_ap_rep_enc_part **rep);
-krb5_error_code decode_krb5_tgs_req
- (const krb5_data *output, krb5_kdc_req **rep);
+krb5_error_code
+decode_krb5_as_req(const krb5_data *output, krb5_kdc_req **rep);
-krb5_error_code decode_krb5_kdc_req_body
- (const krb5_data *output, krb5_kdc_req **rep);
+krb5_error_code
+decode_krb5_tgs_req(const krb5_data *output, krb5_kdc_req **rep);
-krb5_error_code decode_krb5_safe
- (const krb5_data *output, krb5_safe **rep);
+krb5_error_code
+decode_krb5_kdc_req_body(const krb5_data *output, krb5_kdc_req **rep);
-krb5_error_code decode_krb5_safe_with_body
- (const krb5_data *output, krb5_safe **rep, krb5_data *body);
+krb5_error_code
+decode_krb5_safe(const krb5_data *output, krb5_safe **rep);
-krb5_error_code decode_krb5_priv
- (const krb5_data *output, krb5_priv **rep);
+krb5_error_code
+decode_krb5_safe_with_body(const krb5_data *output, krb5_safe **rep,
+ krb5_data *body);
-krb5_error_code decode_krb5_enc_priv_part
- (const krb5_data *output, krb5_priv_enc_part **rep);
+krb5_error_code
+decode_krb5_priv(const krb5_data *output, krb5_priv **rep);
-krb5_error_code decode_krb5_cred
- (const krb5_data *output, krb5_cred **rep);
+krb5_error_code
+decode_krb5_enc_priv_part(const krb5_data *output, krb5_priv_enc_part **rep);
-krb5_error_code decode_krb5_enc_cred_part
- (const krb5_data *output, krb5_cred_enc_part **rep);
+krb5_error_code
+decode_krb5_cred(const krb5_data *output, krb5_cred **rep);
-krb5_error_code decode_krb5_error
- (const krb5_data *output, krb5_error **rep);
+krb5_error_code
+decode_krb5_enc_cred_part(const krb5_data *output, krb5_cred_enc_part **rep);
-krb5_error_code decode_krb5_authdata
- (const krb5_data *output, krb5_authdata ***rep);
+krb5_error_code
+decode_krb5_error(const krb5_data *output, krb5_error **rep);
-krb5_error_code decode_krb5_pwd_sequence
- (const krb5_data *output, passwd_phrase_element **rep);
+krb5_error_code
+decode_krb5_authdata(const krb5_data *output, krb5_authdata ***rep);
-krb5_error_code decode_krb5_pwd_data
- (const krb5_data *output, krb5_pwd_data **rep);
+krb5_error_code
+decode_krb5_pwd_sequence(const krb5_data *output, passwd_phrase_element **rep);
-krb5_error_code decode_krb5_padata_sequence
- (const krb5_data *output, krb5_pa_data ***rep);
+krb5_error_code
+decode_krb5_pwd_data(const krb5_data *output, krb5_pwd_data **rep);
-krb5_error_code decode_krb5_alt_method
- (const krb5_data *output, krb5_alt_method **rep);
+krb5_error_code
+decode_krb5_padata_sequence(const krb5_data *output, krb5_pa_data ***rep);
-krb5_error_code decode_krb5_etype_info
- (const krb5_data *output, krb5_etype_info_entry ***rep);
+krb5_error_code
+decode_krb5_alt_method(const krb5_data *output, krb5_alt_method **rep);
-krb5_error_code decode_krb5_etype_info2
- (const krb5_data *output, krb5_etype_info_entry ***rep);
+krb5_error_code
+decode_krb5_etype_info(const krb5_data *output, krb5_etype_info_entry ***rep);
-krb5_error_code decode_krb5_enc_data
- (const krb5_data *output, krb5_enc_data **rep);
+krb5_error_code
+decode_krb5_etype_info2(const krb5_data *output, krb5_etype_info_entry ***rep);
-krb5_error_code decode_krb5_pa_enc_ts
- (const krb5_data *output, krb5_pa_enc_ts **rep);
+krb5_error_code
+decode_krb5_enc_data(const krb5_data *output, krb5_enc_data **rep);
-krb5_error_code decode_krb5_sam_key
- (const krb5_data *, krb5_sam_key **);
+krb5_error_code
+decode_krb5_pa_enc_ts(const krb5_data *output, krb5_pa_enc_ts **rep);
-krb5_error_code decode_krb5_setpw_req
- (const krb5_data *, krb5_data **, krb5_principal *);
+krb5_error_code
+decode_krb5_sam_key(const krb5_data *, krb5_sam_key **);
-krb5_error_code decode_krb5_pa_for_user
- (const krb5_data *, krb5_pa_for_user **);
+krb5_error_code
+decode_krb5_setpw_req(const krb5_data *, krb5_data **, krb5_principal *);
-krb5_error_code decode_krb5_pa_s4u_x509_user
- (const krb5_data *, krb5_pa_s4u_x509_user **);
+krb5_error_code
+decode_krb5_pa_for_user(const krb5_data *, krb5_pa_for_user **);
-krb5_error_code decode_krb5_pa_svr_referral_data
- (const krb5_data *, krb5_pa_svr_referral_data **);
+krb5_error_code
+decode_krb5_pa_s4u_x509_user(const krb5_data *, krb5_pa_s4u_x509_user **);
-krb5_error_code decode_krb5_pa_server_referral_data
- (const krb5_data *, krb5_pa_server_referral_data **);
+krb5_error_code
+decode_krb5_pa_svr_referral_data(const krb5_data *,
+ krb5_pa_svr_referral_data **);
-krb5_error_code decode_krb5_pa_pac_req
- (const krb5_data *, krb5_pa_pac_req **);
+krb5_error_code
+decode_krb5_pa_server_referral_data(const krb5_data *,
+ krb5_pa_server_referral_data **);
-krb5_error_code decode_krb5_etype_list
- (const krb5_data *, krb5_etype_list **);
+krb5_error_code
+decode_krb5_pa_pac_req(const krb5_data *, krb5_pa_pac_req **);
-krb5_error_code decode_krb5_pa_fx_fast_request
-(const krb5_data *, krb5_fast_armored_req **);
+krb5_error_code
+decode_krb5_etype_list(const krb5_data *, krb5_etype_list **);
-krb5_error_code decode_krb5_fast_req
-(const krb5_data *, krb5_fast_req **);
+krb5_error_code
+decode_krb5_pa_fx_fast_request(const krb5_data *, krb5_fast_armored_req **);
+krb5_error_code
+decode_krb5_fast_req(const krb5_data *, krb5_fast_req **);
-krb5_error_code decode_krb5_pa_fx_fast_reply
-(const krb5_data *, krb5_enc_data **);
+krb5_error_code
+decode_krb5_pa_fx_fast_reply(const krb5_data *, krb5_enc_data **);
-krb5_error_code decode_krb5_fast_response
-(const krb5_data *, krb5_fast_response **);
+krb5_error_code
+decode_krb5_fast_response(const krb5_data *, krb5_fast_response **);
-krb5_error_code decode_krb5_ad_kdcissued
-(const krb5_data *, krb5_ad_kdcissued **);
+krb5_error_code
+decode_krb5_ad_kdcissued(const krb5_data *, krb5_ad_kdcissued **);
-krb5_error_code decode_krb5_ad_signedpath
-(const krb5_data *, krb5_ad_signedpath **);
+krb5_error_code
+decode_krb5_ad_signedpath(const krb5_data *, krb5_ad_signedpath **);
-struct _krb5_key_data; /* kdb.h */
+struct _krb5_key_data; /* kdb.h */
struct ldap_seqof_key_data {
- krb5_int32 mkvno; /* Master key version number */
+ krb5_int32 mkvno; /* Master key version number */
struct _krb5_key_data *key_data;
krb5_int16 n_key_data;
};
typedef struct ldap_seqof_key_data ldap_seqof_key_data;
krb5_error_code
-krb5int_ldap_encode_sequence_of_keys (const ldap_seqof_key_data *val,
- krb5_data **code);
+krb5int_ldap_encode_sequence_of_keys(const ldap_seqof_key_data *val,
+ krb5_data **code);
krb5_error_code
-krb5int_ldap_decode_sequence_of_keys (krb5_data *in,
- ldap_seqof_key_data **rep);
+krb5int_ldap_decode_sequence_of_keys(krb5_data *in,
+ ldap_seqof_key_data **rep);
/*************************************************************************
* End of prototypes for krb5_decode.c
@@ -2043,171 +2005,144 @@ krb5int_ldap_decode_sequence_of_keys (krb5_data *in,
/*
* Internal krb5 library routines
*/
-krb5_error_code krb5_encrypt_tkt_part
- (krb5_context,
- const krb5_keyblock *,
- krb5_ticket * );
-
-
-krb5_error_code krb5_encode_kdc_rep
- (krb5_context,
- krb5_msgtype,
- const krb5_enc_kdc_rep_part *,
- int using_subkey,
- const krb5_keyblock *,
- krb5_kdc_rep *,
- krb5_data ** );
-
-krb5_boolean krb5int_auth_con_chkseqnum
- (krb5_context ctx, krb5_auth_context ac, krb5_ui_4 in_seq);
+krb5_error_code
+krb5_encrypt_tkt_part(krb5_context, const krb5_keyblock *, krb5_ticket *);
+
+krb5_error_code
+krb5_encode_kdc_rep(krb5_context, krb5_msgtype, const krb5_enc_kdc_rep_part *,
+ int using_subkey, const krb5_keyblock *, krb5_kdc_rep *,
+ krb5_data ** );
+
+krb5_boolean
+krb5int_auth_con_chkseqnum(krb5_context ctx, krb5_auth_context ac,
+ krb5_ui_4 in_seq);
/*
* [De]Serialization Handle and operations.
*/
struct __krb5_serializer {
- krb5_magic odtype;
- krb5_error_code (*sizer) (krb5_context,
- krb5_pointer,
- size_t *);
- krb5_error_code (*externalizer) (krb5_context,
- krb5_pointer,
- krb5_octet **,
- size_t *);
- krb5_error_code (*internalizer) (krb5_context,
- krb5_pointer *,
- krb5_octet **,
- size_t *);
+ krb5_magic odtype;
+ krb5_error_code (*sizer) (krb5_context,
+ krb5_pointer,
+ size_t *);
+ krb5_error_code (*externalizer) (krb5_context,
+ krb5_pointer,
+ krb5_octet **,
+ size_t *);
+ krb5_error_code (*internalizer) (krb5_context,
+ krb5_pointer *,
+ krb5_octet **,
+ size_t *);
};
typedef const struct __krb5_serializer * krb5_ser_handle;
typedef struct __krb5_serializer krb5_ser_entry;
-krb5_ser_handle krb5_find_serializer
- (krb5_context,
- krb5_magic);
-krb5_error_code krb5_register_serializer
- (krb5_context,
- const krb5_ser_entry *);
+krb5_ser_handle krb5_find_serializer(krb5_context, krb5_magic);
+krb5_error_code krb5_register_serializer(krb5_context, const krb5_ser_entry *);
/* Determine the external size of a particular opaque structure */
-krb5_error_code KRB5_CALLCONV krb5_size_opaque
- (krb5_context,
- krb5_magic,
- krb5_pointer,
- size_t *);
+krb5_error_code KRB5_CALLCONV
+krb5_size_opaque(krb5_context, krb5_magic, krb5_pointer, size_t *);
/* Serialize the structure into a buffer */
-krb5_error_code KRB5_CALLCONV krb5_externalize_opaque
- (krb5_context,
- krb5_magic,
- krb5_pointer,
- krb5_octet **,
- size_t *);
+krb5_error_code KRB5_CALLCONV
+krb5_externalize_opaque(krb5_context, krb5_magic, krb5_pointer, krb5_octet **,
+ size_t *);
/* Deserialize the structure from a buffer */
-krb5_error_code KRB5_CALLCONV krb5_internalize_opaque
- (krb5_context,
- krb5_magic,
- krb5_pointer *,
- krb5_octet **,
- size_t *);
+krb5_error_code KRB5_CALLCONV
+krb5_internalize_opaque(krb5_context, krb5_magic, krb5_pointer *,
+ krb5_octet **, size_t *);
/* Serialize data into a buffer */
-krb5_error_code krb5_externalize_data
- (krb5_context,
- krb5_pointer,
- krb5_octet **,
- size_t *);
+krb5_error_code
+krb5_externalize_data(krb5_context, krb5_pointer, krb5_octet **, size_t *);
/*
* Initialization routines.
*/
/* Initialize serialization for krb5_[os_]context */
-krb5_error_code KRB5_CALLCONV krb5_ser_context_init
- (krb5_context);
+krb5_error_code KRB5_CALLCONV krb5_ser_context_init(krb5_context);
/* Initialize serialization for krb5_auth_context */
-krb5_error_code KRB5_CALLCONV krb5_ser_auth_context_init
- (krb5_context);
+krb5_error_code KRB5_CALLCONV krb5_ser_auth_context_init(krb5_context);
/* Initialize serialization for krb5_keytab */
-krb5_error_code KRB5_CALLCONV krb5_ser_keytab_init
- (krb5_context);
+krb5_error_code KRB5_CALLCONV krb5_ser_keytab_init(krb5_context);
/* Initialize serialization for krb5_ccache */
-krb5_error_code KRB5_CALLCONV krb5_ser_ccache_init
- (krb5_context);
+krb5_error_code KRB5_CALLCONV krb5_ser_ccache_init(krb5_context);
/* Initialize serialization for krb5_rcache */
-krb5_error_code KRB5_CALLCONV krb5_ser_rcache_init
- (krb5_context);
+krb5_error_code KRB5_CALLCONV krb5_ser_rcache_init(krb5_context);
/* [De]serialize 4-byte integer */
-krb5_error_code KRB5_CALLCONV krb5_ser_pack_int32
- (krb5_int32,
- krb5_octet **,
- size_t *);
-krb5_error_code KRB5_CALLCONV krb5_ser_unpack_int32
- (krb5_int32 *,
- krb5_octet **,
- size_t *);
+krb5_error_code KRB5_CALLCONV
+krb5_ser_pack_int32(krb5_int32, krb5_octet **, size_t *);
+
+krb5_error_code KRB5_CALLCONV
+krb5_ser_unpack_int32(krb5_int32 *, krb5_octet **, size_t *);
+
/* [De]serialize 8-byte integer */
-krb5_error_code KRB5_CALLCONV krb5_ser_pack_int64
- (krb5_int64, krb5_octet **, size_t *);
-krb5_error_code KRB5_CALLCONV krb5_ser_unpack_int64
- (krb5_int64 *, krb5_octet **, size_t *);
+krb5_error_code KRB5_CALLCONV
+krb5_ser_pack_int64(krb5_int64, krb5_octet **, size_t *);
+
+krb5_error_code KRB5_CALLCONV
+krb5_ser_unpack_int64(krb5_int64 *, krb5_octet **, size_t *);
+
/* [De]serialize byte string */
-krb5_error_code KRB5_CALLCONV krb5_ser_pack_bytes
- (krb5_octet *,
- size_t,
- krb5_octet **,
- size_t *);
-krb5_error_code KRB5_CALLCONV krb5_ser_unpack_bytes
- (krb5_octet *,
- size_t,
- krb5_octet **,
- size_t *);
-
-krb5_error_code KRB5_CALLCONV krb5int_cc_default
- (krb5_context, krb5_ccache *);
-
-krb5_error_code KRB5_CALLCONV krb5_cc_retrieve_cred_default
- (krb5_context, krb5_ccache, krb5_flags,
- krb5_creds *, krb5_creds *);
+krb5_error_code KRB5_CALLCONV
+krb5_ser_pack_bytes(krb5_octet *, size_t, krb5_octet **, size_t *);
+
+krb5_error_code KRB5_CALLCONV
+krb5_ser_unpack_bytes(krb5_octet *, size_t, krb5_octet **, size_t *);
+
+krb5_error_code KRB5_CALLCONV
+krb5int_cc_default(krb5_context, krb5_ccache *);
+
+krb5_error_code KRB5_CALLCONV
+krb5_cc_retrieve_cred_default(krb5_context, krb5_ccache, krb5_flags,
+ krb5_creds *, krb5_creds *);
krb5_boolean KRB5_CALLCONV
-krb5_creds_compare (krb5_context in_context,
- krb5_creds *in_creds,
- krb5_creds *in_compare_creds);
+krb5_creds_compare(krb5_context in_context, krb5_creds *in_creds,
+ krb5_creds *in_compare_creds);
-void krb5int_set_prompt_types
- (krb5_context, krb5_prompt_type *);
+void
+krb5int_set_prompt_types(krb5_context, krb5_prompt_type *);
krb5_error_code
-krb5int_generate_and_save_subkey (krb5_context, krb5_auth_context,
- krb5_keyblock * /* Old keyblock, not new! */,
- krb5_enctype);
+krb5int_generate_and_save_subkey(krb5_context, krb5_auth_context,
+ krb5_keyblock * /* Old keyblock, not new! */,
+ krb5_enctype);
/* set and change password helpers */
-krb5_error_code krb5int_mk_chpw_req
- (krb5_context context, krb5_auth_context auth_context,
- krb5_data *ap_req, char *passwd, krb5_data *packet);
-krb5_error_code krb5int_rd_chpw_rep
- (krb5_context context, krb5_auth_context auth_context,
- krb5_data *packet, int *result_code,
- krb5_data *result_data);
-krb5_error_code KRB5_CALLCONV krb5_chpw_result_code_string
- (krb5_context context, int result_code,
- char **result_codestr);
-krb5_error_code krb5int_mk_setpw_req
- (krb5_context context, krb5_auth_context auth_context,
- krb5_data *ap_req, krb5_principal targetprinc, char *passwd, krb5_data *packet);
-krb5_error_code krb5int_rd_setpw_rep
- (krb5_context context, krb5_auth_context auth_context,
- krb5_data *packet, int *result_code,
- krb5_data *result_data);
-krb5_error_code krb5int_setpw_result_code_string
- (krb5_context context, int result_code,
- const char **result_codestr);
+krb5_error_code
+krb5int_mk_chpw_req(krb5_context context, krb5_auth_context auth_context,
+ krb5_data *ap_req, char *passwd, krb5_data *packet);
+
+krb5_error_code
+krb5int_rd_chpw_rep(krb5_context context, krb5_auth_context auth_context,
+ krb5_data *packet, int *result_code,
+ krb5_data *result_data);
+
+krb5_error_code KRB5_CALLCONV
+krb5_chpw_result_code_string(krb5_context context, int result_code,
+ char **result_codestr);
+
+krb5_error_code
+krb5int_mk_setpw_req(krb5_context context, krb5_auth_context auth_context,
+ krb5_data *ap_req, krb5_principal targetprinc,
+ char *passwd, krb5_data *packet);
+
+krb5_error_code
+krb5int_rd_setpw_rep(krb5_context context, krb5_auth_context auth_context,
+ krb5_data *packet, int *result_code,
+ krb5_data *result_data);
+
+krb5_error_code
+krb5int_setpw_result_code_string(krb5_context context, int result_code,
+ const char **result_codestr);
struct srv_dns_entry {
struct srv_dns_entry *next;
@@ -2219,9 +2154,9 @@ struct srv_dns_entry {
#ifdef KRB5_DNS_LOOKUP
krb5_error_code
krb5int_make_srv_query_realm(const krb5_data *realm,
- const char *service,
- const char *protocol,
- struct srv_dns_entry **answers);
+ const char *service,
+ const char *protocol,
+ struct srv_dns_entry **answers);
void krb5int_free_srv_dns_data(struct srv_dns_entry *);
#endif
@@ -2233,7 +2168,7 @@ void krb5int_free_srv_dns_data(struct srv_dns_entry *);
/*
* Convenience function for structure magic number
*/
-#define KRB5_VERIFY_MAGIC(structure,magic_number) \
+#define KRB5_VERIFY_MAGIC(structure,magic_number) \
if ((structure)->magic != (magic_number)) return (magic_number);
/* to keep lint happy */
@@ -2245,146 +2180,198 @@ void krb5int_free_srv_dns_data(struct srv_dns_entry *);
#define KRB5INT_ACCESS_STRUCT_VERSION 15
#ifndef ANAME_SZ
-struct ktext; /* from krb.h, for krb524 support */
+struct ktext; /* from krb.h, for krb524 support */
#endif
typedef struct _krb5int_access {
/* crypto stuff */
const struct krb5_hash_provider *md5_hash_provider;
const struct krb5_enc_provider *arcfour_enc_provider;
krb5_error_code (*hmac)(const struct krb5_hash_provider *hash,
- const krb5_keyblock *key,
- unsigned int icount, const krb5_data *input,
- krb5_data *output);
+ const krb5_keyblock *key,
+ unsigned int icount, const krb5_data *input,
+ krb5_data *output);
krb5_error_code (*auth_con_get_subkey_enctype)(krb5_context,
- krb5_auth_context,
- krb5_enctype *);
+ krb5_auth_context,
+ krb5_enctype *);
/* service location and communication */
- krb5_error_code (*sendto_udp) (krb5_context, const krb5_data *msg,
- const struct addrlist *, struct sendto_callback_info*, krb5_data *reply,
- struct sockaddr *, socklen_t *,struct sockaddr *,
- socklen_t *, int *,
- int (*msg_handler)(krb5_context, const krb5_data *, void *),
- void *msg_handler_data);
+ krb5_error_code (*sendto_udp)(krb5_context, const krb5_data *msg,
+ const struct addrlist *,
+ struct sendto_callback_info *,
+ krb5_data *reply, struct sockaddr *,
+ socklen_t *, struct sockaddr *,
+ socklen_t *, int *,
+ int (*msg_handler)(krb5_context,
+ const krb5_data *,
+ void *),
+ void *msg_handler_data);
krb5_error_code (*add_host_to_list)(struct addrlist *lp,
- const char *hostname,
- int port, int secport,
- int socktype, int family);
- void (*free_addrlist) (struct addrlist *);
+ const char *hostname,
+ int port, int secport,
+ int socktype, int family);
+ void (*free_addrlist)(struct addrlist *);
krb5_error_code (*make_srv_query_realm)(const krb5_data *realm,
- const char *service,
- const char *protocol,
- struct srv_dns_entry **answers);
+ const char *service,
+ const char *protocol,
+ struct srv_dns_entry **answers);
void (*free_srv_dns_data)(struct srv_dns_entry *);
int (*use_dns_kdc)(krb5_context);
- krb5_error_code (*clean_hostname)(krb5_context, const char *, char *, size_t);
+ krb5_error_code (*clean_hostname)(krb5_context, const char *, char *,
+ size_t);
krb5_error_code (*mandatory_cksumtype)(krb5_context, krb5_enctype,
- krb5_cksumtype *);
+ krb5_cksumtype *);
krb5_error_code (KRB5_CALLCONV *ser_pack_int64)(krb5_int64, krb5_octet **,
- size_t *);
+ size_t *);
krb5_error_code (KRB5_CALLCONV *ser_unpack_int64)(krb5_int64 *,
- krb5_octet **, size_t *);
+ krb5_octet **, size_t *);
/* Used for KDB LDAP back end. */
krb5_error_code
- (*asn1_ldap_encode_sequence_of_keys) (const ldap_seqof_key_data *val,
- krb5_data **code);
+ (*asn1_ldap_encode_sequence_of_keys)(const ldap_seqof_key_data *val,
+ krb5_data **code);
krb5_error_code
- (*asn1_ldap_decode_sequence_of_keys) (krb5_data *in,
- ldap_seqof_key_data **);
- /* Used for encrypted challenge fast factor*/
+ (*asn1_ldap_decode_sequence_of_keys)(krb5_data *in,
+ ldap_seqof_key_data **);
+
+ /* Used for encrypted challenge fast factor*/
krb5_error_code (*encode_enc_data)(const krb5_enc_data *, krb5_data **);
krb5_error_code (*decode_enc_data)(const krb5_data *, krb5_enc_data **);
void (*free_enc_data)(krb5_context, krb5_enc_data *);
krb5_error_code (*encode_enc_ts)(const krb5_pa_enc_ts *, krb5_data **);
krb5_error_code (*decode_enc_ts)(const krb5_data *, krb5_pa_enc_ts **);
void (*free_enc_ts)(krb5_context, krb5_pa_enc_ts *);
- krb5_error_code (*encrypt_helper)
- (krb5_context, const krb5_keyblock *, krb5_keyusage, const krb5_data *,
- krb5_enc_data *);
+ krb5_error_code
+ (*encrypt_helper)(krb5_context, const krb5_keyblock *, krb5_keyusage,
+ const krb5_data *, krb5_enc_data *);
/*
* pkinit asn.1 encode/decode functions
*/
- krb5_error_code (*encode_krb5_auth_pack)
- (const krb5_auth_pack *rep, krb5_data **code);
- krb5_error_code (*encode_krb5_auth_pack_draft9)
- (const krb5_auth_pack_draft9 *rep, krb5_data **code);
- krb5_error_code (*encode_krb5_kdc_dh_key_info)
- (const krb5_kdc_dh_key_info *rep, krb5_data **code);
- krb5_error_code (*encode_krb5_pa_pk_as_rep)
- (const krb5_pa_pk_as_rep *rep, krb5_data **code);
- krb5_error_code (*encode_krb5_pa_pk_as_rep_draft9)
- (const krb5_pa_pk_as_rep_draft9 *rep, krb5_data **code);
- krb5_error_code (*encode_krb5_pa_pk_as_req)
- (const krb5_pa_pk_as_req *rep, krb5_data **code);
- krb5_error_code (*encode_krb5_pa_pk_as_req_draft9)
- (const krb5_pa_pk_as_req_draft9 *rep, krb5_data **code);
- krb5_error_code (*encode_krb5_reply_key_pack)
- (const krb5_reply_key_pack *, krb5_data **code);
- krb5_error_code (*encode_krb5_reply_key_pack_draft9)
- (const krb5_reply_key_pack_draft9 *, krb5_data **code);
- krb5_error_code (*encode_krb5_td_dh_parameters)
- (const krb5_algorithm_identifier **, krb5_data **code);
- krb5_error_code (*encode_krb5_td_trusted_certifiers)
- (const krb5_external_principal_identifier **, krb5_data **code);
- krb5_error_code (*encode_krb5_typed_data)
- (const krb5_typed_data **, krb5_data **code);
-
- krb5_error_code (*decode_krb5_auth_pack)
- (const krb5_data *, krb5_auth_pack **);
- krb5_error_code (*decode_krb5_auth_pack_draft9)
- (const krb5_data *, krb5_auth_pack_draft9 **);
- krb5_error_code (*decode_krb5_pa_pk_as_req)
- (const krb5_data *, krb5_pa_pk_as_req **);
- krb5_error_code (*decode_krb5_pa_pk_as_req_draft9)
- (const krb5_data *, krb5_pa_pk_as_req_draft9 **);
- krb5_error_code (*decode_krb5_pa_pk_as_rep)
- (const krb5_data *, krb5_pa_pk_as_rep **);
- krb5_error_code (*decode_krb5_pa_pk_as_rep_draft9)
- (const krb5_data *, krb5_pa_pk_as_rep_draft9 **);
- krb5_error_code (*decode_krb5_kdc_dh_key_info)
- (const krb5_data *, krb5_kdc_dh_key_info **);
- krb5_error_code (*decode_krb5_principal_name)
- (const krb5_data *, krb5_principal_data **);
- krb5_error_code (*decode_krb5_reply_key_pack)
- (const krb5_data *, krb5_reply_key_pack **);
- krb5_error_code (*decode_krb5_reply_key_pack_draft9)
- (const krb5_data *, krb5_reply_key_pack_draft9 **);
- krb5_error_code (*decode_krb5_td_dh_parameters)
- (const krb5_data *, krb5_algorithm_identifier ***);
- krb5_error_code (*decode_krb5_td_trusted_certifiers)
- (const krb5_data *, krb5_external_principal_identifier ***);
- krb5_error_code (*decode_krb5_typed_data)
- (const krb5_data *, krb5_typed_data ***);
-
- krb5_error_code (*decode_krb5_as_req)
- (const krb5_data *output, krb5_kdc_req **rep);
- krb5_error_code (*encode_krb5_kdc_req_body)
- (const krb5_kdc_req *rep, krb5_data **code);
- void (KRB5_CALLCONV *free_kdc_req)
- (krb5_context, krb5_kdc_req * );
- void (*set_prompt_types)
- (krb5_context, krb5_prompt_type *);
- krb5_error_code (*encode_krb5_authdata_elt)
- (const krb5_authdata *rep, krb5_data **code);
+ krb5_error_code
+ (*encode_krb5_auth_pack)(const krb5_auth_pack *rep, krb5_data **code);
- /* Exported for testing only! */
- krb5_error_code (*encode_krb5_sam_response_2)
- (const krb5_sam_response_2 *rep, krb5_data **code);
- krb5_error_code (*encode_krb5_enc_sam_response_enc_2)
- (const krb5_enc_sam_response_enc_2 *rep, krb5_data **code);
+ krb5_error_code
+ (*encode_krb5_auth_pack_draft9)(const krb5_auth_pack_draft9 *rep,
+ krb5_data **code);
+
+ krb5_error_code
+ (*encode_krb5_kdc_dh_key_info)(const krb5_kdc_dh_key_info *rep,
+ krb5_data **code);
+
+ krb5_error_code
+ (*encode_krb5_pa_pk_as_rep)(const krb5_pa_pk_as_rep *rep,
+ krb5_data **code);
+
+ krb5_error_code
+ (*encode_krb5_pa_pk_as_rep_draft9)(const krb5_pa_pk_as_rep_draft9 *rep,
+ krb5_data **code);
+
+ krb5_error_code
+ (*encode_krb5_pa_pk_as_req)(const krb5_pa_pk_as_req *rep,
+ krb5_data **code);
+
+ krb5_error_code
+ (*encode_krb5_pa_pk_as_req_draft9)(const krb5_pa_pk_as_req_draft9 *rep,
+ krb5_data **code);
+
+ krb5_error_code
+ (*encode_krb5_reply_key_pack)(const krb5_reply_key_
+ krb5_data **code);
+
+ krb5_error_code
+ (*encode_krb5_reply_key_pack_draft9)(const krb5_reply_key_pack_draft9 *,
+ krb5_data **code);
+
+ krb5_error_code
+ (*encode_krb5_td_dh_parameters)(const krb5_algorithm_identifier **,
+ krb5_data **code);
+
+ krb5_error_code
+ (*encode_krb5_td_trusted_certifiers)(const
+ krb5_external_principal_identifier **,
+ krb5_data **code);
+ krb5_error_code
+ (*encode_krb5_typed_data)(const krb5_typed_data **, krb5_data **code);
+
+ krb5_error_code
+ (*decode_krb5_auth_pack)(const krb5_data *, krb5_auth_pack **);
+
+ krb5_error_code
+ (*decode_krb5_auth_pack_draft9)(const krb5_data *,
+ krb5_auth_pack_draft9 **);
+
+ krb5_error_code
+ (*decode_krb5_pa_pk_as_req)(const krb5_data *, krb5_pa_pk_as_req **);
+
+ krb5_error_code
+ (*decode_krb5_pa_pk_as_req_draft9)(const krb5_data *,
+ krb5_pa_pk_as_req_draft9 **);
+
+ krb5_error_code
+ (*decode_krb5_pa_pk_as_rep)(const krb5_data *, krb5_pa_pk_as_rep **);
+
+ krb5_error_code
+ (*decode_krb5_pa_pk_as_rep_draft9)(const krb5_data *,
+ krb5_pa_pk_as_rep_draft9 **);
+
+ krb5_error_code
+ (*decode_krb5_kdc_dh_key_info)(const krb5_data *, krb5_kdc_dh_key_info **);
+
+ krb5_error_code
+ (*decode_krb5_principal_name)(const krb5_data *, krb5_principal_data **);
+
+ krb5_error_code
+ (*decode_krb5_reply_key_pack)(const krb5_data *, krb5_reply_key_pack **);
+
+ krb5_error_code
+ (*decode_krb5_reply_key_pack_draft9)(const krb5_data *,
+ krb5_reply_key_pack_draft9 **);
+
+ krb5_error_code
+ (*decode_krb5_td_dh_parameters)(const krb5_data *,
+ krb5_algorithm_identifier ***);
+
+ krb5_error_code
+ (*decode_krb5_td_trusted_certifiers)(const krb5_data *,
+ krb5_external_principal_identifier
+ ***);
+
+ krb5_error_code
+ (*decode_krb5_typed_data)(const krb5_data *, krb5_typed_data ***);
+
+ krb5_error_code
+ (*decode_krb5_as_req)(const krb5_data *output, krb5_kdc_req **rep);
+
+ krb5_error_code
+ (*encode_krb5_kdc_req_body)(const krb5_kdc_req *rep, krb5_data **code);
+
+ void
+ (KRB5_CALLCONV *free_kdc_req)(krb5_context, krb5_kdc_req * );
+ void
+ (*set_prompt_types)(krb5_context, krb5_prompt_type *);
+
+ krb5_error_code
+ (*encode_krb5_authdata_elt)(const krb5_authdata *rep, krb5_data **code);
+
+ /* Exported for testing only! */
+ krb5_error_code
+ (*encode_krb5_sam_response_2)(const krb5_sam_response_2 *rep,
+ krb5_data **code);
+ krb5_error_code
+ (*encode_krb5_enc_sam_response_enc_2)(const
+ krb5_enc_sam_response_enc_2 *rep,
+ krb5_data **code);
} krb5int_access;
-#define KRB5INT_ACCESS_VERSION \
- (((krb5_int32)((sizeof(krb5int_access) & 0xFFFF) | \
- (KRB5INT_ACCESS_STRUCT_VERSION << 16))) & 0xFFFFFFFF)
+#define KRB5INT_ACCESS_VERSION \
+ (((krb5_int32)((sizeof(krb5int_access) & 0xFFFF) | \
+ (KRB5INT_ACCESS_STRUCT_VERSION << 16))) & 0xFFFFFFFF)
-krb5_error_code KRB5_CALLCONV krb5int_accessor
- (krb5int_access*, krb5_int32);
+krb5_error_code KRB5_CALLCONV
+krb5int_accessor(krb5int_access*, krb5_int32);
/* Ick -- some krb524 and krb4 support placed in the krb5 library,
because AFS (and potentially other applications?) use the krb4
@@ -2415,46 +2402,46 @@ typedef struct krb5_cc_ptcursor_s *krb5_cc_ptcursor;
struct _krb5_cc_ops {
krb5_magic magic;
char *prefix;
- const char * (KRB5_CALLCONV *get_name) (krb5_context, krb5_ccache);
- krb5_error_code (KRB5_CALLCONV *resolve) (krb5_context, krb5_ccache *,
- const char *);
- krb5_error_code (KRB5_CALLCONV *gen_new) (krb5_context, krb5_ccache *);
- krb5_error_code (KRB5_CALLCONV *init) (krb5_context, krb5_ccache,
- krb5_principal);
- krb5_error_code (KRB5_CALLCONV *destroy) (krb5_context, krb5_ccache);
- krb5_error_code (KRB5_CALLCONV *close) (krb5_context, krb5_ccache);
- krb5_error_code (KRB5_CALLCONV *store) (krb5_context, krb5_ccache,
- krb5_creds *);
- krb5_error_code (KRB5_CALLCONV *retrieve) (krb5_context, krb5_ccache,
- krb5_flags, krb5_creds *,
- krb5_creds *);
- krb5_error_code (KRB5_CALLCONV *get_princ) (krb5_context, krb5_ccache,
- krb5_principal *);
- krb5_error_code (KRB5_CALLCONV *get_first) (krb5_context, krb5_ccache,
- krb5_cc_cursor *);
- krb5_error_code (KRB5_CALLCONV *get_next) (krb5_context, krb5_ccache,
- krb5_cc_cursor *, krb5_creds *);
- krb5_error_code (KRB5_CALLCONV *end_get) (krb5_context, krb5_ccache,
- krb5_cc_cursor *);
- krb5_error_code (KRB5_CALLCONV *remove_cred) (krb5_context, krb5_ccache,
- krb5_flags, krb5_creds *);
- krb5_error_code (KRB5_CALLCONV *set_flags) (krb5_context, krb5_ccache,
- krb5_flags);
- krb5_error_code (KRB5_CALLCONV *get_flags) (krb5_context, krb5_ccache,
- krb5_flags *);
+ const char * (KRB5_CALLCONV *get_name)(krb5_context, krb5_ccache);
+ krb5_error_code (KRB5_CALLCONV *resolve)(krb5_context, krb5_ccache *,
+ const char *);
+ krb5_error_code (KRB5_CALLCONV *gen_new)(krb5_context, krb5_ccache *);
+ krb5_error_code (KRB5_CALLCONV *init)(krb5_context, krb5_ccache,
+ krb5_principal);
+ krb5_error_code (KRB5_CALLCONV *destroy)(krb5_context, krb5_ccache);
+ krb5_error_code (KRB5_CALLCONV *close)(krb5_context, krb5_ccache);
+ krb5_error_code (KRB5_CALLCONV *store)(krb5_context, krb5_ccache,
+ krb5_creds *);
+ krb5_error_code (KRB5_CALLCONV *retrieve)(krb5_context, krb5_ccache,
+ krb5_flags, krb5_creds *,
+ krb5_creds *);
+ krb5_error_code (KRB5_CALLCONV *get_princ)(krb5_context, krb5_ccache,
+ krb5_principal *);
+ krb5_error_code (KRB5_CALLCONV *get_first)(krb5_context, krb5_ccache,
+ krb5_cc_cursor *);
+ krb5_error_code (KRB5_CALLCONV *get_next)(krb5_context, krb5_ccache,
+ krb5_cc_cursor *, krb5_creds *);
+ krb5_error_code (KRB5_CALLCONV *end_get)(krb5_context, krb5_ccache,
+ krb5_cc_cursor *);
+ krb5_error_code (KRB5_CALLCONV *remove_cred)(krb5_context, krb5_ccache,
+ krb5_flags, krb5_creds *);
+ krb5_error_code (KRB5_CALLCONV *set_flags)(krb5_context, krb5_ccache,
+ krb5_flags);
+ krb5_error_code (KRB5_CALLCONV *get_flags)(krb5_context, krb5_ccache,
+ krb5_flags *);
krb5_error_code (KRB5_CALLCONV *ptcursor_new)(krb5_context,
- krb5_cc_ptcursor *);
+ krb5_cc_ptcursor *);
krb5_error_code (KRB5_CALLCONV *ptcursor_next)(krb5_context,
- krb5_cc_ptcursor,
- krb5_ccache *);
+ krb5_cc_ptcursor,
+ krb5_ccache *);
krb5_error_code (KRB5_CALLCONV *ptcursor_free)(krb5_context,
- krb5_cc_ptcursor *);
+ krb5_cc_ptcursor *);
krb5_error_code (KRB5_CALLCONV *move)(krb5_context, krb5_ccache,
- krb5_ccache);
+ krb5_ccache);
krb5_error_code (KRB5_CALLCONV *lastchange)(krb5_context,
- krb5_ccache, krb5_timestamp *);
+ krb5_ccache, krb5_timestamp *);
krb5_error_code (KRB5_CALLCONV *wasdefault)(krb5_context, krb5_ccache,
- krb5_timestamp *);
+ krb5_timestamp *);
krb5_error_code (KRB5_CALLCONV *lock)(krb5_context, krb5_ccache);
krb5_error_code (KRB5_CALLCONV *unlock)(krb5_context, krb5_ccache);
};
@@ -2467,104 +2454,83 @@ krb5int_cc_os_default_name(krb5_context context, char **name);
typedef struct _krb5_donot_replay {
krb5_magic magic;
krb5_ui_4 hash;
- char *server; /* null-terminated */
- char *client; /* null-terminated */
- char *msghash; /* null-terminated */
+ char *server; /* null-terminated */
+ char *client; /* null-terminated */
+ char *msghash; /* null-terminated */
krb5_int32 cusec;
krb5_timestamp ctime;
} krb5_donot_replay;
-krb5_error_code krb5_rc_default
- (krb5_context,
- krb5_rcache *);
-krb5_error_code krb5_rc_resolve_type
- (krb5_context,
- krb5_rcache *,char *);
-krb5_error_code krb5_rc_resolve_full
- (krb5_context,
- krb5_rcache *,char *);
-char * krb5_rc_get_type
- (krb5_context,
- krb5_rcache);
-char * krb5_rc_default_type
- (krb5_context);
-char * krb5_rc_default_name
- (krb5_context);
-krb5_error_code krb5_auth_to_rep
- (krb5_context,
- krb5_tkt_authent *,
- krb5_donot_replay *);
-krb5_error_code krb5_rc_hash_message
- (krb5_context context,
- const krb5_data *message, char **out);
-
-
-krb5_error_code KRB5_CALLCONV krb5_rc_initialize
- (krb5_context, krb5_rcache,krb5_deltat);
-krb5_error_code KRB5_CALLCONV krb5_rc_recover_or_initialize
- (krb5_context, krb5_rcache,krb5_deltat);
-krb5_error_code KRB5_CALLCONV krb5_rc_recover
- (krb5_context, krb5_rcache);
-krb5_error_code KRB5_CALLCONV krb5_rc_destroy
- (krb5_context, krb5_rcache);
-krb5_error_code KRB5_CALLCONV krb5_rc_close
- (krb5_context, krb5_rcache);
-krb5_error_code KRB5_CALLCONV krb5_rc_store
- (krb5_context, krb5_rcache,krb5_donot_replay *);
-krb5_error_code KRB5_CALLCONV krb5_rc_expunge
- (krb5_context, krb5_rcache);
-krb5_error_code KRB5_CALLCONV krb5_rc_get_lifespan
- (krb5_context, krb5_rcache,krb5_deltat *);
-char *KRB5_CALLCONV krb5_rc_get_name
- (krb5_context, krb5_rcache);
-krb5_error_code KRB5_CALLCONV krb5_rc_resolve
- (krb5_context, krb5_rcache, char *);
+krb5_error_code krb5_rc_default(krb5_context, krb5_rcache *);
+krb5_error_code krb5_rc_resolve_type(krb5_context, krb5_rcache *,char *);
+krb5_error_code krb5_rc_resolve_full(krb5_context, krb5_rcache *,char *);
+char *krb5_rc_get_type(krb5_context, krb5_rcache);
+char *krb5_rc_default_type(krb5_context);
+char *krb5_rc_default_name(krb5_context);
+krb5_error_code krb5_auth_to_rep(krb5_context, krb5_tkt_authent *,
+ krb5_donot_replay *);
+krb5_error_code krb5_rc_hash_message(krb5_context context,
+ const krb5_data *message, char **out);
+
+krb5_error_code KRB5_CALLCONV
+krb5_rc_initialize(krb5_context, krb5_rcache, krb5_deltat);
+
+krb5_error_code KRB5_CALLCONV
+krb5_rc_recover_or_initialize(krb5_context, krb5_rcache,krb5_deltat);
+
+krb5_error_code KRB5_CALLCONV
+krb5_rc_recover(krb5_context, krb5_rcache);
+
+krb5_error_code KRB5_CALLCONV
+krb5_rc_destroy(krb5_context, krb5_rcache);
+
+krb5_error_code KRB5_CALLCONV
+krb5_rc_close(krb5_context, krb5_rcache);
+
+krb5_error_code KRB5_CALLCONV
+krb5_rc_store(krb5_context, krb5_rcache, krb5_donot_replay *);
+
+krb5_error_code KRB5_CALLCONV
+krb5_rc_expunge(krb5_context, krb5_rcache);
+
+krb5_error_code KRB5_CALLCONV
+krb5_rc_get_lifespan(krb5_context, krb5_rcache,krb5_deltat *);
+char *KRB5_CALLCONV
+krb5_rc_get_name(krb5_context, krb5_rcache);
+
+krb5_error_code KRB5_CALLCONV
+krb5_rc_resolve(krb5_context, krb5_rcache, char *);
+
+/*
+ * This structure was exposed and used in macros in krb5 1.2, so do not
+ * change its ABI.
+ */
typedef struct _krb5_kt_ops {
krb5_magic magic;
char *prefix;
+
/* routines always present */
- krb5_error_code (KRB5_CALLCONV *resolve)
- (krb5_context,
- const char *,
- krb5_keytab *);
- krb5_error_code (KRB5_CALLCONV *get_name)
- (krb5_context,
- krb5_keytab,
- char *,
- unsigned int);
- krb5_error_code (KRB5_CALLCONV *close)
- (krb5_context,
- krb5_keytab);
- krb5_error_code (KRB5_CALLCONV *get)
- (krb5_context,
- krb5_keytab,
- krb5_const_principal,
- krb5_kvno,
- krb5_enctype,
- krb5_keytab_entry *);
- krb5_error_code (KRB5_CALLCONV *start_seq_get)
- (krb5_context,
- krb5_keytab,
- krb5_kt_cursor *);
- krb5_error_code (KRB5_CALLCONV *get_next)
- (krb5_context,
- krb5_keytab,
- krb5_keytab_entry *,
- krb5_kt_cursor *);
- krb5_error_code (KRB5_CALLCONV *end_get)
- (krb5_context,
- krb5_keytab,
- krb5_kt_cursor *);
+ krb5_error_code (KRB5_CALLCONV *resolve)(krb5_context, const char *,
+ krb5_keytab *);
+ krb5_error_code (KRB5_CALLCONV *get_name)(krb5_context, krb5_keytab,
+ char *, unsigned int);
+ krb5_error_code (KRB5_CALLCONV *close)(krb5_context, krb5_keytab);
+ krb5_error_code (KRB5_CALLCONV *get)(krb5_context, krb5_keytab,
+ krb5_const_principal, krb5_kvno,
+ krb5_enctype, krb5_keytab_entry *);
+ krb5_error_code (KRB5_CALLCONV *start_seq_get)(krb5_context, krb5_keytab,
+ krb5_kt_cursor *);
+ krb5_error_code (KRB5_CALLCONV *get_next)(krb5_context, krb5_keytab,
+ krb5_keytab_entry *,
+ krb5_kt_cursor *);
+ krb5_error_code (KRB5_CALLCONV *end_get)(krb5_context, krb5_keytab,
+ krb5_kt_cursor *);
/* routines to be included on extended version (write routines) */
- krb5_error_code (KRB5_CALLCONV *add)
- (krb5_context,
- krb5_keytab,
- krb5_keytab_entry *);
- krb5_error_code (KRB5_CALLCONV *remove)
- (krb5_context,
- krb5_keytab,
- krb5_keytab_entry *);
+ krb5_error_code (KRB5_CALLCONV *add)(krb5_context, krb5_keytab,
+ krb5_keytab_entry *);
+ krb5_error_code (KRB5_CALLCONV *remove)(krb5_context, krb5_keytab,
+ krb5_keytab_entry *);
/* Handle for serializer */
const krb5_ser_entry *serializer;
@@ -2572,11 +2538,11 @@ typedef struct _krb5_kt_ops {
extern const krb5_kt_ops krb5_kt_dfl_ops;
-extern krb5_error_code krb5int_translate_gai_error (int);
+extern krb5_error_code krb5int_translate_gai_error(int);
/* Not sure it's ready for exposure just yet. */
extern krb5_error_code
-krb5int_c_mandatory_cksumtype (krb5_context, krb5_enctype, krb5_cksumtype *);
+krb5int_c_mandatory_cksumtype(krb5_context, krb5_enctype, krb5_cksumtype *);
extern int krb5int_crypto_init (void);
extern int krb5int_prng_init(void);
@@ -2584,7 +2550,7 @@ extern int krb5int_prng_init(void);
/*
* Referral definitions, debugging hooks, and subfunctions.
*/
-#define KRB5_REFERRAL_MAXHOPS 10
+#define KRB5_REFERRAL_MAXHOPS 10
/* #define DEBUG_REFERRALS */
#ifdef DEBUG_REFERRALS
@@ -2592,356 +2558,254 @@ void krb5int_dbgref_dump_principal(char *, krb5_principal);
#endif
/* Common hostname-parsing code. */
-krb5_error_code KRB5_CALLCONV krb5int_clean_hostname
- (krb5_context,
- const char *,
- char *,
- size_t);
+krb5_error_code KRB5_CALLCONV
+krb5int_clean_hostname(krb5_context, const char *, char *, size_t);
krb5_error_code
krb5int_aes_encrypt(krb5_key key, const krb5_data *ivec,
- const krb5_data *input, krb5_data *output);
+ const krb5_data *input, krb5_data *output);
krb5_error_code
krb5int_aes_decrypt(krb5_key key, const krb5_data *ivec,
- const krb5_data *input, krb5_data *output);
+ const krb5_data *input, krb5_data *output);
-struct _krb5_kt { /* should move into k5-int.h */
+struct _krb5_kt { /* should move into k5-int.h */
krb5_magic magic;
const struct _krb5_kt_ops *ops;
krb5_pointer data;
};
-krb5_error_code krb5_set_default_in_tkt_ktypes
- (krb5_context,
- const krb5_enctype *);
-krb5_error_code krb5_get_default_in_tkt_ktypes
- (krb5_context,
- krb5_enctype **);
+krb5_error_code krb5_set_default_in_tkt_ktypes(krb5_context,
+ const krb5_enctype *);
+
+krb5_error_code krb5_get_default_in_tkt_ktypes(krb5_context, krb5_enctype **);
-krb5_error_code krb5_set_default_tgs_ktypes
- (krb5_context,
- const krb5_enctype *);
+krb5_error_code krb5_set_default_tgs_ktypes(krb5_context,
+ const krb5_enctype *);
-krb5_error_code KRB5_CALLCONV krb5_get_tgs_ktypes
- (krb5_context,
- krb5_const_principal,
- krb5_enctype **);
+krb5_error_code KRB5_CALLCONV
+krb5_get_tgs_ktypes(krb5_context, krb5_const_principal, krb5_enctype **);
-void KRB5_CALLCONV krb5_free_ktypes
- (krb5_context, krb5_enctype *);
+void KRB5_CALLCONV krb5_free_ktypes(krb5_context, krb5_enctype *);
-krb5_boolean krb5_is_permitted_enctype
- (krb5_context, krb5_enctype);
+krb5_boolean krb5_is_permitted_enctype(krb5_context, krb5_enctype);
typedef struct
{
- krb5_enctype *etype;
- krb5_boolean *etype_ok;
- krb5_int32 etype_count;
+ krb5_enctype *etype;
+ krb5_boolean *etype_ok;
+ krb5_int32 etype_count;
} krb5_etypes_permitted;
-krb5_boolean krb5_is_permitted_enctype_ext
- ( krb5_context, krb5_etypes_permitted *);
+krb5_boolean krb5_is_permitted_enctype_ext(krb5_context,
+ krb5_etypes_permitted *);
krb5_boolean KRB5_CALLCONV krb5int_c_weak_enctype(krb5_enctype);
-krb5_error_code krb5_kdc_rep_decrypt_proc
- (krb5_context,
- const krb5_keyblock *,
- krb5_const_pointer,
- krb5_kdc_rep * );
-krb5_error_code KRB5_CALLCONV krb5_decrypt_tkt_part
- (krb5_context,
- const krb5_keyblock *,
- krb5_ticket * );
-krb5_error_code krb5_get_cred_from_kdc
- (krb5_context,
- krb5_ccache, /* not const, as reading may save
- state */
- krb5_creds *,
- krb5_creds **,
- krb5_creds *** );
-krb5_error_code krb5_get_cred_from_kdc_validate
- (krb5_context,
- krb5_ccache, /* not const, as reading may save
- state */
- krb5_creds *,
- krb5_creds **,
- krb5_creds *** );
-krb5_error_code krb5_get_cred_from_kdc_renew
- (krb5_context,
- krb5_ccache, /* not const, as reading may save
- state */
- krb5_creds *,
- krb5_creds **,
- krb5_creds *** );
-
-krb5_error_code krb5_get_cred_via_tkt
- (krb5_context,
- krb5_creds *,
- krb5_flags,
- krb5_address * const *,
- krb5_creds *,
- krb5_creds **);
-
-krb5_error_code KRB5_CALLCONV krb5_copy_addr
- (krb5_context,
- const krb5_address *,
- krb5_address **);
-
-void krb5_init_ets
- (krb5_context);
-void krb5_free_ets
- (krb5_context);
-krb5_error_code krb5_generate_subkey
- (krb5_context,
- const krb5_keyblock *, krb5_keyblock **);
-krb5_error_code krb5_generate_subkey_extended
- (krb5_context,
- const krb5_keyblock *,
- krb5_enctype,
- krb5_keyblock **);
-krb5_error_code krb5_generate_seq_number
- (krb5_context,
- const krb5_keyblock *, krb5_ui_4 *);
-
-krb5_error_code KRB5_CALLCONV krb5_kt_register
- (krb5_context,
- const struct _krb5_kt_ops * );
+krb5_error_code krb5_kdc_rep_decrypt_proc(krb5_context, const krb5_keyblock *,
+ krb5_const_pointer, krb5_kdc_rep *);
+krb5_error_code KRB5_CALLCONV krb5_decrypt_tkt_part(krb5_context,
+ const krb5_keyblock *,
+ krb5_ticket * );
+krb5_error_code krb5_get_cred_from_kdc(krb5_context, krb5_ccache,
+ krb5_creds *, krb5_creds **,
+ krb5_creds *** );
+krb5_error_code krb5_get_cred_from_kdc_validate(krb5_context, krb5_ccache,
+ krb5_creds *, krb5_creds **,
+ krb5_creds *** );
+krb5_error_code krb5_get_cred_from_kdc_renew(krb5_context, krb5_ccache,
+ krb5_creds *, krb5_creds **,
+ krb5_creds *** );
+
+krb5_error_code krb5_get_cred_via_tkt(krb5_context, krb5_creds *, krb5_flags,
+ krb5_address *const *, krb5_creds *,
+ krb5_creds **);
+
+krb5_error_code KRB5_CALLCONV krb5_copy_addr(krb5_context,
+ const krb5_address *,
+ krb5_address **);
+
+void krb5_init_ets(krb5_context);
+void krb5_free_ets(krb5_context);
+krb5_error_code krb5_generate_subkey(krb5_context, const krb5_keyblock *,
+ krb5_keyblock **);
+krb5_error_code krb5_generate_subkey_extended(krb5_context,
+ const krb5_keyblock *,
+ krb5_enctype, krb5_keyblock **);
+krb5_error_code krb5_generate_seq_number(krb5_context, const krb5_keyblock *,
+ krb5_ui_4 *);
+
+krb5_error_code KRB5_CALLCONV krb5_kt_register(krb5_context,
+ const struct _krb5_kt_ops *);
/* use krb5_free_keytab_entry_contents instead */
-krb5_error_code KRB5_CALLCONV krb5_kt_free_entry
- (krb5_context,
- krb5_keytab_entry * );
+krb5_error_code KRB5_CALLCONV krb5_kt_free_entry(krb5_context,
+ krb5_keytab_entry * );
-krb5_error_code krb5_principal2salt_norealm
- (krb5_context,
- krb5_const_principal, krb5_data *);
+krb5_error_code krb5_principal2salt_norealm(krb5_context, krb5_const_principal,
+ krb5_data *);
-unsigned int KRB5_CALLCONV krb5_get_notification_message
- (void);
+unsigned int KRB5_CALLCONV krb5_get_notification_message(void);
/* chk_trans.c */
-krb5_error_code krb5_check_transited_list
- (krb5_context, const krb5_data *trans,
- const krb5_data *realm1, const krb5_data *realm2);
+krb5_error_code krb5_check_transited_list(krb5_context, const krb5_data *trans,
+ const krb5_data *realm1,
+ const krb5_data *realm2);
/* free_rtree.c */
-void krb5_free_realm_tree
- (krb5_context,
- krb5_principal *);
-
-void KRB5_CALLCONV krb5_free_authenticator_contents
- (krb5_context, krb5_authenticator * );
-
-void KRB5_CALLCONV krb5_free_address
- (krb5_context, krb5_address * );
-
-void KRB5_CALLCONV krb5_free_enc_tkt_part
- (krb5_context, krb5_enc_tkt_part * );
-
-void KRB5_CALLCONV krb5_free_tickets
- (krb5_context, krb5_ticket ** );
-void KRB5_CALLCONV krb5_free_kdc_req
- (krb5_context, krb5_kdc_req * );
-void KRB5_CALLCONV krb5_free_kdc_rep
- (krb5_context, krb5_kdc_rep * );
-void KRB5_CALLCONV krb5_free_last_req
- (krb5_context, krb5_last_req_entry ** );
-void KRB5_CALLCONV krb5_free_enc_kdc_rep_part
- (krb5_context, krb5_enc_kdc_rep_part * );
-void KRB5_CALLCONV krb5_free_ap_req
- (krb5_context, krb5_ap_req * );
-void KRB5_CALLCONV krb5_free_ap_rep
- (krb5_context, krb5_ap_rep * );
-void KRB5_CALLCONV krb5_free_cred
- (krb5_context, krb5_cred *);
-void KRB5_CALLCONV krb5_free_cred_enc_part
- (krb5_context, krb5_cred_enc_part *);
-void KRB5_CALLCONV krb5_free_pa_data
- (krb5_context, krb5_pa_data **);
-void KRB5_CALLCONV krb5_free_tkt_authent
- (krb5_context, krb5_tkt_authent *);
-void KRB5_CALLCONV krb5_free_pwd_data
- (krb5_context, krb5_pwd_data *);
-void KRB5_CALLCONV krb5_free_pwd_sequences
- (krb5_context, passwd_phrase_element **);
-void KRB5_CALLCONV krb5_free_passwd_phrase_element
- (krb5_context, passwd_phrase_element *);
-void KRB5_CALLCONV krb5_free_alt_method
- (krb5_context, krb5_alt_method *);
-void KRB5_CALLCONV krb5_free_enc_data
- (krb5_context, krb5_enc_data *);
-krb5_error_code krb5_set_config_files
- (krb5_context, const char **);
-
-krb5_error_code KRB5_CALLCONV krb5_get_default_config_files
- (char ***filenames);
-
-void KRB5_CALLCONV krb5_free_config_files
- (char **filenames);
-krb5_error_code krb5int_send_tgs
- (krb5_context,
- krb5_flags,
- const krb5_ticket_times *,
- const krb5_enctype *,
- krb5_const_principal,
- krb5_address * const *,
- krb5_authdata * const *,
- krb5_pa_data * const *,
- const krb5_data *,
- krb5_creds *,
- krb5_error_code (*gcvt_fct)(krb5_context,
- krb5_keyblock *,
- krb5_kdc_req *,
- void *),
- void *gcvt_data,
- krb5_response * , krb5_keyblock **subkey);
- /* The subkey field is an output parameter; if a
- * tgs-rep is received then the subkey will be filled
- * in with the subkey needed to decrypt the TGS
- * response. Otherwise it will be set to null.
- */
-krb5_error_code krb5int_decode_tgs_rep
- (krb5_context,
- krb5_data *,
- const krb5_keyblock *, krb5_keyusage,
- krb5_kdc_rep ** );
-krb5_error_code krb5int_find_authdata
-(krb5_context context, krb5_authdata *const * ticket_authdata,
- krb5_authdata * const *ap_req_authdata,
- krb5_authdatatype ad_type,
- krb5_authdata ***results);
-
-krb5_error_code krb5_rd_req_decoded
- (krb5_context,
- krb5_auth_context *,
- const krb5_ap_req *,
- krb5_const_principal,
- krb5_keytab,
- krb5_flags *,
- krb5_ticket **);
-
-krb5_error_code krb5_rd_req_decoded_anyflag
- (krb5_context,
- krb5_auth_context *,
- const krb5_ap_req *,
- krb5_const_principal,
- krb5_keytab,
- krb5_flags *,
- krb5_ticket **);
-
-krb5_error_code KRB5_CALLCONV krb5_cc_register
- (krb5_context,
- const krb5_cc_ops *,
- krb5_boolean );
-krb5_error_code krb5_walk_realm_tree
- (krb5_context,
- const krb5_data *,
- const krb5_data *,
- krb5_principal **,
- int);
-krb5_error_code KRB5_CALLCONV krb5_auth_con_set_req_cksumtype
- (krb5_context,
- krb5_auth_context,
- krb5_cksumtype);
-
-krb5_error_code krb5_auth_con_set_safe_cksumtype
- (krb5_context,
- krb5_auth_context,
- krb5_cksumtype);
-krb5_error_code krb5_auth_con_setivector
- (krb5_context,
- krb5_auth_context,
- krb5_pointer);
-
-krb5_error_code krb5_auth_con_getivector
- (krb5_context,
- krb5_auth_context,
- krb5_pointer *);
-
-krb5_error_code krb5_auth_con_setpermetypes
- (krb5_context,
- krb5_auth_context,
- const krb5_enctype *);
-
-krb5_error_code krb5_auth_con_getpermetypes
- (krb5_context,
- krb5_auth_context,
- krb5_enctype **);
-
-krb5_error_code krb5_auth_con_get_subkey_enctype
- (krb5_context context,
- krb5_auth_context,
- krb5_enctype *);
-
-krb5_error_code
-krb5_auth_con_get_authdata_context
- (krb5_context context,
- krb5_auth_context auth_context,
- krb5_authdata_context *ad_context);
-
-krb5_error_code
-krb5_auth_con_set_authdata_context
- (krb5_context context,
- krb5_auth_context auth_context,
- krb5_authdata_context ad_context);
+void krb5_free_realm_tree(krb5_context, krb5_principal *);
+
+void KRB5_CALLCONV krb5_free_authenticator_contents(krb5_context,
+ krb5_authenticator *);
+
+void KRB5_CALLCONV krb5_free_address(krb5_context, krb5_address *);
+
+void KRB5_CALLCONV krb5_free_enc_tkt_part(krb5_context, krb5_enc_tkt_part *);
+
+void KRB5_CALLCONV krb5_free_tickets(krb5_context, krb5_ticket **);
+void KRB5_CALLCONV krb5_free_kdc_req(krb5_context, krb5_kdc_req *);
+void KRB5_CALLCONV krb5_free_kdc_rep(krb5_context, krb5_kdc_rep *);
+void KRB5_CALLCONV krb5_free_last_req(krb5_context, krb5_last_req_entry **);
+void KRB5_CALLCONV krb5_free_enc_kdc_rep_part(krb5_context,
+ krb5_enc_kdc_rep_part *);
+void KRB5_CALLCONV krb5_free_ap_req(krb5_context, krb5_ap_req *);
+void KRB5_CALLCONV krb5_free_ap_rep(krb5_context, krb5_ap_rep *);
+void KRB5_CALLCONV krb5_free_cred(krb5_context, krb5_cred *);
+void KRB5_CALLCONV krb5_free_cred_enc_part(krb5_context, krb5_cred_enc_part *);
+void KRB5_CALLCONV krb5_free_pa_data(krb5_context, krb5_pa_data **);
+void KRB5_CALLCONV krb5_free_tkt_authent(krb5_context, krb5_tkt_authent *);
+void KRB5_CALLCONV krb5_free_pwd_data(krb5_context, krb5_pwd_data *);
+void KRB5_CALLCONV krb5_free_pwd_sequences(krb5_context,
+ passwd_phrase_element **);
+void KRB5_CALLCONV krb5_free_passwd_phrase_element(krb5_context,
+ passwd_phrase_element *);
+void KRB5_CALLCONV krb5_free_alt_method(krb5_context, krb5_alt_method *);
+void KRB5_CALLCONV krb5_free_enc_data(krb5_context, krb5_enc_data *);
+krb5_error_code krb5_set_config_files(krb5_context, const char **);
+
+krb5_error_code KRB5_CALLCONV krb5_get_default_config_files(char ***filenames);
+
+void KRB5_CALLCONV krb5_free_config_files(char **filenames);
+krb5_error_code krb5int_send_tgs(krb5_context, krb5_flags,
+ const krb5_ticket_times *,
+ const krb5_enctype *,
+ krb5_const_principal, krb5_address *const *,
+ krb5_authdata *const *,
+ krb5_pa_data *const *, const krb5_data *,
+ krb5_creds *,
+ krb5_error_code (*gcvt_fct)(krb5_context,
+ krb5_keyblock *,
+ krb5_kdc_req *,
+ void *),
+ void *gcvt_data, krb5_response *
+ krb5_keyblock **subkey);
+/* The subkey field is an output parameter; if a
+ * tgs-rep is received then the subkey will be filled
+ * in with the subkey needed to decrypt the TGS
+ * response. Otherwise it will be set to null.
+ */
+krb5_error_code krb5int_decode_tgs_rep(krb5_context, krb5_data *,
+ const krb5_keyblock *, krb5_keyusage,
+ krb5_kdc_rep ** );
+
+krb5_error_code krb5int_find_authdata(krb5_context context,
+ krb5_authdata *const *ticket_authdata,
+ krb5_authdata *const *ap_req_authdata,
+ krb5_authdatatype ad_type,
+ krb5_authdata ***results);
+
+krb5_error_code krb5_rd_req_decoded(krb5_context, krb5_auth_context *,
+ const krb5_ap_req *, krb5_const_principal,
+ krb5_keytab, krb5_flags *, krb5_ticket **);
+
+krb5_error_code krb5_rd_req_decoded_anyflag(krb5_context, krb5_auth_context *,
+ const krb5_ap_req *,
+ krb5_const_principal, krb5_keytab,
+ krb5_flags *, krb5_ticket **);
+
+krb5_error_code KRB5_CALLCONV
+krb5_cc_register(krb5_context, const krb5_cc_ops *, krb5_boolean );
+
+krb5_error_code krb5_walk_realm_tree(krb5_context, const krb5_data *,
+ const krb5_data *, krb5_principal **,
+ int);
+
+krb5_error_code KRB5_CALLCONV
+krb5_auth_con_set_req_cksumtype(krb5_context, krb5_auth_context,
+ krb5_cksumtype);
+
+krb5_error_code
+krb5_auth_con_set_safe_cksumtype(krb5_context, krb5_auth_context,
+ krb5_cksumtype);
+
+krb5_error_code krb5_auth_con_setivector(krb5_context, krb5_auth_context,
+ krb5_pointer);
+
+krb5_error_code krb5_auth_con_getivector(krb5_context, krb5_auth_context,
+ krb5_pointer *);
+
+krb5_error_code krb5_auth_con_setpermetypes(krb5_context, krb5_auth_context,
+ const krb5_enctype *);
+
+krb5_error_code krb5_auth_con_getpermetypes(krb5_context, krb5_auth_context,
+ krb5_enctype **);
+
+krb5_error_code krb5_auth_con_get_subkey_enctype(krb5_context context,
+ krb5_auth_context,
+ krb5_enctype *);
+
+krb5_error_code
+krb5_auth_con_get_authdata_context(krb5_context context,
+ krb5_auth_context auth_context,
+ krb5_authdata_context *ad_context);
+
+krb5_error_code
+krb5_auth_con_set_authdata_context(krb5_context context,
+ krb5_auth_context auth_context,
+ krb5_authdata_context ad_context);
krb5_error_code KRB5_CALLCONV
-krb5int_server_decrypt_ticket_keyblock
- (krb5_context context,
- const krb5_keyblock *key,
- krb5_ticket *ticket);
-
-krb5_error_code krb5_read_message (krb5_context, krb5_pointer, krb5_data *);
-krb5_error_code krb5_write_message (krb5_context, krb5_pointer, krb5_data *);
-krb5_error_code krb5int_write_messages (krb5_context, krb5_pointer, krb5_data *, int);
-int krb5_net_read (krb5_context, int , char *, int);
-int krb5_net_write (krb5_context, int , const char *, int);
-
-krb5_error_code KRB5_CALLCONV krb5_get_realm_domain
- (krb5_context,
- const char *,
- char ** );
-
-krb5_error_code krb5_gen_portaddr
- (krb5_context,
- const krb5_address *,
- krb5_const_pointer,
- krb5_address **);
-krb5_error_code krb5_gen_replay_name
- (krb5_context,
- const krb5_address *,
- const char *,
- char **);
-krb5_error_code krb5_make_fulladdr
- (krb5_context,
- krb5_address *,
- krb5_address *,
- krb5_address *);
-
-krb5_error_code krb5_set_debugging_time
- (krb5_context, krb5_timestamp, krb5_int32);
-krb5_error_code krb5_use_natural_time
- (krb5_context);
-krb5_error_code krb5_set_time_offsets
- (krb5_context, krb5_timestamp, krb5_int32);
+krb5int_server_decrypt_ticket_keyblock(krb5_context context,
+ const krb5_keyblock *key,
+ krb5_ticket *ticket);
+
+krb5_error_code krb5_read_message(krb5_context, krb5_pointer, krb5_data *);
+krb5_error_code krb5_write_message(krb5_context, krb5_pointer, krb5_data *);
+krb5_error_code krb5int_write_messages(krb5_context, krb5_pointer, krb5_data *,
+ int);
+int krb5_net_read(krb5_context, int , char *, int);
+int krb5_net_write(krb5_context, int , const char *, int);
+
+krb5_error_code KRB5_CALLCONV krb5_get_realm_domain(krb5_context,
+ const char *, char ** );
+
+krb5_error_code krb5_gen_portaddr(krb5_context, const krb5_address *,
+ krb5_const_pointer, krb5_address **);
+
+krb5_error_code krb5_gen_replay_name(krb5_context, const krb5_address *,
+ const char *, char **);
+krb5_error_code krb5_make_fulladdr(krb5_context, krb5_address *,
+ krb5_address *, krb5_address *);
+
+krb5_error_code krb5_set_debugging_time(krb5_context, krb5_timestamp,
+ krb5_int32);
+krb5_error_code krb5_use_natural_time(krb5_context);
+krb5_error_code krb5_set_time_offsets(krb5_context, krb5_timestamp,
+ krb5_int32);
krb5_error_code krb5int_check_clockskew(krb5_context, krb5_timestamp);
/*
* The realm iterator functions
*/
-krb5_error_code KRB5_CALLCONV krb5_realm_iterator_create
- (krb5_context context, void **iter_p);
+krb5_error_code KRB5_CALLCONV
+krb5_realm_iterator_create(krb5_context context, void **iter_p);
-krb5_error_code KRB5_CALLCONV krb5_realm_iterator
- (krb5_context context, void **iter_p, char **ret_realm);
+krb5_error_code KRB5_CALLCONV
+krb5_realm_iterator(krb5_context context, void **iter_p, char **ret_realm);
-void KRB5_CALLCONV krb5_realm_iterator_free
- (krb5_context context, void **iter_p);
+void KRB5_CALLCONV
+krb5_realm_iterator_free(krb5_context context, void **iter_p);
-void KRB5_CALLCONV krb5_free_realm_string
- (krb5_context context, char *str);
+void KRB5_CALLCONV krb5_free_realm_string(krb5_context context, char *str);
/* Internal principal function used by KIM to avoid code duplication */
krb5_error_code KRB5_CALLCONV
@@ -2957,7 +2821,7 @@ static inline int
data_eq(krb5_data d1, krb5_data d2)
{
return (d1.length == d2.length
- && !memcmp(d1.data, d2.data, d1.length));
+ && !memcmp(d1.data, d2.data, d1.length));
}
static inline krb5_data
@@ -2993,8 +2857,8 @@ static inline int
authdata_eq(krb5_authdata a1, krb5_authdata a2)
{
return (a1.ad_type == a2.ad_type
- && a1.length == a2.length
- && !memcmp(a1.contents, a2.contents, a1.length));
+ && a1.length == a2.length
+ && !memcmp(a1.contents, a2.contents, a1.length));
}
/* Allocate zeroed memory; set *code to 0 on success or ENOMEM on failure. */
@@ -3010,40 +2874,40 @@ k5alloc(size_t size, krb5_error_code *code)
krb5_error_code KRB5_CALLCONV
krb5int_pac_sign(krb5_context context,
- krb5_pac pac,
- krb5_timestamp authtime,
- krb5_const_principal principal,
- const krb5_keyblock *server_key,
- const krb5_keyblock *privsvr_key,
- krb5_data *data);
+ krb5_pac pac,
+ krb5_timestamp authtime,
+ krb5_const_principal principal,
+ const krb5_keyblock *server_key,
+ const krb5_keyblock *privsvr_key,
+ krb5_data *data);
krb5_error_code KRB5_CALLCONV
krb5_get_credentials_for_user(krb5_context context, krb5_flags options,
- krb5_ccache ccache,
- krb5_creds *in_creds,
- krb5_data *cert,
- krb5_creds **out_creds);
+ krb5_ccache ccache,
+ krb5_creds *in_creds,
+ krb5_data *cert,
+ krb5_creds **out_creds);
krb5_error_code KRB5_CALLCONV
krb5_get_credentials_for_proxy(krb5_context context,
- krb5_flags options,
- krb5_ccache ccache,
- krb5_creds *in_creds,
- krb5_ticket *evidence_tkt,
- krb5_creds **out_creds);
+ krb5_flags options,
+ krb5_ccache ccache,
+ krb5_creds *in_creds,
+ krb5_ticket *evidence_tkt,
+ krb5_creds **out_creds);
krb5_error_code KRB5_CALLCONV
krb5int_get_authdata_containee_types(krb5_context context,
- const krb5_authdata *container,
- unsigned int *nad_types,
- krb5_authdatatype **ad_types);
+ const krb5_authdata *container,
+ unsigned int *nad_types,
+ krb5_authdatatype **ad_types);
krb5_error_code krb5int_parse_enctype_list(krb5_context context, char *profstr,
- krb5_enctype *default_list,
- krb5_enctype **result);
+ krb5_enctype *default_list,
+ krb5_enctype **result);
#ifdef DEBUG_ERROR_LOCATIONS
-#define krb5_set_error_message(ctx, code, ...) \
+#define krb5_set_error_message(ctx, code, ...) \
krb5_set_error_message_fl(ctx, code, __FILE__, __LINE__, __VA_ARGS__)
#endif
diff --git a/src/include/k5-ipc_stream.h b/src/include/k5-ipc_stream.h
index 1f56d76f2b..c1a36e6b53 100644
--- a/src/include/k5-ipc_stream.h
+++ b/src/include/k5-ipc_stream.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* $Header$
*
@@ -42,36 +43,36 @@ uint64_t krb5int_ipc_stream_size (k5_ipc_stream in_stream);
const char *krb5int_ipc_stream_data (k5_ipc_stream in_stream);
uint32_t krb5int_ipc_stream_read (k5_ipc_stream in_stream,
- void *io_data,
- uint64_t in_size);
+ void *io_data,
+ uint64_t in_size);
uint32_t krb5int_ipc_stream_write (k5_ipc_stream in_stream,
- const void *in_data,
- uint64_t in_size);
+ const void *in_data,
+ uint64_t in_size);
uint32_t krb5int_ipc_stream_read_string (k5_ipc_stream io_stream,
- char **out_string);
+ char **out_string);
uint32_t krb5int_ipc_stream_write_string (k5_ipc_stream io_stream,
- const char *in_string);
+ const char *in_string);
void krb5int_ipc_stream_free_string (char *in_string);
uint32_t krb5int_ipc_stream_read_int32 (k5_ipc_stream io_stream,
- int32_t *out_int32);
+ int32_t *out_int32);
uint32_t krb5int_ipc_stream_write_int32 (k5_ipc_stream io_stream,
- int32_t in_int32);
+ int32_t in_int32);
uint32_t krb5int_ipc_stream_read_uint32 (k5_ipc_stream io_stream,
- uint32_t *out_uint32);
+ uint32_t *out_uint32);
uint32_t krb5int_ipc_stream_write_uint32 (k5_ipc_stream io_stream,
- uint32_t in_uint32);
+ uint32_t in_uint32);
uint32_t krb5int_ipc_stream_read_int64 (k5_ipc_stream io_stream,
- int64_t *out_int64);
+ int64_t *out_int64);
uint32_t krb5int_ipc_stream_write_int64 (k5_ipc_stream io_stream,
- int64_t in_int64);
+ int64_t in_int64);
uint32_t krb5int_ipc_stream_read_uint64 (k5_ipc_stream io_stream,
- uint64_t *out_uint64);
+ uint64_t *out_uint64);
uint32_t krb5int_ipc_stream_write_uint64 (k5_ipc_stream io_stream,
- uint64_t in_uint64);
+ uint64_t in_uint64);
#endif /* K5_IPC_STREAM_H */
diff --git a/src/include/k5-platform.h b/src/include/k5-platform.h
index d4d05aee10..7c1c57d706 100644
--- a/src/include/k5-platform.h
+++ b/src/include/k5-platform.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; indent-tabs-mode: nil -*- */
/*
* k5-platform.h
*
@@ -16,7 +17,7 @@
* this permission notice appear in supporting documentation, and that
* the name of M.I.T. not be used in advertising or publicity pertaining
* to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
+ * permission. Furthermore if you modify this software you must label
* your software as modified software and not distribute it in such a
* fashion that it might be confused with the original M.I.T. software.
* M.I.T. makes no representations about the suitability of
@@ -209,52 +210,52 @@
# include "k5-thread.h"
typedef struct { k5_once_t once; int error, did_run; void (*fn)(void); } k5_init_t;
# ifdef USE_LINKER_INIT_OPTION
-# define MAYBE_DUMMY_INIT(NAME) \
- void JOIN__2(NAME, auxinit) () { }
+# define MAYBE_DUMMY_INIT(NAME) \
+ void JOIN__2(NAME, auxinit) () { }
# else
# define MAYBE_DUMMY_INIT(NAME)
# endif
# ifdef __GNUC__
/* Do it in macro form so we get the file/line of the invocation if
the assertion fails. */
-# define k5_call_init_function(I) \
- (__extension__ ({ \
- k5_init_t *k5int_i = (I); \
- int k5int_err = k5_once(&k5int_i->once, k5int_i->fn); \
- (k5int_err \
- ? k5int_err \
- : (assert(k5int_i->did_run != 0), k5int_i->error)); \
- }))
+# define k5_call_init_function(I) \
+ (__extension__ ({ \
+ k5_init_t *k5int_i = (I); \
+ int k5int_err = k5_once(&k5int_i->once, k5int_i->fn); \
+ (k5int_err \
+ ? k5int_err \
+ : (assert(k5int_i->did_run != 0), k5int_i->error)); \
+ }))
# define MAYBE_DEFINE_CALLINIT_FUNCTION
# else
-# define MAYBE_DEFINE_CALLINIT_FUNCTION \
- static inline int k5_call_init_function(k5_init_t *i) \
- { \
- int err; \
- err = k5_once(&i->once, i->fn); \
- if (err) \
- return err; \
- assert (i->did_run != 0); \
- return i->error; \
- }
+# define MAYBE_DEFINE_CALLINIT_FUNCTION \
+ static inline int k5_call_init_function(k5_init_t *i) \
+ { \
+ int err; \
+ err = k5_once(&i->once, i->fn); \
+ if (err) \
+ return err; \
+ assert (i->did_run != 0); \
+ return i->error; \
+ }
# endif
-# define MAKE_INIT_FUNCTION(NAME) \
- static int NAME(void); \
- MAYBE_DUMMY_INIT(NAME) \
- /* forward declaration for use in initializer */ \
- static void JOIN__2(NAME, aux) (void); \
- static k5_init_t JOIN__2(NAME, once) = \
- { K5_ONCE_INIT, 0, 0, JOIN__2(NAME, aux) }; \
- MAYBE_DEFINE_CALLINIT_FUNCTION \
- static void JOIN__2(NAME, aux) (void) \
- { \
- JOIN__2(NAME, once).did_run = 1; \
- JOIN__2(NAME, once).error = NAME(); \
- } \
- /* so ';' following macro use won't get error */ \
- static int NAME(void)
-# define CALL_INIT_FUNCTION(NAME) \
- k5_call_init_function(& JOIN__2(NAME, once))
+# define MAKE_INIT_FUNCTION(NAME) \
+ static int NAME(void); \
+ MAYBE_DUMMY_INIT(NAME) \
+ /* forward declaration for use in initializer */ \
+ static void JOIN__2(NAME, aux) (void); \
+ static k5_init_t JOIN__2(NAME, once) = \
+ { K5_ONCE_INIT, 0, 0, JOIN__2(NAME, aux) }; \
+ MAYBE_DEFINE_CALLINIT_FUNCTION \
+ static void JOIN__2(NAME, aux) (void) \
+ { \
+ JOIN__2(NAME, once).did_run = 1; \
+ JOIN__2(NAME, once).error = NAME(); \
+ } \
+ /* so ';' following macro use won't get error */ \
+ static int NAME(void)
+# define CALL_INIT_FUNCTION(NAME) \
+ k5_call_init_function(& JOIN__2(NAME, once))
/* This should be called in finalization only, so we shouldn't have
multiple active threads mucking around in our library at this
point. So ignore the once_t object and just look at the flag.
@@ -264,10 +265,10 @@ typedef struct { k5_once_t once; int error, did_run; void (*fn)(void); } k5_init
application code should already be coordinating things such that
the library code is not in use by this point, and memory
synchronization will be needed there. */
-# define INITIALIZER_RAN(NAME) \
- (JOIN__2(NAME, once).did_run && JOIN__2(NAME, once).error == 0)
+# define INITIALIZER_RAN(NAME) \
+ (JOIN__2(NAME, once).did_run && JOIN__2(NAME, once).error == 0)
-# define PROGRAM_EXITING() (0)
+# define PROGRAM_EXITING() (0)
#elif defined(__GNUC__) && !defined(_WIN32) && defined(CONSTRUCTOR_ATTR_WORKS)
@@ -275,63 +276,63 @@ typedef struct { k5_once_t once; int error, did_run; void (*fn)(void); } k5_init
# ifdef USE_LINKER_INIT_OPTION
/* Both gcc and linker option?? Favor gcc. */
-# define MAYBE_DUMMY_INIT(NAME) \
- void JOIN__2(NAME, auxinit) () { }
+# define MAYBE_DUMMY_INIT(NAME) \
+ void JOIN__2(NAME, auxinit) () { }
# else
# define MAYBE_DUMMY_INIT(NAME)
# endif
typedef struct { int error; unsigned char did_run; } k5_init_t;
-# define MAKE_INIT_FUNCTION(NAME) \
- MAYBE_DUMMY_INIT(NAME) \
- static k5_init_t JOIN__2(NAME, ran) \
- = { 0, 2 }; \
- static void JOIN__2(NAME, aux)(void) \
- __attribute__((constructor)); \
- static int NAME(void); \
- static void JOIN__2(NAME, aux)(void) \
- { \
- JOIN__2(NAME, ran).error = NAME(); \
- JOIN__2(NAME, ran).did_run = 3; \
- } \
- static int NAME(void)
-# define CALL_INIT_FUNCTION(NAME) \
- (JOIN__2(NAME, ran).did_run == 3 \
- ? JOIN__2(NAME, ran).error \
- : (abort(),0))
-# define INITIALIZER_RAN(NAME) (JOIN__2(NAME,ran).did_run == 3 && JOIN__2(NAME, ran).error == 0)
-
-# define PROGRAM_EXITING() (0)
+# define MAKE_INIT_FUNCTION(NAME) \
+ MAYBE_DUMMY_INIT(NAME) \
+ static k5_init_t JOIN__2(NAME, ran) \
+ = { 0, 2 }; \
+ static void JOIN__2(NAME, aux)(void) \
+ __attribute__((constructor)); \
+ static int NAME(void); \
+ static void JOIN__2(NAME, aux)(void) \
+ { \
+ JOIN__2(NAME, ran).error = NAME(); \
+ JOIN__2(NAME, ran).did_run = 3; \
+ } \
+ static int NAME(void)
+# define CALL_INIT_FUNCTION(NAME) \
+ (JOIN__2(NAME, ran).did_run == 3 \
+ ? JOIN__2(NAME, ran).error \
+ : (abort(),0))
+# define INITIALIZER_RAN(NAME) (JOIN__2(NAME,ran).did_run == 3 && JOIN__2(NAME, ran).error == 0)
+
+# define PROGRAM_EXITING() (0)
#elif defined(USE_LINKER_INIT_OPTION) || defined(_WIN32)
/* Run initializer at load time, via linker magic, or in the
case of WIN32, win_glue.c hard-coded knowledge. */
typedef struct { int error; unsigned char did_run; } k5_init_t;
-# define MAKE_INIT_FUNCTION(NAME) \
- static k5_init_t JOIN__2(NAME, ran) \
- = { 0, 2 }; \
- static int NAME(void); \
- void JOIN__2(NAME, auxinit)() \
- { \
- JOIN__2(NAME, ran).error = NAME(); \
- JOIN__2(NAME, ran).did_run = 3; \
- } \
- static int NAME(void)
-# define CALL_INIT_FUNCTION(NAME) \
- (JOIN__2(NAME, ran).did_run == 3 \
- ? JOIN__2(NAME, ran).error \
- : (abort(),0))
-# define INITIALIZER_RAN(NAME) \
- (JOIN__2(NAME, ran).error == 0)
-
-# define PROGRAM_EXITING() (0)
+# define MAKE_INIT_FUNCTION(NAME) \
+ static k5_init_t JOIN__2(NAME, ran) \
+ = { 0, 2 }; \
+ static int NAME(void); \
+ void JOIN__2(NAME, auxinit)() \
+ { \
+ JOIN__2(NAME, ran).error = NAME(); \
+ JOIN__2(NAME, ran).did_run = 3; \
+ } \
+ static int NAME(void)
+# define CALL_INIT_FUNCTION(NAME) \
+ (JOIN__2(NAME, ran).did_run == 3 \
+ ? JOIN__2(NAME, ran).error \
+ : (abort(),0))
+# define INITIALIZER_RAN(NAME) \
+ (JOIN__2(NAME, ran).error == 0)
+
+# define PROGRAM_EXITING() (0)
#else
# error "Don't know how to do load-time initializers for this configuration."
-# define PROGRAM_EXITING() (0)
+# define PROGRAM_EXITING() (0)
#endif
@@ -345,29 +346,29 @@ typedef struct { int error; unsigned char did_run; } k5_init_t;
# ifdef __hpux
/* On HP-UX, we need this auxiliary function. At dynamic load or
- unload time (but *not* program startup and termination for
- link-time specified libraries), the linker-indicated function
- is called with a handle on the library and a flag indicating
- whether it's being loaded or unloaded.
+ unload time (but *not* program startup and termination for
+ link-time specified libraries), the linker-indicated function
+ is called with a handle on the library and a flag indicating
+ whether it's being loaded or unloaded.
- The "real" fini function doesn't need to be exported, so
- declare it static.
+ The "real" fini function doesn't need to be exported, so
+ declare it static.
- As usual, the final declaration is just for syntactic
- convenience, so the top-level invocation of this macro can be
- followed by a semicolon. */
+ As usual, the final declaration is just for syntactic
+ convenience, so the top-level invocation of this macro can be
+ followed by a semicolon. */
# include <dl.h>
-# define MAKE_FINI_FUNCTION(NAME) \
- static void NAME(void); \
- void JOIN__2(NAME, auxfini)(shl_t, int); /* silence gcc warnings */ \
- void JOIN__2(NAME, auxfini)(shl_t h, int l) { if (!l) NAME(); } \
- static void NAME(void)
+# define MAKE_FINI_FUNCTION(NAME) \
+ static void NAME(void); \
+ void JOIN__2(NAME, auxfini)(shl_t, int); /* silence gcc warnings */ \
+ void JOIN__2(NAME, auxfini)(shl_t h, int l) { if (!l) NAME(); } \
+ static void NAME(void)
# else /* not hpux */
-# define MAKE_FINI_FUNCTION(NAME) \
- void NAME(void)
+# define MAKE_FINI_FUNCTION(NAME) \
+ void NAME(void)
# endif
@@ -378,8 +379,8 @@ typedef struct { int error; unsigned char did_run; } k5_init_t;
function attribute that makes use of the same facility as C++.
XXX How do we know if the C++ support actually works? */
-# define MAKE_FINI_FUNCTION(NAME) \
- static void NAME(void) __attribute__((destructor))
+# define MAKE_FINI_FUNCTION(NAME) \
+ static void NAME(void) __attribute__((destructor))
#elif !defined(SHARED)
@@ -388,8 +389,8 @@ typedef struct { int error; unsigned char did_run; } k5_init_t;
The code will still define the function, but we won't do anything
with it. Annoying: This may generate unused-function warnings. */
-# define MAKE_FINI_FUNCTION(NAME) \
- static void NAME(void)
+# define MAKE_FINI_FUNCTION(NAME) \
+ static void NAME(void)
#else
@@ -505,10 +506,10 @@ typedef struct { int error; unsigned char did_run; } k5_init_t;
on most of our platforms except Windows, where we're not using
GCC. */
#ifdef __GNUC__
-# define PUT(SIZE,PTR,VAL) (((struct { uint##SIZE##_t i; } __attribute__((packed)) *)(PTR))->i = (VAL))
-# define GET(SIZE,PTR) (((const struct { uint##SIZE##_t i; } __attribute__((packed)) *)(PTR))->i)
-# define PUTSWAPPED(SIZE,PTR,VAL) PUT(SIZE,PTR,SWAP##SIZE(VAL))
-# define GETSWAPPED(SIZE,PTR) SWAP##SIZE(GET(SIZE,PTR))
+# define PUT(SIZE,PTR,VAL) (((struct { uint##SIZE##_t i; } __attribute__((packed)) *)(PTR))->i = (VAL))
+# define GET(SIZE,PTR) (((const struct { uint##SIZE##_t i; } __attribute__((packed)) *)(PTR))->i)
+# define PUTSWAPPED(SIZE,PTR,VAL) PUT(SIZE,PTR,SWAP##SIZE(VAL))
+# define GETSWAPPED(SIZE,PTR) SWAP##SIZE(GET(SIZE,PTR))
#endif
/* To do: Define SWAP16, SWAP32, SWAP64 macros to byte-swap values
with the indicated numbers of bits.
@@ -520,25 +521,25 @@ typedef struct { int error; unsigned char did_run; } k5_init_t;
#if defined(HAVE_BYTESWAP_H) && defined(HAVE_BSWAP_16)
# include <byteswap.h>
-# define SWAP16 bswap_16
-# define SWAP32 bswap_32
+# define SWAP16 bswap_16
+# define SWAP32 bswap_32
# ifdef HAVE_BSWAP_64
-# define SWAP64 bswap_64
+# define SWAP64 bswap_64
# endif
#endif
#if TARGET_OS_MAC
# include <architecture/byte_order.h>
# if 0 /* This causes compiler warnings. */
-# define SWAP16 OSSwapInt16
+# define SWAP16 OSSwapInt16
# else
-# define SWAP16 k5_swap16
+# define SWAP16 k5_swap16
static inline unsigned int k5_swap16 (unsigned int x) {
x &= 0xffff;
return (x >> 8) | ((x & 0xff) << 8);
}
# endif
-# define SWAP32 OSSwapInt32
-# define SWAP64 OSSwapInt64
+# define SWAP32 OSSwapInt32
+# define SWAP64 OSSwapInt64
#endif
/* Note that on Windows at least this file can be included from C++
@@ -612,8 +613,8 @@ load_32_be (const void *cvp)
return GETSWAPPED(32,p);
#else
return (p[3] | (p[2] << 8)
- | ((uint32_t) p[1] << 16)
- | ((uint32_t) p[0] << 24));
+ | ((uint32_t) p[1] << 16)
+ | ((uint32_t) p[0] << 24));
#endif
}
static inline UINT64_TYPE
@@ -769,51 +770,51 @@ k5_ntohll (UINT64_TYPE val)
#ifdef HAVE_GETPWNAM_R
# ifndef GETPWNAM_R_4_ARGS
/* POSIX */
-# define k5_getpwnam_r(NAME, REC, BUF, BUFSIZE, OUT) \
- (getpwnam_r(NAME,REC,BUF,BUFSIZE,OUT) == 0 \
- ? (*(OUT) == NULL ? -1 : 0) : -1)
+# define k5_getpwnam_r(NAME, REC, BUF, BUFSIZE, OUT) \
+ (getpwnam_r(NAME,REC,BUF,BUFSIZE,OUT) == 0 \
+ ? (*(OUT) == NULL ? -1 : 0) : -1)
# else
/* POSIX drafts? */
# ifdef GETPWNAM_R_RETURNS_INT
-# define k5_getpwnam_r(NAME, REC, BUF, BUFSIZE, OUT) \
- (getpwnam_r(NAME,REC,BUF,BUFSIZE) == 0 \
- ? (*(OUT) = REC, 0) \
- : (*(OUT) = NULL, -1))
+# define k5_getpwnam_r(NAME, REC, BUF, BUFSIZE, OUT) \
+ (getpwnam_r(NAME,REC,BUF,BUFSIZE) == 0 \
+ ? (*(OUT) = REC, 0) \
+ : (*(OUT) = NULL, -1))
# else
# define k5_getpwnam_r(NAME, REC, BUF, BUFSIZE, OUT) \
- (*(OUT) = getpwnam_r(NAME,REC,BUF,BUFSIZE), *(OUT) == NULL ? -1 : 0)
+ (*(OUT) = getpwnam_r(NAME,REC,BUF,BUFSIZE), *(OUT) == NULL ? -1 : 0)
# endif
# endif
#else /* no getpwnam_r, or can't figure out #args or return type */
/* Will get warnings about unused variables. */
# define k5_getpwnam_r(NAME, REC, BUF, BUFSIZE, OUT) \
- (*(OUT) = getpwnam(NAME), *(OUT) == NULL ? -1 : 0)
+ (*(OUT) = getpwnam(NAME), *(OUT) == NULL ? -1 : 0)
#endif
/* int k5_getpwuid_r(uid_t, blah blah) */
#ifdef HAVE_GETPWUID_R
# ifndef GETPWUID_R_4_ARGS
/* POSIX */
-# define k5_getpwuid_r(UID, REC, BUF, BUFSIZE, OUT) \
- (getpwuid_r(UID,REC,BUF,BUFSIZE,OUT) == 0 \
- ? (*(OUT) == NULL ? -1 : 0) : -1)
+# define k5_getpwuid_r(UID, REC, BUF, BUFSIZE, OUT) \
+ (getpwuid_r(UID,REC,BUF,BUFSIZE,OUT) == 0 \
+ ? (*(OUT) == NULL ? -1 : 0) : -1)
# else
/* POSIX drafts? Yes, I mean to test GETPWNAM... here. Less junk to
do at configure time. */
# ifdef GETPWNAM_R_RETURNS_INT
-# define k5_getpwuid_r(UID, REC, BUF, BUFSIZE, OUT) \
- (getpwuid_r(UID,REC,BUF,BUFSIZE) == 0 \
- ? (*(OUT) = REC, 0) \
- : (*(OUT) = NULL, -1))
+# define k5_getpwuid_r(UID, REC, BUF, BUFSIZE, OUT) \
+ (getpwuid_r(UID,REC,BUF,BUFSIZE) == 0 \
+ ? (*(OUT) = REC, 0) \
+ : (*(OUT) = NULL, -1))
# else
# define k5_getpwuid_r(UID, REC, BUF, BUFSIZE, OUT) \
- (*(OUT) = getpwuid_r(UID,REC,BUF,BUFSIZE), *(OUT) == NULL ? -1 : 0)
+ (*(OUT) = getpwuid_r(UID,REC,BUF,BUFSIZE), *(OUT) == NULL ? -1 : 0)
# endif
# endif
#else /* no getpwuid_r, or can't figure out #args or return type */
/* Will get warnings about unused variables. */
# define k5_getpwuid_r(UID, REC, BUF, BUFSIZE, OUT) \
- (*(OUT) = getpwuid(UID), *(OUT) == NULL ? -1 : 0)
+ (*(OUT) = getpwuid(UID), *(OUT) == NULL ? -1 : 0)
#endif
/* Ensure, if possible, that the indicated file descriptor won't be
@@ -829,10 +830,10 @@ set_cloexec_fd(int fd)
#if defined(F_SETFD)
# ifdef FD_CLOEXEC
if (fcntl(fd, F_SETFD, FD_CLOEXEC) != 0)
- return errno;
+ return errno;
# else
if (fcntl(fd, F_SETFD, 1) != 0)
- return errno;
+ return errno;
# endif
#endif
return 0;
@@ -850,14 +851,14 @@ set_cloexec_file(FILE *f)
with F_SETFD. */
#ifdef F_SETFD
# ifdef FD_CLOEXEC
-# define set_cloexec_fd(FD) (fcntl((FD), F_SETFD, FD_CLOEXEC) ? errno : 0)
+# define set_cloexec_fd(FD) (fcntl((FD), F_SETFD, FD_CLOEXEC) ? errno : 0)
# else
-# define set_cloexec_fd(FD) (fcntl((FD), F_SETFD, 1) ? errno : 0)
+# define set_cloexec_fd(FD) (fcntl((FD), F_SETFD, 1) ? errno : 0)
# endif
#else
-# define set_cloexec_fd(FD) ((FD),0)
+# define set_cloexec_fd(FD) ((FD),0)
#endif
-#define set_cloexec_file(F) set_cloexec_fd(fileno(F))
+#define set_cloexec_file(F) set_cloexec_fd(fileno(F))
#endif
@@ -871,7 +872,7 @@ set_cloexec_file(FILE *f)
#if defined(HAS_VA_COPY) || defined(va_copy)
/* Do nothing. */
#elif defined(CAN_COPY_VA_LIST)
-#define va_copy(dest, src) ((dest) = (src))
+#define va_copy(dest, src) ((dest) = (src))
#else
/* Assume array type, but still simply copyable.
@@ -879,7 +880,7 @@ set_cloexec_file(FILE *f)
allocate some storage pointed to by the va_list, and in that case
we'll just lose. If anyone cares, we could try to devise a test
for that case. */
-#define va_copy(dest, src) memcmp(dest, src, sizeof(va_list))
+#define va_copy(dest, src) memcmp(dest, src, sizeof(va_list))
#endif
/* Provide strlcpy/strlcat interfaces. */
@@ -903,7 +904,7 @@ vsnprintf(char *str, size_t size, const char *format, va_list args)
length = _vscprintf(format, args_copy);
va_end(args_copy);
if (size)
- _vsnprintf(str, size, format, args);
+ _vsnprintf(str, size, format, args);
return length;
}
static inline int
diff --git a/src/include/k5-plugin.h b/src/include/k5-plugin.h
index 498c5668c6..6ffbdbb716 100644
--- a/src/include/k5-plugin.h
+++ b/src/include/k5-plugin.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 2006 Massachusetts Institute of Technology.
* All Rights Reserved.
@@ -82,7 +83,7 @@
#define PLUGIN_SYMBOL_NAME(prefix, symbol) symbol
#endif
-struct plugin_file_handle; /* opaque */
+struct plugin_file_handle; /* opaque */
struct plugin_dir_handle {
/* This points to a NULL-terminated list of pointers to plugin_file_handle structs */
@@ -98,28 +99,28 @@ krb5int_close_plugin (struct plugin_file_handle *);
long KRB5_CALLCONV
krb5int_get_plugin_data (struct plugin_file_handle *, const char *, void **,
- struct errinfo *);
+ struct errinfo *);
long KRB5_CALLCONV
krb5int_get_plugin_func (struct plugin_file_handle *, const char *,
- void (**)(), struct errinfo *);
+ void (**)(), struct errinfo *);
long KRB5_CALLCONV
krb5int_open_plugin_dirs (const char * const *, const char * const *,
- struct plugin_dir_handle *, struct errinfo *);
+ struct plugin_dir_handle *, struct errinfo *);
void KRB5_CALLCONV
krb5int_close_plugin_dirs (struct plugin_dir_handle *);
long KRB5_CALLCONV
krb5int_get_plugin_dir_data (struct plugin_dir_handle *, const char *,
- void ***, struct errinfo *);
+ void ***, struct errinfo *);
void KRB5_CALLCONV
krb5int_free_plugin_dir_data (void **);
long KRB5_CALLCONV
krb5int_get_plugin_dir_func (struct plugin_dir_handle *, const char *,
- void (***)(void), struct errinfo *);
+ void (***)(void), struct errinfo *);
void KRB5_CALLCONV
krb5int_free_plugin_dir_func (void (**)(void));
diff --git a/src/include/k5-thread.h b/src/include/k5-thread.h
index 069b51c74b..5f0325c5e7 100644
--- a/src/include/k5-thread.h
+++ b/src/include/k5-thread.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* include/k5-thread.h
*
@@ -40,101 +41,101 @@
/* Interface (tentative):
- Mutex support:
-
- // Between these two, we should be able to do pure compile-time
- // and pure run-time initialization.
- // POSIX: partial initializer is PTHREAD_MUTEX_INITIALIZER,
- // finish does nothing
- // Windows: partial initializer is an invalid handle,
- // finish does the real initialization work
- k5_mutex_t foo_mutex = K5_MUTEX_PARTIAL_INITIALIZER;
- int k5_mutex_finish_init(k5_mutex_t *);
- // for dynamic allocation
- int k5_mutex_init(k5_mutex_t *);
- // Must work for both kinds of alloc, even if it means adding flags.
- int k5_mutex_destroy(k5_mutex_t *);
-
- // As before.
- int k5_mutex_lock(k5_mutex_t *);
- int k5_mutex_unlock(k5_mutex_t *);
-
- In each library, one new function to finish the static mutex init,
- and any other library-wide initialization that might be desired.
- On POSIX, this function would be called via the second support
- function (see below). On Windows, it would be called at library
- load time. These functions, or functions they calls, should be the
- only places that k5_mutex_finish_init gets called.
-
- A second function or macro called at various possible "first" entry
- points which either calls pthread_once on the first function
- (POSIX), or checks some flag set by the first function (Windows),
- and possibly returns an error. (In the non-threaded case, a simple
- flag can be used to avoid multiple invocations, and the mutexes
- don't need run-time initialization anyways.)
-
- A third function for library termination calls mutex_destroy on
- each mutex for the library. This function would be called
- automatically at library unload time. If it turns out to be needed
- at exit time for libraries that don't get unloaded, perhaps we
- should also use atexit(). Any static mutexes should be cleaned up
- with k5_mutex_destroy here.
-
- How does that second support function invoke the first support
- function only once? Through something modelled on pthread_once
- that I haven't written up yet. Probably:
-
- k5_once_t foo_once = K5_ONCE_INIT;
- k5_once(k5_once_t *, void (*)(void));
-
- For POSIX: Map onto pthread_once facility.
- For non-threaded case: A simple flag.
- For Windows: Not needed; library init code takes care of it.
-
- XXX: A general k5_once mechanism isn't possible for Windows,
- without faking it through named mutexes or mutexes initialized at
- startup. I was only using it in one place outside these headers,
- so I'm dropping the general scheme. Eventually the existing uses
- in k5-thread.h and k5-platform.h will be converted to pthread_once
- or static variables.
-
-
- Thread-specific data:
-
- // TSD keys are limited in number in gssapi/krb5/com_err; enumerate
- // them all. This allows support code init to allocate the
- // necessary storage for pointers all at once, and avoids any
- // possible error in key creation.
- enum { ... } k5_key_t;
- // Register destructor function. Called in library init code.
- int k5_key_register(k5_key_t, void (*destructor)(void *));
- // Returns NULL or data.
- void *k5_getspecific(k5_key_t);
- // Returns error if key out of bounds, or the pointer table can't
- // be allocated. A call to k5_key_register must have happened first.
- // This may trigger the calling of pthread_setspecific on POSIX.
- int k5_setspecific(k5_key_t, void *);
- // Called in library termination code.
- // Trashes data in all threads, calling the registered destructor
- // (but calling it from the current thread).
- int k5_key_delete(k5_key_t);
-
- For the non-threaded version, the support code will have a static
- array indexed by k5_key_t values, and get/setspecific simply access
- the array elements.
-
- The TSD destructor table is global state, protected by a mutex if
- threads are enabled.
-
-
- Any actual external symbols will use the krb5int_ prefix. The k5_
- names will be simple macros or inline functions to rename the
- external symbols, or slightly more complex ones to expand the
- implementation inline (e.g., map to POSIX versions and/or debug
- code using __FILE__ and the like).
-
-
- More to be added, perhaps. */
+ Mutex support:
+
+ // Between these two, we should be able to do pure compile-time
+ // and pure run-time initialization.
+ // POSIX: partial initializer is PTHREAD_MUTEX_INITIALIZER,
+ // finish does nothing
+ // Windows: partial initializer is an invalid handle,
+ // finish does the real initialization work
+ k5_mutex_t foo_mutex = K5_MUTEX_PARTIAL_INITIALIZER;
+ int k5_mutex_finish_init(k5_mutex_t *);
+ // for dynamic allocation
+ int k5_mutex_init(k5_mutex_t *);
+ // Must work for both kinds of alloc, even if it means adding flags.
+ int k5_mutex_destroy(k5_mutex_t *);
+
+ // As before.
+ int k5_mutex_lock(k5_mutex_t *);
+ int k5_mutex_unlock(k5_mutex_t *);
+
+ In each library, one new function to finish the static mutex init,
+ and any other library-wide initialization that might be desired.
+ On POSIX, this function would be called via the second support
+ function (see below). On Windows, it would be called at library
+ load time. These functions, or functions they calls, should be the
+ only places that k5_mutex_finish_init gets called.
+
+ A second function or macro called at various possible "first" entry
+ points which either calls pthread_once on the first function
+ (POSIX), or checks some flag set by the first function (Windows),
+ and possibly returns an error. (In the non-threaded case, a simple
+ flag can be used to avoid multiple invocations, and the mutexes
+ don't need run-time initialization anyways.)
+
+ A third function for library termination calls mutex_destroy on
+ each mutex for the library. This function would be called
+ automatically at library unload time. If it turns out to be needed
+ at exit time for libraries that don't get unloaded, perhaps we
+ should also use atexit(). Any static mutexes should be cleaned up
+ with k5_mutex_destroy here.
+
+ How does that second support function invoke the first support
+ function only once? Through something modelled on pthread_once
+ that I haven't written up yet. Probably:
+
+ k5_once_t foo_once = K5_ONCE_INIT;
+ k5_once(k5_once_t *, void (*)(void));
+
+ For POSIX: Map onto pthread_once facility.
+ For non-threaded case: A simple flag.
+ For Windows: Not needed; library init code takes care of it.
+
+ XXX: A general k5_once mechanism isn't possible for Windows,
+ without faking it through named mutexes or mutexes initialized at
+ startup. I was only using it in one place outside these headers,
+ so I'm dropping the general scheme. Eventually the existing uses
+ in k5-thread.h and k5-platform.h will be converted to pthread_once
+ or static variables.
+
+
+ Thread-specific data:
+
+ // TSD keys are limited in number in gssapi/krb5/com_err; enumerate
+ // them all. This allows support code init to allocate the
+ // necessary storage for pointers all at once, and avoids any
+ // possible error in key creation.
+ enum { ... } k5_key_t;
+ // Register destructor function. Called in library init code.
+ int k5_key_register(k5_key_t, void (*destructor)(void *));
+ // Returns NULL or data.
+ void *k5_getspecific(k5_key_t);
+ // Returns error if key out of bounds, or the pointer table can't
+ // be allocated. A call to k5_key_register must have happened first.
+ // This may trigger the calling of pthread_setspecific on POSIX.
+ int k5_setspecific(k5_key_t, void *);
+ // Called in library termination code.
+ // Trashes data in all threads, calling the registered destructor
+ // (but calling it from the current thread).
+ int k5_key_delete(k5_key_t);
+
+ For the non-threaded version, the support code will have a static
+ array indexed by k5_key_t values, and get/setspecific simply access
+ the array elements.
+
+ The TSD destructor table is global state, protected by a mutex if
+ threads are enabled.
+
+
+ Any actual external symbols will use the krb5int_ prefix. The k5_
+ names will be simple macros or inline functions to rename the
+ external symbols, or slightly more complex ones to expand the
+ implementation inline (e.g., map to POSIX versions and/or debug
+ code using __FILE__ and the like).
+
+
+ More to be added, perhaps. */
#include <assert.h>
@@ -161,7 +162,7 @@
/* Define the OS mutex bit. */
typedef char k5_os_nothread_mutex;
-# define K5_OS_NOTHREAD_MUTEX_PARTIAL_INITIALIZER 0
+# define K5_OS_NOTHREAD_MUTEX_PARTIAL_INITIALIZER 0
/* Empty inline functions avoid the "statement with no effect"
warnings, and do better type-checking than functions that don't use
their arguments. */
@@ -186,28 +187,28 @@ static inline int k5_os_nothread_mutex_unlock(k5_os_nothread_mutex *m) {
3 - function has been run
4 - function is being run -- deadlock detected */
typedef unsigned char k5_os_nothread_once_t;
-# define K5_OS_NOTHREAD_ONCE_INIT 2
-# define k5_os_nothread_once(O,F) \
- (*(O) == 3 ? 0 \
- : *(O) == 2 ? (*(O) = 4, (F)(), *(O) = 3, 0) \
- : (assert(*(O) != 4), assert(*(O) == 2 || *(O) == 3), 0))
+# define K5_OS_NOTHREAD_ONCE_INIT 2
+# define k5_os_nothread_once(O,F) \
+ (*(O) == 3 ? 0 \
+ : *(O) == 2 ? (*(O) = 4, (F)(), *(O) = 3, 0) \
+ : (assert(*(O) != 4), assert(*(O) == 2 || *(O) == 3), 0))
#ifndef ENABLE_THREADS
typedef k5_os_nothread_mutex k5_os_mutex;
-# define K5_OS_MUTEX_PARTIAL_INITIALIZER \
- K5_OS_NOTHREAD_MUTEX_PARTIAL_INITIALIZER
-# define k5_os_mutex_finish_init k5_os_nothread_mutex_finish_init
-# define k5_os_mutex_init k5_os_nothread_mutex_init
-# define k5_os_mutex_destroy k5_os_nothread_mutex_destroy
-# define k5_os_mutex_lock k5_os_nothread_mutex_lock
-# define k5_os_mutex_unlock k5_os_nothread_mutex_unlock
-
-# define k5_once_t k5_os_nothread_once_t
-# define K5_ONCE_INIT K5_OS_NOTHREAD_ONCE_INIT
-# define k5_once k5_os_nothread_once
+# define K5_OS_MUTEX_PARTIAL_INITIALIZER \
+ K5_OS_NOTHREAD_MUTEX_PARTIAL_INITIALIZER
+# define k5_os_mutex_finish_init k5_os_nothread_mutex_finish_init
+# define k5_os_mutex_init k5_os_nothread_mutex_init
+# define k5_os_mutex_destroy k5_os_nothread_mutex_destroy
+# define k5_os_mutex_lock k5_os_nothread_mutex_lock
+# define k5_os_mutex_unlock k5_os_nothread_mutex_unlock
+
+# define k5_once_t k5_os_nothread_once_t
+# define K5_ONCE_INIT K5_OS_NOTHREAD_ONCE_INIT
+# define k5_once k5_os_nothread_once
#elif HAVE_PTHREAD
@@ -247,10 +248,10 @@ typedef k5_os_nothread_mutex k5_os_mutex;
symbol tables of the current process. */
extern int krb5int_pthread_loaded(void)
#ifdef __GNUC__
- /* We should always get the same answer for the life of the process. */
- __attribute__((const))
+/* We should always get the same answer for the life of the process. */
+ __attribute__((const))
#endif
- ;
+ ;
#if defined(HAVE_PRAGMA_WEAK_REF) && !defined(NO_WEAK_PTHREADS)
# pragma weak pthread_once
# pragma weak pthread_mutex_lock
@@ -259,7 +260,7 @@ extern int krb5int_pthread_loaded(void)
# pragma weak pthread_mutex_init
# pragma weak pthread_self
# pragma weak pthread_equal
-# define K5_PTHREADS_LOADED (krb5int_pthread_loaded())
+# define K5_PTHREADS_LOADED (krb5int_pthread_loaded())
# define USE_PTHREAD_LOCK_ONLY_IF_LOADED
/* Can't rely on useful stubs -- see above regarding Solaris. */
@@ -267,19 +268,19 @@ typedef struct {
pthread_once_t o;
k5_os_nothread_once_t n;
} k5_once_t;
-# define K5_ONCE_INIT { PTHREAD_ONCE_INIT, K5_OS_NOTHREAD_ONCE_INIT }
-# define k5_once(O,F) (K5_PTHREADS_LOADED \
- ? pthread_once(&(O)->o,F) \
- : k5_os_nothread_once(&(O)->n,F))
+# define K5_ONCE_INIT { PTHREAD_ONCE_INIT, K5_OS_NOTHREAD_ONCE_INIT }
+# define k5_once(O,F) (K5_PTHREADS_LOADED \
+ ? pthread_once(&(O)->o,F) \
+ : k5_os_nothread_once(&(O)->n,F))
#else
/* no pragma weak support */
-# define K5_PTHREADS_LOADED (1)
+# define K5_PTHREADS_LOADED (1)
typedef pthread_once_t k5_once_t;
-# define K5_ONCE_INIT PTHREAD_ONCE_INIT
-# define k5_once pthread_once
+# define K5_ONCE_INIT PTHREAD_ONCE_INIT
+# define k5_once pthread_once
#endif
@@ -294,28 +295,28 @@ typedef pthread_once_t k5_once_t;
#endif
typedef pthread_mutex_t k5_os_mutex;
-# define K5_OS_MUTEX_PARTIAL_INITIALIZER \
- PTHREAD_MUTEX_INITIALIZER
+# define K5_OS_MUTEX_PARTIAL_INITIALIZER \
+ PTHREAD_MUTEX_INITIALIZER
#ifdef USE_PTHREAD_LOCK_ONLY_IF_LOADED
-# define k5_os_mutex_finish_init(M) (0)
-# define k5_os_mutex_init(M) \
- (K5_PTHREADS_LOADED ? pthread_mutex_init((M), 0) : 0)
-# define k5_os_mutex_destroy(M) \
- (K5_PTHREADS_LOADED ? pthread_mutex_destroy((M)) : 0)
-# define k5_os_mutex_lock(M) \
- (K5_PTHREADS_LOADED ? pthread_mutex_lock(M) : 0)
-# define k5_os_mutex_unlock(M) \
- (K5_PTHREADS_LOADED ? pthread_mutex_unlock(M) : 0)
+# define k5_os_mutex_finish_init(M) (0)
+# define k5_os_mutex_init(M) \
+ (K5_PTHREADS_LOADED ? pthread_mutex_init((M), 0) : 0)
+# define k5_os_mutex_destroy(M) \
+ (K5_PTHREADS_LOADED ? pthread_mutex_destroy((M)) : 0)
+# define k5_os_mutex_lock(M) \
+ (K5_PTHREADS_LOADED ? pthread_mutex_lock(M) : 0)
+# define k5_os_mutex_unlock(M) \
+ (K5_PTHREADS_LOADED ? pthread_mutex_unlock(M) : 0)
#else
static inline int k5_os_mutex_finish_init(k5_os_mutex *m) { return 0; }
-# define k5_os_mutex_init(M) pthread_mutex_init((M), 0)
-# define k5_os_mutex_destroy(M) pthread_mutex_destroy((M))
-# define k5_os_mutex_lock(M) pthread_mutex_lock(M)
-# define k5_os_mutex_unlock(M) pthread_mutex_unlock(M)
+# define k5_os_mutex_init(M) pthread_mutex_init((M), 0)
+# define k5_os_mutex_destroy(M) pthread_mutex_destroy((M))
+# define k5_os_mutex_lock(M) pthread_mutex_lock(M)
+# define k5_os_mutex_unlock(M) pthread_mutex_unlock(M)
#endif /* is pthreads always available? */
@@ -328,21 +329,21 @@ typedef struct {
# define K5_OS_MUTEX_PARTIAL_INITIALIZER { INVALID_HANDLE_VALUE, 0 }
-# define k5_os_mutex_finish_init(M) \
- (assert((M)->h == INVALID_HANDLE_VALUE), \
- ((M)->h = CreateMutex(NULL, FALSE, NULL)) ? 0 : GetLastError())
-# define k5_os_mutex_init(M) \
- ((M)->is_locked = 0, \
- ((M)->h = CreateMutex(NULL, FALSE, NULL)) ? 0 : GetLastError())
-# define k5_os_mutex_destroy(M) \
- (CloseHandle((M)->h) ? ((M)->h = 0, 0) : GetLastError())
+# define k5_os_mutex_finish_init(M) \
+ (assert((M)->h == INVALID_HANDLE_VALUE), \
+ ((M)->h = CreateMutex(NULL, FALSE, NULL)) ? 0 : GetLastError())
+# define k5_os_mutex_init(M) \
+ ((M)->is_locked = 0, \
+ ((M)->h = CreateMutex(NULL, FALSE, NULL)) ? 0 : GetLastError())
+# define k5_os_mutex_destroy(M) \
+ (CloseHandle((M)->h) ? ((M)->h = 0, 0) : GetLastError())
static inline int k5_os_mutex_lock(k5_os_mutex *m)
{
DWORD res;
res = WaitForSingleObject(m->h, INFINITE);
if (res == WAIT_FAILED)
- return GetLastError();
+ return GetLastError();
/* Eventually these should be turned into some reasonable error
code. */
assert(res != WAIT_TIMEOUT);
@@ -354,10 +355,10 @@ static inline int k5_os_mutex_lock(k5_os_mutex *m)
return 0;
}
-# define k5_os_mutex_unlock(M) \
- (assert((M)->is_locked == 1), \
- (M)->is_locked = 0, \
- ReleaseMutex((M)->h) ? 0 : GetLastError())
+# define k5_os_mutex_unlock(M) \
+ (assert((M)->is_locked == 1), \
+ (M)->is_locked = 0, \
+ ReleaseMutex((M)->h) ? 0 : GetLastError())
#else
@@ -369,7 +370,7 @@ static inline int k5_os_mutex_lock(k5_os_mutex *m)
typedef k5_os_mutex k5_mutex_t;
-#define K5_MUTEX_PARTIAL_INITIALIZER K5_OS_MUTEX_PARTIAL_INITIALIZER
+#define K5_MUTEX_PARTIAL_INITIALIZER K5_OS_MUTEX_PARTIAL_INITIALIZER
static inline int k5_mutex_init(k5_mutex_t *m)
{
return k5_os_mutex_init(m);
@@ -378,7 +379,7 @@ static inline int k5_mutex_finish_init(k5_mutex_t *m)
{
return k5_os_mutex_finish_init(m);
}
-#define k5_mutex_destroy(M) \
+#define k5_mutex_destroy(M) \
(k5_os_mutex_destroy(M))
#if __GNUC__ >= 4
@@ -390,13 +391,13 @@ static inline int k5_mutex_lock(k5_mutex_t *m)
return k5_os_mutex_lock(m);
}
-#define k5_mutex_unlock(M) \
- (k5_os_mutex_unlock(M))
+#define k5_mutex_unlock(M) \
+ (k5_os_mutex_unlock(M))
-#define k5_mutex_assert_locked(M) ((void)(M))
-#define k5_mutex_assert_unlocked(M) ((void)(M))
-#define k5_assert_locked k5_mutex_assert_locked
-#define k5_assert_unlocked k5_mutex_assert_unlocked
+#define k5_mutex_assert_locked(M) ((void)(M))
+#define k5_mutex_assert_unlocked(M) ((void)(M))
+#define k5_assert_locked k5_mutex_assert_locked
+#define k5_assert_unlocked k5_mutex_assert_unlocked
/* Thread-specific data; implemented in a support file, because we'll
@@ -417,10 +418,10 @@ typedef enum {
K5_KEY_MAX
} k5_key_t;
/* rename shorthand symbols for export */
-#define k5_key_register krb5int_key_register
-#define k5_getspecific krb5int_getspecific
-#define k5_setspecific krb5int_setspecific
-#define k5_key_delete krb5int_key_delete
+#define k5_key_register krb5int_key_register
+#define k5_getspecific krb5int_getspecific
+#define k5_setspecific krb5int_setspecific
+#define k5_key_delete krb5int_key_delete
extern int k5_key_register(k5_key_t, void (*)(void *));
extern void *k5_getspecific(k5_key_t);
extern int k5_setspecific(k5_key_t, void *);
diff --git a/src/include/k5-unicode.h b/src/include/k5-unicode.h
index 3a42a8269c..d643734632 100644
--- a/src/include/k5-unicode.h
+++ b/src/include/k5-unicode.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 2008 by the Massachusetts Institute of Technology,
* Cambridge, MA, USA. All Rights Reserved.
@@ -111,11 +112,11 @@ void krb5int_ucstr2upper(
krb5_unicode *,
size_t);
-#define KRB5_UTF8_NOCASEFOLD 0x0U
-#define KRB5_UTF8_CASEFOLD 0x1U
-#define KRB5_UTF8_ARG1NFC 0x2U
-#define KRB5_UTF8_ARG2NFC 0x4U
-#define KRB5_UTF8_APPROX 0x8U
+#define KRB5_UTF8_NOCASEFOLD 0x0U
+#define KRB5_UTF8_CASEFOLD 0x1U
+#define KRB5_UTF8_ARG1NFC 0x2U
+#define KRB5_UTF8_ARG2NFC 0x4U
+#define KRB5_UTF8_APPROX 0x8U
krb5_error_code krb5int_utf8_normalize(
krb5_data *,
diff --git a/src/include/k5-utf8.h b/src/include/k5-utf8.h
index c27d20923d..ac54147e75 100644
--- a/src/include/k5-utf8.h
+++ b/src/include/k5-utf8.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 2008 by the Massachusetts Institute of Technology,
* Cambridge, MA, USA. All Rights Reserved.
@@ -84,19 +85,19 @@
#endif
#if INT_MAX == 0x7fff
-typedef unsigned int krb5_ucs2;
+typedef unsigned int krb5_ucs2;
#elif SHRT_MAX == 0x7fff
-typedef unsigned short krb5_ucs2;
+typedef unsigned short krb5_ucs2;
#else
#error undefined 16 bit type
#endif
#if INT_MAX == 0x7fffffffL
-typedef int krb5_ucs4;
+typedef int krb5_ucs4;
#elif LONG_MAX == 0x7fffffffL
-typedef long krb5_ucs4;
+typedef long krb5_ucs4;
#elif SHRT_MAX == 0x7fffffffL
-typedef short krb5_ucs4;
+typedef short krb5_ucs4;
#else
#error: undefined 32 bit type
#endif
@@ -111,47 +112,47 @@ size_t krb5int_ucs4_to_utf8(krb5_ucs4 c, char *buf);
int
krb5int_ucs2s_to_utf8s(const krb5_ucs2 *ucs2s,
- char **utf8s,
- size_t *utf8slen);
+ char **utf8s,
+ size_t *utf8slen);
int
krb5int_ucs2cs_to_utf8s(const krb5_ucs2 *ucs2s,
- size_t ucs2slen,
- char **utf8s,
- size_t *utf8slen);
+ size_t ucs2slen,
+ char **utf8s,
+ size_t *utf8slen);
int
krb5int_ucs2les_to_utf8s(const unsigned char *ucs2les,
- char **utf8s,
- size_t *utf8slen);
+ char **utf8s,
+ size_t *utf8slen);
int
krb5int_ucs2lecs_to_utf8s(const unsigned char *ucs2les,
- size_t ucs2leslen,
- char **utf8s,
- size_t *utf8slen);
+ size_t ucs2leslen,
+ char **utf8s,
+ size_t *utf8slen);
int
krb5int_utf8s_to_ucs2s(const char *utf8s,
- krb5_ucs2 **ucs2s,
- size_t *ucs2chars);
+ krb5_ucs2 **ucs2s,
+ size_t *ucs2chars);
int
krb5int_utf8cs_to_ucs2s(const char *utf8s,
- size_t utf8slen,
- krb5_ucs2 **ucs2s,
- size_t *ucs2chars);
+ size_t utf8slen,
+ krb5_ucs2 **ucs2s,
+ size_t *ucs2chars);
int
krb5int_utf8s_to_ucs2les(const char *utf8s,
- unsigned char **ucs2les,
- size_t *ucs2leslen);
+ unsigned char **ucs2les,
+ size_t *ucs2leslen);
int
krb5int_utf8cs_to_ucs2les(const char *utf8s,
- size_t utf8slen,
- unsigned char **ucs2les,
- size_t *ucs2leslen);
+ size_t utf8slen,
+ unsigned char **ucs2les,
+ size_t *ucs2leslen);
/* returns the number of bytes in the UTF-8 string */
size_t krb5int_utf8_bytes(const char *);
@@ -200,26 +201,28 @@ char *krb5int_utf8_strtok( char* sp, const char* sep, char **last);
extern const char krb5int_utf8_lentab[128];
extern const char krb5int_utf8_mintab[32];
-#define KRB5_UTF8_ISASCII(p) ( !(*(const unsigned char *)(p) & 0x80 ) )
-#define KRB5_UTF8_CHARLEN(p) ( KRB5_UTF8_ISASCII(p) \
- ? 1 : krb5int_utf8_lentab[*(const unsigned char *)(p) ^ 0x80] )
+#define KRB5_UTF8_BV(p) (*(const unsigned char *)(p))
+#define KRB5_UTF8_ISASCII(p) (!(KRB5_UTF8_BV(p) & 0x80))
+#define KRB5_UTF8_CHARLEN(p) (KRB5_UTF8_ISASCII(p) ? 1 : \
+ krb5int_utf8_lentab[KRB5_UTF8_BV(p) ^ 0x80])
/* This is like CHARLEN but additionally validates to make sure
* the char used the shortest possible encoding.
* 'l' is used to temporarily hold the result of CHARLEN.
*/
-#define KRB5_UTF8_CHARLEN2(p, l) ( ( ( l = KRB5_UTF8_CHARLEN( p )) < 3 || \
- ( krb5int_utf8_mintab[*(const unsigned char *)(p) & 0x1f] & (p)[1] ) ) ? \
- l : 0 )
+#define KRB5_UTF8_CHARLEN2(p, l) ( \
+ ((l = KRB5_UTF8_CHARLEN(p)) < 3 || \
+ (krb5int_utf8_mintab[KRB5_UTF8_BV(p) & 0x1f] & (p)[1])) ? \
+ l : 0)
-#define KRB5_UTF8_OFFSET(p) ( KRB5_UTF8_ISASCII(p) \
- ? 1 : krb5int_utf8_offset((p)) )
+#define KRB5_UTF8_OFFSET(p) (KRB5_UTF8_ISASCII(p) \
+ ? 1 : krb5int_utf8_offset((p)) )
-#define KRB5_UTF8_COPY(d,s) ( KRB5_UTF8_ISASCII(s) \
- ? (*(d) = *(s), 1) : krb5int_utf8_copy((d),(s)) )
+#define KRB5_UTF8_COPY(d,s) (KRB5_UTF8_ISASCII(s) \
+ ? (*(d) = *(s), 1) : krb5int_utf8_copy((d),(s)))
-#define KRB5_UTF8_NEXT(p) ( KRB5_UTF8_ISASCII(p) \
- ? (char *)(p)+1 : krb5int_utf8_next((p)) )
+#define KRB5_UTF8_NEXT(p) (KRB5_UTF8_ISASCII(p) \
+ ? (char *)(p)+1 : krb5int_utf8_next((p)))
#define KRB5_UTF8_INCR(p) ((p) = KRB5_UTF8_NEXT(p))
@@ -231,19 +234,19 @@ extern const char krb5int_utf8_mintab[32];
* these macros assume 'x' is an ASCII x
* and assume the "C" locale
*/
-#define KRB5_ASCII(c) (!((c) & 0x80))
-#define KRB5_SPACE(c) ((c) == ' ' || (c) == '\t' || (c) == '\n')
-#define KRB5_DIGIT(c) ((c) >= '0' && (c) <= '9')
-#define KRB5_LOWER(c) ((c) >= 'a' && (c) <= 'z')
-#define KRB5_UPPER(c) ((c) >= 'A' && (c) <= 'Z')
-#define KRB5_ALPHA(c) (KRB5_LOWER(c) || KRB5_UPPER(c))
-#define KRB5_ALNUM(c) (KRB5_ALPHA(c) || KRB5_DIGIT(c))
-
-#define KRB5_LDH(c) (KRB5_ALNUM(c) || (c) == '-')
-
-#define KRB5_HEXLOWER(c) ((c) >= 'a' && (c) <= 'f')
-#define KRB5_HEXUPPER(c) ((c) >= 'A' && (c) <= 'F')
-#define KRB5_HEX(c) (KRB5_DIGIT(c) || \
- KRB5_HEXLOWER(c) || KRB5_HEXUPPER(c))
+#define KRB5_ASCII(c) (!((c) & 0x80))
+#define KRB5_SPACE(c) ((c) == ' ' || (c) == '\t' || (c) == '\n')
+#define KRB5_DIGIT(c) ((c) >= '0' && (c) <= '9')
+#define KRB5_LOWER(c) ((c) >= 'a' && (c) <= 'z')
+#define KRB5_UPPER(c) ((c) >= 'A' && (c) <= 'Z')
+#define KRB5_ALPHA(c) (KRB5_LOWER(c) || KRB5_UPPER(c))
+#define KRB5_ALNUM(c) (KRB5_ALPHA(c) || KRB5_DIGIT(c))
+
+#define KRB5_LDH(c) (KRB5_ALNUM(c) || (c) == '-')
+
+#define KRB5_HEXLOWER(c) ((c) >= 'a' && (c) <= 'f')
+#define KRB5_HEXUPPER(c) ((c) >= 'A' && (c) <= 'F')
+#define KRB5_HEX(c) (KRB5_DIGIT(c) || \
+ KRB5_HEXLOWER(c) || KRB5_HEXUPPER(c))
#endif /* K5_UTF8_H */
diff --git a/src/include/k5-util.h b/src/include/k5-util.h
index 11b275f552..b978760cab 100644
--- a/src/include/k5-util.h
+++ b/src/include/k5-util.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 1989-1998,2002 by the Massachusetts Institute of Technology,
* Cambridge, MA, USA. All Rights Reserved.
@@ -63,25 +64,25 @@
#ifndef krb5_seteuid
#if defined(HAVE_SETEUID)
-# define krb5_seteuid(EUID) (seteuid((uid_t)(EUID)))
+# define krb5_seteuid(EUID) (seteuid((uid_t)(EUID)))
#elif defined(HAVE_SETRESUID)
-# define krb5_seteuid(EUID) setresuid(getuid(), (uid_t)(EUID), geteuid())
+# define krb5_seteuid(EUID) setresuid(getuid(), (uid_t)(EUID), geteuid())
#elif defined(HAVE_SETREUID)
-# define krb5_seteuid(EUID) setreuid(geteuid(), (uid_t)(EUID))
+# define krb5_seteuid(EUID) setreuid(geteuid(), (uid_t)(EUID))
#else
- /* You need to add a case to deal with this operating system.*/
-# define krb5_seteuid(EUID) (errno = EPERM, -1)
+/* You need to add a case to deal with this operating system.*/
+# define krb5_seteuid(EUID) (errno = EPERM, -1)
#endif
#ifdef HAVE_SETEGID
-# define krb5_setegid(EGID) (setegid((gid_t)(EGID)))
+# define krb5_setegid(EGID) (setegid((gid_t)(EGID)))
#elif defined(HAVE_SETRESGID)
-# define krb5_setegid(EGID) (setresgid(getgid(), (gid_t)(EGID), getegid()))
+# define krb5_setegid(EGID) (setresgid(getgid(), (gid_t)(EGID), getegid()))
#elif defined(HAVE_SETREGID)
-# define krb5_setegid(EGID) (setregid(getegid(), (gid_t)(EGID)))
+# define krb5_setegid(EGID) (setregid(getegid(), (gid_t)(EGID)))
#else
- /* You need to add a case to deal with this operating system.*/
-# define krb5_setegid(EGID) (errno = EPERM, -1)
+/* You need to add a case to deal with this operating system.*/
+# define krb5_setegid(EGID) (errno = EPERM, -1)
#endif
#endif
diff --git a/src/include/kdb.h b/src/include/kdb.h
index 7506f1c0e1..8c6f532651 100644
--- a/src/include/kdb.h
+++ b/src/include/kdb.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* include/krb5/kdb.h
*
@@ -72,36 +73,36 @@
#include <krb5.h>
/* Salt types */
-#define KRB5_KDB_SALTTYPE_NORMAL 0
-#define KRB5_KDB_SALTTYPE_V4 1
-#define KRB5_KDB_SALTTYPE_NOREALM 2
-#define KRB5_KDB_SALTTYPE_ONLYREALM 3
-#define KRB5_KDB_SALTTYPE_SPECIAL 4
-#define KRB5_KDB_SALTTYPE_AFS3 5
-#define KRB5_KDB_SALTTYPE_CERTHASH 6
+#define KRB5_KDB_SALTTYPE_NORMAL 0
+#define KRB5_KDB_SALTTYPE_V4 1
+#define KRB5_KDB_SALTTYPE_NOREALM 2
+#define KRB5_KDB_SALTTYPE_ONLYREALM 3
+#define KRB5_KDB_SALTTYPE_SPECIAL 4
+#define KRB5_KDB_SALTTYPE_AFS3 5
+#define KRB5_KDB_SALTTYPE_CERTHASH 6
/* Attributes */
-#define KRB5_KDB_DISALLOW_POSTDATED 0x00000001
-#define KRB5_KDB_DISALLOW_FORWARDABLE 0x00000002
-#define KRB5_KDB_DISALLOW_TGT_BASED 0x00000004
-#define KRB5_KDB_DISALLOW_RENEWABLE 0x00000008
-#define KRB5_KDB_DISALLOW_PROXIABLE 0x00000010
-#define KRB5_KDB_DISALLOW_DUP_SKEY 0x00000020
-#define KRB5_KDB_DISALLOW_ALL_TIX 0x00000040
-#define KRB5_KDB_REQUIRES_PRE_AUTH 0x00000080
-#define KRB5_KDB_REQUIRES_HW_AUTH 0x00000100
-#define KRB5_KDB_REQUIRES_PWCHANGE 0x00000200
-#define KRB5_KDB_DISALLOW_SVR 0x00001000
-#define KRB5_KDB_PWCHANGE_SERVICE 0x00002000
+#define KRB5_KDB_DISALLOW_POSTDATED 0x00000001
+#define KRB5_KDB_DISALLOW_FORWARDABLE 0x00000002
+#define KRB5_KDB_DISALLOW_TGT_BASED 0x00000004
+#define KRB5_KDB_DISALLOW_RENEWABLE 0x00000008
+#define KRB5_KDB_DISALLOW_PROXIABLE 0x00000010
+#define KRB5_KDB_DISALLOW_DUP_SKEY 0x00000020
+#define KRB5_KDB_DISALLOW_ALL_TIX 0x00000040
+#define KRB5_KDB_REQUIRES_PRE_AUTH 0x00000080
+#define KRB5_KDB_REQUIRES_HW_AUTH 0x00000100
+#define KRB5_KDB_REQUIRES_PWCHANGE 0x00000200
+#define KRB5_KDB_DISALLOW_SVR 0x00001000
+#define KRB5_KDB_PWCHANGE_SERVICE 0x00002000
#define KRB5_KDB_SUPPORT_DESMD5 0x00004000
-#define KRB5_KDB_NEW_PRINC 0x00008000
-#define KRB5_KDB_OK_AS_DELEGATE 0x00100000
-#define KRB5_KDB_OK_TO_AUTH_AS_DELEGATE 0x00200000 /* S4U2Self OK */
-#define KRB5_KDB_NO_AUTH_DATA_REQUIRED 0x00400000
+#define KRB5_KDB_NEW_PRINC 0x00008000
+#define KRB5_KDB_OK_AS_DELEGATE 0x00100000
+#define KRB5_KDB_OK_TO_AUTH_AS_DELEGATE 0x00200000 /* S4U2Self OK */
+#define KRB5_KDB_NO_AUTH_DATA_REQUIRED 0x00400000
/* Creation flags */
-#define KRB5_KDB_CREATE_BTREE 0x00000001
-#define KRB5_KDB_CREATE_HASH 0x00000002
+#define KRB5_KDB_CREATE_BTREE 0x00000001
+#define KRB5_KDB_CREATE_HASH 0x00000002
#if !defined(_WIN32)
@@ -111,10 +112,10 @@
* adding new tl_data types.
*/
typedef struct _krb5_tl_data {
- struct _krb5_tl_data* tl_data_next; /* NOT saved */
- krb5_int16 tl_data_type;
- krb5_ui_2 tl_data_length;
- krb5_octet * tl_data_contents;
+ struct _krb5_tl_data* tl_data_next; /* NOT saved */
+ krb5_int16 tl_data_type;
+ krb5_ui_2 tl_data_length;
+ krb5_octet * tl_data_contents;
} krb5_tl_data;
/*
@@ -124,40 +125,40 @@ typedef struct _krb5_tl_data {
* Currently the first type is the enctype and the second is the salt type.
*/
typedef struct _krb5_key_data {
- krb5_int16 key_data_ver; /* Version */
- krb5_int16 key_data_kvno; /* Key Version */
- krb5_int16 key_data_type[2]; /* Array of types */
- krb5_ui_2 key_data_length[2]; /* Array of lengths */
- krb5_octet * key_data_contents[2]; /* Array of pointers */
+ krb5_int16 key_data_ver; /* Version */
+ krb5_int16 key_data_kvno; /* Key Version */
+ krb5_int16 key_data_type[2]; /* Array of types */
+ krb5_ui_2 key_data_length[2]; /* Array of lengths */
+ krb5_octet * key_data_contents[2]; /* Array of pointers */
} krb5_key_data;
-#define KRB5_KDB_V1_KEY_DATA_ARRAY 2 /* # of array elements */
+#define KRB5_KDB_V1_KEY_DATA_ARRAY 2 /* # of array elements */
typedef struct _krb5_keysalt {
- krb5_int16 type;
- krb5_data data; /* Length, data */
+ krb5_int16 type;
+ krb5_data data; /* Length, data */
} krb5_keysalt;
typedef struct _krb5_db_entry_new {
- krb5_magic magic; /* NOT saved */
- krb5_ui_2 len;
+ krb5_magic magic; /* NOT saved */
+ krb5_ui_2 len;
krb5_ui_4 mask; /* members currently changed/set */
- krb5_flags attributes;
- krb5_deltat max_life;
- krb5_deltat max_renewable_life;
- krb5_timestamp expiration; /* When the client expires */
- krb5_timestamp pw_expiration; /* When its passwd expires */
- krb5_timestamp last_success; /* Last successful passwd */
- krb5_timestamp last_failed; /* Last failed passwd attempt */
- krb5_kvno fail_auth_count; /* # of failed passwd attempt */
- krb5_int16 n_tl_data;
- krb5_int16 n_key_data;
- krb5_ui_2 e_length; /* Length of extra data */
- krb5_octet * e_data; /* Extra data to be saved */
-
- krb5_principal princ; /* Length, data */
- krb5_tl_data * tl_data; /* Linked list */
- krb5_key_data * key_data; /* Array */
+ krb5_flags attributes;
+ krb5_deltat max_life;
+ krb5_deltat max_renewable_life;
+ krb5_timestamp expiration; /* When the client expires */
+ krb5_timestamp pw_expiration; /* When its passwd expires */
+ krb5_timestamp last_success; /* Last successful passwd */
+ krb5_timestamp last_failed; /* Last failed passwd attempt */
+ krb5_kvno fail_auth_count; /* # of failed passwd attempt */
+ krb5_int16 n_tl_data;
+ krb5_int16 n_key_data;
+ krb5_ui_2 e_length; /* Length of extra data */
+ krb5_octet * e_data; /* Extra data to be saved */
+
+ krb5_principal princ; /* Length, data */
+ krb5_tl_data * tl_data; /* Linked list */
+ krb5_key_data * key_data; /* Array */
} krb5_db_entry;
typedef struct _osa_policy_ent_t {
@@ -178,18 +179,18 @@ typedef struct _osa_policy_ent_t {
typedef void (*osa_adb_iter_policy_func) (void *, osa_policy_ent_t);
typedef struct __krb5_key_salt_tuple {
- krb5_enctype ks_enctype;
- krb5_int32 ks_salttype;
+ krb5_enctype ks_enctype;
+ krb5_int32 ks_salttype;
} krb5_key_salt_tuple;
-#define KRB5_KDB_MAGIC_NUMBER 0xdbdbdbdb
-#define KRB5_KDB_V1_BASE_LENGTH 38
+#define KRB5_KDB_MAGIC_NUMBER 0xdbdbdbdb
+#define KRB5_KDB_V1_BASE_LENGTH 38
-#define KRB5_TL_LAST_PWD_CHANGE 0x0001
-#define KRB5_TL_MOD_PRINC 0x0002
-#define KRB5_TL_KADM_DATA 0x0003
-#define KRB5_TL_KADM5_E_DATA 0x0004
-#define KRB5_TL_RB1_CHALLENGE 0x0005
+#define KRB5_TL_LAST_PWD_CHANGE 0x0001
+#define KRB5_TL_MOD_PRINC 0x0002
+#define KRB5_TL_KADM_DATA 0x0003
+#define KRB5_TL_KADM5_E_DATA 0x0004
+#define KRB5_TL_RB1_CHALLENGE 0x0005
#ifdef SECURID
#define KRB5_TL_SECURID_STATE 0x0006
#define KRB5_TL_DB_ARGS 0x7fff
@@ -227,14 +228,14 @@ typedef struct _krb5_keylist_node {
* Determines the number of failed KDC requests before DISALLOW_ALL_TIX is set
* on the principal.
*/
-#define KRB5_MAX_FAIL_COUNT 5
+#define KRB5_MAX_FAIL_COUNT 5
/* XXX depends on knowledge of krb5_parse_name() formats */
-#define KRB5_KDB_M_NAME "K/M" /* Kerberos/Master */
+#define KRB5_KDB_M_NAME "K/M" /* Kerberos/Master */
/* prompts used by default when reading the KDC password from the keyboard. */
-#define KRB5_KDC_MKEY_1 "Enter KDC database master key"
-#define KRB5_KDC_MKEY_2 "Re-enter KDC database master key to verify"
+#define KRB5_KDC_MKEY_1 "Enter KDC database master key"
+#define KRB5_KDC_MKEY_2 "Re-enter KDC database master key to verify"
extern char *krb5_mkey_pwd_prompt1;
@@ -247,12 +248,12 @@ extern char *krb5_mkey_pwd_prompt2;
*/
#ifdef _KRB5_INT_H
#include "k5-platform.h"
-#define krb5_kdb_decode_int16(cp, i16) \
- *((krb5_int16 *) &(i16)) = load_16_le(cp)
-#define krb5_kdb_decode_int32(cp, i32) \
- *((krb5_int32 *) &(i32)) = load_32_le(cp)
-#define krb5_kdb_encode_int16(i16, cp) store_16_le(i16, cp)
-#define krb5_kdb_encode_int32(i32, cp) store_32_le(i32, cp)
+#define krb5_kdb_decode_int16(cp, i16) \
+ *((krb5_int16 *) &(i16)) = load_16_le(cp)
+#define krb5_kdb_decode_int32(cp, i32) \
+ *((krb5_int32 *) &(i32)) = load_32_le(cp)
+#define krb5_kdb_encode_int16(i16, cp) store_16_le(i16, cp)
+#define krb5_kdb_encode_int32(i32, cp) store_32_le(i32, cp)
#endif /* _KRB5_INT_H */
#define KRB5_KDB_OPEN_RW 0
@@ -298,34 +299,34 @@ krb5_error_code krb5_db_set_option ( krb5_context kcontext, int option, void *va
krb5_error_code krb5_db_lock ( krb5_context kcontext, int lock_mode );
krb5_error_code krb5_db_unlock ( krb5_context kcontext );
krb5_error_code krb5_db_get_principal ( krb5_context kcontext,
- krb5_const_principal search_for,
- krb5_db_entry *entries,
- int *nentries,
- krb5_boolean *more );
+ krb5_const_principal search_for,
+ krb5_db_entry *entries,
+ int *nentries,
+ krb5_boolean *more );
krb5_error_code krb5_db_free_principal ( krb5_context kcontext,
- krb5_db_entry *entry,
- int count );
+ krb5_db_entry *entry,
+ int count );
krb5_error_code krb5_db_put_principal ( krb5_context kcontext,
- krb5_db_entry *entries,
- int *nentries);
+ krb5_db_entry *entries,
+ int *nentries);
krb5_error_code krb5_db_delete_principal ( krb5_context kcontext,
- krb5_principal search_for,
- int *nentries );
+ krb5_principal search_for,
+ int *nentries );
krb5_error_code krb5_db_iterate ( krb5_context kcontext,
- char *match_entry,
- int (*func) (krb5_pointer, krb5_db_entry *),
- krb5_pointer func_arg );
+ char *match_entry,
+ int (*func) (krb5_pointer, krb5_db_entry *),
+ krb5_pointer func_arg );
krb5_error_code krb5_supported_realms ( krb5_context kcontext,
- char **realms );
+ char **realms );
krb5_error_code krb5_free_supported_realms ( krb5_context kcontext,
- char **realms );
+ char **realms );
krb5_error_code krb5_db_set_master_key_ext ( krb5_context kcontext,
- char *pwd,
- krb5_keyblock *key );
+ char *pwd,
+ krb5_keyblock *key );
krb5_error_code krb5_db_set_mkey ( krb5_context context,
- krb5_keyblock *key);
+ krb5_keyblock *key);
krb5_error_code krb5_db_get_mkey ( krb5_context kcontext,
- krb5_keyblock **key );
+ krb5_keyblock **key );
krb5_error_code krb5_db_set_mkey_list( krb5_context context,
krb5_keylist_node * keylist);
@@ -334,85 +335,85 @@ krb5_error_code krb5_db_get_mkey_list( krb5_context kcontext,
krb5_keylist_node ** keylist);
krb5_error_code krb5_db_free_master_key ( krb5_context kcontext,
- krb5_keyblock *key );
+ krb5_keyblock *key );
krb5_error_code krb5_db_store_master_key ( krb5_context kcontext,
- char *keyfile,
- krb5_principal mname,
- krb5_kvno kvno,
- krb5_keyblock *key,
- char *master_pwd);
+ char *keyfile,
+ krb5_principal mname,
+ krb5_kvno kvno,
+ krb5_keyblock *key,
+ char *master_pwd);
krb5_error_code krb5_db_store_master_key_list ( krb5_context kcontext,
- char *keyfile,
- krb5_principal mname,
- krb5_keylist_node *keylist,
- char *master_pwd);
+ char *keyfile,
+ krb5_principal mname,
+ krb5_keylist_node *keylist,
+ char *master_pwd);
krb5_error_code krb5_db_fetch_mkey ( krb5_context context,
- krb5_principal mname,
- krb5_enctype etype,
- krb5_boolean fromkeyboard,
- krb5_boolean twice,
- char *db_args,
+ krb5_principal mname,
+ krb5_enctype etype,
+ krb5_boolean fromkeyboard,
+ krb5_boolean twice,
+ char *db_args,
krb5_kvno *kvno,
- krb5_data *salt,
- krb5_keyblock *key);
+ krb5_data *salt,
+ krb5_keyblock *key);
krb5_error_code krb5_db_verify_master_key ( krb5_context kcontext,
- krb5_principal mprinc,
+ krb5_principal mprinc,
krb5_kvno kvno,
- krb5_keyblock *mkey );
+ krb5_keyblock *mkey );
krb5_error_code
krb5_db_fetch_mkey_list( krb5_context context,
- krb5_principal mname,
- const krb5_keyblock * mkey,
- krb5_kvno mkvno,
- krb5_keylist_node **mkeys_list );
+ krb5_principal mname,
+ const krb5_keyblock * mkey,
+ krb5_kvno mkvno,
+ krb5_keylist_node **mkeys_list );
krb5_error_code
krb5_db_free_mkey_list( krb5_context context,
- krb5_keylist_node *mkey_list );
+ krb5_keylist_node *mkey_list );
krb5_error_code
-krb5_dbe_find_enctype( krb5_context kcontext,
- krb5_db_entry *dbentp,
- krb5_int32 ktype,
- krb5_int32 stype,
- krb5_int32 kvno,
- krb5_key_data **kdatap);
+krb5_dbe_find_enctype( krb5_context kcontext,
+ krb5_db_entry *dbentp,
+ krb5_int32 ktype,
+ krb5_int32 stype,
+ krb5_int32 kvno,
+ krb5_key_data **kdatap);
krb5_error_code krb5_dbe_search_enctype ( krb5_context kcontext,
- krb5_db_entry *dbentp,
- krb5_int32 *start,
- krb5_int32 ktype,
- krb5_int32 stype,
- krb5_int32 kvno,
- krb5_key_data **kdatap);
+ krb5_db_entry *dbentp,
+ krb5_int32 *start,
+ krb5_int32 ktype,
+ krb5_int32 stype,
+ krb5_int32 kvno,
+ krb5_key_data **kdatap);
krb5_error_code
krb5_db_setup_mkey_name ( krb5_context context,
- const char *keyname,
- const char *realm,
- char **fullname,
- krb5_principal *principal);
+ const char *keyname,
+ const char *realm,
+ char **fullname,
+ krb5_principal *principal);
krb5_error_code
-krb5_dbekd_decrypt_key_data( krb5_context context,
- const krb5_keyblock * mkey,
- const krb5_key_data * key_data,
- krb5_keyblock * dbkey,
- krb5_keysalt * keysalt);
+krb5_dbekd_decrypt_key_data( krb5_context context,
+ const krb5_keyblock * mkey,
+ const krb5_key_data * key_data,
+ krb5_keyblock * dbkey,
+ krb5_keysalt * keysalt);
krb5_error_code
-krb5_dbekd_encrypt_key_data( krb5_context context,
- const krb5_keyblock * mkey,
- const krb5_keyblock * dbkey,
- const krb5_keysalt * keysalt,
- int keyver,
- krb5_key_data * key_data);
+krb5_dbekd_encrypt_key_data( krb5_context context,
+ const krb5_keyblock * mkey,
+ const krb5_keyblock * dbkey,
+ const krb5_keysalt * keysalt,
+ int keyver,
+ krb5_key_data * key_data);
krb5_error_code
krb5_dbe_fetch_act_key_list(krb5_context context,
- krb5_principal princ,
- krb5_actkvno_node **act_key_list);
+ krb5_principal princ,
+ krb5_actkvno_node **act_key_list);
krb5_error_code
krb5_dbe_find_act_mkey( krb5_context context,
@@ -422,79 +423,79 @@ krb5_dbe_find_act_mkey( krb5_context context,
krb5_keyblock ** act_mkey);
krb5_error_code
-krb5_dbe_find_mkey( krb5_context context,
+krb5_dbe_find_mkey( krb5_context context,
krb5_keylist_node * mkey_list,
krb5_db_entry * entry,
krb5_keyblock ** mkey);
krb5_error_code
krb5_dbe_lookup_mkvno( krb5_context context,
- krb5_db_entry * entry,
- krb5_kvno * mkvno);
+ krb5_db_entry * entry,
+ krb5_kvno * mkvno);
krb5_error_code
krb5_dbe_lookup_mod_princ_data( krb5_context context,
- krb5_db_entry * entry,
- krb5_timestamp * mod_time,
- krb5_principal * mod_princ);
+ krb5_db_entry * entry,
+ krb5_timestamp * mod_time,
+ krb5_principal * mod_princ);
krb5_error_code
krb5_dbe_lookup_mkey_aux( krb5_context context,
- krb5_db_entry * entry,
- krb5_mkey_aux_node ** mkey_aux_data_list);
+ krb5_db_entry * entry,
+ krb5_mkey_aux_node ** mkey_aux_data_list);
krb5_error_code
krb5_dbe_update_mkvno( krb5_context context,
- krb5_db_entry * entry,
- krb5_kvno mkvno);
+ krb5_db_entry * entry,
+ krb5_kvno mkvno);
krb5_error_code
krb5_dbe_lookup_actkvno( krb5_context context,
- krb5_db_entry * entry,
- krb5_actkvno_node ** actkvno_list);
+ krb5_db_entry * entry,
+ krb5_actkvno_node ** actkvno_list);
krb5_error_code
krb5_dbe_update_mkey_aux( krb5_context context,
- krb5_db_entry * entry,
- krb5_mkey_aux_node * mkey_aux_data_list);
+ krb5_db_entry * entry,
+ krb5_mkey_aux_node * mkey_aux_data_list);
krb5_error_code
krb5_dbe_update_actkvno(krb5_context context,
- krb5_db_entry * entry,
- const krb5_actkvno_node *actkvno_list);
+ krb5_db_entry * entry,
+ const krb5_actkvno_node *actkvno_list);
krb5_error_code
krb5_dbe_update_last_pwd_change( krb5_context context,
- krb5_db_entry * entry,
- krb5_timestamp stamp);
+ krb5_db_entry * entry,
+ krb5_timestamp stamp);
krb5_error_code
krb5_dbe_lookup_tl_data( krb5_context context,
- krb5_db_entry * entry,
- krb5_tl_data * ret_tl_data);
+ krb5_db_entry * entry,
+ krb5_tl_data * ret_tl_data);
krb5_error_code
krb5_dbe_create_key_data( krb5_context context,
- krb5_db_entry * entry);
+ krb5_db_entry * entry);
krb5_error_code
krb5_dbe_update_mod_princ_data( krb5_context context,
- krb5_db_entry * entry,
- krb5_timestamp mod_date,
- krb5_const_principal mod_princ);
+ krb5_db_entry * entry,
+ krb5_timestamp mod_date,
+ krb5_const_principal mod_princ);
void *krb5_db_alloc( krb5_context kcontext,
- void *ptr,
- size_t size );
+ void *ptr,
+ size_t size );
void krb5_db_free( krb5_context kcontext,
- void *ptr);
+ void *ptr);
krb5_error_code
krb5_dbe_lookup_last_pwd_change( krb5_context context,
- krb5_db_entry * entry,
- krb5_timestamp * stamp);
+ krb5_db_entry * entry,
+ krb5_timestamp * stamp);
krb5_error_code
krb5_dbe_delete_tl_data( krb5_context context,
@@ -503,47 +504,47 @@ krb5_dbe_delete_tl_data( krb5_context context,
krb5_error_code
krb5_dbe_update_tl_data( krb5_context context,
- krb5_db_entry * entry,
- krb5_tl_data * new_tl_data);
+ krb5_db_entry * entry,
+ krb5_tl_data * new_tl_data);
krb5_error_code
-krb5_dbe_cpw( krb5_context kcontext,
- krb5_keyblock * master_key,
- krb5_key_salt_tuple * ks_tuple,
- int ks_tuple_count,
- char * passwd,
- int new_kvno,
- krb5_boolean keepold,
- krb5_db_entry * db_entry);
+krb5_dbe_cpw( krb5_context kcontext,
+ krb5_keyblock * master_key,
+ krb5_key_salt_tuple * ks_tuple,
+ int ks_tuple_count,
+ char * passwd,
+ int new_kvno,
+ krb5_boolean keepold,
+ krb5_db_entry * db_entry);
krb5_error_code
-krb5_dbe_ark( krb5_context context,
- krb5_keyblock * master_key,
- krb5_key_salt_tuple * ks_tuple,
- int ks_tuple_count,
- krb5_db_entry * db_entry);
+krb5_dbe_ark( krb5_context context,
+ krb5_keyblock * master_key,
+ krb5_key_salt_tuple * ks_tuple,
+ int ks_tuple_count,
+ krb5_db_entry * db_entry);
krb5_error_code
-krb5_dbe_crk( krb5_context context,
- krb5_keyblock * master_key,
- krb5_key_salt_tuple * ks_tuple,
- int ks_tuple_count,
- krb5_boolean keepold,
- krb5_db_entry * db_entry);
+krb5_dbe_crk( krb5_context context,
+ krb5_keyblock * master_key,
+ krb5_key_salt_tuple * ks_tuple,
+ int ks_tuple_count,
+ krb5_boolean keepold,
+ krb5_db_entry * db_entry);
krb5_error_code
-krb5_dbe_apw( krb5_context context,
- krb5_keyblock * master_key,
- krb5_key_salt_tuple * ks_tuple,
- int ks_tuple_count,
- char * passwd,
- krb5_db_entry * db_entry);
+krb5_dbe_apw( krb5_context context,
+ krb5_keyblock * master_key,
+ krb5_key_salt_tuple * ks_tuple,
+ int ks_tuple_count,
+ char * passwd,
+ krb5_db_entry * db_entry);
int
-krb5_db_get_key_data_kvno( krb5_context context,
- int count,
- krb5_key_data * data);
+krb5_db_get_key_data_kvno( krb5_context context,
+ int count,
+ krb5_key_data * data);
/* default functions. Should not be directly called */
@@ -553,140 +554,138 @@ krb5_db_get_key_data_kvno( krb5_context context,
krb5_error_code
krb5_dbe_def_search_enctype( krb5_context kcontext,
- krb5_db_entry *dbentp,
- krb5_int32 *start,
- krb5_int32 ktype,
- krb5_int32 stype,
- krb5_int32 kvno,
- krb5_key_data **kdatap);
+ krb5_db_entry *dbentp,
+ krb5_int32 *start,
+ krb5_int32 ktype,
+ krb5_int32 stype,
+ krb5_int32 kvno,
+ krb5_key_data **kdatap);
krb5_error_code
krb5_def_store_mkey( krb5_context context,
- char *keyfile,
- krb5_principal mname,
- krb5_kvno kvno,
- krb5_keyblock *key,
- char *master_pwd);
+ char *keyfile,
+ krb5_principal mname,
+ krb5_kvno kvno,
+ krb5_keyblock *key,
+ char *master_pwd);
krb5_error_code
krb5_def_store_mkey_list( krb5_context context,
- char *keyfile,
- krb5_principal mname,
- krb5_keylist_node *keylist,
- char *master_pwd);
+ char *keyfile,
+ krb5_principal mname,
+ krb5_keylist_node *keylist,
+ char *master_pwd);
krb5_error_code
krb5_db_def_fetch_mkey( krb5_context context,
- krb5_principal mname,
- krb5_keyblock *key,
- krb5_kvno *kvno,
- char *db_args);
+ krb5_principal mname,
+ krb5_keyblock *key,
+ krb5_kvno *kvno,
+ char *db_args);
krb5_error_code
krb5_def_verify_master_key( krb5_context context,
- krb5_principal mprinc,
- krb5_kvno kvno,
- krb5_keyblock *mkey);
+ krb5_principal mprinc,
+ krb5_kvno kvno,
+ krb5_keyblock *mkey);
krb5_error_code
krb5_def_fetch_mkey_list( krb5_context context,
- krb5_principal mprinc,
- const krb5_keyblock *mkey,
- krb5_kvno mkvno,
- krb5_keylist_node **mkeys_list);
+ krb5_principal mprinc,
+ const krb5_keyblock *mkey,
+ krb5_kvno mkvno,
+ krb5_keylist_node **mkeys_list);
krb5_error_code kdb_def_set_mkey ( krb5_context kcontext,
- char *pwd,
- krb5_keyblock *key );
+ char *pwd,
+ krb5_keyblock *key );
krb5_error_code kdb_def_set_mkey_list ( krb5_context kcontext,
- krb5_keylist_node *keylist );
+ krb5_keylist_node *keylist );
krb5_error_code kdb_def_get_mkey ( krb5_context kcontext,
- krb5_keyblock **key );
+ krb5_keyblock **key );
krb5_error_code kdb_def_get_mkey_list ( krb5_context kcontext,
- krb5_keylist_node **keylist );
+ krb5_keylist_node **keylist );
krb5_error_code
-krb5_dbe_def_cpw( krb5_context context,
- krb5_keyblock * master_key,
- krb5_key_salt_tuple * ks_tuple,
- int ks_tuple_count,
- char * passwd,
- int new_kvno,
- krb5_boolean keepold,
- krb5_db_entry * db_entry);
+krb5_dbe_def_cpw( krb5_context context,
+ krb5_keyblock * master_key,
+ krb5_key_salt_tuple * ks_tuple,
+ int ks_tuple_count,
+ char * passwd,
+ int new_kvno,
+ krb5_boolean keepold,
+ krb5_db_entry * db_entry);
krb5_error_code
krb5_def_promote_db(krb5_context, char *, char **);
krb5_error_code
-krb5_dbekd_def_decrypt_key_data( krb5_context context,
- const krb5_keyblock * mkey,
- const krb5_key_data * key_data,
- krb5_keyblock * dbkey,
- krb5_keysalt * keysalt);
+krb5_dbekd_def_decrypt_key_data( krb5_context context,
+ const krb5_keyblock * mkey,
+ const krb5_key_data * key_data,
+ krb5_keyblock * dbkey,
+ krb5_keysalt * keysalt);
krb5_error_code
-krb5_dbekd_def_encrypt_key_data( krb5_context context,
- const krb5_keyblock * mkey,
- const krb5_keyblock * dbkey,
- const krb5_keysalt * keysalt,
- int keyver,
- krb5_key_data * key_data);
+krb5_dbekd_def_encrypt_key_data( krb5_context context,
+ const krb5_keyblock * mkey,
+ const krb5_keyblock * dbkey,
+ const krb5_keysalt * keysalt,
+ int keyver,
+ krb5_key_data * key_data);
krb5_error_code
-krb5_dbekd_def_decrypt_key_data( krb5_context context,
- const krb5_keyblock * mkey,
- const krb5_key_data * key_data,
- krb5_keyblock * dbkey,
- krb5_keysalt * keysalt);
+krb5_dbekd_def_decrypt_key_data( krb5_context context,
+ const krb5_keyblock * mkey,
+ const krb5_key_data * key_data,
+ krb5_keyblock * dbkey,
+ krb5_keysalt * keysalt);
krb5_error_code
-krb5_dbekd_def_encrypt_key_data( krb5_context context,
- const krb5_keyblock * mkey,
- const krb5_keyblock * dbkey,
- const krb5_keysalt * keysalt,
- int keyver,
- krb5_key_data * key_data);
+krb5_dbekd_def_encrypt_key_data( krb5_context context,
+ const krb5_keyblock * mkey,
+ const krb5_keyblock * dbkey,
+ const krb5_keysalt * keysalt,
+ int keyver,
+ krb5_key_data * key_data);
krb5_error_code
krb5_db_create_policy( krb5_context kcontext,
- osa_policy_ent_t policy);
+ osa_policy_ent_t policy);
krb5_error_code
krb5_db_get_policy ( krb5_context kcontext,
- char *name,
- osa_policy_ent_t *policy,
- int *nentries);
+ char *name,
+ osa_policy_ent_t *policy,
+ int *nentries);
krb5_error_code
krb5_db_put_policy( krb5_context kcontext,
- osa_policy_ent_t policy);
+ osa_policy_ent_t policy);
krb5_error_code
krb5_db_iter_policy( krb5_context kcontext,
- char *match_entry,
- osa_adb_iter_policy_func func,
- void *data);
+ char *match_entry,
+ osa_adb_iter_policy_func func,
+ void *data);
krb5_error_code
krb5_db_delete_policy( krb5_context kcontext,
- char *policy);
+ char *policy);
void
krb5_db_free_policy( krb5_context kcontext,
- osa_policy_ent_t policy);
+ osa_policy_ent_t policy);
krb5_error_code
-krb5_db_set_context
- (krb5_context, void *db_context);
+krb5_db_set_context(krb5_context, void *db_context);
krb5_error_code
-krb5_db_get_context
- (krb5_context, void **db_context);
+krb5_db_get_context(krb5_context, void **db_context);
void
krb5_dbe_free_key_data_contents(krb5_context, krb5_key_data *);
@@ -703,22 +702,22 @@ krb5_dbe_free_mkey_aux_list(krb5_context, krb5_mkey_aux_node *);
void
krb5_dbe_free_tl_data(krb5_context, krb5_tl_data *);
-#define KRB5_KDB_DEF_FLAGS 0
+#define KRB5_KDB_DEF_FLAGS 0
-#define KDB_MAX_DB_NAME 128
-#define KDB_REALM_SECTION "realms"
-#define KDB_MODULE_POINTER "database_module"
-#define KDB_MODULE_DEF_SECTION "dbdefaults"
-#define KDB_MODULE_SECTION "dbmodules"
-#define KDB_LIB_POINTER "db_library"
-#define KDB_DATABASE_CONF_FILE DEFAULT_SECURE_PROFILE_PATH
-#define KDB_DATABASE_ENV_PROF KDC_PROFILE_ENV
+#define KDB_MAX_DB_NAME 128
+#define KDB_REALM_SECTION "realms"
+#define KDB_MODULE_POINTER "database_module"
+#define KDB_MODULE_DEF_SECTION "dbdefaults"
+#define KDB_MODULE_SECTION "dbmodules"
+#define KDB_LIB_POINTER "db_library"
+#define KDB_DATABASE_CONF_FILE DEFAULT_SECURE_PROFILE_PATH
+#define KDB_DATABASE_ENV_PROF KDC_PROFILE_ENV
-#define KRB5_KDB_OPEN_RW 0
-#define KRB5_KDB_OPEN_RO 1
+#define KRB5_KDB_OPEN_RW 0
+#define KRB5_KDB_OPEN_RO 1
-#define KRB5_KDB_OPT_SET_DB_NAME 0
-#define KRB5_KDB_OPT_SET_LOCK_MODE 1
+#define KRB5_KDB_OPT_SET_DB_NAME 0
+#define KRB5_KDB_OPT_SET_LOCK_MODE 1
typedef struct _kdb_vftabl {
short int maj_ver;
@@ -727,90 +726,90 @@ typedef struct _kdb_vftabl {
krb5_error_code (*init_library)();
krb5_error_code (*fini_library)();
krb5_error_code (*init_module) ( krb5_context kcontext,
- char * conf_section,
- char ** db_args,
- int mode );
+ char * conf_section,
+ char ** db_args,
+ int mode );
krb5_error_code (*fini_module) ( krb5_context kcontext );
krb5_error_code (*db_create) ( krb5_context kcontext,
- char * conf_section,
- char ** db_args );
+ char * conf_section,
+ char ** db_args );
krb5_error_code (*db_destroy) ( krb5_context kcontext,
- char *conf_section,
- char ** db_args );
+ char *conf_section,
+ char ** db_args );
krb5_error_code (*db_get_age) ( krb5_context kcontext,
- char *db_name,
- time_t *age );
+ char *db_name,
+ time_t *age );
krb5_error_code (*db_set_option) ( krb5_context kcontext,
- int option,
- void *value );
+ int option,
+ void *value );
krb5_error_code (*db_lock) ( krb5_context kcontext,
- int mode );
+ int mode );
krb5_error_code (*db_unlock) ( krb5_context kcontext);
krb5_error_code (*db_get_principal) ( krb5_context kcontext,
- krb5_const_principal search_for,
- unsigned int flags,
- krb5_db_entry *entries,
- int *nentries,
- krb5_boolean *more );
+ krb5_const_principal search_for,
+ unsigned int flags,
+ krb5_db_entry *entries,
+ int *nentries,
+ krb5_boolean *more );
krb5_error_code (*db_free_principal) ( krb5_context kcontext,
- krb5_db_entry *entry,
- int count );
+ krb5_db_entry *entry,
+ int count );
krb5_error_code (*db_put_principal) ( krb5_context kcontext,
- krb5_db_entry *entries,
- int *nentries,
- char **db_args);
+ krb5_db_entry *entries,
+ int *nentries,
+ char **db_args);
krb5_error_code (*db_delete_principal) ( krb5_context kcontext,
- krb5_const_principal search_for,
- int *nentries );
+ krb5_const_principal search_for,
+ int *nentries );
krb5_error_code (*db_iterate) ( krb5_context kcontext,
- char *match_entry,
- int (*func) (krb5_pointer, krb5_db_entry *),
- krb5_pointer func_arg );
+ char *match_entry,
+ int (*func) (krb5_pointer, krb5_db_entry *),
+ krb5_pointer func_arg );
krb5_error_code (*db_create_policy) ( krb5_context kcontext,
- osa_policy_ent_t policy );
+ osa_policy_ent_t policy );
krb5_error_code (*db_get_policy) ( krb5_context kcontext,
- char *name,
- osa_policy_ent_t *policy,
- int *cnt);
+ char *name,
+ osa_policy_ent_t *policy,
+ int *cnt);
krb5_error_code (*db_put_policy) ( krb5_context kcontext,
- osa_policy_ent_t policy );
+ osa_policy_ent_t policy );
krb5_error_code (*db_iter_policy) ( krb5_context kcontext,
- char *match_entry,
- osa_adb_iter_policy_func func,
- void *data );
+ char *match_entry,
+ osa_adb_iter_policy_func func,
+ void *data );
krb5_error_code (*db_delete_policy) ( krb5_context kcontext,
- char *policy );
+ char *policy );
void (*db_free_policy) ( krb5_context kcontext,
- osa_policy_ent_t val );
+ osa_policy_ent_t val );
krb5_error_code (*db_supported_realms) ( krb5_context kcontext,
- char **realms );
+ char **realms );
krb5_error_code (*db_free_supported_realms) ( krb5_context kcontext,
- char **realms );
+ char **realms );
const char * (*errcode_2_string) ( krb5_context kcontext,
- long err_code );
+ long err_code );
void (*release_errcode_string) (krb5_context kcontext, const char *msg);
@@ -821,96 +820,96 @@ typedef struct _kdb_vftabl {
/* optional functions */
krb5_error_code (*set_master_key) ( krb5_context kcontext,
- char *pwd,
- krb5_keyblock *key);
+ char *pwd,
+ krb5_keyblock *key);
krb5_error_code (*get_master_key) ( krb5_context kcontext,
- krb5_keyblock **key);
+ krb5_keyblock **key);
krb5_error_code (*set_master_key_list) ( krb5_context kcontext,
- krb5_keylist_node *keylist);
+ krb5_keylist_node *keylist);
krb5_error_code (*get_master_key_list) ( krb5_context kcontext,
- krb5_keylist_node **keylist);
+ krb5_keylist_node **keylist);
krb5_error_code (*setup_master_key_name) ( krb5_context kcontext,
- char *keyname,
- char *realm,
- char **fullname,
- krb5_principal *principal);
+ char *keyname,
+ char *realm,
+ char **fullname,
+ krb5_principal *principal);
krb5_error_code (*store_master_key) ( krb5_context kcontext,
- char *db_arg,
- krb5_principal mname,
- krb5_kvno kvno,
- krb5_keyblock *key,
- char *master_pwd);
+ char *db_arg,
+ krb5_principal mname,
+ krb5_kvno kvno,
+ krb5_keyblock *key,
+ char *master_pwd);
krb5_error_code (*fetch_master_key) ( krb5_context kcontext,
- krb5_principal mname,
- krb5_keyblock *key,
- krb5_kvno *kvno,
- char *db_args);
+ krb5_principal mname,
+ krb5_keyblock *key,
+ krb5_kvno *kvno,
+ char *db_args);
krb5_error_code (*verify_master_key) ( krb5_context kcontext,
- krb5_principal mprinc,
- krb5_kvno kvno,
- krb5_keyblock *mkey );
+ krb5_principal mprinc,
+ krb5_kvno kvno,
+ krb5_keyblock *mkey );
krb5_error_code (*fetch_master_key_list) (krb5_context kcontext,
- krb5_principal mname,
- const krb5_keyblock *key,
- krb5_kvno kvno,
- krb5_keylist_node **mkeys_list);
+ krb5_principal mname,
+ const krb5_keyblock *key,
+ krb5_kvno kvno,
+ krb5_keylist_node **mkeys_list);
krb5_error_code (*store_master_key_list) ( krb5_context kcontext,
- char *db_arg,
- krb5_principal mname,
- krb5_keylist_node *keylist,
- char *master_pwd);
+ char *db_arg,
+ krb5_principal mname,
+ krb5_keylist_node *keylist,
+ char *master_pwd);
krb5_error_code (*dbe_search_enctype) ( krb5_context kcontext,
- krb5_db_entry *dbentp,
- krb5_int32 *start,
- krb5_int32 ktype,
- krb5_int32 stype,
- krb5_int32 kvno,
- krb5_key_data **kdatap);
+ krb5_db_entry *dbentp,
+ krb5_int32 *start,
+ krb5_int32 ktype,
+ krb5_int32 stype,
+ krb5_int32 kvno,
+ krb5_key_data **kdatap);
krb5_error_code
- (*db_change_pwd) ( krb5_context context,
- krb5_keyblock * master_key,
- krb5_key_salt_tuple * ks_tuple,
- int ks_tuple_count,
- char * passwd,
- int new_kvno,
- krb5_boolean keepold,
- krb5_db_entry * db_entry);
+ (*db_change_pwd) ( krb5_context context,
+ krb5_keyblock * master_key,
+ krb5_key_salt_tuple * ks_tuple,
+ int ks_tuple_count,
+ char * passwd,
+ int new_kvno,
+ krb5_boolean keepold,
+ krb5_db_entry * db_entry);
/* Promote a temporary database to be the live one. */
krb5_error_code (*promote_db) (krb5_context context,
- char *conf_section,
- char **db_args);
+ char *conf_section,
+ char **db_args);
krb5_error_code (*dbekd_decrypt_key_data) ( krb5_context kcontext,
- const krb5_keyblock *mkey,
- const krb5_key_data *key_data,
- krb5_keyblock *dbkey,
- krb5_keysalt *keysalt );
+ const krb5_keyblock *mkey,
+ const krb5_key_data *key_data,
+ krb5_keyblock *dbkey,
+ krb5_keysalt *keysalt );
krb5_error_code (*dbekd_encrypt_key_data) ( krb5_context kcontext,
- const krb5_keyblock *mkey,
- const krb5_keyblock *dbkey,
- const krb5_keysalt *keyselt,
- int keyver,
- krb5_key_data *key_data );
+ const krb5_keyblock *mkey,
+ const krb5_keyblock *dbkey,
+ const krb5_keysalt *keyselt,
+ int keyver,
+ krb5_key_data *key_data );
krb5_error_code
(*db_invoke) ( krb5_context context,
- unsigned int method,
- const krb5_data *req,
- krb5_data *rep );
+ unsigned int method,
+ const krb5_data *req,
+ krb5_data *rep );
} kdb_vftabl;
#endif /* !defined(_WIN32) */
diff --git a/src/include/kdb_ext.h b/src/include/kdb_ext.h
index ce2de9b1b2..f2ae6519e1 100644
--- a/src/include/kdb_ext.h
+++ b/src/include/kdb_ext.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* include/krb5/kdb_ext.h
*
@@ -32,78 +33,78 @@
#define KRB5_KDB5_EXT__
/* Private flag used to indicate principal is local TGS */
-#define KRB5_KDB_TICKET_GRANTING_SERVICE 0x01000000
+#define KRB5_KDB_TICKET_GRANTING_SERVICE 0x01000000
/* Private flag used to indicate xrealm relationship is non-transitive */
-#define KRB5_KDB_XREALM_NON_TRANSITIVE 0x02000000
+#define KRB5_KDB_XREALM_NON_TRANSITIVE 0x02000000
/* Entry get flags */
/* Name canonicalization requested */
-#define KRB5_KDB_FLAG_CANONICALIZE 0x00000010
+#define KRB5_KDB_FLAG_CANONICALIZE 0x00000010
/* Include authorization data generated by backend */
-#define KRB5_KDB_FLAG_INCLUDE_PAC 0x00000020
+#define KRB5_KDB_FLAG_INCLUDE_PAC 0x00000020
/* Is AS-REQ (client referrals only) */
-#define KRB5_KDB_FLAG_CLIENT_REFERRALS_ONLY 0x00000040
+#define KRB5_KDB_FLAG_CLIENT_REFERRALS_ONLY 0x00000040
/* Map cross-realm principals */
-#define KRB5_KDB_FLAG_MAP_PRINCIPALS 0x00000080
+#define KRB5_KDB_FLAG_MAP_PRINCIPALS 0x00000080
/* Protocol transition */
-#define KRB5_KDB_FLAG_PROTOCOL_TRANSITION 0x00000100
+#define KRB5_KDB_FLAG_PROTOCOL_TRANSITION 0x00000100
/* Constrained delegation */
-#define KRB5_KDB_FLAG_CONSTRAINED_DELEGATION 0x00000200
+#define KRB5_KDB_FLAG_CONSTRAINED_DELEGATION 0x00000200
/* User-to-user */
-#define KRB5_KDB_FLAG_USER_TO_USER 0x00000800
+#define KRB5_KDB_FLAG_USER_TO_USER 0x00000800
/* Cross-realm */
-#define KRB5_KDB_FLAG_CROSS_REALM 0x00001000
+#define KRB5_KDB_FLAG_CROSS_REALM 0x00001000
-#define KRB5_KDB_FLAGS_S4U ( KRB5_KDB_FLAG_PROTOCOL_TRANSITION | \
- KRB5_KDB_FLAG_CONSTRAINED_DELEGATION )
+#define KRB5_KDB_FLAGS_S4U ( KRB5_KDB_FLAG_PROTOCOL_TRANSITION | \
+ KRB5_KDB_FLAG_CONSTRAINED_DELEGATION )
-#define KRB5_TL_PAC_LOGON_INFO 0x0100 /* NDR encoded validation info */
-#define KRB5_TL_SERVER_REFERRAL 0x0200 /* ASN.1 encoded ServerReferralInfo */
-#define KRB5_TL_SVR_REFERRAL_DATA 0x0300 /* ASN.1 encoded PA-SVR-REFERRAL-DATA */
+#define KRB5_TL_PAC_LOGON_INFO 0x0100 /* NDR encoded validation info */
+#define KRB5_TL_SERVER_REFERRAL 0x0200 /* ASN.1 encoded ServerReferralInfo */
+#define KRB5_TL_SVR_REFERRAL_DATA 0x0300 /* ASN.1 encoded PA-SVR-REFERRAL-DATA */
#define KRB5_TL_CONSTRAINED_DELEGATION_ACL 0x0400 /* Each entry is a permitted SPN */
-#define KRB5_TL_LM_KEY 0x0500 /* LM OWF */
+#define KRB5_TL_LM_KEY 0x0500 /* LM OWF */
#define KRB5_TL_X509_SUBJECT_ISSUER_NAME 0x0600 /* <I>IssuerDN<S>SubjectDN */
krb5_error_code krb5_db_get_principal_ext ( krb5_context kcontext,
- krb5_const_principal search_for,
- unsigned int flags,
- krb5_db_entry *entries,
- int *nentries,
- krb5_boolean *more );
+ krb5_const_principal search_for,
+ unsigned int flags,
+ krb5_db_entry *entries,
+ int *nentries,
+ krb5_boolean *more );
krb5_error_code krb5_db_invoke ( krb5_context kcontext,
- unsigned int method,
- const krb5_data *req,
- krb5_data *rep );
+ unsigned int method,
+ const krb5_data *req,
+ krb5_data *rep );
/* db_invoke methods */
-#define KRB5_KDB_METHOD_SIGN_AUTH_DATA 0x00000010
-#define KRB5_KDB_METHOD_CHECK_TRANSITED_REALMS 0x00000020
-#define KRB5_KDB_METHOD_CHECK_POLICY_AS 0x00000030
-#define KRB5_KDB_METHOD_CHECK_POLICY_TGS 0x00000040
-#define KRB5_KDB_METHOD_AUDIT_AS 0x00000050
-#define KRB5_KDB_METHOD_AUDIT_TGS 0x00000060
-#define KRB5_KDB_METHOD_REFRESH_POLICY 0x00000070
-#define KRB5_KDB_METHOD_CHECK_ALLOWED_TO_DELEGATE 0x00000080
+#define KRB5_KDB_METHOD_SIGN_AUTH_DATA 0x00000010
+#define KRB5_KDB_METHOD_CHECK_TRANSITED_REALMS 0x00000020
+#define KRB5_KDB_METHOD_CHECK_POLICY_AS 0x00000030
+#define KRB5_KDB_METHOD_CHECK_POLICY_TGS 0x00000040
+#define KRB5_KDB_METHOD_AUDIT_AS 0x00000050
+#define KRB5_KDB_METHOD_AUDIT_TGS 0x00000060
+#define KRB5_KDB_METHOD_REFRESH_POLICY 0x00000070
+#define KRB5_KDB_METHOD_CHECK_ALLOWED_TO_DELEGATE 0x00000080
typedef struct _kdb_sign_auth_data_req {
krb5_magic magic;
- unsigned int flags; /* KRB5_KDB flags */
- krb5_const_principal client_princ; /* Client name used in ticket */
- krb5_db_entry *client; /* DB entry for client principal */
- krb5_db_entry *server; /* DB entry for server principal */
- krb5_db_entry *krbtgt; /* DB entry for ticket granting service principal */
- krb5_keyblock *client_key; /* Reply key, valid for AS-REQ only */
- krb5_keyblock *server_key; /* Key used to generate server signature */
- krb5_timestamp authtime; /* Authtime of TGT */
- krb5_authdata **auth_data; /* Authorization data from TGT */
- krb5_keyblock *session_key; /* Reply session key */
- krb5_keyblock *krbtgt_key; /* Key used to decrypt TGT, valid for TGS-REQ only */
+ unsigned int flags; /* KRB5_KDB flags */
+ krb5_const_principal client_princ; /* Client name used in ticket */
+ krb5_db_entry *client; /* DB entry for client principal */
+ krb5_db_entry *server; /* DB entry for server principal */
+ krb5_db_entry *krbtgt; /* DB entry for ticket granting service principal */
+ krb5_keyblock *client_key; /* Reply key, valid for AS-REQ only */
+ krb5_keyblock *server_key; /* Key used to generate server signature */
+ krb5_timestamp authtime; /* Authtime of TGT */
+ krb5_authdata **auth_data; /* Authorization data from TGT */
+ krb5_keyblock *session_key; /* Reply session key */
+ krb5_keyblock *krbtgt_key; /* Key used to decrypt TGT, valid for TGS-REQ only */
} kdb_sign_auth_data_req;
typedef struct _kdb_sign_auth_data_rep {
krb5_magic magic;
- krb5_authdata **auth_data; /* Signed authorization data */
+ krb5_authdata **auth_data; /* Signed authorization data */
} kdb_sign_auth_data_rep;
typedef struct _kdb_check_transited_realms_req {
diff --git a/src/include/kdb_kt.h b/src/include/kdb_kt.h
index a628bb326b..b9063796f8 100644
--- a/src/include/kdb_kt.h
+++ b/src/include/kdb_kt.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* include/krb5/kdb_kt.h
*
diff --git a/src/include/kdb_log.h b/src/include/kdb_log.h
index 804b7328a5..620d90c906 100644
--- a/src/include/kdb_log.h
+++ b/src/include/kdb_log.h
@@ -1,124 +1,131 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright 2004 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
-#ifndef _KDB_LOG_H
-#define _KDB_LOG_H
+#ifndef _KDB_LOG_H
+#define _KDB_LOG_H
-/* #pragma ident "@(#)kdb_log.h 1.3 04/02/23 SMI" */
+/* #pragma ident "@(#)kdb_log.h 1.3 04/02/23 SMI" */
#include <iprop_hdr.h>
#include <iprop.h>
#include <limits.h>
#include "kdb.h"
-#ifdef __cplusplus
+#ifdef __cplusplus
extern "C" {
#endif
/*
* DB macros
*/
-#define INDEX(ulogaddr, i) ((unsigned long) ulogaddr + sizeof (kdb_hlog_t) + \
- (i*ulog->kdb_block))
+#define INDEX(ulogaddr, i) ((unsigned long) ulogaddr + sizeof (kdb_hlog_t) + \
+ (i*ulog->kdb_block))
/*
* Current DB version #
*/
-#define KDB_VERSION 1
+#define KDB_VERSION 1
/*
* DB log states
*/
-#define KDB_STABLE 1
-#define KDB_UNSTABLE 2
-#define KDB_CORRUPT 3
+#define KDB_STABLE 1
+#define KDB_UNSTABLE 2
+#define KDB_CORRUPT 3
/*
* DB log constants
*/
-#define KDB_ULOG_MAGIC 0x6661212
-#define KDB_ULOG_HDR_MAGIC 0x6662323
+#define KDB_ULOG_MAGIC 0x6661212
+#define KDB_ULOG_HDR_MAGIC 0x6662323
/*
* DB Flags
*/
-#define FKADMIND 1
-#define FKPROPLOG 2
-#define FKPROPD 3
-#define FKCOMMAND 4 /* Includes kadmin.local and kdb5_util */
+#define FKADMIND 1
+#define FKPROPLOG 2
+#define FKPROPD 3
+#define FKCOMMAND 4 /* Includes kadmin.local and kdb5_util */
/*
* Default ulog file attributes
*/
-#define MAX_ULOGENTRIES 2500
-#define DEF_ULOGENTRIES 1000
-#define ULOG_IDLE_TIME 10 /* in seconds */
+#define MAX_ULOGENTRIES 2500
+#define DEF_ULOGENTRIES 1000
+#define ULOG_IDLE_TIME 10 /* in seconds */
/*
* Max size of update entry + update header
* We make this large since resizing can be costly.
*/
-#define ULOG_BLOCK 2048 /* Default size of principal record */
+#define ULOG_BLOCK 2048 /* Default size of principal record */
-#define MAXLOGLEN 0x10000000 /* 256 MB log file */
+#define MAXLOGLEN 0x10000000 /* 256 MB log file */
/*
* Prototype declarations
*/
extern krb5_error_code ulog_map(krb5_context context,
- const char *logname, uint32_t entries,
- int caller,
- char **db_args);
+ const char *logname, uint32_t entries,
+ int caller,
+ char **db_args);
extern krb5_error_code ulog_add_update(krb5_context context,
- kdb_incr_update_t *upd);
+ kdb_incr_update_t *upd);
extern krb5_error_code ulog_delete_update(krb5_context context,
- kdb_incr_update_t *upd);
+ kdb_incr_update_t *upd);
extern krb5_error_code ulog_finish_update(krb5_context context,
- kdb_incr_update_t *upd);
+ kdb_incr_update_t *upd);
extern krb5_error_code ulog_get_entries(krb5_context context, kdb_last_t last,
- kdb_incr_result_t *ulog_handle);
-extern krb5_error_code ulog_replay(krb5_context context,
- kdb_incr_result_t *incr_ret, char **db_args);
-extern krb5_error_code ulog_conv_2logentry(krb5_context context,
- krb5_db_entry *entries, kdb_incr_update_t *updates, int nentries);
-extern krb5_error_code ulog_conv_2dbentry(krb5_context context,
- krb5_db_entry *entries, kdb_incr_update_t *updates, int nentries);
+ kdb_incr_result_t *ulog_handle);
+
+extern krb5_error_code
+ulog_replay(krb5_context context, kdb_incr_result_t *incr_ret, char **db_args);
+
+extern krb5_error_code
+ulog_conv_2logentry(krb5_context context, krb5_db_entry *entries,
+ kdb_incr_update_t *updates, int nentries);
+
+extern krb5_error_code
+ulog_conv_2dbentry(krb5_context context, krb5_db_entry *entries,
+ kdb_incr_update_t *updates, int nentries);
+
extern void ulog_free_entries(kdb_incr_update_t *updates, int no_of_updates);
extern krb5_error_code ulog_set_role(krb5_context ctx, iprop_role role);
extern krb5_error_code ulog_lock(krb5_context ctx, int mode);
typedef struct kdb_hlog {
- uint32_t kdb_hmagic; /* Log header magic # */
- uint16_t db_version_num; /* Kerberos database version no. */
- uint32_t kdb_num; /* # of updates in log */
- kdbe_time_t kdb_first_time; /* Timestamp of first update */
- kdbe_time_t kdb_last_time; /* Timestamp of last update */
- kdb_sno_t kdb_first_sno; /* First serial # in the update log */
- kdb_sno_t kdb_last_sno; /* Last serial # in the update log */
- uint16_t kdb_state; /* State of update log */
- uint16_t kdb_block; /* Block size of each element */
+ uint32_t kdb_hmagic; /* Log header magic # */
+ uint16_t db_version_num; /* Kerberos database version no. */
+ uint32_t kdb_num; /* # of updates in log */
+ kdbe_time_t kdb_first_time; /* Timestamp of first update */
+ kdbe_time_t kdb_last_time; /* Timestamp of last update */
+ kdb_sno_t kdb_first_sno; /* First serial # in the update log */
+ kdb_sno_t kdb_last_sno; /* Last serial # in the update log */
+ uint16_t kdb_state; /* State of update log */
+ uint16_t kdb_block; /* Block size of each element */
} kdb_hlog_t;
typedef struct kdb_ent_header {
- uint32_t kdb_umagic; /* Update entry magic # */
- kdb_sno_t kdb_entry_sno; /* Serial # of entry */
- kdbe_time_t kdb_time; /* Timestamp of update */
- bool_t kdb_commit; /* Is the entry committed or not */
- uint32_t kdb_entry_size; /* Size of update entry */
- uint8_t entry_data[4]; /* Address of kdb_incr_update_t */
+ uint32_t kdb_umagic; /* Update entry magic # */
+ kdb_sno_t kdb_entry_sno; /* Serial # of entry */
+ kdbe_time_t kdb_time; /* Timestamp of update */
+ bool_t kdb_commit; /* Is the entry committed or not */
+ uint32_t kdb_entry_size; /* Size of update entry */
+ uint8_t entry_data[4]; /* Address of kdb_incr_update_t */
} kdb_ent_header_t;
typedef struct _kdb_log_context {
- iprop_role iproprole;
- kdb_hlog_t *ulog;
- uint32_t ulogentries;
- int ulogfd;
+ iprop_role iproprole;
+ kdb_hlog_t *ulog;
+ uint32_t ulogentries;
+ int ulogfd;
} kdb_log_context;
-#ifdef __cplusplus
+#ifdef __cplusplus
}
#endif
-#endif /* !_KDB_LOG_H */
+#endif /* !_KDB_LOG_H */
diff --git a/src/include/kim/kim.h b/src/include/kim/kim.h
index 83248e3d1b..7edb2a2068 100644
--- a/src/include/kim/kim.h
+++ b/src/include/kim/kim.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright 2005-2006 Massachusetts Institute of Technology.
* All Rights Reserved.
diff --git a/src/include/kim/kim_ccache.h b/src/include/kim/kim_ccache.h
index 88cfeb602d..d2d0d1de05 100644
--- a/src/include/kim/kim_ccache.h
+++ b/src/include/kim/kim_ccache.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright 2005-2006 Massachusetts Institute of Technology.
* All Rights Reserved.
@@ -286,7 +287,7 @@ kim_error kim_ccache_iterator_create (kim_ccache_iterator *out_ccache_iterator);
* \brief Get the next ccache in the cache collection.
*/
kim_error kim_ccache_iterator_next (kim_ccache_iterator in_ccache_iterator,
- kim_ccache *out_ccache);
+ kim_ccache *out_ccache);
/*!
* \param io_ccache_iterator a ccache iterator object to be freed. Set to NULL on exit.
@@ -303,7 +304,7 @@ void kim_ccache_iterator_free (kim_ccache_iterator *io_ccache_iterator);
/*!
* \param out_ccache on exit, a new cache object for a ccache containing a newly acquired
- * initial credential. Must be freed with kim_ccache_free().
+ * initial credential. Must be freed with kim_ccache_free().
* \param in_client_identity a client identity to obtain a credential for. Specify KIM_IDENTITY_ANY to
* allow the user to choose.
* \param in_options options to control credential acquisition.
@@ -318,7 +319,7 @@ kim_error kim_ccache_create_new (kim_ccache *out_ccache,
/*!
* \param out_ccache on exit, a new cache object for a ccache containing a newly acquired
- * initial credential. Must be freed with kim_ccache_free().
+ * initial credential. Must be freed with kim_ccache_free().
* \param in_client_identity a client identity to obtain a credential for. Specify KIM_IDENTITY_ANY to
* allow the user to choose.
* \param in_options options to control credential acquisition.
@@ -387,10 +388,10 @@ kim_error kim_ccache_create_from_client_identity (kim_ccache *out_ccache,
/*!
* \param out_ccache on exit, a new ccache object containing an initial credential
- * for the client identity \a in_identity obtained using in_keytab.
- * Must be freed with kim_ccache_free().
+ * for the client identity \a in_identity obtained using in_keytab.
+ * Must be freed with kim_ccache_free().
* \param in_identity a client identity to obtain a credential for. Specify NULL for
- * the first client identity in the keytab.
+ * the first client identity in the keytab.
* \param in_options options to control credential acquisition.
* \param in_keytab a path to a keytab. Specify NULL for the default keytab location.
* \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure.
@@ -436,7 +437,7 @@ kim_error kim_ccache_create_from_type_and_name (kim_ccache *out_ccache,
/*!
* \param out_ccache on exit, a new ccache object which is a copy of in_krb5_ccache.
- * Must be freed with kim_ccache_free().
+ * Must be freed with kim_ccache_free().
* \param in_krb5_context the krb5 context used to create \a in_krb5_ccache.
* \param in_krb5_ccache a krb5 ccache object.
* \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure.
@@ -448,7 +449,7 @@ kim_error kim_ccache_create_from_krb5_ccache (kim_ccache *out_ccache,
/*!
* \param out_ccache on exit, the new ccache object which is a copy of in_ccache.
- * Must be freed with kim_ccache_free().
+ * Must be freed with kim_ccache_free().
* \param in_ccache a ccache object.
* \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure.
* \brief Copy a ccache.
@@ -473,7 +474,7 @@ kim_error kim_ccache_compare (kim_ccache in_ccache,
* \param in_ccache a ccache object.
* \param in_krb5_context a krb5 context which will be used to create out_krb5_ccache.
* \param out_krb5_ccache on exit, a new krb5 ccache object which is a copy of in_ccache.
- * Must be freed with krb5_cc_close() or krb5_cc_destroy().
+ * Must be freed with krb5_cc_close() or krb5_cc_destroy().
* \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure.
* \brief Get a krb5 ccache for a ccache.
*/
@@ -503,7 +504,7 @@ kim_error kim_ccache_get_type (kim_ccache in_ccache,
* \param in_ccache a ccache object.
* \param out_display_name on exit, the type and name of \a in_ccache in a format appropriate for
* display to the user in command line programs. (ie: "<type>:<name>")
- * Must be freed with kim_string_free().
+ * Must be freed with kim_string_free().
* Note: this string can also be passed to krb5_cc_resolve().
* \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure.
* \brief Get the type and name for a ccache in display format.
@@ -514,7 +515,7 @@ kim_error kim_ccache_get_display_name (kim_ccache in_ccache,
/*!
* \param in_ccache a ccache object.
* \param out_client_identity on exit, an identity object containing the client identity of
- * \a in_ccache. Must be freed with kim_identity_free().
+ * \a in_ccache. Must be freed with kim_identity_free().
* \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure.
* \brief Get the client identity for a ccache.
*/
@@ -524,7 +525,7 @@ kim_error kim_ccache_get_client_identity (kim_ccache in_ccache,
/*!
* \param in_ccache a ccache object.
* \param out_credential on exit, the first valid credential in \a in_ccache.
- * Must be freed with kim_credential_free(). Set to NULL
+ * Must be freed with kim_credential_free(). Set to NULL
* if you only want return value, not the actual credential.
* \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure.
* \brief Get the first valid credential in a ccache.
diff --git a/src/include/kim/kim_credential.h b/src/include/kim/kim_credential.h
index 634c458f05..bf065a8d2f 100644
--- a/src/include/kim/kim_credential.h
+++ b/src/include/kim/kim_credential.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright 2005-2006 Massachusetts Institute of Technology.
* All Rights Reserved.
@@ -498,7 +499,7 @@ kim_error kim_credential_get_options (kim_credential in_credential,
* \param in_credential a credential object.
* \param in_client_identity a client identity.
* \param out_ccache on exit, a ccache object containing \a in_credential with the client
- * identity \a in_client_identity. Must be freed with kim_ccache_free().
+ * identity \a in_client_identity. Must be freed with kim_ccache_free().
* Specify NULL if you don't want this return value.
* \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure.
* \brief Store a credential in a ccache in the cache collection.
diff --git a/src/include/kim/kim_identity.h b/src/include/kim/kim_identity.h
index a8540277db..caed0524a5 100644
--- a/src/include/kim/kim_identity.h
+++ b/src/include/kim/kim_identity.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright 2005-2006 Massachusetts Institute of Technology.
* All Rights Reserved.
@@ -127,7 +128,7 @@ extern "C" {
* \brief Create a identity from a string.
*/
kim_error kim_identity_create_from_string (kim_identity *out_identity,
- kim_string in_string);
+ kim_string in_string);
/*!
* \param out_identity on exit, a new identity object. Must be freed with kim_identity_free().
@@ -142,9 +143,9 @@ kim_error kim_identity_create_from_string (kim_identity *out_identity,
* \brief Create a identity from a realm and component strings.
*/
kim_error kim_identity_create_from_components (kim_identity *out_identity,
- kim_string in_realm,
- kim_string in_1st_component,
- ...);
+ kim_string in_realm,
+ kim_string in_1st_component,
+ ...);
/*!
* \param out_identity on exit, a new identity object which is a copy of \a in_krb5_principal.
@@ -155,8 +156,8 @@ kim_error kim_identity_create_from_components (kim_identity *out_identity,
* \brief Create an identity object from a krb5_principal.
*/
kim_error kim_identity_create_from_krb5_principal (kim_identity *out_identity,
- krb5_context in_krb5_context,
- krb5_principal in_krb5_principal);
+ krb5_context in_krb5_context,
+ krb5_principal in_krb5_principal);
/*!
* \param out_identity on exit, a new identity object which is a copy of \a in_identity.
@@ -166,7 +167,7 @@ kim_error kim_identity_create_from_krb5_principal (kim_identity *out_identity,
* \brief Copy an identity object.
*/
kim_error kim_identity_copy (kim_identity *out_identity,
- kim_identity in_identity);
+ kim_identity in_identity);
/*!
@@ -180,8 +181,8 @@ kim_error kim_identity_copy (kim_identity *out_identity,
* \brief Compare identity objects for equivalency.
*/
kim_error kim_identity_compare (kim_identity in_identity,
- kim_identity in_compare_to_identity,
- kim_comparison *out_comparison);
+ kim_identity in_compare_to_identity,
+ kim_comparison *out_comparison);
/*!
* \param in_identity an identity object.
* \param out_string on exit, a string representation of \a in_identity.
@@ -191,7 +192,7 @@ kim_error kim_identity_compare (kim_identity in_identity,
* \note Special characters such as '@' and '/' will be escaped with '\'.
*/
kim_error kim_identity_get_string (kim_identity in_identity,
- kim_string *out_string);
+ kim_string *out_string);
/*!
@@ -206,7 +207,7 @@ kim_error kim_identity_get_string (kim_identity in_identity,
* The result of this function should \em only be used to display to the user.
*/
kim_error kim_identity_get_display_string (kim_identity in_identity,
- kim_string *out_display_string);
+ kim_string *out_display_string);
/*!
* \param in_identity an identity object.
@@ -216,7 +217,7 @@ kim_error kim_identity_get_display_string (kim_identity in_identity,
* \brief Get the realm string of an identity.
*/
kim_error kim_identity_get_realm (kim_identity in_identity,
- kim_string *out_realm_string);
+ kim_string *out_realm_string);
/*!
* \param in_identity an identity object.
@@ -225,7 +226,7 @@ kim_error kim_identity_get_realm (kim_identity in_identity,
* \brief Get the number of components of an identity.
*/
kim_error kim_identity_get_number_of_components (kim_identity in_identity,
- kim_count *out_number_of_components);
+ kim_count *out_number_of_components);
/*!
* \param in_identity an identity object.
@@ -236,8 +237,8 @@ kim_error kim_identity_get_number_of_components (kim_identity in_identity,
* \brief Get the Nth component of an identity.
*/
kim_error kim_identity_get_component_at_index (kim_identity in_identity,
- kim_count in_index,
- kim_string *out_component_string);
+ kim_count in_index,
+ kim_string *out_component_string);
/*!
* \param in_identity an identity object.
@@ -259,8 +260,8 @@ kim_error kim_identity_get_components_string (kim_identity in_identity,
* \brief Get the krb5_principal representation of an identity.
*/
kim_error kim_identity_get_krb5_principal (kim_identity in_identity,
- krb5_context in_krb5_context,
- krb5_principal *out_krb5_principal);
+ krb5_context in_krb5_context,
+ krb5_principal *out_krb5_principal);
/*!
* \param in_identity an identity object whose password will be changed.
diff --git a/src/include/kim/kim_library.h b/src/include/kim/kim_library.h
index fe351f7fc8..c840637334 100644
--- a/src/include/kim/kim_library.h
+++ b/src/include/kim/kim_library.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright 2005-2008 Massachusetts Institute of Technology.
* All Rights Reserved.
diff --git a/src/include/kim/kim_options.h b/src/include/kim/kim_options.h
index 85facfbbc0..2b1343197c 100644
--- a/src/include/kim/kim_options.h
+++ b/src/include/kim/kim_options.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright 2005-2006 Massachusetts Institute of Technology.
* All Rights Reserved.
diff --git a/src/include/kim/kim_preferences.h b/src/include/kim/kim_preferences.h
index 77edde462f..fd3293319b 100644
--- a/src/include/kim/kim_preferences.h
+++ b/src/include/kim/kim_preferences.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright 2005-2006 Massachusetts Institute of Technology.
* All Rights Reserved.
@@ -162,7 +163,7 @@ kim_error kim_preferences_create (kim_preferences *out_preferences);
* \brief Copy a preferences object.
*/
kim_error kim_preferences_copy (kim_preferences *out_preferences,
- kim_preferences in_preferences);
+ kim_preferences in_preferences);
/*!
* \param io_preferences a preferences object to modify.
@@ -172,7 +173,7 @@ kim_error kim_preferences_copy (kim_preferences *out_preferences,
* \sa kim_preferences_get_options()
*/
kim_error kim_preferences_set_options (kim_preferences io_preferences,
- kim_options in_options);
+ kim_options in_options);
/*!
* \param in_preferences a preferences object.
@@ -184,7 +185,7 @@ kim_error kim_preferences_set_options (kim_preferences io_preferences,
* \sa kim_preferences_set_options()
*/
kim_error kim_preferences_get_options (kim_preferences in_preferences,
- kim_options *out_options);
+ kim_options *out_options);
/*!
* \param io_preferences a preferences object to modify.
@@ -195,7 +196,7 @@ kim_error kim_preferences_get_options (kim_preferences in_preferences,
* \sa kim_preferences_get_remember_options()
*/
kim_error kim_preferences_set_remember_options (kim_preferences io_preferences,
- kim_boolean in_remember_options);
+ kim_boolean in_remember_options);
/*!
* \param in_preferences a preferences object.
@@ -206,7 +207,7 @@ kim_error kim_preferences_set_remember_options (kim_preferences io_preferences,
* \sa kim_preferences_set_remember_options()
*/
kim_error kim_preferences_get_remember_options (kim_preferences in_preferences,
- kim_boolean *out_remember_options);
+ kim_boolean *out_remember_options);
/*!
* \param io_preferences a preferences object to modify.
@@ -216,7 +217,7 @@ kim_error kim_preferences_get_remember_options (kim_preferences in_preferences,
* \sa kim_preferences_get_client_identity()
*/
kim_error kim_preferences_set_client_identity (kim_preferences io_preferences,
- kim_identity in_client_identity);
+ kim_identity in_client_identity);
/*!
* \param in_preferences a preferences object.
@@ -227,7 +228,7 @@ kim_error kim_preferences_set_client_identity (kim_preferences io_preferences,
* \sa kim_preferences_set_client_identity()
*/
kim_error kim_preferences_get_client_identity (kim_preferences in_preferences,
- kim_identity *out_client_identity);
+ kim_identity *out_client_identity);
/*!
* \param io_preferences a preferences object to modify.
@@ -238,7 +239,7 @@ kim_error kim_preferences_get_client_identity (kim_preferences in_preferences,
* \sa kim_preferences_get_remember_client_identity()
*/
kim_error kim_preferences_set_remember_client_identity (kim_preferences io_preferences,
- kim_boolean in_remember_client_identity);
+ kim_boolean in_remember_client_identity);
/*!
* \param in_preferences a preferences object.
@@ -249,7 +250,7 @@ kim_error kim_preferences_set_remember_client_identity (kim_preferences io_prefe
* \sa kim_preferences_set_remember_client_identity()
*/
kim_error kim_preferences_get_remember_client_identity (kim_preferences in_preferences,
- kim_boolean *out_remember_client_identity);
+ kim_boolean *out_remember_client_identity);
/*!
* \param io_preferences a preferences object to modify.
@@ -260,7 +261,7 @@ kim_error kim_preferences_get_remember_client_identity (kim_preferences in_pref
* \sa kim_preferences_get_minimum_lifetime()
*/
kim_error kim_preferences_set_minimum_lifetime (kim_preferences io_preferences,
- kim_lifetime in_minimum_lifetime);
+ kim_lifetime in_minimum_lifetime);
/*!
* \param in_preferences a preferences object.
@@ -271,7 +272,7 @@ kim_error kim_preferences_set_minimum_lifetime (kim_preferences io_preferences,
* \sa kim_preferences_set_minimum_lifetime()
*/
kim_error kim_preferences_get_minimum_lifetime (kim_preferences in_preferences,
- kim_lifetime *out_minimum_lifetime);
+ kim_lifetime *out_minimum_lifetime);
/*!
* \param io_preferences a preferences object to modify.
@@ -282,7 +283,7 @@ kim_error kim_preferences_get_minimum_lifetime (kim_preferences in_preferences,
* \sa kim_preferences_get_maximum_lifetime()
*/
kim_error kim_preferences_set_maximum_lifetime (kim_preferences io_preferences,
- kim_lifetime in_maximum_lifetime);
+ kim_lifetime in_maximum_lifetime);
/*!
* \param in_preferences a preferences object.
@@ -293,7 +294,7 @@ kim_error kim_preferences_set_maximum_lifetime (kim_preferences io_preferences,
* \sa kim_preferences_set_maximum_lifetime()
*/
kim_error kim_preferences_get_maximum_lifetime (kim_preferences in_preferences,
- kim_lifetime *out_maximum_lifetime);
+ kim_lifetime *out_maximum_lifetime);
/*!
* \param io_preferences a preferences object to modify.
@@ -305,7 +306,7 @@ kim_error kim_preferences_get_maximum_lifetime (kim_preferences in_preferences,
* \sa kim_preferences_get_minimum_renewal_lifetime()
*/
kim_error kim_preferences_set_minimum_renewal_lifetime (kim_preferences io_preferences,
- kim_lifetime in_minimum_renewal_lifetime);
+ kim_lifetime in_minimum_renewal_lifetime);
/*!
* \param in_preferences a preferences object.
@@ -316,7 +317,7 @@ kim_error kim_preferences_set_minimum_renewal_lifetime (kim_preferences io_prefe
* \sa kim_preferences_set_minimum_renewal_lifetime()
*/
kim_error kim_preferences_get_minimum_renewal_lifetime (kim_preferences in_preferences,
- kim_lifetime *out_minimum_renewal_lifetime);
+ kim_lifetime *out_minimum_renewal_lifetime);
/*!
* \param io_preferences a preferences object to modify.
@@ -328,7 +329,7 @@ kim_error kim_preferences_get_minimum_renewal_lifetime (kim_preferences in_pref
* \sa kim_preferences_get_minimum_renewal_lifetime()
*/
kim_error kim_preferences_set_maximum_renewal_lifetime (kim_preferences io_preferences,
- kim_lifetime in_maximum_renewal_lifetime);
+ kim_lifetime in_maximum_renewal_lifetime);
/*!
* \param in_preferences a preferences object.
@@ -339,7 +340,7 @@ kim_error kim_preferences_set_maximum_renewal_lifetime (kim_preferences io_prefe
* \sa kim_preferences_set_minimum_renewal_lifetime()
*/
kim_error kim_preferences_get_maximum_renewal_lifetime (kim_preferences in_preferences,
- kim_lifetime *out_maximum_renewal_lifetime);
+ kim_lifetime *out_maximum_renewal_lifetime);
/*!
* \param in_preferences a preferences object.
diff --git a/src/include/kim/kim_selection_hints.h b/src/include/kim/kim_selection_hints.h
index 20af083a93..76cd41fc77 100644
--- a/src/include/kim/kim_selection_hints.h
+++ b/src/include/kim/kim_selection_hints.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright 2005-2006 Massachusetts Institute of Technology.
* All Rights Reserved.
@@ -251,7 +252,7 @@ extern "C" {
* \brief Create a new selection hints object.
*/
kim_error kim_selection_hints_create (kim_selection_hints *out_selection_hints,
- kim_string in_application_identifier);
+ kim_string in_application_identifier);
/*!
* \param out_selection_hints on exit, a new selection hints object which is a copy of in_selection_hints.
@@ -261,7 +262,7 @@ kim_error kim_selection_hints_create (kim_selection_hints *out_selection_hints,
* \brief Copy a selection hints object.
*/
kim_error kim_selection_hints_copy (kim_selection_hints *out_selection_hints,
- kim_selection_hints in_selection_hints);
+ kim_selection_hints in_selection_hints);
/*!
* \param io_selection_hints a selection hints object to modify.
@@ -303,7 +304,7 @@ kim_error kim_selection_hints_get_hint (kim_selection_hints in_selection_hints,
* \sa kim_selection_hints_get_explanation()
*/
kim_error kim_selection_hints_set_explanation (kim_selection_hints io_selection_hints,
- kim_string in_explanation);
+ kim_string in_explanation);
/*!
* \param in_selection_hints a selection hints object.
@@ -315,7 +316,7 @@ kim_error kim_selection_hints_set_explanation (kim_selection_hints io_selection_
* \sa kim_selection_hints_set_explanation()
*/
kim_error kim_selection_hints_get_explanation (kim_selection_hints in_selection_hints,
- kim_string *out_explanation);
+ kim_string *out_explanation);
/*!
@@ -326,7 +327,7 @@ kim_error kim_selection_hints_get_explanation (kim_selection_hints in_selection
* \sa kim_selection_hints_get_options()
*/
kim_error kim_selection_hints_set_options (kim_selection_hints io_selection_hints,
- kim_options in_options);
+ kim_options in_options);
/*!
* \param in_selection_hints a selection hints object.
@@ -338,7 +339,7 @@ kim_error kim_selection_hints_set_options (kim_selection_hints io_selection_hint
* \sa kim_selection_hints_set_options()
*/
kim_error kim_selection_hints_get_options (kim_selection_hints in_selection_hints,
- kim_options *out_options);
+ kim_options *out_options);
/*!
* \param in_selection_hints a selection hints object to modify
@@ -350,7 +351,7 @@ kim_error kim_selection_hints_get_options (kim_selection_hints in_selection_hin
* \sa kim_selection_hints_get_allow_user_interaction
*/
kim_error kim_selection_hints_set_allow_user_interaction (kim_selection_hints in_selection_hints,
- kim_boolean in_allow_user_interaction);
+ kim_boolean in_allow_user_interaction);
/*!
* \param in_selection_hints a selection hints object to modify
@@ -363,7 +364,7 @@ kim_error kim_selection_hints_set_allow_user_interaction (kim_selection_hints in
* \sa kim_selection_hints_set_allow_user_interaction
*/
kim_error kim_selection_hints_get_allow_user_interaction (kim_selection_hints in_selection_hints,
- kim_boolean *out_allow_user_interaction);
+ kim_boolean *out_allow_user_interaction);
/*!
* \param in_selection_hints a selection hints object to modify
@@ -375,7 +376,7 @@ kim_error kim_selection_hints_get_allow_user_interaction (kim_selection_hints i
* \sa kim_selection_hints_get_remember_identity
*/
kim_error kim_selection_hints_set_remember_identity (kim_selection_hints in_selection_hints,
- kim_boolean in_remember_identity);
+ kim_boolean in_remember_identity);
/*!
* \param in_selection_hints a selection hints object to modify
@@ -387,7 +388,7 @@ kim_error kim_selection_hints_set_remember_identity (kim_selection_hints in_sele
* \sa kim_selection_hints_set_remember_identity
*/
kim_error kim_selection_hints_get_remember_identity (kim_selection_hints in_selection_hints,
- kim_boolean *out_remember_identity);
+ kim_boolean *out_remember_identity);
/*!
* \param in_selection_hints the selection hints to add to the cache.
@@ -401,7 +402,7 @@ kim_error kim_selection_hints_get_remember_identity (kim_selection_hints in_sel
*/
kim_error kim_selection_hints_get_identity (kim_selection_hints in_selection_hints,
- kim_identity *out_identity);
+ kim_identity *out_identity);
/*!
* \param in_selection_hints the selection hints to add to the cache.
@@ -412,7 +413,7 @@ kim_error kim_selection_hints_get_identity (kim_selection_hints in_selection_hin
*/
kim_error kim_selection_hints_remember_identity (kim_selection_hints in_selection_hints,
- kim_identity in_identity);
+ kim_identity in_identity);
/*!
* \param in_selection_hints the selection hints to remove from the cache.
diff --git a/src/include/kim/kim_string.h b/src/include/kim/kim_string.h
index 283a497427..aaf1975a93 100644
--- a/src/include/kim/kim_string.h
+++ b/src/include/kim/kim_string.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright 2005-2006 Massachusetts Institute of Technology.
* All Rights Reserved.
@@ -87,7 +88,7 @@ kim_error kim_string_create_for_last_error (kim_string *out_string,
/*!
* \param out_string on exit, a new string object which is a copy of \a in_string.
- Must be freed with kim_string_free().
+ Must be freed with kim_string_free().
* \param in_string the string to copy.
* \return On success, #KIM_NO_ERROR. On failure, an error code representing the failure.
* \brief Copy a string.
diff --git a/src/include/kim/kim_types.h b/src/include/kim/kim_types.h
index 7723407cf9..4778ba527a 100644
--- a/src/include/kim/kim_types.h
+++ b/src/include/kim/kim_types.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright 2005-2006 Massachusetts Institute of Technology.
* All Rights Reserved.
diff --git a/src/include/kim/kim_ui_plugin.h b/src/include/kim/kim_ui_plugin.h
index d5a08a87d0..579be73597 100644
--- a/src/include/kim/kim_ui_plugin.h
+++ b/src/include/kim/kim_ui_plugin.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright 2008 Massachusetts Institute of Technology.
* All Rights Reserved.
@@ -60,7 +61,7 @@ enum kim_prompt_type_enum {
typedef struct kim_ui_plugin_ftable_v0 {
- int minor_version; /* currently 0 */
+ int minor_version; /* currently 0 */
/* Called before other calls to allow the UI to initialize.
* Return an error if you can't display your UI in this environment.
diff --git a/src/include/krb5.h b/src/include/krb5.h
index d689651550..62ef9bb957 100644
--- a/src/include/krb5.h
+++ b/src/include/krb5.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/* The MIT Kerberos header file krb5.h used to live here.
As of the 1.5 release, we're installing multiple Kerberos headers,
diff --git a/src/include/krb5/authdata_plugin.h b/src/include/krb5/authdata_plugin.h
index 471f01c05b..32bff2f3b2 100644
--- a/src/include/krb5/authdata_plugin.h
+++ b/src/include/krb5/authdata_plugin.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* krb5/authdata_plugin.h
*
@@ -103,10 +104,10 @@ typedef struct krb5plugin_authdata_server_ftable_v0 {
* client (barring other problems).
*/
krb5_error_code (*authdata_proc)(krb5_context,
- struct _krb5_db_entry_new *client,
- krb5_data *req_pkt,
- krb5_kdc_req *request,
- krb5_enc_tkt_part *enc_tkt_reply);
+ struct _krb5_db_entry_new *client,
+ krb5_data *req_pkt,
+ krb5_kdc_req *request,
+ krb5_enc_tkt_part *enc_tkt_reply);
} krb5plugin_server_authdata_ftable_v0;
typedef krb5plugin_server_authdata_ftable_v0 krb5plugin_authdata_ftable_v0;
@@ -146,163 +147,163 @@ typedef struct krb5plugin_authdata_server_ftable_v2 {
* client (barring other problems).
*/
krb5_error_code (*authdata_proc)(krb5_context,
- unsigned int flags,
- struct _krb5_db_entry_new *client,
- struct _krb5_db_entry_new *server,
- struct _krb5_db_entry_new *tgs,
- krb5_keyblock *client_key,
- krb5_keyblock *server_key,
- krb5_keyblock *tgs_key,
- krb5_data *req_pkt,
- krb5_kdc_req *request,
- krb5_const_principal for_user_princ,
- krb5_enc_tkt_part *enc_tkt_request,
- krb5_enc_tkt_part *enc_tkt_reply);
+ unsigned int flags,
+ struct _krb5_db_entry_new *client,
+ struct _krb5_db_entry_new *server,
+ struct _krb5_db_entry_new *tgs,
+ krb5_keyblock *client_key,
+ krb5_keyblock *server_key,
+ krb5_keyblock *tgs_key,
+ krb5_data *req_pkt,
+ krb5_kdc_req *request,
+ krb5_const_principal for_user_princ,
+ krb5_enc_tkt_part *enc_tkt_request,
+ krb5_enc_tkt_part *enc_tkt_reply);
} krb5plugin_authdata_server_ftable_v2;
typedef krb5plugin_authdata_server_ftable_v2 krb5plugin_authdata_ftable_v2;
typedef krb5_error_code
(*authdata_client_plugin_init_proc)(krb5_context context,
- void **plugin_context);
+ void **plugin_context);
-#define AD_USAGE_AS_REQ 0x01
-#define AD_USAGE_TGS_REQ 0x02
-#define AD_USAGE_AP_REQ 0x04
-#define AD_USAGE_KDC_ISSUED 0x08
-#define AD_USAGE_MASK 0x0F
-#define AD_INFORMATIONAL 0x10
+#define AD_USAGE_AS_REQ 0x01
+#define AD_USAGE_TGS_REQ 0x02
+#define AD_USAGE_AP_REQ 0x04
+#define AD_USAGE_KDC_ISSUED 0x08
+#define AD_USAGE_MASK 0x0F
+#define AD_INFORMATIONAL 0x10
struct _krb5_authdata_context;
typedef void
(*authdata_client_plugin_flags_proc)(krb5_context kcontext,
- void *plugin_context,
- krb5_authdatatype ad_type,
- krb5_flags *flags);
+ void *plugin_context,
+ krb5_authdatatype ad_type,
+ krb5_flags *flags);
typedef void
(*authdata_client_plugin_fini_proc)(krb5_context kcontext,
- void *plugin_context);
+ void *plugin_context);
typedef krb5_error_code
(*authdata_client_request_init_proc)(krb5_context kcontext,
- struct _krb5_authdata_context *context,
- void *plugin_context,
- void **request_context);
+ struct _krb5_authdata_context *context,
+ void *plugin_context,
+ void **request_context);
typedef void
(*authdata_client_request_fini_proc)(krb5_context kcontext,
- struct _krb5_authdata_context *context,
- void *plugin_context,
- void *request_context);
+ struct _krb5_authdata_context *context,
+ void *plugin_context,
+ void *request_context);
typedef krb5_error_code
(*authdata_client_import_authdata_proc)(krb5_context kcontext,
- struct _krb5_authdata_context *context,
- void *plugin_context,
- void *request_context,
- krb5_authdata **authdata,
- krb5_boolean kdc_issued_flag,
- krb5_const_principal issuer);
+ struct _krb5_authdata_context *context,
+ void *plugin_context,
+ void *request_context,
+ krb5_authdata **authdata,
+ krb5_boolean kdc_issued_flag,
+ krb5_const_principal issuer);
typedef krb5_error_code
(*authdata_client_export_authdata_proc)(krb5_context kcontext,
- struct _krb5_authdata_context *context,
- void *plugin_context,
- void *request_context,
- krb5_flags usage,
- krb5_authdata ***authdata);
+ struct _krb5_authdata_context *context,
+ void *plugin_context,
+ void *request_context,
+ krb5_flags usage,
+ krb5_authdata ***authdata);
typedef krb5_error_code
(*authdata_client_get_attribute_types_proc)(krb5_context kcontext,
- struct _krb5_authdata_context *context,
- void *plugin_context,
- void *request_context,
- krb5_data **attrs);
+ struct _krb5_authdata_context *context,
+ void *plugin_context,
+ void *request_context,
+ krb5_data **attrs);
typedef krb5_error_code
(*authdata_client_get_attribute_proc)(krb5_context kcontext,
- struct _krb5_authdata_context *context,
- void *plugin_context,
- void *request_context,
- const krb5_data *attribute,
- krb5_boolean *authenticated,
- krb5_boolean *complete,
- krb5_data *value,
- krb5_data *display_value,
- int *more);
+ struct _krb5_authdata_context *context,
+ void *plugin_context,
+ void *request_context,
+ const krb5_data *attribute,
+ krb5_boolean *authenticated,
+ krb5_boolean *complete,
+ krb5_data *value,
+ krb5_data *display_value,
+ int *more);
typedef krb5_error_code
(*authdata_client_set_attribute_proc)(krb5_context kcontext,
- struct _krb5_authdata_context *context,
- void *plugin_context,
- void *request_context,
- krb5_boolean complete,
- const krb5_data *attribute,
- const krb5_data *value);
+ struct _krb5_authdata_context *context,
+ void *plugin_context,
+ void *request_context,
+ krb5_boolean complete,
+ const krb5_data *attribute,
+ const krb5_data *value);
typedef krb5_error_code
(*authdata_client_delete_attribute_proc)(krb5_context kcontext,
- struct _krb5_authdata_context *context,
- void *plugin_context,
- void *request_context,
- const krb5_data *attribute);
+ struct _krb5_authdata_context *context,
+ void *plugin_context,
+ void *request_context,
+ const krb5_data *attribute);
typedef krb5_error_code
(*authdata_client_export_internal_proc)(krb5_context kcontext,
- struct _krb5_authdata_context *context,
- void *plugin_context,
- void *request_context,
- krb5_boolean restrict_authenticated,
- void **ptr);
+ struct _krb5_authdata_context *context,
+ void *plugin_context,
+ void *request_context,
+ krb5_boolean restrict_authenticated,
+ void **ptr);
typedef void
(*authdata_client_free_internal_proc)(krb5_context kcontext,
- struct _krb5_authdata_context *context,
- void *plugin_context,
- void *request_context,
- void *ptr);
+ struct _krb5_authdata_context *context,
+ void *plugin_context,
+ void *request_context,
+ void *ptr);
typedef krb5_error_code
(*authdata_client_verify_proc)(krb5_context kcontext,
- struct _krb5_authdata_context *context,
- void *plugin_context,
- void *request_context,
- const krb5_auth_context *auth_context,
- const krb5_keyblock *key,
- const krb5_ap_req *req);
+ struct _krb5_authdata_context *context,
+ void *plugin_context,
+ void *request_context,
+ const krb5_auth_context *auth_context,
+ const krb5_keyblock *key,
+ const krb5_ap_req *req);
typedef krb5_error_code
(*authdata_client_size_proc)(krb5_context kcontext,
- struct _krb5_authdata_context *context,
- void *plugin_context,
- void *request_context,
- size_t *sizep);
+ struct _krb5_authdata_context *context,
+ void *plugin_context,
+ void *request_context,
+ size_t *sizep);
typedef krb5_error_code
(*authdata_client_externalize_proc)(krb5_context kcontext,
- struct _krb5_authdata_context *context,
- void *plugin_context,
- void *request_context,
- krb5_octet **buffer,
- size_t *lenremain);
+ struct _krb5_authdata_context *context,
+ void *plugin_context,
+ void *request_context,
+ krb5_octet **buffer,
+ size_t *lenremain);
typedef krb5_error_code
(*authdata_client_internalize_proc)(krb5_context kcontext,
- struct _krb5_authdata_context *context,
- void *plugin_context,
- void *request_context,
- krb5_octet **buffer,
- size_t *lenremain);
+ struct _krb5_authdata_context *context,
+ void *plugin_context,
+ void *request_context,
+ krb5_octet **buffer,
+ size_t *lenremain);
typedef krb5_error_code
(*authdata_client_copy_proc)(krb5_context kcontext,
- struct _krb5_authdata_context *context,
- void *plugin_context,
- void *request_context,
- void *dst_plugin_context,
- void *dst_request_context);
+ struct _krb5_authdata_context *context,
+ void *plugin_context,
+ void *request_context,
+ void *dst_plugin_context,
+ void *dst_request_context);
typedef struct krb5plugin_authdata_client_ftable_v0 {
char *name;
diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin
index 1b03451f66..f9d71559a8 100644
--- a/src/include/krb5/krb5.hin
+++ b/src/include/krb5/krb5.hin
@@ -1,5 +1,5 @@
-/* -*- c -*-
- * include/krb5.h
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* include/krb5.h
*
* Copyright 1989,1990,1995,2001, 2003, 2007 by the Massachusetts Institute of Technology.
* All Rights Reserved.
@@ -16,7 +16,7 @@
* this permission notice appear in supporting documentation, and that
* the name of M.I.T. not be used in advertising or publicity pertaining
* to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
+ * permission. Furthermore if you modify this software you must label
* your software as modified software and not distribute it in such a
* fashion that it might be confused with the original M.I.T. software.
* M.I.T. makes no representations about the suitability of
@@ -62,9 +62,9 @@
#endif
#if defined(__MACH__) && defined(__APPLE__)
-# include <TargetConditionals.h>
+# include <TargetConditionals.h>
# if TARGET_RT_MAC_CFM
-# error "Use KfM 4.0 SDK headers for CFM compilation."
+# error "Use KfM 4.0 SDK headers for CFM compilation."
# endif
#endif
@@ -90,13 +90,13 @@
#define KRB5_OLD_CRYPTO
#include <stdlib.h>
-#include <limits.h> /* for *_MAX */
+#include <limits.h> /* for *_MAX */
#include <stdarg.h>
#ifndef KRB5INT_BEGIN_DECLS
#if defined(__cplusplus)
-#define KRB5INT_BEGIN_DECLS extern "C" {
-#define KRB5INT_END_DECLS }
+#define KRB5INT_BEGIN_DECLS extern "C" {
+#define KRB5INT_END_DECLS }
#else
#define KRB5INT_BEGIN_DECLS
#define KRB5INT_END_DECLS
@@ -129,43 +129,43 @@ struct _profile_t;
* Word-size related definition.
*/
-typedef unsigned char krb5_octet;
+typedef unsigned char krb5_octet;
#if INT_MAX == 0x7fff
-typedef int krb5_int16;
-typedef unsigned int krb5_ui_2;
+typedef int krb5_int16;
+typedef unsigned int krb5_ui_2;
#elif SHRT_MAX == 0x7fff
-typedef short krb5_int16;
-typedef unsigned short krb5_ui_2;
+typedef short krb5_int16;
+typedef unsigned short krb5_ui_2;
#else
#error undefined 16 bit type
#endif
#if INT_MAX == 0x7fffffffL
-typedef int krb5_int32;
-typedef unsigned int krb5_ui_4;
+typedef int krb5_int32;
+typedef unsigned int krb5_ui_4;
#elif LONG_MAX == 0x7fffffffL
-typedef long krb5_int32;
-typedef unsigned long krb5_ui_4;
+typedef long krb5_int32;
+typedef unsigned long krb5_ui_4;
#elif SHRT_MAX == 0x7fffffffL
-typedef short krb5_int32;
-typedef unsigned short krb5_ui_4;
+typedef short krb5_int32;
+typedef unsigned short krb5_ui_4;
#else
#error: undefined 32 bit type
#endif
-#define VALID_INT_BITS INT_MAX
-#define VALID_UINT_BITS UINT_MAX
+#define VALID_INT_BITS INT_MAX
+#define VALID_UINT_BITS UINT_MAX
-#define KRB5_INT32_MAX 2147483647
+#define KRB5_INT32_MAX 2147483647
/* this strange form is necessary since - is a unary operator, not a sign
indicator */
-#define KRB5_INT32_MIN (-KRB5_INT32_MAX-1)
+#define KRB5_INT32_MIN (-KRB5_INT32_MAX-1)
#define KRB5_INT16_MAX 65535
/* this strange form is necessary since - is a unary operator, not a sign
indicator */
-#define KRB5_INT16_MIN (-KRB5_INT16_MAX-1)
+#define KRB5_INT16_MIN (-KRB5_INT16_MAX-1)
/*
* end wordsize.h
@@ -180,41 +180,41 @@ typedef unsigned short krb5_ui_4;
*/
#ifndef FALSE
-#define FALSE 0
+#define FALSE 0
#endif
#ifndef TRUE
-#define TRUE 1
+#define TRUE 1
#endif
-typedef unsigned int krb5_boolean;
-typedef unsigned int krb5_msgtype;
-typedef unsigned int krb5_kvno;
+typedef unsigned int krb5_boolean;
+typedef unsigned int krb5_msgtype;
+typedef unsigned int krb5_kvno;
-typedef krb5_int32 krb5_addrtype;
+typedef krb5_int32 krb5_addrtype;
typedef krb5_int32 krb5_enctype;
typedef krb5_int32 krb5_cksumtype;
typedef krb5_int32 krb5_authdatatype;
typedef krb5_int32 krb5_keyusage;
typedef krb5_int32 krb5_cryptotype;
-typedef krb5_int32 krb5_preauthtype; /* This may change, later on */
-typedef krb5_int32 krb5_flags;
-typedef krb5_int32 krb5_timestamp;
-typedef krb5_int32 krb5_error_code;
-typedef krb5_int32 krb5_deltat;
+typedef krb5_int32 krb5_preauthtype; /* This may change, later on */
+typedef krb5_int32 krb5_flags;
+typedef krb5_int32 krb5_timestamp;
+typedef krb5_int32 krb5_error_code;
+typedef krb5_int32 krb5_deltat;
-typedef krb5_error_code krb5_magic;
+typedef krb5_error_code krb5_magic;
typedef struct _krb5_data {
- krb5_magic magic;
- unsigned int length;
- char *data;
+ krb5_magic magic;
+ unsigned int length;
+ char *data;
} krb5_data;
typedef struct _krb5_octet_data {
- krb5_magic magic;
- unsigned int length;
- krb5_octet *data;
+ krb5_magic magic;
+ unsigned int length;
+ krb5_octet *data;
} krb5_octet_data;
/*
@@ -222,51 +222,51 @@ typedef struct _krb5_octet_data {
* equivalent to -1 without possible sign extension
* We also overload for an unset salt type length - which is also -1, but
* hey, why not....
-*/
+ */
#define SALT_TYPE_AFS_LENGTH UINT_MAX
#define SALT_TYPE_NO_LENGTH UINT_MAX
-typedef void * krb5_pointer;
+typedef void * krb5_pointer;
typedef void const * krb5_const_pointer;
typedef struct krb5_principal_data {
krb5_magic magic;
krb5_data realm;
- krb5_data *data; /* An array of strings */
+ krb5_data *data; /* An array of strings */
krb5_int32 length;
krb5_int32 type;
} krb5_principal_data;
-typedef krb5_principal_data * krb5_principal;
+typedef krb5_principal_data * krb5_principal;
/*
* Per V5 spec on definition of principal types
*/
/* Name type not known */
-#define KRB5_NT_UNKNOWN 0
+#define KRB5_NT_UNKNOWN 0
/* Just the name of the principal as in DCE, or for users */
-#define KRB5_NT_PRINCIPAL 1
+#define KRB5_NT_PRINCIPAL 1
/* Service and other unique instance (krbtgt) */
-#define KRB5_NT_SRV_INST 2
+#define KRB5_NT_SRV_INST 2
/* Service with host name as instance (telnet, rcommands) */
-#define KRB5_NT_SRV_HST 3
+#define KRB5_NT_SRV_HST 3
/* Service with host as remaining components */
-#define KRB5_NT_SRV_XHST 4
+#define KRB5_NT_SRV_XHST 4
/* Unique ID */
-#define KRB5_NT_UID 5
+#define KRB5_NT_UID 5
/* PKINIT */
-#define KRB5_NT_X500_PRINCIPAL 6
+#define KRB5_NT_X500_PRINCIPAL 6
/* Name in form of SMTP email name */
-#define KRB5_NT_SMTP_NAME 7
+#define KRB5_NT_SMTP_NAME 7
/* Windows 2000 UPN */
-#define KRB5_NT_ENTERPRISE_PRINCIPAL 10
+#define KRB5_NT_ENTERPRISE_PRINCIPAL 10
/* Windows 2000 UPN and SID */
-#define KRB5_NT_MS_PRINCIPAL -128
+#define KRB5_NT_MS_PRINCIPAL -128
/* NT 4 style name */
-#define KRB5_NT_MS_PRINCIPAL_AND_ID -129
+#define KRB5_NT_MS_PRINCIPAL_AND_ID -129
/* NT 4 style name and SID */
-#define KRB5_NT_ENT_PRINCIPAL_AND_ID -130
+#define KRB5_NT_ENT_PRINCIPAL_AND_ID -130
/* constant version thereof: */
typedef const krb5_principal_data *krb5_const_principal;
@@ -275,18 +275,18 @@ typedef const krb5_principal_data *krb5_const_principal;
#define krb5_princ_set_realm(context, princ,value) ((princ)->realm = *(value))
#define krb5_princ_set_realm_length(context, princ,value) (princ)->realm.length = (value)
#define krb5_princ_set_realm_data(context, princ,value) (princ)->realm.data = (value)
-#define krb5_princ_size(context, princ) (princ)->length
-#define krb5_princ_type(context, princ) (princ)->type
-#define krb5_princ_name(context, princ) (princ)->data
-#define krb5_princ_component(context, princ,i) \
- (((i) < krb5_princ_size(context, princ)) \
- ? (princ)->data + (i) \
- : NULL)
+#define krb5_princ_size(context, princ) (princ)->length
+#define krb5_princ_type(context, princ) (princ)->type
+#define krb5_princ_name(context, princ) (princ)->data
+#define krb5_princ_component(context, princ,i) \
+ (((i) < krb5_princ_size(context, princ)) \
+ ? (princ)->data + (i) \
+ : NULL)
/*
* Constants for realm referrals.
*/
-#define KRB5_REFERRAL_REALM ""
+#define KRB5_REFERRAL_REALM ""
/*
* Referral-specific functions.
@@ -310,16 +310,16 @@ typedef struct _krb5_address {
} krb5_address;
/* per Kerberos v5 protocol spec */
-#define ADDRTYPE_INET 0x0002
-#define ADDRTYPE_CHAOS 0x0005
-#define ADDRTYPE_XNS 0x0006
-#define ADDRTYPE_ISO 0x0007
-#define ADDRTYPE_DDP 0x0010
-#define ADDRTYPE_NETBIOS 0x0014
-#define ADDRTYPE_INET6 0x0018
+#define ADDRTYPE_INET 0x0002
+#define ADDRTYPE_CHAOS 0x0005
+#define ADDRTYPE_XNS 0x0006
+#define ADDRTYPE_ISO 0x0007
+#define ADDRTYPE_DDP 0x0010
+#define ADDRTYPE_NETBIOS 0x0014
+#define ADDRTYPE_INET6 0x0018
/* not yet in the spec... */
-#define ADDRTYPE_ADDRPORT 0x0100
-#define ADDRTYPE_IPPORT 0x0101
+#define ADDRTYPE_ADDRPORT 0x0100
+#define ADDRTYPE_IPPORT 0x0101
/* macros to determine if a type is a local type */
#define ADDRTYPE_IS_LOCAL(addrtype) (addrtype & 0x8000)
@@ -362,16 +362,16 @@ typedef struct krb5_key_st *krb5_key;
#ifdef KRB5_OLD_CRYPTO
typedef struct _krb5_encrypt_block {
krb5_magic magic;
- krb5_enctype crypto_entry; /* to call krb5_encrypt_size, you need
- this. it was a pointer, but it
- doesn't have to be. gross. */
+ krb5_enctype crypto_entry; /* to call krb5_encrypt_size, you need
+ this. it was a pointer, but it
+ doesn't have to be. gross. */
krb5_keyblock *key;
} krb5_encrypt_block;
#endif
typedef struct _krb5_checksum {
krb5_magic magic;
- krb5_cksumtype checksum_type; /* checksum type */
+ krb5_cksumtype checksum_type; /* checksum type */
unsigned int length;
krb5_octet *contents;
} krb5_checksum;
@@ -389,43 +389,43 @@ typedef struct _krb5_crypto_iov {
} krb5_crypto_iov;
/* per Kerberos v5 protocol spec */
-#define ENCTYPE_NULL 0x0000
-#define ENCTYPE_DES_CBC_CRC 0x0001 /* DES cbc mode with CRC-32 */
-#define ENCTYPE_DES_CBC_MD4 0x0002 /* DES cbc mode with RSA-MD4 */
-#define ENCTYPE_DES_CBC_MD5 0x0003 /* DES cbc mode with RSA-MD5 */
-#define ENCTYPE_DES_CBC_RAW 0x0004 /* DES cbc mode raw */
+#define ENCTYPE_NULL 0x0000
+#define ENCTYPE_DES_CBC_CRC 0x0001 /* DES cbc mode with CRC-32 */
+#define ENCTYPE_DES_CBC_MD4 0x0002 /* DES cbc mode with RSA-MD4 */
+#define ENCTYPE_DES_CBC_MD5 0x0003 /* DES cbc mode with RSA-MD5 */
+#define ENCTYPE_DES_CBC_RAW 0x0004 /* DES cbc mode raw */
/* XXX deprecated? */
-#define ENCTYPE_DES3_CBC_SHA 0x0005 /* DES-3 cbc mode with NIST-SHA */
-#define ENCTYPE_DES3_CBC_RAW 0x0006 /* DES-3 cbc mode raw */
-#define ENCTYPE_DES_HMAC_SHA1 0x0008
+#define ENCTYPE_DES3_CBC_SHA 0x0005 /* DES-3 cbc mode with NIST-SHA */
+#define ENCTYPE_DES3_CBC_RAW 0x0006 /* DES-3 cbc mode raw */
+#define ENCTYPE_DES_HMAC_SHA1 0x0008
/* PKINIT */
-#define ENCTYPE_DSA_SHA1_CMS 0x0009 /* DSA with SHA1, CMS signature */
-#define ENCTYPE_MD5_RSA_CMS 0x000a /* MD5 with RSA, CMS signature */
-#define ENCTYPE_SHA1_RSA_CMS 0x000b /* SHA1 with RSA, CMS signature */
-#define ENCTYPE_RC2_CBC_ENV 0x000c /* RC2 cbc mode, CMS enveloped data */
-#define ENCTYPE_RSA_ENV 0x000d /* RSA encryption, CMS enveloped data */
-#define ENCTYPE_RSA_ES_OAEP_ENV 0x000e /* RSA w/OEAP encryption, CMS enveloped data */
-#define ENCTYPE_DES3_CBC_ENV 0x000f /* DES-3 cbc mode, CMS enveloped data */
-
-#define ENCTYPE_DES3_CBC_SHA1 0x0010
-#define ENCTYPE_AES128_CTS_HMAC_SHA1_96 0x0011
-#define ENCTYPE_AES256_CTS_HMAC_SHA1_96 0x0012
-#define ENCTYPE_ARCFOUR_HMAC 0x0017
+#define ENCTYPE_DSA_SHA1_CMS 0x0009 /* DSA with SHA1, CMS signature */
+#define ENCTYPE_MD5_RSA_CMS 0x000a /* MD5 with RSA, CMS signature */
+#define ENCTYPE_SHA1_RSA_CMS 0x000b /* SHA1 with RSA, CMS signature */
+#define ENCTYPE_RC2_CBC_ENV 0x000c /* RC2 cbc mode, CMS enveloped data */
+#define ENCTYPE_RSA_ENV 0x000d /* RSA encryption, CMS enveloped data */
+#define ENCTYPE_RSA_ES_OAEP_ENV 0x000e /* RSA w/OEAP encryption, CMS enveloped data */
+#define ENCTYPE_DES3_CBC_ENV 0x000f /* DES-3 cbc mode, CMS enveloped data */
+
+#define ENCTYPE_DES3_CBC_SHA1 0x0010
+#define ENCTYPE_AES128_CTS_HMAC_SHA1_96 0x0011
+#define ENCTYPE_AES256_CTS_HMAC_SHA1_96 0x0012
+#define ENCTYPE_ARCFOUR_HMAC 0x0017
#define ENCTYPE_ARCFOUR_HMAC_EXP 0x0018
-#define ENCTYPE_UNKNOWN 0x01ff
+#define ENCTYPE_UNKNOWN 0x01ff
-#define CKSUMTYPE_CRC32 0x0001
-#define CKSUMTYPE_RSA_MD4 0x0002
-#define CKSUMTYPE_RSA_MD4_DES 0x0003
-#define CKSUMTYPE_DESCBC 0x0004
+#define CKSUMTYPE_CRC32 0x0001
+#define CKSUMTYPE_RSA_MD4 0x0002
+#define CKSUMTYPE_RSA_MD4_DES 0x0003
+#define CKSUMTYPE_DESCBC 0x0004
/* des-mac-k */
/* rsa-md4-des-k */
-#define CKSUMTYPE_RSA_MD5 0x0007
-#define CKSUMTYPE_RSA_MD5_DES 0x0008
-#define CKSUMTYPE_NIST_SHA 0x0009
-#define CKSUMTYPE_HMAC_SHA1_DES3 0x000c
-#define CKSUMTYPE_HMAC_SHA1_96_AES128 0x000f
-#define CKSUMTYPE_HMAC_SHA1_96_AES256 0x0010
+#define CKSUMTYPE_RSA_MD5 0x0007
+#define CKSUMTYPE_RSA_MD5_DES 0x0008
+#define CKSUMTYPE_NIST_SHA 0x0009
+#define CKSUMTYPE_HMAC_SHA1_DES3 0x000c
+#define CKSUMTYPE_HMAC_SHA1_96_AES128 0x000f
+#define CKSUMTYPE_HMAC_SHA1_96_AES256 0x0010
#define CKSUMTYPE_MD5_HMAC_ARCFOUR -137 /*Microsoft netlogon cksumtype*/
#define CKSUMTYPE_HMAC_MD5_ARCFOUR -138 /*Microsoft md5 hmac cksumtype*/
@@ -435,19 +435,19 @@ typedef struct _krb5_crypto_iov {
* entropy in the sample and to keep track of what sources of entropy have
* contributed enough entropy. Sources marked internal MUST NOT be
* used by applications outside the Kerberos library
-*/
+ */
enum {
- KRB5_C_RANDSOURCE_OLDAPI = 0, /*calls to krb5_C_RANDOM_SEED (INTERNAL)*/
- KRB5_C_RANDSOURCE_OSRAND = 1, /* /dev/random or equivalent (internal)*/
- KRB5_C_RANDSOURCE_TRUSTEDPARTY = 2, /* From KDC or other trusted party*/
- /*This source should be used carefully; data in this category
- * should be from a third party trusted to give random bits
- * For example keys issued by the KDC in the application server.
- */
- KRB5_C_RANDSOURCE_TIMING = 3, /* Timing of operations*/
- KRB5_C_RANDSOURCE_EXTERNAL_PROTOCOL = 4, /*Protocol data possibly from attacker*/
- KRB5_C_RANDSOURCE_MAX = 5 /*Do not use; maximum source ID*/
+ KRB5_C_RANDSOURCE_OLDAPI = 0, /*calls to krb5_C_RANDOM_SEED (INTERNAL)*/
+ KRB5_C_RANDSOURCE_OSRAND = 1, /* /dev/random or equivalent (internal)*/
+ KRB5_C_RANDSOURCE_TRUSTEDPARTY = 2, /* From KDC or other trusted party*/
+ /*This source should be used carefully; data in this category
+ * should be from a third party trusted to give random bits
+ * For example keys issued by the KDC in the application server.
+ */
+ KRB5_C_RANDSOURCE_TIMING = 3, /* Timing of operations*/
+ KRB5_C_RANDSOURCE_EXTERNAL_PROTOCOL = 4, /*Protocol data possibly from attacker*/
+ KRB5_C_RANDSOURCE_MAX = 5 /*Do not use; maximum source ID*/
};
#ifndef krb5_roundup
@@ -466,188 +466,168 @@ enum {
#endif
krb5_error_code KRB5_CALLCONV
- krb5_c_encrypt
- (krb5_context context, const krb5_keyblock *key,
- krb5_keyusage usage, const krb5_data *cipher_state,
- const krb5_data *input, krb5_enc_data *output);
+krb5_c_encrypt(krb5_context context, const krb5_keyblock *key,
+ krb5_keyusage usage, const krb5_data *cipher_state,
+ const krb5_data *input, krb5_enc_data *output);
krb5_error_code KRB5_CALLCONV
- krb5_c_decrypt
- (krb5_context context, const krb5_keyblock *key,
- krb5_keyusage usage, const krb5_data *cipher_state,
- const krb5_enc_data *input, krb5_data *output);
+krb5_c_decrypt(krb5_context context, const krb5_keyblock *key,
+ krb5_keyusage usage, const krb5_data *cipher_state,
+ const krb5_enc_data *input, krb5_data *output);
krb5_error_code KRB5_CALLCONV
- krb5_c_encrypt_length
- (krb5_context context, krb5_enctype enctype,
- size_t inputlen, size_t *length);
+krb5_c_encrypt_length(krb5_context context, krb5_enctype enctype,
+ size_t inputlen, size_t *length);
krb5_error_code KRB5_CALLCONV
- krb5_c_block_size
- (krb5_context context, krb5_enctype enctype,
- size_t *blocksize);
+krb5_c_block_size(krb5_context context, krb5_enctype enctype,
+ size_t *blocksize);
krb5_error_code KRB5_CALLCONV
- krb5_c_keylengths
- (krb5_context context, krb5_enctype enctype,
- size_t *keybytes, size_t *keylength);
+krb5_c_keylengths(krb5_context context, krb5_enctype enctype,
+ size_t *keybytes, size_t *keylength);
krb5_error_code KRB5_CALLCONV
- krb5_c_init_state
-(krb5_context context,
-const krb5_keyblock *key, krb5_keyusage usage,
-krb5_data *new_state);
+krb5_c_init_state(krb5_context context, const krb5_keyblock *key,
+ krb5_keyusage usage, krb5_data *new_state);
krb5_error_code KRB5_CALLCONV
- krb5_c_free_state
-(krb5_context context, const krb5_keyblock *key, krb5_data *state);
+krb5_c_free_state(krb5_context context, const krb5_keyblock *key,
+ krb5_data *state);
krb5_error_code KRB5_CALLCONV
- krb5_c_prf (krb5_context, const krb5_keyblock *,
- krb5_data *in, krb5_data *out);
+krb5_c_prf(krb5_context, const krb5_keyblock *, krb5_data *in, krb5_data *out);
krb5_error_code KRB5_CALLCONV
- krb5_c_prf_length (krb5_context, krb5_enctype, size_t *outlen);
+krb5_c_prf_length(krb5_context, krb5_enctype, size_t *outlen);
+
krb5_error_code KRB5_CALLCONV
krb5_c_fx_cf2_simple(krb5_context context,
- krb5_keyblock *k1, const char *pepper1,
- krb5_keyblock *k2, const char *pepper2,
- krb5_keyblock **out);
- /* Returns KRB-FX-CF2 in a newly allocated
- * keyblock on success or an error code on error.
- * This function is simple in that it assumes
- * pepper1 and pepper2 are C strings with no
- * internal nulls and that the enctype of the
- * result will be the same as that of k1. Both
- * of these assumptions are true of current
- * specs.
- */
-
+ krb5_keyblock *k1, const char *pepper1,
+ krb5_keyblock *k2, const char *pepper2,
+ krb5_keyblock **out);
+/* Returns KRB-FX-CF2 in a newly allocated
+ * keyblock on success or an error code on error.
+ * This function is simple in that it assumes
+ * pepper1 and pepper2 are C strings with no
+ * internal nulls and that the enctype of the
+ * result will be the same as that of k1. Both
+ * of these assumptions are true of current
+ * specs.
+ */
krb5_error_code KRB5_CALLCONV
- krb5_c_make_random_key
- (krb5_context context, krb5_enctype enctype,
- krb5_keyblock *k5_random_key);
+krb5_c_make_random_key(krb5_context context, krb5_enctype enctype,
+ krb5_keyblock *k5_random_key);
krb5_error_code KRB5_CALLCONV
- krb5_c_random_to_key
- (krb5_context context, krb5_enctype enctype,
- krb5_data *random_data, krb5_keyblock *k5_random_key);
+krb5_c_random_to_key(krb5_context context, krb5_enctype enctype,
+ krb5_data *random_data, krb5_keyblock *k5_random_key);
-/* Register a new entropy sample with the PRNG. may cause
-* the PRNG to be reseeded, although this is not guaranteed. See previous randsource definitions
-* for information on how each source should be used.
-*/
+/*
+ * Register a new entropy sample with the PRNG. may cause the PRNG to be
+ * reseeded, although this is not guaranteed. See previous randsource
+ * definitions for information on how each source should be used.
+ */
krb5_error_code KRB5_CALLCONV
- krb5_c_random_add_entropy
-(krb5_context context, unsigned int randsource_id, const krb5_data *data);
-
+krb5_c_random_add_entropy(krb5_context context, unsigned int randsource_id,
+ const krb5_data *data);
krb5_error_code KRB5_CALLCONV
- krb5_c_random_make_octets
- (krb5_context context, krb5_data *data);
+krb5_c_random_make_octets(krb5_context context, krb5_data *data);
/*
-* Collect entropy from the OS if possible. strong requests that as strong
-* of a source of entropy as available be used. Setting strong may
-* increase the probability of blocking and should not be used for normal
-* applications. Good uses include seeding the PRNG for kadmind
-* and realm setup.
-* If successful is non-null, then successful is set to 1 if the OS provided
-* entropy else zero.
-*/
-krb5_error_code KRB5_CALLCONV
-krb5_c_random_os_entropy
-(krb5_context context, int strong, int *success);
+ * Collect entropy from the OS if possible. strong requests that as strong
+ * of a source of entropy as available be used. Setting strong may
+ * increase the probability of blocking and should not be used for normal
+ * applications. Good uses include seeding the PRNG for kadmind
+ * and realm setup.
+ * If successful is non-null, then successful is set to 1 if the OS provided
+ * entropy else zero.
+ */
+krb5_error_code KRB5_CALLCONV
+krb5_c_random_os_entropy(krb5_context context, int strong, int *success);
/*deprecated*/ krb5_error_code KRB5_CALLCONV
- krb5_c_random_seed
- (krb5_context context, krb5_data *data);
+krb5_c_random_seed(krb5_context context, krb5_data *data);
krb5_error_code KRB5_CALLCONV
- krb5_c_string_to_key
- (krb5_context context, krb5_enctype enctype,
- const krb5_data *string, const krb5_data *salt,
- krb5_keyblock *key);
+krb5_c_string_to_key(krb5_context context, krb5_enctype enctype,
+ const krb5_data *string, const krb5_data *salt,
+ krb5_keyblock *key);
+
krb5_error_code KRB5_CALLCONV
krb5_c_string_to_key_with_params(krb5_context context,
- krb5_enctype enctype,
- const krb5_data *string,
- const krb5_data *salt,
- const krb5_data *params,
- krb5_keyblock *key);
-
-krb5_error_code KRB5_CALLCONV
- krb5_c_enctype_compare
- (krb5_context context, krb5_enctype e1, krb5_enctype e2,
- krb5_boolean *similar);
-
-krb5_error_code KRB5_CALLCONV
- krb5_c_make_checksum
- (krb5_context context, krb5_cksumtype cksumtype,
- const krb5_keyblock *key, krb5_keyusage usage,
- const krb5_data *input, krb5_checksum *cksum);
-
-krb5_error_code KRB5_CALLCONV
- krb5_c_verify_checksum
- (krb5_context context,
- const krb5_keyblock *key, krb5_keyusage usage,
- const krb5_data *data,
- const krb5_checksum *cksum,
- krb5_boolean *valid);
-
-krb5_error_code KRB5_CALLCONV
- krb5_c_checksum_length
- (krb5_context context, krb5_cksumtype cksumtype,
- size_t *length);
-
-krb5_error_code KRB5_CALLCONV
- krb5_c_keyed_checksum_types
- (krb5_context context, krb5_enctype enctype,
- unsigned int *count, krb5_cksumtype **cksumtypes);
-
-#define KRB5_KEYUSAGE_AS_REQ_PA_ENC_TS 1
-#define KRB5_KEYUSAGE_KDC_REP_TICKET 2
-#define KRB5_KEYUSAGE_AS_REP_ENCPART 3
-#define KRB5_KEYUSAGE_TGS_REQ_AD_SESSKEY 4
-#define KRB5_KEYUSAGE_TGS_REQ_AD_SUBKEY 5
-#define KRB5_KEYUSAGE_TGS_REQ_AUTH_CKSUM 6
-#define KRB5_KEYUSAGE_TGS_REQ_AUTH 7
-#define KRB5_KEYUSAGE_TGS_REP_ENCPART_SESSKEY 8
-#define KRB5_KEYUSAGE_TGS_REP_ENCPART_SUBKEY 9
-#define KRB5_KEYUSAGE_AP_REQ_AUTH_CKSUM 10
-#define KRB5_KEYUSAGE_AP_REQ_AUTH 11
-#define KRB5_KEYUSAGE_AP_REP_ENCPART 12
-#define KRB5_KEYUSAGE_KRB_PRIV_ENCPART 13
-#define KRB5_KEYUSAGE_KRB_CRED_ENCPART 14
-#define KRB5_KEYUSAGE_KRB_SAFE_CKSUM 15
-#define KRB5_KEYUSAGE_APP_DATA_ENCRYPT 16
-#define KRB5_KEYUSAGE_APP_DATA_CKSUM 17
-#define KRB5_KEYUSAGE_KRB_ERROR_CKSUM 18
-#define KRB5_KEYUSAGE_AD_KDCISSUED_CKSUM 19
-#define KRB5_KEYUSAGE_AD_MTE 20
-#define KRB5_KEYUSAGE_AD_ITE 21
+ krb5_enctype enctype,
+ const krb5_data *string,
+ const krb5_data *salt,
+ const krb5_data *params,
+ krb5_keyblock *key);
+
+krb5_error_code KRB5_CALLCONV
+krb5_c_enctype_compare(krb5_context context, krb5_enctype e1, krb5_enctype e2,
+ krb5_boolean *similar);
+
+krb5_error_code KRB5_CALLCONV
+krb5_c_make_checksum(krb5_context context, krb5_cksumtype cksumtype,
+ const krb5_keyblock *key, krb5_keyusage usage,
+ const krb5_data *input, krb5_checksum *cksum);
+
+krb5_error_code KRB5_CALLCONV
+krb5_c_verify_checksum(krb5_context context, const krb5_keyblock *key,
+ krb5_keyusage usage, const krb5_data *data,
+ const krb5_checksum *cksum, krb5_boolean *valid);
+
+krb5_error_code KRB5_CALLCONV
+krb5_c_checksum_length(krb5_context context, krb5_cksumtype cksumtype,
+ size_t *length);
+
+krb5_error_code KRB5_CALLCONV
+krb5_c_keyed_checksum_types(krb5_context context, krb5_enctype enctype,
+ unsigned int *count, krb5_cksumtype **cksumtypes);
+
+#define KRB5_KEYUSAGE_AS_REQ_PA_ENC_TS 1
+#define KRB5_KEYUSAGE_KDC_REP_TICKET 2
+#define KRB5_KEYUSAGE_AS_REP_ENCPART 3
+#define KRB5_KEYUSAGE_TGS_REQ_AD_SESSKEY 4
+#define KRB5_KEYUSAGE_TGS_REQ_AD_SUBKEY 5
+#define KRB5_KEYUSAGE_TGS_REQ_AUTH_CKSUM 6
+#define KRB5_KEYUSAGE_TGS_REQ_AUTH 7
+#define KRB5_KEYUSAGE_TGS_REP_ENCPART_SESSKEY 8
+#define KRB5_KEYUSAGE_TGS_REP_ENCPART_SUBKEY 9
+#define KRB5_KEYUSAGE_AP_REQ_AUTH_CKSUM 10
+#define KRB5_KEYUSAGE_AP_REQ_AUTH 11
+#define KRB5_KEYUSAGE_AP_REP_ENCPART 12
+#define KRB5_KEYUSAGE_KRB_PRIV_ENCPART 13
+#define KRB5_KEYUSAGE_KRB_CRED_ENCPART 14
+#define KRB5_KEYUSAGE_KRB_SAFE_CKSUM 15
+#define KRB5_KEYUSAGE_APP_DATA_ENCRYPT 16
+#define KRB5_KEYUSAGE_APP_DATA_CKSUM 17
+#define KRB5_KEYUSAGE_KRB_ERROR_CKSUM 18
+#define KRB5_KEYUSAGE_AD_KDCISSUED_CKSUM 19
+#define KRB5_KEYUSAGE_AD_MTE 20
+#define KRB5_KEYUSAGE_AD_ITE 21
/* XXX need to register these */
-#define KRB5_KEYUSAGE_GSS_TOK_MIC 22
-#define KRB5_KEYUSAGE_GSS_TOK_WRAP_INTEG 23
-#define KRB5_KEYUSAGE_GSS_TOK_WRAP_PRIV 24
+#define KRB5_KEYUSAGE_GSS_TOK_MIC 22
+#define KRB5_KEYUSAGE_GSS_TOK_WRAP_INTEG 23
+#define KRB5_KEYUSAGE_GSS_TOK_WRAP_PRIV 24
/* Defined in hardware preauth draft */
-#define KRB5_KEYUSAGE_PA_SAM_CHALLENGE_CKSUM 25
-#define KRB5_KEYUSAGE_PA_SAM_CHALLENGE_TRACKID 26
-#define KRB5_KEYUSAGE_PA_SAM_RESPONSE 27
+#define KRB5_KEYUSAGE_PA_SAM_CHALLENGE_CKSUM 25
+#define KRB5_KEYUSAGE_PA_SAM_CHALLENGE_TRACKID 26
+#define KRB5_KEYUSAGE_PA_SAM_RESPONSE 27
/* Defined in KDC referrals draft */
-#define KRB5_KEYUSAGE_PA_REFERRAL 26 /* XXX note conflict with above */
+#define KRB5_KEYUSAGE_PA_REFERRAL 26 /* XXX note conflict with above */
/* Defined in [MS-SFU] */
-#define KRB5_KEYUSAGE_PA_S4U_X509_USER_REQUEST 26 /* XXX note conflict with above */
-#define KRB5_KEYUSAGE_PA_S4U_X509_USER_REPLY 27 /* XXX note conflict with above */
+#define KRB5_KEYUSAGE_PA_S4U_X509_USER_REQUEST 26 /* XXX note conflict with above */
+#define KRB5_KEYUSAGE_PA_S4U_X509_USER_REPLY 27 /* XXX note conflict with above */
-#define KRB5_KEYUSAGE_AD_SIGNEDPATH -21
+#define KRB5_KEYUSAGE_AD_SIGNEDPATH -21
/* define in draft-ietf-krb-wg-preauth-framework*/
#define KRB5_KEYUSAGE_FAST_REQ_CHKSUM 50
@@ -658,69 +638,57 @@ krb5_error_code KRB5_CALLCONV
#define KRB5_KEYUSAGE_ENC_CHALLENGE_KDC 55
#define KRB5_KEYUSAGE_FAST_REP 52
-krb5_boolean KRB5_CALLCONV krb5_c_valid_enctype
- (krb5_enctype ktype);
-krb5_boolean KRB5_CALLCONV krb5_c_valid_cksumtype
- (krb5_cksumtype ctype);
-krb5_boolean KRB5_CALLCONV krb5_c_is_coll_proof_cksum
- (krb5_cksumtype ctype);
-krb5_boolean KRB5_CALLCONV krb5_c_is_keyed_cksum
- (krb5_cksumtype ctype);
+krb5_boolean KRB5_CALLCONV krb5_c_valid_enctype(krb5_enctype ktype);
+krb5_boolean KRB5_CALLCONV krb5_c_valid_cksumtype(krb5_cksumtype ctype);
+krb5_boolean KRB5_CALLCONV krb5_c_is_coll_proof_cksum(krb5_cksumtype ctype);
+krb5_boolean KRB5_CALLCONV krb5_c_is_keyed_cksum(krb5_cksumtype ctype);
/* AEAD APIs */
-#define KRB5_CRYPTO_TYPE_EMPTY 0 /* [in] ignored */
-#define KRB5_CRYPTO_TYPE_HEADER 1 /* [out] header */
-#define KRB5_CRYPTO_TYPE_DATA 2 /* [in, out] plaintext */
-#define KRB5_CRYPTO_TYPE_SIGN_ONLY 3 /* [in] associated data */
-#define KRB5_CRYPTO_TYPE_PADDING 4 /* [out] padding */
-#define KRB5_CRYPTO_TYPE_TRAILER 5 /* [out] checksum for encrypt */
-#define KRB5_CRYPTO_TYPE_CHECKSUM 6 /* [out] checksum for MIC */
-#define KRB5_CRYPTO_TYPE_STREAM 7 /* [in] entire message */
+#define KRB5_CRYPTO_TYPE_EMPTY 0 /* [in] ignored */
+#define KRB5_CRYPTO_TYPE_HEADER 1 /* [out] header */
+#define KRB5_CRYPTO_TYPE_DATA 2 /* [in, out] plaintext */
+#define KRB5_CRYPTO_TYPE_SIGN_ONLY 3 /* [in] associated data */
+#define KRB5_CRYPTO_TYPE_PADDING 4 /* [out] padding */
+#define KRB5_CRYPTO_TYPE_TRAILER 5 /* [out] checksum for encrypt */
+#define KRB5_CRYPTO_TYPE_CHECKSUM 6 /* [out] checksum for MIC */
+#define KRB5_CRYPTO_TYPE_STREAM 7 /* [in] entire message */
krb5_error_code KRB5_CALLCONV
- krb5_c_make_checksum_iov
- (krb5_context context, krb5_cksumtype cksumtype,
- const krb5_keyblock *key, krb5_keyusage usage,
- krb5_crypto_iov *data, size_t num_data);
+krb5_c_make_checksum_iov(krb5_context context, krb5_cksumtype cksumtype,
+ const krb5_keyblock *key, krb5_keyusage usage,
+ krb5_crypto_iov *data, size_t num_data);
krb5_error_code KRB5_CALLCONV
- krb5_c_verify_checksum_iov
- (krb5_context context,
- krb5_cksumtype cksumtype,
- const krb5_keyblock *key, krb5_keyusage usage,
- const krb5_crypto_iov *data, size_t num_data,
- krb5_boolean *valid);
+krb5_c_verify_checksum_iov(krb5_context context, krb5_cksumtype cksumtype,
+ const krb5_keyblock *key, krb5_keyusage usage,
+ const krb5_crypto_iov *data, size_t num_data,
+ krb5_boolean *valid);
krb5_error_code KRB5_CALLCONV
- krb5_c_encrypt_iov
- (krb5_context context, const krb5_keyblock *key,
- krb5_keyusage usage, const krb5_data *cipher_state,
- krb5_crypto_iov *data, size_t num_data);
+krb5_c_encrypt_iov(krb5_context context, const krb5_keyblock *key,
+ krb5_keyusage usage, const krb5_data *cipher_state,
+ krb5_crypto_iov *data, size_t num_data);
krb5_error_code KRB5_CALLCONV
- krb5_c_decrypt_iov
- (krb5_context context, const krb5_keyblock *key,
- krb5_keyusage usage, const krb5_data *cipher_state,
- krb5_crypto_iov *data, size_t num_data);
+krb5_c_decrypt_iov(krb5_context context, const krb5_keyblock *key,
+ krb5_keyusage usage, const krb5_data *cipher_state,
+ krb5_crypto_iov *data, size_t num_data);
krb5_error_code KRB5_CALLCONV
- krb5_c_crypto_length
- (krb5_context context, krb5_enctype enctype,
- krb5_cryptotype type, unsigned int *size);
+krb5_c_crypto_length(krb5_context context, krb5_enctype enctype,
+ krb5_cryptotype type, unsigned int *size);
krb5_error_code KRB5_CALLCONV
- krb5_c_crypto_length_iov
- (krb5_context context, krb5_enctype enctype,
- krb5_crypto_iov *data, size_t num_data);
+krb5_c_crypto_length_iov(krb5_context context, krb5_enctype enctype,
+ krb5_crypto_iov *data, size_t num_data);
krb5_error_code KRB5_CALLCONV
- krb5_c_padding_length
- (krb5_context context, krb5_enctype enctype,
- size_t data_length, unsigned int *size);
+krb5_c_padding_length(krb5_context context, krb5_enctype enctype,
+ size_t data_length, unsigned int *size);
krb5_error_code KRB5_CALLCONV
krb5_k_create_key(krb5_context context, const krb5_keyblock *key_data,
- krb5_key *out);
+ krb5_key *out);
/* Keys are logically immutable and can be "copied" by reference count. */
void KRB5_CALLCONV krb5_k_reference_key(krb5_context context, krb5_key key);
@@ -730,123 +698,115 @@ void KRB5_CALLCONV krb5_k_free_key(krb5_context context, krb5_key key);
krb5_error_code KRB5_CALLCONV
krb5_k_key_keyblock(krb5_context context, krb5_key key,
- krb5_keyblock **key_data);
+ krb5_keyblock **key_data);
krb5_enctype KRB5_CALLCONV
krb5_k_key_enctype(krb5_context context, krb5_key key);
krb5_error_code KRB5_CALLCONV
krb5_k_encrypt(krb5_context context, krb5_key key, krb5_keyusage usage,
- const krb5_data *cipher_state, const krb5_data *input,
- krb5_enc_data *output);
+ const krb5_data *cipher_state, const krb5_data *input,
+ krb5_enc_data *output);
krb5_error_code KRB5_CALLCONV
krb5_k_encrypt_iov(krb5_context context, krb5_key key, krb5_keyusage usage,
- const krb5_data *cipher_state, krb5_crypto_iov *data,
- size_t num_data);
+ const krb5_data *cipher_state, krb5_crypto_iov *data,
+ size_t num_data);
krb5_error_code KRB5_CALLCONV
krb5_k_decrypt(krb5_context context, krb5_key key, krb5_keyusage usage,
- const krb5_data *cipher_state, const krb5_enc_data *input,
- krb5_data *output);
+ const krb5_data *cipher_state, const krb5_enc_data *input,
+ krb5_data *output);
krb5_error_code KRB5_CALLCONV
krb5_k_decrypt_iov(krb5_context context, krb5_key key, krb5_keyusage usage,
- const krb5_data *cipher_state, krb5_crypto_iov *data,
- size_t num_data);
+ const krb5_data *cipher_state, krb5_crypto_iov *data,
+ size_t num_data);
krb5_error_code KRB5_CALLCONV
krb5_k_make_checksum(krb5_context context, krb5_cksumtype cksumtype,
- krb5_key key, krb5_keyusage usage, const krb5_data *input,
- krb5_checksum *cksum);
+ krb5_key key, krb5_keyusage usage, const krb5_data *input,
+ krb5_checksum *cksum);
krb5_error_code KRB5_CALLCONV
krb5_k_make_checksum_iov(krb5_context context, krb5_cksumtype cksumtype,
- krb5_key key, krb5_keyusage usage,
- krb5_crypto_iov *data, size_t num_data);
+ krb5_key key, krb5_keyusage usage,
+ krb5_crypto_iov *data, size_t num_data);
krb5_error_code KRB5_CALLCONV
krb5_k_verify_checksum(krb5_context context, krb5_key key, krb5_keyusage usage,
- const krb5_data *data, const krb5_checksum *cksum,
- krb5_boolean *valid);
+ const krb5_data *data, const krb5_checksum *cksum,
+ krb5_boolean *valid);
krb5_error_code KRB5_CALLCONV
krb5_k_verify_checksum_iov(krb5_context context, krb5_cksumtype cksumtype,
- krb5_key key, krb5_keyusage usage,
- const krb5_crypto_iov *data, size_t num_data,
- krb5_boolean *valid);
+ krb5_key key, krb5_keyusage usage,
+ const krb5_crypto_iov *data, size_t num_data,
+ krb5_boolean *valid);
#ifdef KRB5_OLD_CRYPTO
/*
* old cryptosystem routine prototypes. These are now layered
* on top of the functions above.
*/
-krb5_error_code KRB5_CALLCONV krb5_encrypt
- (krb5_context context,
- krb5_const_pointer inptr,
- krb5_pointer outptr,
- size_t size,
- krb5_encrypt_block * eblock,
- krb5_pointer ivec);
-krb5_error_code KRB5_CALLCONV krb5_decrypt
- (krb5_context context,
- krb5_const_pointer inptr,
- krb5_pointer outptr,
- size_t size,
- krb5_encrypt_block * eblock,
- krb5_pointer ivec);
-krb5_error_code KRB5_CALLCONV krb5_process_key
- (krb5_context context,
- krb5_encrypt_block * eblock,
- const krb5_keyblock * key);
-krb5_error_code KRB5_CALLCONV krb5_finish_key
- (krb5_context context,
- krb5_encrypt_block * eblock);
-krb5_error_code KRB5_CALLCONV krb5_string_to_key
- (krb5_context context,
- const krb5_encrypt_block * eblock,
- krb5_keyblock * keyblock,
- const krb5_data * data,
- const krb5_data * salt);
-krb5_error_code KRB5_CALLCONV krb5_init_random_key
- (krb5_context context,
- const krb5_encrypt_block * eblock,
- const krb5_keyblock * keyblock,
- krb5_pointer * ptr);
-krb5_error_code KRB5_CALLCONV krb5_finish_random_key
- (krb5_context context,
- const krb5_encrypt_block * eblock,
- krb5_pointer * ptr);
-krb5_error_code KRB5_CALLCONV krb5_random_key
- (krb5_context context,
- const krb5_encrypt_block * eblock,
- krb5_pointer ptr,
- krb5_keyblock ** keyblock);
-krb5_enctype KRB5_CALLCONV krb5_eblock_enctype
- (krb5_context context,
- const krb5_encrypt_block * eblock);
-krb5_error_code KRB5_CALLCONV krb5_use_enctype
- (krb5_context context,
- krb5_encrypt_block * eblock,
- krb5_enctype enctype);
-size_t KRB5_CALLCONV krb5_encrypt_size
- (size_t length,
- krb5_enctype crypto);
-size_t KRB5_CALLCONV krb5_checksum_size
- (krb5_context context,
- krb5_cksumtype ctype);
-krb5_error_code KRB5_CALLCONV krb5_calculate_checksum
- (krb5_context context,
- krb5_cksumtype ctype,
- krb5_const_pointer in, size_t in_length,
- krb5_const_pointer seed, size_t seed_length,
- krb5_checksum * outcksum);
-krb5_error_code KRB5_CALLCONV krb5_verify_checksum
- (krb5_context context,
- krb5_cksumtype ctype,
- const krb5_checksum * cksum,
- krb5_const_pointer in, size_t in_length,
- krb5_const_pointer seed, size_t seed_length);
+krb5_error_code KRB5_CALLCONV
+krb5_encrypt(krb5_context context, krb5_const_pointer inptr,
+ krb5_pointer outptr, size_t size, krb5_encrypt_block *eblock,
+ krb5_pointer ivec);
+
+krb5_error_code KRB5_CALLCONV
+krb5_decrypt(krb5_context context, krb5_const_pointer inptr,
+ krb5_pointer outptr, size_t size, krb5_encrypt_block *eblock,
+ krb5_pointer ivec);
+
+krb5_error_code KRB5_CALLCONV
+krb5_process_key(krb5_context context, krb5_encrypt_block *eblock,
+ const krb5_keyblock * key);
+
+krb5_error_code KRB5_CALLCONV
+krb5_finish_key(krb5_context context, krb5_encrypt_block * eblock);
+
+krb5_error_code KRB5_CALLCONV
+krb5_string_to_key(krb5_context context, const krb5_encrypt_block *eblock,
+ krb5_keyblock * keyblock, const krb5_data *data,
+ const krb5_data *salt);
+
+krb5_error_code KRB5_CALLCONV
+krb5_init_random_key(krb5_context context, const krb5_encrypt_block *eblock,
+ const krb5_keyblock *keyblock, krb5_pointer *ptr);
+
+krb5_error_code KRB5_CALLCONV
+krb5_finish_random_key(krb5_context context, const krb5_encrypt_block *eblock,
+ krb5_pointer *ptr);
+
+krb5_error_code KRB5_CALLCONV
+krb5_random_key(krb5_context context, const krb5_encrypt_block *eblock,
+ krb5_pointer ptr, krb5_keyblock **keyblock);
+
+krb5_enctype KRB5_CALLCONV
+krb5_eblock_enctype(krb5_context context, const krb5_encrypt_block *eblock);
+
+krb5_error_code KRB5_CALLCONV
+krb5_use_enctype(krb5_context context, krb5_encrypt_block *eblock,
+ krb5_enctype enctype);
+
+size_t KRB5_CALLCONV
+krb5_encrypt_size(size_t length, krb5_enctype crypto);
+
+size_t KRB5_CALLCONV
+krb5_checksum_size(krb5_context context, krb5_cksumtype ctype);
+
+krb5_error_code KRB5_CALLCONV
+krb5_calculate_checksum(krb5_context context, krb5_cksumtype ctype,
+ krb5_const_pointer in, size_t in_length,
+ krb5_const_pointer seed, size_t seed_length,
+ krb5_checksum * outcksum);
+
+krb5_error_code KRB5_CALLCONV
+krb5_verify_checksum(krb5_context context, krb5_cksumtype ctype,
+ const krb5_checksum * cksum, krb5_const_pointer in,
+ size_t in_length, krb5_const_pointer seed,
+ size_t seed_length);
#endif /* KRB5_OLD_CRYPTO */
@@ -861,138 +821,138 @@ krb5_error_code KRB5_CALLCONV krb5_verify_checksum
/* kdc_options for kdc_request */
/* options is 32 bits; each host is responsible to put the 4 bytes
representing these bits into net order before transmission */
-/* #define KDC_OPT_RESERVED 0x80000000 */
-#define KDC_OPT_FORWARDABLE 0x40000000
-#define KDC_OPT_FORWARDED 0x20000000
-#define KDC_OPT_PROXIABLE 0x10000000
-#define KDC_OPT_PROXY 0x08000000
-#define KDC_OPT_ALLOW_POSTDATE 0x04000000
-#define KDC_OPT_POSTDATED 0x02000000
-/* #define KDC_OPT_UNUSED 0x01000000 */
-#define KDC_OPT_RENEWABLE 0x00800000
-/* #define KDC_OPT_UNUSED 0x00400000 */
-/* #define KDC_OPT_RESERVED 0x00200000 */
-/* #define KDC_OPT_RESERVED 0x00100000 */
-/* #define KDC_OPT_RESERVED 0x00080000 */
-/* #define KDC_OPT_RESERVED 0x00040000 */
-#define KDC_OPT_REQUEST_ANONYMOUS 0x00020000
-#define KDC_OPT_CNAME_IN_ADDL_TKT 0x00020000
-#define KDC_OPT_CANONICALIZE 0x00010000
-/* #define KDC_OPT_RESERVED 0x00008000 */
-/* #define KDC_OPT_RESERVED 0x00004000 */
-/* #define KDC_OPT_RESERVED 0x00002000 */
-/* #define KDC_OPT_RESERVED 0x00001000 */
-/* #define KDC_OPT_RESERVED 0x00000800 */
-/* #define KDC_OPT_RESERVED 0x00000400 */
-/* #define KDC_OPT_RESERVED 0x00000200 */
-/* #define KDC_OPT_RESERVED 0x00000100 */
-/* #define KDC_OPT_RESERVED 0x00000080 */
-/* #define KDC_OPT_RESERVED 0x00000040 */
-#define KDC_OPT_DISABLE_TRANSITED_CHECK 0x00000020
-#define KDC_OPT_RENEWABLE_OK 0x00000010
-#define KDC_OPT_ENC_TKT_IN_SKEY 0x00000008
-/* #define KDC_OPT_UNUSED 0x00000004 */
-#define KDC_OPT_RENEW 0x00000002
-#define KDC_OPT_VALIDATE 0x00000001
+/* #define KDC_OPT_RESERVED 0x80000000 */
+#define KDC_OPT_FORWARDABLE 0x40000000
+#define KDC_OPT_FORWARDED 0x20000000
+#define KDC_OPT_PROXIABLE 0x10000000
+#define KDC_OPT_PROXY 0x08000000
+#define KDC_OPT_ALLOW_POSTDATE 0x04000000
+#define KDC_OPT_POSTDATED 0x02000000
+/* #define KDC_OPT_UNUSED 0x01000000 */
+#define KDC_OPT_RENEWABLE 0x00800000
+/* #define KDC_OPT_UNUSED 0x00400000 */
+/* #define KDC_OPT_RESERVED 0x00200000 */
+/* #define KDC_OPT_RESERVED 0x00100000 */
+/* #define KDC_OPT_RESERVED 0x00080000 */
+/* #define KDC_OPT_RESERVED 0x00040000 */
+#define KDC_OPT_REQUEST_ANONYMOUS 0x00020000
+#define KDC_OPT_CNAME_IN_ADDL_TKT 0x00020000
+#define KDC_OPT_CANONICALIZE 0x00010000
+/* #define KDC_OPT_RESERVED 0x00008000 */
+/* #define KDC_OPT_RESERVED 0x00004000 */
+/* #define KDC_OPT_RESERVED 0x00002000 */
+/* #define KDC_OPT_RESERVED 0x00001000 */
+/* #define KDC_OPT_RESERVED 0x00000800 */
+/* #define KDC_OPT_RESERVED 0x00000400 */
+/* #define KDC_OPT_RESERVED 0x00000200 */
+/* #define KDC_OPT_RESERVED 0x00000100 */
+/* #define KDC_OPT_RESERVED 0x00000080 */
+/* #define KDC_OPT_RESERVED 0x00000040 */
+#define KDC_OPT_DISABLE_TRANSITED_CHECK 0x00000020
+#define KDC_OPT_RENEWABLE_OK 0x00000010
+#define KDC_OPT_ENC_TKT_IN_SKEY 0x00000008
+/* #define KDC_OPT_UNUSED 0x00000004 */
+#define KDC_OPT_RENEW 0x00000002
+#define KDC_OPT_VALIDATE 0x00000001
/*
* Mask of ticket flags in the TGT which should be converted into KDC
* options when using the TGT to get derivitive tickets.
*
* New mask = KDC_OPT_FORWARDABLE | KDC_OPT_PROXIABLE |
- * KDC_OPT_ALLOW_POSTDATE | KDC_OPT_RENEWABLE
+ * KDC_OPT_ALLOW_POSTDATE | KDC_OPT_RENEWABLE
*/
-#define KDC_TKT_COMMON_MASK 0x54800000
+#define KDC_TKT_COMMON_MASK 0x54800000
/* definitions for ap_options fields */
/* ap_options are 32 bits; each host is responsible to put the 4 bytes
representing these bits into net order before transmission */
-#define AP_OPTS_RESERVED 0x80000000
-#define AP_OPTS_USE_SESSION_KEY 0x40000000
-#define AP_OPTS_MUTUAL_REQUIRED 0x20000000
-/* #define AP_OPTS_RESERVED 0x10000000 */
-/* #define AP_OPTS_RESERVED 0x08000000 */
-/* #define AP_OPTS_RESERVED 0x04000000 */
-/* #define AP_OPTS_RESERVED 0x02000000 */
-/* #define AP_OPTS_RESERVED 0x01000000 */
-/* #define AP_OPTS_RESERVED 0x00800000 */
-/* #define AP_OPTS_RESERVED 0x00400000 */
-/* #define AP_OPTS_RESERVED 0x00200000 */
-/* #define AP_OPTS_RESERVED 0x00100000 */
-/* #define AP_OPTS_RESERVED 0x00080000 */
-/* #define AP_OPTS_RESERVED 0x00040000 */
-/* #define AP_OPTS_RESERVED 0x00020000 */
-/* #define AP_OPTS_RESERVED 0x00010000 */
-/* #define AP_OPTS_RESERVED 0x00008000 */
-/* #define AP_OPTS_RESERVED 0x00004000 */
-/* #define AP_OPTS_RESERVED 0x00002000 */
-/* #define AP_OPTS_RESERVED 0x00001000 */
-/* #define AP_OPTS_RESERVED 0x00000800 */
-/* #define AP_OPTS_RESERVED 0x00000400 */
-/* #define AP_OPTS_RESERVED 0x00000200 */
-/* #define AP_OPTS_RESERVED 0x00000100 */
-/* #define AP_OPTS_RESERVED 0x00000080 */
-/* #define AP_OPTS_RESERVED 0x00000040 */
-/* #define AP_OPTS_RESERVED 0x00000020 */
-/* #define AP_OPTS_RESERVED 0x00000010 */
-/* #define AP_OPTS_RESERVED 0x00000008 */
-/* #define AP_OPTS_RESERVED 0x00000004 */
-#define AP_OPTS_ETYPE_NEGOTIATION 0x00000002
-#define AP_OPTS_USE_SUBKEY 0x00000001
-
-#define AP_OPTS_WIRE_MASK 0xfffffff0
+#define AP_OPTS_RESERVED 0x80000000
+#define AP_OPTS_USE_SESSION_KEY 0x40000000
+#define AP_OPTS_MUTUAL_REQUIRED 0x20000000
+/* #define AP_OPTS_RESERVED 0x10000000 */
+/* #define AP_OPTS_RESERVED 0x08000000 */
+/* #define AP_OPTS_RESERVED 0x04000000 */
+/* #define AP_OPTS_RESERVED 0x02000000 */
+/* #define AP_OPTS_RESERVED 0x01000000 */
+/* #define AP_OPTS_RESERVED 0x00800000 */
+/* #define AP_OPTS_RESERVED 0x00400000 */
+/* #define AP_OPTS_RESERVED 0x00200000 */
+/* #define AP_OPTS_RESERVED 0x00100000 */
+/* #define AP_OPTS_RESERVED 0x00080000 */
+/* #define AP_OPTS_RESERVED 0x00040000 */
+/* #define AP_OPTS_RESERVED 0x00020000 */
+/* #define AP_OPTS_RESERVED 0x00010000 */
+/* #define AP_OPTS_RESERVED 0x00008000 */
+/* #define AP_OPTS_RESERVED 0x00004000 */
+/* #define AP_OPTS_RESERVED 0x00002000 */
+/* #define AP_OPTS_RESERVED 0x00001000 */
+/* #define AP_OPTS_RESERVED 0x00000800 */
+/* #define AP_OPTS_RESERVED 0x00000400 */
+/* #define AP_OPTS_RESERVED 0x00000200 */
+/* #define AP_OPTS_RESERVED 0x00000100 */
+/* #define AP_OPTS_RESERVED 0x00000080 */
+/* #define AP_OPTS_RESERVED 0x00000040 */
+/* #define AP_OPTS_RESERVED 0x00000020 */
+/* #define AP_OPTS_RESERVED 0x00000010 */
+/* #define AP_OPTS_RESERVED 0x00000008 */
+/* #define AP_OPTS_RESERVED 0x00000004 */
+#define AP_OPTS_ETYPE_NEGOTIATION 0x00000002
+#define AP_OPTS_USE_SUBKEY 0x00000001
+
+#define AP_OPTS_WIRE_MASK 0xfffffff0
/* definitions for ad_type fields. */
-#define AD_TYPE_RESERVED 0x8000
-#define AD_TYPE_EXTERNAL 0x4000
-#define AD_TYPE_REGISTERED 0x2000
+#define AD_TYPE_RESERVED 0x8000
+#define AD_TYPE_EXTERNAL 0x4000
+#define AD_TYPE_REGISTERED 0x2000
-#define AD_TYPE_FIELD_TYPE_MASK 0x1fff
+#define AD_TYPE_FIELD_TYPE_MASK 0x1fff
/* Ticket flags */
/* flags are 32 bits; each host is responsible to put the 4 bytes
representing these bits into net order before transmission */
-/* #define TKT_FLG_RESERVED 0x80000000 */
-#define TKT_FLG_FORWARDABLE 0x40000000
-#define TKT_FLG_FORWARDED 0x20000000
-#define TKT_FLG_PROXIABLE 0x10000000
-#define TKT_FLG_PROXY 0x08000000
-#define TKT_FLG_MAY_POSTDATE 0x04000000
-#define TKT_FLG_POSTDATED 0x02000000
-#define TKT_FLG_INVALID 0x01000000
-#define TKT_FLG_RENEWABLE 0x00800000
-#define TKT_FLG_INITIAL 0x00400000
-#define TKT_FLG_PRE_AUTH 0x00200000
-#define TKT_FLG_HW_AUTH 0x00100000
-#define TKT_FLG_TRANSIT_POLICY_CHECKED 0x00080000
-#define TKT_FLG_OK_AS_DELEGATE 0x00040000
-#define TKT_FLG_ANONYMOUS 0x00020000
-/* #define TKT_FLG_RESERVED 0x00010000 */
-/* #define TKT_FLG_RESERVED 0x00008000 */
-/* #define TKT_FLG_RESERVED 0x00004000 */
-/* #define TKT_FLG_RESERVED 0x00002000 */
-/* #define TKT_FLG_RESERVED 0x00001000 */
-/* #define TKT_FLG_RESERVED 0x00000800 */
-/* #define TKT_FLG_RESERVED 0x00000400 */
-/* #define TKT_FLG_RESERVED 0x00000200 */
-/* #define TKT_FLG_RESERVED 0x00000100 */
-/* #define TKT_FLG_RESERVED 0x00000080 */
-/* #define TKT_FLG_RESERVED 0x00000040 */
-/* #define TKT_FLG_RESERVED 0x00000020 */
-/* #define TKT_FLG_RESERVED 0x00000010 */
-/* #define TKT_FLG_RESERVED 0x00000008 */
-/* #define TKT_FLG_RESERVED 0x00000004 */
-/* #define TKT_FLG_RESERVED 0x00000002 */
-/* #define TKT_FLG_RESERVED 0x00000001 */
+/* #define TKT_FLG_RESERVED 0x80000000 */
+#define TKT_FLG_FORWARDABLE 0x40000000
+#define TKT_FLG_FORWARDED 0x20000000
+#define TKT_FLG_PROXIABLE 0x10000000
+#define TKT_FLG_PROXY 0x08000000
+#define TKT_FLG_MAY_POSTDATE 0x04000000
+#define TKT_FLG_POSTDATED 0x02000000
+#define TKT_FLG_INVALID 0x01000000
+#define TKT_FLG_RENEWABLE 0x00800000
+#define TKT_FLG_INITIAL 0x00400000
+#define TKT_FLG_PRE_AUTH 0x00200000
+#define TKT_FLG_HW_AUTH 0x00100000
+#define TKT_FLG_TRANSIT_POLICY_CHECKED 0x00080000
+#define TKT_FLG_OK_AS_DELEGATE 0x00040000
+#define TKT_FLG_ANONYMOUS 0x00020000
+/* #define TKT_FLG_RESERVED 0x00010000 */
+/* #define TKT_FLG_RESERVED 0x00008000 */
+/* #define TKT_FLG_RESERVED 0x00004000 */
+/* #define TKT_FLG_RESERVED 0x00002000 */
+/* #define TKT_FLG_RESERVED 0x00001000 */
+/* #define TKT_FLG_RESERVED 0x00000800 */
+/* #define TKT_FLG_RESERVED 0x00000400 */
+/* #define TKT_FLG_RESERVED 0x00000200 */
+/* #define TKT_FLG_RESERVED 0x00000100 */
+/* #define TKT_FLG_RESERVED 0x00000080 */
+/* #define TKT_FLG_RESERVED 0x00000040 */
+/* #define TKT_FLG_RESERVED 0x00000020 */
+/* #define TKT_FLG_RESERVED 0x00000010 */
+/* #define TKT_FLG_RESERVED 0x00000008 */
+/* #define TKT_FLG_RESERVED 0x00000004 */
+/* #define TKT_FLG_RESERVED 0x00000002 */
+/* #define TKT_FLG_RESERVED 0x00000001 */
/* definitions for lr_type fields. */
-#define LR_TYPE_THIS_SERVER_ONLY 0x8000
+#define LR_TYPE_THIS_SERVER_ONLY 0x8000
-#define LR_TYPE_INTERPRETATION_MASK 0x7fff
+#define LR_TYPE_INTERPRETATION_MASK 0x7fff
/* definitions for msec direction bit for KRB_SAFE, KRB_PRIV */
-#define MSEC_DIRBIT 0x8000
-#define MSEC_VAL_MASK 0x7fff
+#define MSEC_DIRBIT 0x8000
+#define MSEC_VAL_MASK 0x7fff
/*
* end "fieldbits.h"
@@ -1003,111 +963,111 @@ krb5_error_code KRB5_CALLCONV krb5_verify_checksum
*/
/* Protocol version number */
-#define KRB5_PVNO 5
+#define KRB5_PVNO 5
/* Message types */
-#define KRB5_AS_REQ ((krb5_msgtype)10) /* Req for initial authentication */
-#define KRB5_AS_REP ((krb5_msgtype)11) /* Response to KRB_AS_REQ request */
-#define KRB5_TGS_REQ ((krb5_msgtype)12) /* TGS request to server */
-#define KRB5_TGS_REP ((krb5_msgtype)13) /* Response to KRB_TGS_REQ req */
-#define KRB5_AP_REQ ((krb5_msgtype)14) /* application request to server */
-#define KRB5_AP_REP ((krb5_msgtype)15) /* Response to KRB_AP_REQ_MUTUAL */
-#define KRB5_SAFE ((krb5_msgtype)20) /* Safe application message */
-#define KRB5_PRIV ((krb5_msgtype)21) /* Private application message */
-#define KRB5_CRED ((krb5_msgtype)22) /* Credential forwarding message */
-#define KRB5_ERROR ((krb5_msgtype)30) /* Error response */
+#define KRB5_AS_REQ ((krb5_msgtype)10) /* Req for initial authentication */
+#define KRB5_AS_REP ((krb5_msgtype)11) /* Response to KRB_AS_REQ request */
+#define KRB5_TGS_REQ ((krb5_msgtype)12) /* TGS request to server */
+#define KRB5_TGS_REP ((krb5_msgtype)13) /* Response to KRB_TGS_REQ req */
+#define KRB5_AP_REQ ((krb5_msgtype)14) /* application request to server */
+#define KRB5_AP_REP ((krb5_msgtype)15) /* Response to KRB_AP_REQ_MUTUAL */
+#define KRB5_SAFE ((krb5_msgtype)20) /* Safe application message */
+#define KRB5_PRIV ((krb5_msgtype)21) /* Private application message */
+#define KRB5_CRED ((krb5_msgtype)22) /* Credential forwarding message */
+#define KRB5_ERROR ((krb5_msgtype)30) /* Error response */
/* LastReq types */
-#define KRB5_LRQ_NONE 0
-#define KRB5_LRQ_ALL_LAST_TGT 1
-#define KRB5_LRQ_ONE_LAST_TGT (-1)
-#define KRB5_LRQ_ALL_LAST_INITIAL 2
-#define KRB5_LRQ_ONE_LAST_INITIAL (-2)
-#define KRB5_LRQ_ALL_LAST_TGT_ISSUED 3
-#define KRB5_LRQ_ONE_LAST_TGT_ISSUED (-3)
-#define KRB5_LRQ_ALL_LAST_RENEWAL 4
-#define KRB5_LRQ_ONE_LAST_RENEWAL (-4)
-#define KRB5_LRQ_ALL_LAST_REQ 5
-#define KRB5_LRQ_ONE_LAST_REQ (-5)
-#define KRB5_LRQ_ALL_PW_EXPTIME 6
-#define KRB5_LRQ_ONE_PW_EXPTIME (-6)
+#define KRB5_LRQ_NONE 0
+#define KRB5_LRQ_ALL_LAST_TGT 1
+#define KRB5_LRQ_ONE_LAST_TGT (-1)
+#define KRB5_LRQ_ALL_LAST_INITIAL 2
+#define KRB5_LRQ_ONE_LAST_INITIAL (-2)
+#define KRB5_LRQ_ALL_LAST_TGT_ISSUED 3
+#define KRB5_LRQ_ONE_LAST_TGT_ISSUED (-3)
+#define KRB5_LRQ_ALL_LAST_RENEWAL 4
+#define KRB5_LRQ_ONE_LAST_RENEWAL (-4)
+#define KRB5_LRQ_ALL_LAST_REQ 5
+#define KRB5_LRQ_ONE_LAST_REQ (-5)
+#define KRB5_LRQ_ALL_PW_EXPTIME 6
+#define KRB5_LRQ_ONE_PW_EXPTIME (-6)
/* PADATA types */
-#define KRB5_PADATA_NONE 0
-#define KRB5_PADATA_AP_REQ 1
-#define KRB5_PADATA_TGS_REQ KRB5_PADATA_AP_REQ
-#define KRB5_PADATA_ENC_TIMESTAMP 2
-#define KRB5_PADATA_PW_SALT 3
-#if 0 /* Not used */
-#define KRB5_PADATA_ENC_ENCKEY 4 /* Key encrypted within itself */
+#define KRB5_PADATA_NONE 0
+#define KRB5_PADATA_AP_REQ 1
+#define KRB5_PADATA_TGS_REQ KRB5_PADATA_AP_REQ
+#define KRB5_PADATA_ENC_TIMESTAMP 2
+#define KRB5_PADATA_PW_SALT 3
+#if 0 /* Not used */
+#define KRB5_PADATA_ENC_ENCKEY 4 /* Key encrypted within itself */
#endif
-#define KRB5_PADATA_ENC_UNIX_TIME 5 /* timestamp encrypted in key */
-#define KRB5_PADATA_ENC_SANDIA_SECURID 6 /* SecurId passcode */
-#define KRB5_PADATA_SESAME 7 /* Sesame project */
-#define KRB5_PADATA_OSF_DCE 8 /* OSF DCE */
-#define KRB5_CYBERSAFE_SECUREID 9 /* Cybersafe */
-#define KRB5_PADATA_AFS3_SALT 10 /* Cygnus */
-#define KRB5_PADATA_ETYPE_INFO 11 /* Etype info for preauth */
-#define KRB5_PADATA_SAM_CHALLENGE 12 /* draft challenge system */
-#define KRB5_PADATA_SAM_RESPONSE 13 /* draft challenge system response */
-#define KRB5_PADATA_PK_AS_REQ_OLD 14 /* PKINIT */
-#define KRB5_PADATA_PK_AS_REP_OLD 15 /* PKINIT */
-#define KRB5_PADATA_PK_AS_REQ 16 /* PKINIT */
-#define KRB5_PADATA_PK_AS_REP 17 /* PKINIT */
-#define KRB5_PADATA_ETYPE_INFO2 19
-#define KRB5_PADATA_USE_SPECIFIED_KVNO 20
-#define KRB5_PADATA_SVR_REFERRAL_INFO 20 /* Windows 2000 referrals */
-#define KRB5_PADATA_SAM_REDIRECT 21
-#define KRB5_PADATA_GET_FROM_TYPED_DATA 22
-#define KRB5_PADATA_REFERRAL 25 /* draft referral system */
-#define KRB5_PADATA_SAM_CHALLENGE_2 30 /* draft challenge system, updated */
-#define KRB5_PADATA_SAM_RESPONSE_2 31 /* draft challenge system, updated */
-#define KRB5_PADATA_PAC_REQUEST 128 /* include Windows PAC */
-#define KRB5_PADATA_FOR_USER 129 /* username protocol transition request */
-#define KRB5_PADATA_S4U_X509_USER 130 /* certificate protocol transition request */
+#define KRB5_PADATA_ENC_UNIX_TIME 5 /* timestamp encrypted in key */
+#define KRB5_PADATA_ENC_SANDIA_SECURID 6 /* SecurId passcode */
+#define KRB5_PADATA_SESAME 7 /* Sesame project */
+#define KRB5_PADATA_OSF_DCE 8 /* OSF DCE */
+#define KRB5_CYBERSAFE_SECUREID 9 /* Cybersafe */
+#define KRB5_PADATA_AFS3_SALT 10 /* Cygnus */
+#define KRB5_PADATA_ETYPE_INFO 11 /* Etype info for preauth */
+#define KRB5_PADATA_SAM_CHALLENGE 12 /* draft challenge system */
+#define KRB5_PADATA_SAM_RESPONSE 13 /* draft challenge system response */
+#define KRB5_PADATA_PK_AS_REQ_OLD 14 /* PKINIT */
+#define KRB5_PADATA_PK_AS_REP_OLD 15 /* PKINIT */
+#define KRB5_PADATA_PK_AS_REQ 16 /* PKINIT */
+#define KRB5_PADATA_PK_AS_REP 17 /* PKINIT */
+#define KRB5_PADATA_ETYPE_INFO2 19
+#define KRB5_PADATA_USE_SPECIFIED_KVNO 20
+#define KRB5_PADATA_SVR_REFERRAL_INFO 20 /* Windows 2000 referrals */
+#define KRB5_PADATA_SAM_REDIRECT 21
+#define KRB5_PADATA_GET_FROM_TYPED_DATA 22
+#define KRB5_PADATA_REFERRAL 25 /* draft referral system */
+#define KRB5_PADATA_SAM_CHALLENGE_2 30 /* draft challenge system, updated */
+#define KRB5_PADATA_SAM_RESPONSE_2 31 /* draft challenge system, updated */
+#define KRB5_PADATA_PAC_REQUEST 128 /* include Windows PAC */
+#define KRB5_PADATA_FOR_USER 129 /* username protocol transition request */
+#define KRB5_PADATA_S4U_X509_USER 130 /* certificate protocol transition request */
#define KRB5_PADATA_FX_COOKIE 133
#define KRB5_PADATA_FX_FAST 136
#define KRB5_PADATA_FX_ERROR 137
#define KRB5_PADATA_ENCRYPTED_CHALLENGE 138
-#define KRB5_SAM_USE_SAD_AS_KEY 0x80000000
-#define KRB5_SAM_SEND_ENCRYPTED_SAD 0x40000000
-#define KRB5_SAM_MUST_PK_ENCRYPT_SAD 0x20000000 /* currently must be zero */
+#define KRB5_SAM_USE_SAD_AS_KEY 0x80000000
+#define KRB5_SAM_SEND_ENCRYPTED_SAD 0x40000000
+#define KRB5_SAM_MUST_PK_ENCRYPT_SAD 0x20000000 /* currently must be zero */
/* Reserved for SPX pre-authentication. */
-#define KRB5_PADATA_DASS 16
+#define KRB5_PADATA_DASS 16
/* Transited encoding types */
-#define KRB5_DOMAIN_X500_COMPRESS 1
+#define KRB5_DOMAIN_X500_COMPRESS 1
/* alternate authentication types */
-#define KRB5_ALTAUTH_ATT_CHALLENGE_RESPONSE 64
+#define KRB5_ALTAUTH_ATT_CHALLENGE_RESPONSE 64
/* authorization data types */
#define KRB5_AUTHDATA_IF_RELEVANT 1
#define KRB5_AUTHDATA_KDC_ISSUED 4
-#define KRB5_AUTHDATA_AND_OR 5
-#define KRB5_AUTHDATA_MANDATORY_FOR_KDC 8
-#define KRB5_AUTHDATA_INITIAL_VERIFIED_CAS 9
-#define KRB5_AUTHDATA_OSF_DCE 64
-#define KRB5_AUTHDATA_SESAME 65
-#define KRB5_AUTHDATA_WIN2K_PAC 128
-#define KRB5_AUTHDATA_ETYPE_NEGOTIATION 129 /* RFC 4537 */
-#define KRB5_AUTHDATA_SIGNTICKET 142
+#define KRB5_AUTHDATA_AND_OR 5
+#define KRB5_AUTHDATA_MANDATORY_FOR_KDC 8
+#define KRB5_AUTHDATA_INITIAL_VERIFIED_CAS 9
+#define KRB5_AUTHDATA_OSF_DCE 64
+#define KRB5_AUTHDATA_SESAME 65
+#define KRB5_AUTHDATA_WIN2K_PAC 128
+#define KRB5_AUTHDATA_ETYPE_NEGOTIATION 129 /* RFC 4537 */
+#define KRB5_AUTHDATA_SIGNTICKET 142
#define KRB5_AUTHDATA_FX_ARMOR 71
/* password change constants */
-#define KRB5_KPASSWD_SUCCESS 0
-#define KRB5_KPASSWD_MALFORMED 1
-#define KRB5_KPASSWD_HARDERROR 2
-#define KRB5_KPASSWD_AUTHERROR 3
-#define KRB5_KPASSWD_SOFTERROR 4
+#define KRB5_KPASSWD_SUCCESS 0
+#define KRB5_KPASSWD_MALFORMED 1
+#define KRB5_KPASSWD_HARDERROR 2
+#define KRB5_KPASSWD_AUTHERROR 3
+#define KRB5_KPASSWD_SOFTERROR 4
/* These are Microsoft's extensions in RFC 3244, and it looks like
they'll become standardized, possibly with other additions. */
-#define KRB5_KPASSWD_ACCESSDENIED 5 /* unused */
-#define KRB5_KPASSWD_BAD_VERSION 6
-#define KRB5_KPASSWD_INITIAL_FLAG_NEEDED 7 /* unused */
+#define KRB5_KPASSWD_ACCESSDENIED 5 /* unused */
+#define KRB5_KPASSWD_BAD_VERSION 6
+#define KRB5_KPASSWD_INITIAL_FLAG_NEEDED 7 /* unused */
/*
* end "proto.h"
@@ -1116,9 +1076,9 @@ krb5_error_code KRB5_CALLCONV krb5_verify_checksum
/* Time set */
typedef struct _krb5_ticket_times {
krb5_timestamp authtime; /* XXX ? should ktime in KDC_REP == authtime
- in ticket? otherwise client can't get this */
- krb5_timestamp starttime; /* optional in ticket, if not present,
- use authtime */
+ in ticket? otherwise client can't get this */
+ krb5_timestamp starttime; /* optional in ticket, if not present,
+ use authtime */
krb5_timestamp endtime;
krb5_timestamp renew_till;
} krb5_ticket_times;
@@ -1141,34 +1101,34 @@ typedef struct _krb5_transited {
typedef struct _krb5_enc_tkt_part {
krb5_magic magic;
/* to-be-encrypted portion */
- krb5_flags flags; /* flags */
- krb5_keyblock *session; /* session key: includes enctype */
- krb5_principal client; /* client name/realm */
- krb5_transited transited; /* list of transited realms */
- krb5_ticket_times times; /* auth, start, end, renew_till */
- krb5_address **caddrs; /* array of ptrs to addresses */
+ krb5_flags flags; /* flags */
+ krb5_keyblock *session; /* session key: includes enctype */
+ krb5_principal client; /* client name/realm */
+ krb5_transited transited; /* list of transited realms */
+ krb5_ticket_times times; /* auth, start, end, renew_till */
+ krb5_address **caddrs; /* array of ptrs to addresses */
krb5_authdata **authorization_data; /* auth data */
} krb5_enc_tkt_part;
typedef struct _krb5_ticket {
krb5_magic magic;
/* cleartext portion */
- krb5_principal server; /* server name/realm */
- krb5_enc_data enc_part; /* encryption type, kvno, encrypted
- encoding */
- krb5_enc_tkt_part *enc_part2; /* ptr to decrypted version, if
- available */
+ krb5_principal server; /* server name/realm */
+ krb5_enc_data enc_part; /* encryption type, kvno, encrypted
+ encoding */
+ krb5_enc_tkt_part *enc_part2; /* ptr to decrypted version, if
+ available */
} krb5_ticket;
/* the unencrypted version */
typedef struct _krb5_authenticator {
krb5_magic magic;
- krb5_principal client; /* client name/realm */
- krb5_checksum *checksum; /* checksum, includes type, optional */
- krb5_int32 cusec; /* client usec portion */
- krb5_timestamp ctime; /* client sec portion */
- krb5_keyblock *subkey; /* true session key, optional */
- krb5_ui_4 seq_number; /* sequence #, optional */
+ krb5_principal client; /* client name/realm */
+ krb5_checksum *checksum; /* checksum, includes type, optional */
+ krb5_int32 cusec; /* client usec portion */
+ krb5_timestamp ctime; /* client sec portion */
+ krb5_keyblock *subkey; /* true session key, optional */
+ krb5_ui_4 seq_number; /* sequence #, optional */
krb5_authdata **authorization_data; /* New add by Ari, auth data */
} krb5_authenticator;
@@ -1179,22 +1139,22 @@ typedef struct _krb5_tkt_authent {
krb5_flags ap_options;
} krb5_tkt_authent;
-/* credentials: Ticket, session key, etc. */
+/* credentials: Ticket, session key, etc. */
typedef struct _krb5_creds {
krb5_magic magic;
- krb5_principal client; /* client's principal identifier */
- krb5_principal server; /* server's principal identifier */
- krb5_keyblock keyblock; /* session encryption key info */
- krb5_ticket_times times; /* lifetime info */
- krb5_boolean is_skey; /* true if ticket is encrypted in
- another ticket's skey */
- krb5_flags ticket_flags; /* flags in ticket */
- krb5_address **addresses; /* addrs in ticket */
- krb5_data ticket; /* ticket string itself */
- krb5_data second_ticket; /* second ticket, if related to
- ticket (via DUPLICATE-SKEY or
- ENC-TKT-IN-SKEY) */
- krb5_authdata **authdata; /* authorization data */
+ krb5_principal client; /* client's principal identifier */
+ krb5_principal server; /* server's principal identifier */
+ krb5_keyblock keyblock; /* session encryption key info */
+ krb5_ticket_times times; /* lifetime info */
+ krb5_boolean is_skey; /* true if ticket is encrypted in
+ another ticket's skey */
+ krb5_flags ticket_flags; /* flags in ticket */
+ krb5_address **addresses; /* addrs in ticket */
+ krb5_data ticket; /* ticket string itself */
+ krb5_data second_ticket; /* second ticket, if related to
+ ticket (via DUPLICATE-SKEY or
+ ENC-TKT-IN-SKEY) */
+ krb5_authdata **authdata; /* authorization data */
} krb5_creds;
/* Last request fields */
@@ -1214,23 +1174,23 @@ typedef struct _krb5_pa_data {
typedef struct _krb5_kdc_req {
krb5_magic magic;
- krb5_msgtype msg_type; /* AS_REQ or TGS_REQ? */
- krb5_pa_data **padata; /* e.g. encoded AP_REQ */
+ krb5_msgtype msg_type; /* AS_REQ or TGS_REQ? */
+ krb5_pa_data **padata; /* e.g. encoded AP_REQ */
/* real body */
- krb5_flags kdc_options; /* requested options */
- krb5_principal client; /* includes realm; optional */
- krb5_principal server; /* includes realm (only used if no
- client) */
- krb5_timestamp from; /* requested starttime */
- krb5_timestamp till; /* requested endtime */
- krb5_timestamp rtime; /* (optional) requested renew_till */
- krb5_int32 nonce; /* nonce to match request/response */
- int nktypes; /* # of ktypes, must be positive */
- krb5_enctype *ktype; /* requested enctype(s) */
- krb5_address **addresses; /* requested addresses, optional */
- krb5_enc_data authorization_data; /* encrypted auth data; OPTIONAL */
+ krb5_flags kdc_options; /* requested options */
+ krb5_principal client; /* includes realm; optional */
+ krb5_principal server; /* includes realm (only used if no
+ client) */
+ krb5_timestamp from; /* requested starttime */
+ krb5_timestamp till; /* requested endtime */
+ krb5_timestamp rtime; /* (optional) requested renew_till */
+ krb5_int32 nonce; /* nonce to match request/response */
+ int nktypes; /* # of ktypes, must be positive */
+ krb5_enctype *ktype; /* requested enctype(s) */
+ krb5_address **addresses; /* requested addresses, optional */
+ krb5_enc_data authorization_data; /* encrypted auth data; OPTIONAL */
krb5_authdata **unenc_authdata; /* unencrypted auth data,
- if available */
+ if available */
krb5_ticket **second_ticket;/* second ticket array; OPTIONAL */
/* the following field is added in March 2009; it is a hack so
* that FAST state can be carried to pre-authentication plugins.
@@ -1244,28 +1204,28 @@ typedef struct _krb5_kdc_req {
typedef struct _krb5_enc_kdc_rep_part {
krb5_magic magic;
/* encrypted part: */
- krb5_msgtype msg_type; /* krb5 message type */
- krb5_keyblock *session; /* session key */
+ krb5_msgtype msg_type; /* krb5 message type */
+ krb5_keyblock *session; /* session key */
krb5_last_req_entry **last_req; /* array of ptrs to entries */
- krb5_int32 nonce; /* nonce from request */
- krb5_timestamp key_exp; /* expiration date */
- krb5_flags flags; /* ticket flags */
- krb5_ticket_times times; /* lifetime info */
- krb5_principal server; /* server's principal identifier */
- krb5_address **caddrs; /* array of ptrs to addresses,
- optional */
- krb5_pa_data **enc_padata; /* Windows 2000 compat */
+ krb5_int32 nonce; /* nonce from request */
+ krb5_timestamp key_exp; /* expiration date */
+ krb5_flags flags; /* ticket flags */
+ krb5_ticket_times times; /* lifetime info */
+ krb5_principal server; /* server's principal identifier */
+ krb5_address **caddrs; /* array of ptrs to addresses,
+ optional */
+ krb5_pa_data **enc_padata; /* Windows 2000 compat */
} krb5_enc_kdc_rep_part;
typedef struct _krb5_kdc_rep {
krb5_magic magic;
/* cleartext part: */
- krb5_msgtype msg_type; /* AS_REP or KDC_REP? */
- krb5_pa_data **padata; /* preauthentication data from KDC */
- krb5_principal client; /* client's principal identifier */
- krb5_ticket *ticket; /* ticket */
- krb5_enc_data enc_part; /* encryption type, kvno, encrypted
- encoding */
+ krb5_msgtype msg_type; /* AS_REP or KDC_REP? */
+ krb5_pa_data **padata; /* preauthentication data from KDC */
+ krb5_principal client; /* client's principal identifier */
+ krb5_ticket *ticket; /* ticket */
+ krb5_enc_data enc_part; /* encryption type, kvno, encrypted
+ encoding */
krb5_enc_kdc_rep_part *enc_part2;/* unencrypted version, if available */
} krb5_kdc_rep;
@@ -1273,23 +1233,23 @@ typedef struct _krb5_kdc_rep {
typedef struct _krb5_error {
krb5_magic magic;
/* some of these may be meaningless in certain contexts */
- krb5_timestamp ctime; /* client sec portion; optional */
- krb5_int32 cusec; /* client usec portion; optional */
- krb5_int32 susec; /* server usec portion */
- krb5_timestamp stime; /* server sec portion */
- krb5_ui_4 error; /* error code (protocol error #'s) */
- krb5_principal client; /* client's principal identifier;
- optional */
- krb5_principal server; /* server's principal identifier */
- krb5_data text; /* descriptive text */
- krb5_data e_data; /* additional error-describing data */
+ krb5_timestamp ctime; /* client sec portion; optional */
+ krb5_int32 cusec; /* client usec portion; optional */
+ krb5_int32 susec; /* server usec portion */
+ krb5_timestamp stime; /* server sec portion */
+ krb5_ui_4 error; /* error code (protocol error #'s) */
+ krb5_principal client; /* client's principal identifier;
+ optional */
+ krb5_principal server; /* server's principal identifier */
+ krb5_data text; /* descriptive text */
+ krb5_data e_data; /* additional error-describing data */
} krb5_error;
typedef struct _krb5_ap_req {
krb5_magic magic;
- krb5_flags ap_options; /* requested options */
- krb5_ticket *ticket; /* ticket */
- krb5_enc_data authenticator; /* authenticator (already encrypted) */
+ krb5_flags ap_options; /* requested options */
+ krb5_ticket *ticket; /* ticket */
+ krb5_enc_data authenticator; /* authenticator (already encrypted) */
} krb5_ap_req;
typedef struct _krb5_ap_rep {
@@ -1299,47 +1259,47 @@ typedef struct _krb5_ap_rep {
typedef struct _krb5_ap_rep_enc_part {
krb5_magic magic;
- krb5_timestamp ctime; /* client time, seconds portion */
- krb5_int32 cusec; /* client time, microseconds portion */
- krb5_keyblock *subkey; /* true session key, optional */
- krb5_ui_4 seq_number; /* sequence #, optional */
+ krb5_timestamp ctime; /* client time, seconds portion */
+ krb5_int32 cusec; /* client time, microseconds portion */
+ krb5_keyblock *subkey; /* true session key, optional */
+ krb5_ui_4 seq_number; /* sequence #, optional */
} krb5_ap_rep_enc_part;
typedef struct _krb5_response {
krb5_magic magic;
krb5_octet message_type;
krb5_data response;
- krb5_int32 expected_nonce; /* The expected nonce for KDC_REP messages */
+ krb5_int32 expected_nonce; /* The expected nonce for KDC_REP messages */
krb5_timestamp request_time; /* When we made the request */
} krb5_response;
typedef struct _krb5_cred_info {
krb5_magic magic;
- krb5_keyblock *session; /* session key used to encrypt */
- /* ticket */
- krb5_principal client; /* client name/realm, optional */
- krb5_principal server; /* server name/realm, optional */
- krb5_flags flags; /* ticket flags, optional */
- krb5_ticket_times times; /* auth, start, end, renew_till, */
- /* optional */
- krb5_address **caddrs; /* array of ptrs to addresses */
+ krb5_keyblock *session; /* session key used to encrypt */
+ /* ticket */
+ krb5_principal client; /* client name/realm, optional */
+ krb5_principal server; /* server name/realm, optional */
+ krb5_flags flags; /* ticket flags, optional */
+ krb5_ticket_times times; /* auth, start, end, renew_till, */
+ /* optional */
+ krb5_address **caddrs; /* array of ptrs to addresses */
} krb5_cred_info;
typedef struct _krb5_cred_enc_part {
krb5_magic magic;
- krb5_int32 nonce; /* nonce, optional */
- krb5_timestamp timestamp; /* client time */
- krb5_int32 usec; /* microsecond portion of time */
- krb5_address *s_address; /* sender address, optional */
- krb5_address *r_address; /* recipient address, optional */
+ krb5_int32 nonce; /* nonce, optional */
+ krb5_timestamp timestamp; /* client time */
+ krb5_int32 usec; /* microsecond portion of time */
+ krb5_address *s_address; /* sender address, optional */
+ krb5_address *r_address; /* recipient address, optional */
krb5_cred_info **ticket_info;
} krb5_cred_enc_part;
typedef struct _krb5_cred {
krb5_magic magic;
- krb5_ticket **tickets; /* tickets */
- krb5_enc_data enc_part; /* encrypted part */
- krb5_cred_enc_part *enc_part2; /* unencrypted version, if available*/
+ krb5_ticket **tickets; /* tickets */
+ krb5_enc_data enc_part; /* encrypted part */
+ krb5_cred_enc_part *enc_part2; /* unencrypted version, if available*/
} krb5_cred;
/* Sandia password generation structures */
@@ -1382,31 +1342,31 @@ typedef struct _krb5_pa_pac_req {
* begin "safepriv.h"
*/
-#define KRB5_AUTH_CONTEXT_DO_TIME 0x00000001
-#define KRB5_AUTH_CONTEXT_RET_TIME 0x00000002
-#define KRB5_AUTH_CONTEXT_DO_SEQUENCE 0x00000004
-#define KRB5_AUTH_CONTEXT_RET_SEQUENCE 0x00000008
-#define KRB5_AUTH_CONTEXT_PERMIT_ALL 0x00000010
-#define KRB5_AUTH_CONTEXT_USE_SUBKEY 0x00000020
+#define KRB5_AUTH_CONTEXT_DO_TIME 0x00000001
+#define KRB5_AUTH_CONTEXT_RET_TIME 0x00000002
+#define KRB5_AUTH_CONTEXT_DO_SEQUENCE 0x00000004
+#define KRB5_AUTH_CONTEXT_RET_SEQUENCE 0x00000008
+#define KRB5_AUTH_CONTEXT_PERMIT_ALL 0x00000010
+#define KRB5_AUTH_CONTEXT_USE_SUBKEY 0x00000020
typedef struct krb5_replay_data {
- krb5_timestamp timestamp;
- krb5_int32 usec;
- krb5_ui_4 seq;
+ krb5_timestamp timestamp;
+ krb5_int32 usec;
+ krb5_ui_4 seq;
} krb5_replay_data;
/* flags for krb5_auth_con_genaddrs() */
-#define KRB5_AUTH_CONTEXT_GENERATE_LOCAL_ADDR 0x00000001
-#define KRB5_AUTH_CONTEXT_GENERATE_REMOTE_ADDR 0x00000002
-#define KRB5_AUTH_CONTEXT_GENERATE_LOCAL_FULL_ADDR 0x00000004
-#define KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR 0x00000008
+#define KRB5_AUTH_CONTEXT_GENERATE_LOCAL_ADDR 0x00000001
+#define KRB5_AUTH_CONTEXT_GENERATE_REMOTE_ADDR 0x00000002
+#define KRB5_AUTH_CONTEXT_GENERATE_LOCAL_FULL_ADDR 0x00000004
+#define KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR 0x00000008
/* type of function used as a callback to generate checksum data for
* mk_req */
typedef krb5_error_code
(KRB5_CALLCONV * krb5_mk_req_checksum_func) (krb5_context, krb5_auth_context , void *,
- krb5_data **);
+ krb5_data **);
/*
* end "safepriv.h"
@@ -1417,7 +1377,7 @@ typedef krb5_error_code
* begin "ccache.h"
*/
-typedef krb5_pointer krb5_cc_cursor; /* cursor for sequential lookup */
+typedef krb5_pointer krb5_cc_cursor; /* cursor for sequential lookup */
struct _krb5_ccache;
typedef struct _krb5_ccache *krb5_ccache;
@@ -1431,99 +1391,93 @@ struct _krb5_cccol_cursor;
typedef struct _krb5_cccol_cursor *krb5_cccol_cursor;
/* for retrieve_cred */
-#define KRB5_TC_MATCH_TIMES 0x00000001
-#define KRB5_TC_MATCH_IS_SKEY 0x00000002
-#define KRB5_TC_MATCH_FLAGS 0x00000004
-#define KRB5_TC_MATCH_TIMES_EXACT 0x00000008
-#define KRB5_TC_MATCH_FLAGS_EXACT 0x00000010
-#define KRB5_TC_MATCH_AUTHDATA 0x00000020
-#define KRB5_TC_MATCH_SRV_NAMEONLY 0x00000040
-#define KRB5_TC_MATCH_2ND_TKT 0x00000080
-#define KRB5_TC_MATCH_KTYPE 0x00000100
-#define KRB5_TC_SUPPORTED_KTYPES 0x00000200
+#define KRB5_TC_MATCH_TIMES 0x00000001
+#define KRB5_TC_MATCH_IS_SKEY 0x00000002
+#define KRB5_TC_MATCH_FLAGS 0x00000004
+#define KRB5_TC_MATCH_TIMES_EXACT 0x00000008
+#define KRB5_TC_MATCH_FLAGS_EXACT 0x00000010
+#define KRB5_TC_MATCH_AUTHDATA 0x00000020
+#define KRB5_TC_MATCH_SRV_NAMEONLY 0x00000040
+#define KRB5_TC_MATCH_2ND_TKT 0x00000080
+#define KRB5_TC_MATCH_KTYPE 0x00000100
+#define KRB5_TC_SUPPORTED_KTYPES 0x00000200
/* for set_flags and other functions */
-#define KRB5_TC_OPENCLOSE 0x00000001
+#define KRB5_TC_OPENCLOSE 0x00000001
#define KRB5_TC_NOTICKET 0x00000002
const char * KRB5_CALLCONV
-krb5_cc_get_name (krb5_context context, krb5_ccache cache);
+krb5_cc_get_name(krb5_context context, krb5_ccache cache);
krb5_error_code KRB5_CALLCONV
krb5_cc_gen_new (krb5_context context, krb5_ccache *cache);
krb5_error_code KRB5_CALLCONV
krb5_cc_initialize(krb5_context context, krb5_ccache cache,
- krb5_principal principal);
+ krb5_principal principal);
krb5_error_code KRB5_CALLCONV
-krb5_cc_destroy (krb5_context context, krb5_ccache cache);
+krb5_cc_destroy(krb5_context context, krb5_ccache cache);
krb5_error_code KRB5_CALLCONV
-krb5_cc_close (krb5_context context, krb5_ccache cache);
+krb5_cc_close(krb5_context context, krb5_ccache cache);
krb5_error_code KRB5_CALLCONV
-krb5_cc_store_cred (krb5_context context, krb5_ccache cache,
- krb5_creds *creds);
+krb5_cc_store_cred(krb5_context context, krb5_ccache cache, krb5_creds *creds);
krb5_error_code KRB5_CALLCONV
-krb5_cc_retrieve_cred (krb5_context context, krb5_ccache cache,
- krb5_flags flags, krb5_creds *mcreds,
- krb5_creds *creds);
+krb5_cc_retrieve_cred(krb5_context context, krb5_ccache cache,
+ krb5_flags flags, krb5_creds *mcreds,
+ krb5_creds *creds);
krb5_error_code KRB5_CALLCONV
-krb5_cc_get_principal (krb5_context context, krb5_ccache cache,
- krb5_principal *principal);
+krb5_cc_get_principal(krb5_context context, krb5_ccache cache,
+ krb5_principal *principal);
krb5_error_code KRB5_CALLCONV
-krb5_cc_start_seq_get (krb5_context context, krb5_ccache cache,
- krb5_cc_cursor *cursor);
+krb5_cc_start_seq_get(krb5_context context, krb5_ccache cache,
+ krb5_cc_cursor *cursor);
krb5_error_code KRB5_CALLCONV
-krb5_cc_next_cred (krb5_context context, krb5_ccache cache,
- krb5_cc_cursor *cursor, krb5_creds *creds);
+krb5_cc_next_cred(krb5_context context, krb5_ccache cache,
+ krb5_cc_cursor *cursor, krb5_creds *creds);
krb5_error_code KRB5_CALLCONV
-krb5_cc_end_seq_get (krb5_context context, krb5_ccache cache,
- krb5_cc_cursor *cursor);
+krb5_cc_end_seq_get(krb5_context context, krb5_ccache cache,
+ krb5_cc_cursor *cursor);
krb5_error_code KRB5_CALLCONV
-krb5_cc_remove_cred (krb5_context context, krb5_ccache cache, krb5_flags flags,
- krb5_creds *creds);
+krb5_cc_remove_cred(krb5_context context, krb5_ccache cache, krb5_flags flags,
+ krb5_creds *creds);
krb5_error_code KRB5_CALLCONV
-krb5_cc_set_flags (krb5_context context, krb5_ccache cache, krb5_flags flags);
+krb5_cc_set_flags(krb5_context context, krb5_ccache cache, krb5_flags flags);
krb5_error_code KRB5_CALLCONV
-krb5_cc_get_flags (krb5_context context, krb5_ccache cache, krb5_flags *flags);
+krb5_cc_get_flags(krb5_context context, krb5_ccache cache, krb5_flags *flags);
const char * KRB5_CALLCONV
-krb5_cc_get_type (krb5_context context, krb5_ccache cache);
+krb5_cc_get_type(krb5_context context, krb5_ccache cache);
krb5_error_code KRB5_CALLCONV
-krb5_cc_move (krb5_context context, krb5_ccache src, krb5_ccache dst);
+krb5_cc_move(krb5_context context, krb5_ccache src, krb5_ccache dst);
krb5_error_code KRB5_CALLCONV
-krb5_cc_last_change_time (
- krb5_context context,
- krb5_ccache ccache,
- krb5_timestamp *change_time);
+krb5_cc_last_change_time(krb5_context context, krb5_ccache ccache,
+ krb5_timestamp *change_time);
krb5_error_code KRB5_CALLCONV
-krb5_cc_lock (krb5_context context, krb5_ccache ccache);
+krb5_cc_lock(krb5_context context, krb5_ccache ccache);
krb5_error_code KRB5_CALLCONV
-krb5_cc_unlock (krb5_context context, krb5_ccache ccache);
-
+krb5_cc_unlock(krb5_context context, krb5_ccache ccache);
krb5_error_code KRB5_CALLCONV
krb5_cccol_cursor_new(krb5_context context, krb5_cccol_cursor *cursor);
krb5_error_code KRB5_CALLCONV
-krb5_cccol_cursor_next(
- krb5_context context,
- krb5_cccol_cursor cursor,
- krb5_ccache *ccache);
+krb5_cccol_cursor_next(krb5_context context, krb5_cccol_cursor cursor,
+ krb5_ccache *ccache);
krb5_error_code KRB5_CALLCONV
krb5_cccol_cursor_free(krb5_context context, krb5_cccol_cursor *cursor);
@@ -1538,11 +1492,8 @@ krb5_error_code KRB5_CALLCONV
krb5_cccol_unlock(krb5_context context);
krb5_error_code KRB5_CALLCONV
-krb5_cc_new_unique(
- krb5_context context,
- const char *type,
- const char *hint,
- krb5_ccache *id);
+krb5_cc_new_unique(krb5_context context, const char *type, const char *hint,
+ krb5_ccache *id);
/*
* end "ccache.h"
@@ -1567,39 +1518,45 @@ typedef struct krb5_rc_st *krb5_rcache;
/* XXX */
#define MAX_KEYTAB_NAME_LEN 1100 /* Long enough for MAXPATHLEN + some extra */
-typedef krb5_pointer krb5_kt_cursor; /* XXX */
+typedef krb5_pointer krb5_kt_cursor; /* XXX */
typedef struct krb5_keytab_entry_st {
krb5_magic magic;
- krb5_principal principal; /* principal of this key */
- krb5_timestamp timestamp; /* time entry written to keytable */
- krb5_kvno vno; /* key version number */
- krb5_keyblock key; /* the secret key */
+ krb5_principal principal; /* principal of this key */
+ krb5_timestamp timestamp; /* time entry written to keytable */
+ krb5_kvno vno; /* key version number */
+ krb5_keyblock key; /* the secret key */
} krb5_keytab_entry;
struct _krb5_kt;
typedef struct _krb5_kt *krb5_keytab;
const char * KRB5_CALLCONV
-krb5_kt_get_type (krb5_context, krb5_keytab keytab);
+krb5_kt_get_type(krb5_context, krb5_keytab keytab);
+
krb5_error_code KRB5_CALLCONV
krb5_kt_get_name(krb5_context context, krb5_keytab keytab, char *name,
- unsigned int namelen);
+ unsigned int namelen);
+
krb5_error_code KRB5_CALLCONV
krb5_kt_close(krb5_context context, krb5_keytab keytab);
+
krb5_error_code KRB5_CALLCONV
krb5_kt_get_entry(krb5_context context, krb5_keytab keytab,
- krb5_const_principal principal, krb5_kvno vno,
- krb5_enctype enctype, krb5_keytab_entry *entry);
+ krb5_const_principal principal, krb5_kvno vno,
+ krb5_enctype enctype, krb5_keytab_entry *entry);
+
krb5_error_code KRB5_CALLCONV
krb5_kt_start_seq_get(krb5_context context, krb5_keytab keytab,
- krb5_kt_cursor *cursor);
+ krb5_kt_cursor *cursor);
+
krb5_error_code KRB5_CALLCONV
krb5_kt_next_entry(krb5_context context, krb5_keytab keytab,
- krb5_keytab_entry *entry, krb5_kt_cursor *cursor);
+ krb5_keytab_entry *entry, krb5_kt_cursor *cursor);
+
krb5_error_code KRB5_CALLCONV
krb5_kt_end_seq_get(krb5_context context, krb5_keytab keytab,
- krb5_kt_cursor *cursor);
+ krb5_kt_cursor *cursor);
/*
* end "keytab.h"
@@ -1609,675 +1566,493 @@ krb5_kt_end_seq_get(krb5_context context, krb5_keytab keytab,
* begin "func-proto.h"
*/
-krb5_error_code KRB5_CALLCONV krb5_init_context
- (krb5_context *);
-krb5_error_code KRB5_CALLCONV krb5_init_secure_context
- (krb5_context *);
-void KRB5_CALLCONV krb5_free_context
- (krb5_context);
-krb5_error_code KRB5_CALLCONV krb5_copy_context
- (krb5_context, krb5_context *);
+krb5_error_code KRB5_CALLCONV krb5_init_context(krb5_context *);
+krb5_error_code KRB5_CALLCONV krb5_init_secure_context(krb5_context *);
+void KRB5_CALLCONV krb5_free_context(krb5_context);
+krb5_error_code KRB5_CALLCONV krb5_copy_context(krb5_context, krb5_context *);
krb5_error_code KRB5_CALLCONV
-krb5_set_default_tgs_enctypes
- (krb5_context,
- const krb5_enctype *);
+krb5_set_default_tgs_enctypes(krb5_context, const krb5_enctype *);
-krb5_error_code KRB5_CALLCONV krb5_get_permitted_enctypes
- (krb5_context, krb5_enctype **);
+krb5_error_code KRB5_CALLCONV
+krb5_get_permitted_enctypes(krb5_context, krb5_enctype **);
krb5_boolean KRB5_CALLCONV krb5_is_thread_safe(void);
/* libkrb.spec */
krb5_error_code KRB5_CALLCONV
-krb5_server_decrypt_ticket_keytab
- (krb5_context context,
- const krb5_keytab kt,
- krb5_ticket *ticket);
-
-void KRB5_CALLCONV krb5_free_tgt_creds
- (krb5_context,
- krb5_creds **); /* XXX too hard to do with const */
-
-#define KRB5_GC_USER_USER 1 /* want user-user ticket */
-#define KRB5_GC_CACHED 2 /* want cached ticket only */
-#define KRB5_GC_CANONICALIZE 4 /* set canonicalize KDC option */
-#define KRB5_GC_NO_STORE 8 /* do not store in credentials cache */
-#define KRB5_GC_FORWARDABLE 16 /* acquire forwardable tickets */
-#define KRB5_GC_NO_TRANSIT_CHECK 32 /* disable transited check */
-#define KRB5_GC_CONSTRAINED_DELEGATION 64 /* constrained delegation */
-
-krb5_error_code KRB5_CALLCONV krb5_get_credentials
- (krb5_context,
- krb5_flags,
- krb5_ccache,
- krb5_creds *,
- krb5_creds **);
-krb5_error_code KRB5_CALLCONV krb5_get_credentials_validate
- (krb5_context,
- krb5_flags,
- krb5_ccache,
- krb5_creds *,
- krb5_creds **);
-krb5_error_code KRB5_CALLCONV krb5_get_credentials_renew
- (krb5_context,
- krb5_flags,
- krb5_ccache,
- krb5_creds *,
- krb5_creds **);
-krb5_error_code KRB5_CALLCONV krb5_mk_req
- (krb5_context,
- krb5_auth_context *,
- krb5_flags,
- char *,
- char *,
- krb5_data *,
- krb5_ccache,
- krb5_data * );
-krb5_error_code KRB5_CALLCONV krb5_mk_req_extended
- (krb5_context,
- krb5_auth_context *,
- krb5_flags,
- krb5_data *,
- krb5_creds *,
- krb5_data * );
-krb5_error_code KRB5_CALLCONV krb5_mk_rep
- (krb5_context,
- krb5_auth_context,
- krb5_data *);
-krb5_error_code KRB5_CALLCONV krb5_mk_rep_dce
- (krb5_context,
- krb5_auth_context,
- krb5_data *);
-krb5_error_code KRB5_CALLCONV krb5_rd_rep
- (krb5_context,
- krb5_auth_context,
- const krb5_data *,
- krb5_ap_rep_enc_part **);
-krb5_error_code KRB5_CALLCONV krb5_rd_rep_dce
- (krb5_context,
- krb5_auth_context,
- const krb5_data *,
- krb5_ui_4 *);
-krb5_error_code KRB5_CALLCONV krb5_mk_error
- (krb5_context,
- const krb5_error *,
- krb5_data * );
-krb5_error_code KRB5_CALLCONV krb5_rd_error
- (krb5_context,
- const krb5_data *,
- krb5_error ** );
-krb5_error_code KRB5_CALLCONV krb5_rd_safe
- (krb5_context,
- krb5_auth_context,
- const krb5_data *,
- krb5_data *,
- krb5_replay_data *);
-krb5_error_code KRB5_CALLCONV krb5_rd_priv
- (krb5_context,
- krb5_auth_context,
- const krb5_data *,
- krb5_data *,
- krb5_replay_data *);
-krb5_error_code KRB5_CALLCONV krb5_parse_name
- (krb5_context,
- const char *,
- krb5_principal * );
-#define KRB5_PRINCIPAL_PARSE_NO_REALM 0x1
-#define KRB5_PRINCIPAL_PARSE_REQUIRE_REALM 0x2
-#define KRB5_PRINCIPAL_PARSE_ENTERPRISE 0x4
-krb5_error_code KRB5_CALLCONV krb5_parse_name_flags
- (krb5_context,
- const char *,
- int,
- krb5_principal * );
-krb5_error_code KRB5_CALLCONV krb5_unparse_name
- (krb5_context,
- krb5_const_principal,
- char ** );
-krb5_error_code KRB5_CALLCONV krb5_unparse_name_ext
- (krb5_context,
- krb5_const_principal,
- char **,
- unsigned int *);
-#define KRB5_PRINCIPAL_UNPARSE_SHORT 0x1
-#define KRB5_PRINCIPAL_UNPARSE_NO_REALM 0x2
-#define KRB5_PRINCIPAL_UNPARSE_DISPLAY 0x4
-krb5_error_code KRB5_CALLCONV krb5_unparse_name_flags
- (krb5_context,
- krb5_const_principal,
- int,
- char **);
-krb5_error_code KRB5_CALLCONV krb5_unparse_name_flags_ext
- (krb5_context,
- krb5_const_principal,
- int,
- char **,
- unsigned int *);
-
-krb5_error_code KRB5_CALLCONV krb5_set_principal_realm
- (krb5_context, krb5_principal, const char *);
-
-krb5_boolean KRB5_CALLCONV_WRONG krb5_address_search
- (krb5_context,
- const krb5_address *,
- krb5_address * const *);
-krb5_boolean KRB5_CALLCONV krb5_address_compare
- (krb5_context,
- const krb5_address *,
- const krb5_address *);
-int KRB5_CALLCONV krb5_address_order
- (krb5_context,
- const krb5_address *,
- const krb5_address *);
-krb5_boolean KRB5_CALLCONV krb5_realm_compare
- (krb5_context,
- krb5_const_principal,
- krb5_const_principal);
-krb5_boolean KRB5_CALLCONV krb5_principal_compare
- (krb5_context,
- krb5_const_principal,
- krb5_const_principal);
-krb5_boolean KRB5_CALLCONV krb5_principal_compare_any_realm
- (krb5_context,
- krb5_const_principal,
- krb5_const_principal);
-#define KRB5_PRINCIPAL_COMPARE_IGNORE_REALM 1
-#define KRB5_PRINCIPAL_COMPARE_ENTERPRISE 2 /* compare UPNs as real principals */
-#define KRB5_PRINCIPAL_COMPARE_CASEFOLD 4 /* case-insensitive comparison */
-#define KRB5_PRINCIPAL_COMPARE_UTF8 8 /* treat principals as UTF-8 */
-
-krb5_boolean KRB5_CALLCONV krb5_principal_compare_flags
- (krb5_context,
- krb5_const_principal,
- krb5_const_principal,
- int);
-krb5_error_code KRB5_CALLCONV krb5_init_keyblock
- (krb5_context, krb5_enctype enctype,
- size_t length, krb5_keyblock **out);
- /* Initialize a new keyblock and allocate storage
- * for the contents of the key, which will be freed along
- * with the keyblock when krb5_free_keyblock is called.
- * It is legal to pass in a length of 0, in which
- * case contents are left unallocated.
- */
-krb5_error_code KRB5_CALLCONV krb5_copy_keyblock
- (krb5_context,
- const krb5_keyblock *,
- krb5_keyblock **);
-krb5_error_code KRB5_CALLCONV krb5_copy_keyblock_contents
- (krb5_context,
- const krb5_keyblock *,
- krb5_keyblock *);
-krb5_error_code KRB5_CALLCONV krb5_copy_creds
- (krb5_context,
- const krb5_creds *,
- krb5_creds **);
-krb5_error_code KRB5_CALLCONV krb5_copy_data
- (krb5_context,
- const krb5_data *,
- krb5_data **);
-krb5_error_code KRB5_CALLCONV krb5_copy_principal
- (krb5_context,
- krb5_const_principal,
- krb5_principal *);
-krb5_error_code KRB5_CALLCONV krb5_copy_addresses
- (krb5_context,
- krb5_address * const *,
- krb5_address ***);
-krb5_error_code KRB5_CALLCONV krb5_copy_ticket
- (krb5_context,
- const krb5_ticket *,
- krb5_ticket **);
-krb5_error_code KRB5_CALLCONV krb5_copy_authdata
- (krb5_context,
- krb5_authdata * const *,
- krb5_authdata ***);
-krb5_error_code KRB5_CALLCONV krb5_merge_authdata
- (krb5_context,
- krb5_authdata * const *,
- krb5_authdata *const *,
- krb5_authdata ***);
+krb5_server_decrypt_ticket_keytab(krb5_context context, const krb5_keytab kt,
+ krb5_ticket *ticket);
+
+void KRB5_CALLCONV krb5_free_tgt_creds(krb5_context, krb5_creds **);
+
+#define KRB5_GC_USER_USER 1 /* want user-user ticket */
+#define KRB5_GC_CACHED 2 /* want cached ticket only */
+#define KRB5_GC_CANONICALIZE 4 /* set canonicalize KDC option */
+#define KRB5_GC_NO_STORE 8 /* do not store in credentials cache */
+#define KRB5_GC_FORWARDABLE 16 /* acquire forwardable tickets */
+#define KRB5_GC_NO_TRANSIT_CHECK 32 /* disable transited check */
+#define KRB5_GC_CONSTRAINED_DELEGATION 64 /* constrained delegation */
+
+krb5_error_code KRB5_CALLCONV
+krb5_get_credentials(krb5_context, krb5_flags, krb5_ccache, krb5_creds *,
+ krb5_creds **);
+
+krb5_error_code KRB5_CALLCONV
+krb5_get_credentials_validate(krb5_context, krb5_flags, krb5_ccache,
+ krb5_creds *, krb5_creds **);
+
+krb5_error_code KRB5_CALLCONV
+krb5_get_credentials_renew(krb5_context, krb5_flags, krb5_ccache, krb5_creds *,
+ krb5_creds **);
+
+krb5_error_code KRB5_CALLCONV
+krb5_mk_req(krb5_context, krb5_auth_context *, krb5_flags, char *, char *,
+ krb5_data *, krb5_ccache, krb5_data *);
+
+krb5_error_code KRB5_CALLCONV
+krb5_mk_req_extended(krb5_context, krb5_auth_context *, krb5_flags,
+ krb5_data *, krb5_creds *, krb5_data * );
+
+krb5_error_code KRB5_CALLCONV
+krb5_mk_rep(krb5_context, krb5_auth_context, krb5_data *);
+
+krb5_error_code KRB5_CALLCONV
+krb5_mk_rep_dce(krb5_context, krb5_auth_context, krb5_data *);
+
+krb5_error_code KRB5_CALLCONV
+krb5_rd_rep(krb5_context, krb5_auth_context, const krb5_data *,
+ krb5_ap_rep_enc_part **);
+
+krb5_error_code KRB5_CALLCONV
+krb5_rd_rep_dce(krb5_context, krb5_auth_context, const krb5_data *,
+ krb5_ui_4 *);
+
+krb5_error_code KRB5_CALLCONV
+krb5_mk_error(krb5_context, const krb5_error *, krb5_data *);
+
+krb5_error_code KRB5_CALLCONV
+krb5_rd_error(krb5_context, const krb5_data *, krb5_error **);
+
+krb5_error_code KRB5_CALLCONV
+krb5_rd_safe(krb5_context, krb5_auth_context, const krb5_data *, krb5_data *,
+ krb5_replay_data *);
+
+krb5_error_code KRB5_CALLCONV
+krb5_rd_priv(krb5_context, krb5_auth_context, const krb5_data *, krb5_data *,
+ krb5_replay_data *);
+
+krb5_error_code KRB5_CALLCONV
+krb5_parse_name(krb5_context, const char *, krb5_principal *);
+
+#define KRB5_PRINCIPAL_PARSE_NO_REALM 0x1
+#define KRB5_PRINCIPAL_PARSE_REQUIRE_REALM 0x2
+#define KRB5_PRINCIPAL_PARSE_ENTERPRISE 0x4
+krb5_error_code KRB5_CALLCONV
+krb5_parse_name_flags(krb5_context, const char *, int, krb5_principal *);
+
+krb5_error_code KRB5_CALLCONV
+krb5_unparse_name(krb5_context, krb5_const_principal, char **);
+
+krb5_error_code KRB5_CALLCONV
+krb5_unparse_name_ext(krb5_context, krb5_const_principal, char **,
+ unsigned int *);
+
+#define KRB5_PRINCIPAL_UNPARSE_SHORT 0x1
+#define KRB5_PRINCIPAL_UNPARSE_NO_REALM 0x2
+#define KRB5_PRINCIPAL_UNPARSE_DISPLAY 0x4
+krb5_error_code KRB5_CALLCONV
+krb5_unparse_name_flags(krb5_context, krb5_const_principal, int, char **);
+
+krb5_error_code KRB5_CALLCONV
+krb5_unparse_name_flags_ext(krb5_context, krb5_const_principal, int,
+ char **, unsigned int *);
+
+krb5_error_code KRB5_CALLCONV
+krb5_set_principal_realm(krb5_context, krb5_principal, const char *);
+
+krb5_boolean KRB5_CALLCONV_WRONG
+krb5_address_search(krb5_context, const krb5_address *, krb5_address *const *);
+
+krb5_boolean KRB5_CALLCONV
+krb5_address_compare(krb5_context, const krb5_address *, const krb5_address *);
+
+int KRB5_CALLCONV
+krb5_address_order(krb5_context, const krb5_address *, const krb5_address *);
+
+krb5_boolean KRB5_CALLCONV
+krb5_realm_compare(krb5_context, krb5_const_principal, krb5_const_principal);
+
+krb5_boolean KRB5_CALLCONV
+krb5_principal_compare(krb5_context, krb5_const_principal,
+ krb5_const_principal);
+
+krb5_boolean KRB5_CALLCONV
+krb5_principal_compare_any_realm(krb5_context, krb5_const_principal,
+ krb5_const_principal);
+
+#define KRB5_PRINCIPAL_COMPARE_IGNORE_REALM 1
+#define KRB5_PRINCIPAL_COMPARE_ENTERPRISE 2 /* UPNs as real principals */
+#define KRB5_PRINCIPAL_COMPARE_CASEFOLD 4 /* case-insensitive */
+#define KRB5_PRINCIPAL_COMPARE_UTF8 8 /* treat principals as UTF-8 */
+
+krb5_boolean KRB5_CALLCONV
+krb5_principal_compare_flags(krb5_context, krb5_const_principal,
+ krb5_const_principal, int);
+
+krb5_error_code KRB5_CALLCONV
+krb5_init_keyblock(krb5_context, krb5_enctype enctype, size_t length,
+ krb5_keyblock **out);
+
+/* Initialize a new keyblock and allocate storage
+ * for the contents of the key, which will be freed along
+ * with the keyblock when krb5_free_keyblock is called.
+ * It is legal to pass in a length of 0, in which
+ * case contents are left unallocated.
+ */
+krb5_error_code KRB5_CALLCONV
+krb5_copy_keyblock(krb5_context, const krb5_keyblock *, krb5_keyblock **);
+
+krb5_error_code KRB5_CALLCONV
+krb5_copy_keyblock_contents(krb5_context, const krb5_keyblock *,
+ krb5_keyblock *);
+
+krb5_error_code KRB5_CALLCONV
+krb5_copy_creds(krb5_context, const krb5_creds *, krb5_creds **);
+
+krb5_error_code KRB5_CALLCONV
+krb5_copy_data(krb5_context, const krb5_data *, krb5_data **);
+
+krb5_error_code KRB5_CALLCONV
+krb5_copy_principal(krb5_context, krb5_const_principal, krb5_principal *);
+
+krb5_error_code KRB5_CALLCONV
+krb5_copy_addresses(krb5_context, krb5_address * const *, krb5_address ***);
+
+krb5_error_code KRB5_CALLCONV
+krb5_copy_ticket(krb5_context, const krb5_ticket *, krb5_ticket **);
+
+krb5_error_code KRB5_CALLCONV
+krb5_copy_authdata(krb5_context, krb5_authdata * const *, krb5_authdata ***);
+
/* Merge two authdata arrays, such as the array from a ticket
- * and authenticator */
-
-krb5_error_code KRB5_CALLCONV krb5_copy_authenticator
- (krb5_context,
- const krb5_authenticator *,
- krb5_authenticator **);
-krb5_error_code KRB5_CALLCONV krb5_copy_checksum
- (krb5_context,
- const krb5_checksum *,
- krb5_checksum **);
-krb5_error_code KRB5_CALLCONV krb5_get_server_rcache
- (krb5_context,
- const krb5_data *, krb5_rcache *);
-krb5_error_code KRB5_CALLCONV_C krb5_build_principal_ext
- (krb5_context, krb5_principal *, unsigned int, const char *, ...);
-krb5_error_code KRB5_CALLCONV_C krb5_build_principal
- (krb5_context, krb5_principal *, unsigned int, const char *, ...)
+ * and authenticator. */
+krb5_error_code KRB5_CALLCONV
+krb5_merge_authdata(krb5_context, krb5_authdata * const *,
+ krb5_authdata *const *, krb5_authdata ***);
+
+krb5_error_code KRB5_CALLCONV
+krb5_copy_authenticator(krb5_context, const krb5_authenticator *,
+ krb5_authenticator **);
+
+krb5_error_code KRB5_CALLCONV
+krb5_copy_checksum(krb5_context, const krb5_checksum *, krb5_checksum **);
+
+krb5_error_code KRB5_CALLCONV
+krb5_get_server_rcache(krb5_context, const krb5_data *, krb5_rcache *);
+
+krb5_error_code KRB5_CALLCONV_C
+krb5_build_principal_ext(krb5_context, krb5_principal *, unsigned int,
+ const char *, ...);
+
+krb5_error_code KRB5_CALLCONV_C
+krb5_build_principal(krb5_context, krb5_principal *, unsigned int,
+ const char *, ...)
#if __GNUC__ >= 4
__attribute__ ((sentinel))
#endif
;
#if KRB5_DEPRECATED
-KRB5_ATTR_DEPRECATED krb5_error_code KRB5_CALLCONV krb5_build_principal_va
- (krb5_context,
- krb5_principal, unsigned int, const char *, va_list);
+KRB5_ATTR_DEPRECATED krb5_error_code KRB5_CALLCONV
+krb5_build_principal_va(krb5_context, krb5_principal, unsigned int,
+ const char *, va_list);
#endif
/* Version of krb5_build_principal_va which allocates krb5_principal_data */
-krb5_error_code KRB5_CALLCONV krb5_build_principal_alloc_va
- (krb5_context, krb5_principal *, unsigned int, const char *, va_list);
+krb5_error_code KRB5_CALLCONV
+krb5_build_principal_alloc_va(krb5_context, krb5_principal *, unsigned int,
+ const char *, va_list);
-krb5_error_code KRB5_CALLCONV krb5_425_conv_principal
- (krb5_context,
- const char *name,
- const char *instance, const char *realm,
- krb5_principal *princ);
+krb5_error_code KRB5_CALLCONV
+krb5_425_conv_principal(krb5_context, const char *name, const char *instance,
+ const char *realm, krb5_principal *princ);
-krb5_error_code KRB5_CALLCONV krb5_524_conv_principal
- (krb5_context context, krb5_const_principal princ,
- char *name, char *inst, char *realm);
+krb5_error_code KRB5_CALLCONV
+krb5_524_conv_principal(krb5_context context, krb5_const_principal princ,
+ char *name, char *inst, char *realm);
struct credentials;
-int KRB5_CALLCONV krb5_524_convert_creds
- (krb5_context context, krb5_creds *v5creds,
- struct credentials *v4creds);
+int KRB5_CALLCONV
+krb5_524_convert_creds(krb5_context context, krb5_creds *v5creds,
+ struct credentials *v4creds);
#if KRB5_DEPRECATED
#define krb524_convert_creds_kdc krb5_524_convert_creds
#define krb524_init_ets(x) (0)
#endif
/* libkt.spec */
-krb5_error_code KRB5_CALLCONV krb5_kt_resolve
- (krb5_context,
- const char *,
- krb5_keytab * );
-krb5_error_code KRB5_CALLCONV krb5_kt_default_name
- (krb5_context,
- char *,
- int );
-krb5_error_code KRB5_CALLCONV krb5_kt_default
- (krb5_context,
- krb5_keytab * );
-krb5_error_code KRB5_CALLCONV krb5_free_keytab_entry_contents
- (krb5_context,
- krb5_keytab_entry * );
+krb5_error_code KRB5_CALLCONV
+krb5_kt_resolve(krb5_context, const char *, krb5_keytab *);
+
+krb5_error_code KRB5_CALLCONV
+krb5_kt_default_name(krb5_context, char *, int);
+
+krb5_error_code KRB5_CALLCONV
+krb5_kt_default(krb5_context, krb5_keytab * );
+
+krb5_error_code KRB5_CALLCONV
+krb5_free_keytab_entry_contents(krb5_context, krb5_keytab_entry *);
+
/* remove and add are functions, so that they can return NOWRITE
if not a writable keytab */
-krb5_error_code KRB5_CALLCONV krb5_kt_remove_entry
- (krb5_context,
- krb5_keytab,
- krb5_keytab_entry * );
-krb5_error_code KRB5_CALLCONV krb5_kt_add_entry
- (krb5_context,
- krb5_keytab,
- krb5_keytab_entry * );
-krb5_error_code KRB5_CALLCONV_WRONG krb5_principal2salt
- (krb5_context,
- krb5_const_principal, krb5_data *);
+krb5_error_code KRB5_CALLCONV
+krb5_kt_remove_entry(krb5_context, krb5_keytab, krb5_keytab_entry *);
+
+krb5_error_code KRB5_CALLCONV
+krb5_kt_add_entry(krb5_context, krb5_keytab, krb5_keytab_entry *);
+
+krb5_error_code KRB5_CALLCONV_WRONG
+krb5_principal2salt(krb5_context, krb5_const_principal, krb5_data *);
/* librc.spec--see rcache.h */
/* libcc.spec */
-krb5_error_code KRB5_CALLCONV krb5_cc_resolve
- (krb5_context,
- const char *,
- krb5_ccache * );
-const char * KRB5_CALLCONV krb5_cc_default_name
- (krb5_context);
-krb5_error_code KRB5_CALLCONV krb5_cc_set_default_name
- (krb5_context, const char *);
-krb5_error_code KRB5_CALLCONV krb5_cc_default
- (krb5_context,
- krb5_ccache *);
-
-krb5_error_code KRB5_CALLCONV krb5_cc_copy_creds
- (krb5_context context,
- krb5_ccache incc,
- krb5_ccache outcc);
+krb5_error_code KRB5_CALLCONV
+krb5_cc_resolve(krb5_context, const char *, krb5_ccache *);
+
+const char *KRB5_CALLCONV
+krb5_cc_default_name(krb5_context);
+
+krb5_error_code KRB5_CALLCONV
+krb5_cc_set_default_name(krb5_context, const char *);
+
+krb5_error_code KRB5_CALLCONV
+krb5_cc_default(krb5_context, krb5_ccache *);
+krb5_error_code KRB5_CALLCONV
+krb5_cc_copy_creds(krb5_context context, krb5_ccache incc, krb5_ccache outcc);
/* krb5_free.c */
-void KRB5_CALLCONV krb5_free_principal
- (krb5_context, krb5_principal );
-void KRB5_CALLCONV krb5_free_authenticator
- (krb5_context, krb5_authenticator * );
-void KRB5_CALLCONV krb5_free_addresses
- (krb5_context, krb5_address ** );
-void KRB5_CALLCONV krb5_free_authdata
- (krb5_context, krb5_authdata ** );
-void KRB5_CALLCONV krb5_free_ticket
- (krb5_context, krb5_ticket * );
-void KRB5_CALLCONV krb5_free_error
- (krb5_context, krb5_error * );
-void KRB5_CALLCONV krb5_free_creds
- (krb5_context, krb5_creds *);
-void KRB5_CALLCONV krb5_free_cred_contents
- (krb5_context, krb5_creds *);
-void KRB5_CALLCONV krb5_free_checksum
- (krb5_context, krb5_checksum *);
-void KRB5_CALLCONV krb5_free_checksum_contents
- (krb5_context, krb5_checksum *);
-void KRB5_CALLCONV krb5_free_keyblock
- (krb5_context, krb5_keyblock *);
-void KRB5_CALLCONV krb5_free_keyblock_contents
- (krb5_context, krb5_keyblock *);
-void KRB5_CALLCONV krb5_free_ap_rep_enc_part
- (krb5_context, krb5_ap_rep_enc_part *);
-void KRB5_CALLCONV krb5_free_data
- (krb5_context, krb5_data *);
-void KRB5_CALLCONV krb5_free_data_contents
- (krb5_context, krb5_data *);
-void KRB5_CALLCONV krb5_free_unparsed_name
- (krb5_context, char *);
-void KRB5_CALLCONV krb5_free_cksumtypes
- (krb5_context, krb5_cksumtype *);
+void KRB5_CALLCONV krb5_free_principal(krb5_context, krb5_principal );
+void KRB5_CALLCONV krb5_free_authenticator(krb5_context,
+ krb5_authenticator * );
+void KRB5_CALLCONV krb5_free_addresses(krb5_context, krb5_address ** );
+void KRB5_CALLCONV krb5_free_authdata(krb5_context, krb5_authdata ** );
+void KRB5_CALLCONV krb5_free_ticket(krb5_context, krb5_ticket * );
+void KRB5_CALLCONV krb5_free_error(krb5_context, krb5_error * );
+void KRB5_CALLCONV krb5_free_creds(krb5_context, krb5_creds *);
+void KRB5_CALLCONV krb5_free_cred_contents(krb5_context, krb5_creds *);
+void KRB5_CALLCONV krb5_free_checksum(krb5_context, krb5_checksum *);
+void KRB5_CALLCONV krb5_free_checksum_contents(krb5_context, krb5_checksum *);
+void KRB5_CALLCONV krb5_free_keyblock(krb5_context, krb5_keyblock *);
+void KRB5_CALLCONV krb5_free_keyblock_contents(krb5_context, krb5_keyblock *);
+void KRB5_CALLCONV krb5_free_ap_rep_enc_part(krb5_context,
+ krb5_ap_rep_enc_part *);
+void KRB5_CALLCONV krb5_free_data(krb5_context, krb5_data *);
+void KRB5_CALLCONV krb5_free_data_contents(krb5_context, krb5_data *);
+void KRB5_CALLCONV krb5_free_unparsed_name(krb5_context, char *);
+void KRB5_CALLCONV krb5_free_cksumtypes(krb5_context, krb5_cksumtype *);
/* From krb5/os but needed but by the outside world */
-krb5_error_code KRB5_CALLCONV krb5_us_timeofday
- (krb5_context,
- krb5_timestamp *,
- krb5_int32 * );
-krb5_error_code KRB5_CALLCONV krb5_timeofday
- (krb5_context,
- krb5_timestamp * );
- /* get all the addresses of this host */
-krb5_error_code KRB5_CALLCONV krb5_os_localaddr
- (krb5_context,
- krb5_address ***);
-krb5_error_code KRB5_CALLCONV krb5_get_default_realm
- (krb5_context,
- char ** );
-krb5_error_code KRB5_CALLCONV krb5_set_default_realm
- (krb5_context,
- const char * );
-void KRB5_CALLCONV krb5_free_default_realm
- (krb5_context,
- char * );
-krb5_error_code KRB5_CALLCONV krb5_sname_to_principal
- (krb5_context,
- const char *,
- const char *,
- krb5_int32,
- krb5_principal *);
-krb5_error_code KRB5_CALLCONV
-krb5_change_password
- (krb5_context context, krb5_creds *creds, char *newpw,
- int *result_code, krb5_data *result_code_string,
- krb5_data *result_string);
-krb5_error_code KRB5_CALLCONV
-krb5_set_password
- (krb5_context context, krb5_creds *creds, char *newpw, krb5_principal change_password_for,
- int *result_code, krb5_data *result_code_string, krb5_data *result_string);
-krb5_error_code KRB5_CALLCONV
-krb5_set_password_using_ccache
- (krb5_context context, krb5_ccache ccache, char *newpw, krb5_principal change_password_for,
- int *result_code, krb5_data *result_code_string, krb5_data *result_string);
-
-krb5_error_code KRB5_CALLCONV
-krb5_get_profile
- (krb5_context, struct _profile_t * /* profile_t */ *);
+krb5_error_code KRB5_CALLCONV
+krb5_us_timeofday(krb5_context, krb5_timestamp *, krb5_int32 *);
+
+krb5_error_code KRB5_CALLCONV
+krb5_timeofday(krb5_context, krb5_timestamp *);
+
+/* get all the addresses of this host */
+krb5_error_code KRB5_CALLCONV
+krb5_os_localaddr(krb5_context, krb5_address ***);
+
+krb5_error_code KRB5_CALLCONV
+krb5_get_default_realm(krb5_context, char **);
+
+krb5_error_code KRB5_CALLCONV
+krb5_set_default_realm(krb5_context, const char * );
+
+void KRB5_CALLCONV
+krb5_free_default_realm(krb5_context, char * );
+
+krb5_error_code KRB5_CALLCONV
+krb5_sname_to_principal(krb5_context, const char *, const char *, krb5_int32,
+ krb5_principal *);
+
+krb5_error_code KRB5_CALLCONV
+krb5_change_password(krb5_context context, krb5_creds *creds, char *newpw,
+ int *result_code, krb5_data *result_code_string,
+ krb5_data *result_string);
+
+krb5_error_code KRB5_CALLCONV
+krb5_set_password(krb5_context context, krb5_creds *creds, char *newpw,
+ krb5_principal change_password_for, int *result_code,
+ krb5_data *result_code_string, krb5_data *result_string);
+
+krb5_error_code KRB5_CALLCONV
+krb5_set_password_using_ccache(krb5_context context, krb5_ccache ccache,
+ char *newpw, krb5_principal change_password_for,
+ int *result_code, krb5_data *result_code_string,
+ krb5_data *result_string);
+
+krb5_error_code KRB5_CALLCONV
+krb5_get_profile(krb5_context, struct _profile_t * /* profile_t */ *);
#if KRB5_DEPRECATED
-KRB5_ATTR_DEPRECATED krb5_error_code KRB5_CALLCONV krb5_get_in_tkt
- (krb5_context,
- krb5_flags,
- krb5_address * const *,
- krb5_enctype *,
- krb5_preauthtype *,
- krb5_error_code ( * )(krb5_context,
- krb5_enctype,
- krb5_data *,
- krb5_const_pointer,
- krb5_keyblock **),
- krb5_const_pointer,
- krb5_error_code ( * )(krb5_context,
- const krb5_keyblock *,
- krb5_const_pointer,
- krb5_kdc_rep * ),
- krb5_const_pointer,
- krb5_creds *,
- krb5_ccache,
- krb5_kdc_rep ** );
-
-KRB5_ATTR_DEPRECATED krb5_error_code KRB5_CALLCONV krb5_get_in_tkt_with_password
- (krb5_context,
- krb5_flags,
- krb5_address * const *,
- krb5_enctype *,
- krb5_preauthtype *,
- const char *,
- krb5_ccache,
- krb5_creds *,
- krb5_kdc_rep ** );
-
-KRB5_ATTR_DEPRECATED krb5_error_code KRB5_CALLCONV krb5_get_in_tkt_with_skey
- (krb5_context,
- krb5_flags,
- krb5_address * const *,
- krb5_enctype *,
- krb5_preauthtype *,
- const krb5_keyblock *,
- krb5_ccache,
- krb5_creds *,
- krb5_kdc_rep ** );
-
-KRB5_ATTR_DEPRECATED krb5_error_code KRB5_CALLCONV krb5_get_in_tkt_with_keytab
- (krb5_context,
- krb5_flags,
- krb5_address * const *,
- krb5_enctype *,
- krb5_preauthtype *,
- krb5_keytab,
- krb5_ccache,
- krb5_creds *,
- krb5_kdc_rep ** );
+KRB5_ATTR_DEPRECATED krb5_error_code KRB5_CALLCONV
+krb5_get_in_tkt(krb5_context, krb5_flags, krb5_address *const *,
+ krb5_enctype *, krb5_preauthtype *,
+ krb5_error_code (*)(krb5_context, krb5_enctype, krb5_data *,
+ krb5_const_pointer, krb5_keyblock **),
+ krb5_const_pointer,
+ krb5_error_code (*)(krb5_context, const krb5_keyblock *,
+ krb5_const_pointer, krb5_kdc_rep * ),
+ krb5_const_pointer, krb5_creds *, krb5_ccache,
+ krb5_kdc_rep **);
+
+KRB5_ATTR_DEPRECATED krb5_error_code KRB5_CALLCONV
+krb5_get_in_tkt_with_password(krb5_context, krb5_flags, krb5_address *const *,
+ krb5_enctype *, krb5_preauthtype *, const char *,
+ krb5_ccache, krb5_creds *, krb5_kdc_rep **);
+
+KRB5_ATTR_DEPRECATED krb5_error_code KRB5_CALLCONV
+krb5_get_in_tkt_with_skey(krb5_context, krb5_flags, krb5_address *const *,
+ krb5_enctype *, krb5_preauthtype *,
+ const krb5_keyblock *, krb5_ccache, krb5_creds *,
+ krb5_kdc_rep **);
+
+KRB5_ATTR_DEPRECATED krb5_error_code KRB5_CALLCONV
+krb5_get_in_tkt_with_keytab(krb5_context, krb5_flags, krb5_address *const *,
+ krb5_enctype *, krb5_preauthtype *, krb5_keytab,
+ krb5_ccache, krb5_creds *, krb5_kdc_rep ** );
#endif /* KRB5_DEPRECATED */
-krb5_error_code KRB5_CALLCONV krb5_rd_req
- (krb5_context,
- krb5_auth_context *,
- const krb5_data *,
- krb5_const_principal,
- krb5_keytab,
- krb5_flags *,
- krb5_ticket **);
-
-krb5_error_code KRB5_CALLCONV krb5_kt_read_service_key
- (krb5_context,
- krb5_pointer,
- krb5_principal,
- krb5_kvno,
- krb5_enctype,
- krb5_keyblock **);
-krb5_error_code KRB5_CALLCONV krb5_mk_safe
- (krb5_context,
- krb5_auth_context,
- const krb5_data *,
- krb5_data *,
- krb5_replay_data *);
-krb5_error_code KRB5_CALLCONV krb5_mk_priv
- (krb5_context,
- krb5_auth_context,
- const krb5_data *,
- krb5_data *,
- krb5_replay_data *);
-
-krb5_error_code KRB5_CALLCONV krb5_sendauth
- (krb5_context,
- krb5_auth_context *,
- krb5_pointer,
- char *,
- krb5_principal,
- krb5_principal,
- krb5_flags,
- krb5_data *,
- krb5_creds *,
- krb5_ccache,
- krb5_error **,
- krb5_ap_rep_enc_part **,
- krb5_creds **);
-
-krb5_error_code KRB5_CALLCONV krb5_recvauth
- (krb5_context,
- krb5_auth_context *,
- krb5_pointer,
- char *,
- krb5_principal,
- krb5_int32,
- krb5_keytab,
- krb5_ticket **);
-krb5_error_code KRB5_CALLCONV krb5_recvauth_version
- (krb5_context,
- krb5_auth_context *,
- krb5_pointer,
- krb5_principal,
- krb5_int32,
- krb5_keytab,
- krb5_ticket **,
- krb5_data *);
-
-krb5_error_code KRB5_CALLCONV krb5_mk_ncred
- (krb5_context,
- krb5_auth_context,
- krb5_creds **,
- krb5_data **,
- krb5_replay_data *);
-
-krb5_error_code KRB5_CALLCONV krb5_mk_1cred
- (krb5_context,
- krb5_auth_context,
- krb5_creds *,
- krb5_data **,
- krb5_replay_data *);
-
-krb5_error_code KRB5_CALLCONV krb5_rd_cred
- (krb5_context,
- krb5_auth_context,
- krb5_data *,
- krb5_creds ***,
- krb5_replay_data *);
-
-krb5_error_code KRB5_CALLCONV krb5_fwd_tgt_creds
- (krb5_context,
- krb5_auth_context,
- char *,
- krb5_principal,
- krb5_principal,
- krb5_ccache,
- int forwardable,
- krb5_data *);
-
-krb5_error_code KRB5_CALLCONV krb5_auth_con_init
- (krb5_context,
- krb5_auth_context *);
-
-krb5_error_code KRB5_CALLCONV krb5_auth_con_free
- (krb5_context,
- krb5_auth_context);
-
-krb5_error_code KRB5_CALLCONV krb5_auth_con_setflags
- (krb5_context,
- krb5_auth_context,
- krb5_int32);
-
-krb5_error_code KRB5_CALLCONV krb5_auth_con_getflags
- (krb5_context,
- krb5_auth_context,
- krb5_int32 *);
-
-krb5_error_code KRB5_CALLCONV
-krb5_auth_con_set_checksum_func (krb5_context, krb5_auth_context,
- krb5_mk_req_checksum_func, void *);
-
-krb5_error_code KRB5_CALLCONV
-krb5_auth_con_get_checksum_func( krb5_context, krb5_auth_context,
- krb5_mk_req_checksum_func *, void **);
-
-krb5_error_code KRB5_CALLCONV_WRONG krb5_auth_con_setaddrs
- (krb5_context,
- krb5_auth_context,
- krb5_address *,
- krb5_address *);
-
-krb5_error_code KRB5_CALLCONV krb5_auth_con_getaddrs
- (krb5_context,
- krb5_auth_context,
- krb5_address **,
- krb5_address **);
-
-krb5_error_code KRB5_CALLCONV krb5_auth_con_setports
- (krb5_context,
- krb5_auth_context,
- krb5_address *,
- krb5_address *);
-
-krb5_error_code KRB5_CALLCONV krb5_auth_con_setuseruserkey
- (krb5_context,
- krb5_auth_context,
- krb5_keyblock *);
-
-krb5_error_code KRB5_CALLCONV krb5_auth_con_getkey
- (krb5_context,
- krb5_auth_context,
- krb5_keyblock **);
-
-krb5_error_code KRB5_CALLCONV krb5_auth_con_getsendsubkey(
- krb5_context, krb5_auth_context, krb5_keyblock **);
-
-krb5_error_code KRB5_CALLCONV krb5_auth_con_getrecvsubkey(
- krb5_context, krb5_auth_context, krb5_keyblock **);
-
-krb5_error_code KRB5_CALLCONV krb5_auth_con_setsendsubkey(
- krb5_context, krb5_auth_context, krb5_keyblock *);
-
-krb5_error_code KRB5_CALLCONV krb5_auth_con_setrecvsubkey(
- krb5_context, krb5_auth_context, krb5_keyblock *);
+krb5_error_code KRB5_CALLCONV
+krb5_rd_req(krb5_context, krb5_auth_context *, const krb5_data *,
+ krb5_const_principal, krb5_keytab, krb5_flags *, krb5_ticket **);
+
+krb5_error_code KRB5_CALLCONV
+krb5_kt_read_service_key(krb5_context, krb5_pointer, krb5_principal, krb5_kvno,
+ krb5_enctype, krb5_keyblock **);
+
+krb5_error_code KRB5_CALLCONV
+krb5_mk_safe(krb5_context, krb5_auth_context, const krb5_data *, krb5_data *,
+ krb5_replay_data *);
+
+krb5_error_code KRB5_CALLCONV
+krb5_mk_priv(krb5_context, krb5_auth_context, const krb5_data *, krb5_data *,
+ krb5_replay_data *);
+
+krb5_error_code KRB5_CALLCONV
+krb5_sendauth(krb5_context, krb5_auth_context *, krb5_pointer, char *,
+ krb5_principal, krb5_principal, krb5_flags, krb5_data *,
+ krb5_creds *, krb5_ccache, krb5_error **,
+ krb5_ap_rep_enc_part **, krb5_creds **);
+
+krb5_error_code KRB5_CALLCONV
+krb5_recvauth(krb5_context, krb5_auth_context *, krb5_pointer, char *,
+ krb5_principal, krb5_int32, krb5_keytab, krb5_ticket **);
+
+krb5_error_code KRB5_CALLCONV
+krb5_recvauth_version(krb5_context, krb5_auth_context *, krb5_pointer,
+ krb5_principal, krb5_int32, krb5_keytab, krb5_ticket **,
+ krb5_data *);
+
+krb5_error_code KRB5_CALLCONV
+krb5_mk_ncred(krb5_context, krb5_auth_context, krb5_creds **, krb5_data **,
+ krb5_replay_data *);
+
+krb5_error_code KRB5_CALLCONV
+krb5_mk_1cred(krb5_context, krb5_auth_context, krb5_creds *, krb5_data **,
+ krb5_replay_data *);
+
+krb5_error_code KRB5_CALLCONV
+krb5_rd_cred(krb5_context, krb5_auth_context, krb5_data *, krb5_creds ***,
+ krb5_replay_data *);
+
+krb5_error_code KRB5_CALLCONV
+krb5_fwd_tgt_creds(krb5_context, krb5_auth_context, char *, krb5_principal,
+ krb5_principal, krb5_ccache, int forwardable, krb5_data *);
+
+krb5_error_code KRB5_CALLCONV
+krb5_auth_con_init(krb5_context, krb5_auth_context *);
+
+krb5_error_code KRB5_CALLCONV
+krb5_auth_con_free(krb5_context, krb5_auth_context);
+
+krb5_error_code KRB5_CALLCONV
+krb5_auth_con_setflags(krb5_context, krb5_auth_context, krb5_int32);
+
+krb5_error_code KRB5_CALLCONV
+krb5_auth_con_getflags(krb5_context, krb5_auth_context, krb5_int32 *);
+
+krb5_error_code KRB5_CALLCONV
+krb5_auth_con_set_checksum_func(krb5_context, krb5_auth_context,
+ krb5_mk_req_checksum_func, void *);
+
+krb5_error_code KRB5_CALLCONV
+krb5_auth_con_get_checksum_func(krb5_context, krb5_auth_context,
+ krb5_mk_req_checksum_func *, void **);
+
+krb5_error_code KRB5_CALLCONV_WRONG
+krb5_auth_con_setaddrs(krb5_context, krb5_auth_context, krb5_address *,
+ krb5_address *);
+
+krb5_error_code KRB5_CALLCONV
+krb5_auth_con_getaddrs(krb5_context, krb5_auth_context, krb5_address **,
+ krb5_address **);
+
+krb5_error_code KRB5_CALLCONV
+krb5_auth_con_setports(krb5_context, krb5_auth_context, krb5_address *,
+ krb5_address *);
+
+krb5_error_code KRB5_CALLCONV
+krb5_auth_con_setuseruserkey(krb5_context, krb5_auth_context, krb5_keyblock *);
+
+krb5_error_code KRB5_CALLCONV
+krb5_auth_con_getkey(krb5_context, krb5_auth_context, krb5_keyblock **);
+
+krb5_error_code KRB5_CALLCONV
+krb5_auth_con_getsendsubkey(krb5_context, krb5_auth_context, krb5_keyblock **);
+
+krb5_error_code KRB5_CALLCONV
+krb5_auth_con_getrecvsubkey(krb5_context, krb5_auth_context, krb5_keyblock **);
+
+krb5_error_code KRB5_CALLCONV
+krb5_auth_con_setsendsubkey(krb5_context, krb5_auth_context, krb5_keyblock *);
+
+krb5_error_code KRB5_CALLCONV
+krb5_auth_con_setrecvsubkey(krb5_context, krb5_auth_context, krb5_keyblock *);
#if KRB5_DEPRECATED
-KRB5_ATTR_DEPRECATED krb5_error_code KRB5_CALLCONV krb5_auth_con_getlocalsubkey
- (krb5_context,
- krb5_auth_context,
- krb5_keyblock **);
-
-KRB5_ATTR_DEPRECATED krb5_error_code KRB5_CALLCONV krb5_auth_con_getremotesubkey
- (krb5_context,
- krb5_auth_context,
- krb5_keyblock **);
+KRB5_ATTR_DEPRECATED krb5_error_code KRB5_CALLCONV
+krb5_auth_con_getlocalsubkey(krb5_context, krb5_auth_context,
+ krb5_keyblock **);
+
+KRB5_ATTR_DEPRECATED krb5_error_code KRB5_CALLCONV
+krb5_auth_con_getremotesubkey(krb5_context, krb5_auth_context,
+ krb5_keyblock **);
#endif
-krb5_error_code KRB5_CALLCONV krb5_auth_con_getlocalseqnumber
- (krb5_context,
- krb5_auth_context,
- krb5_int32 *);
+krb5_error_code KRB5_CALLCONV
+krb5_auth_con_getlocalseqnumber(krb5_context, krb5_auth_context, krb5_int32 *);
-krb5_error_code KRB5_CALLCONV krb5_auth_con_getremoteseqnumber
- (krb5_context,
- krb5_auth_context,
- krb5_int32 *);
+krb5_error_code KRB5_CALLCONV
+krb5_auth_con_getremoteseqnumber(krb5_context, krb5_auth_context,
+ krb5_int32 *);
#if KRB5_DEPRECATED
-KRB5_ATTR_DEPRECATED krb5_error_code KRB5_CALLCONV krb5_auth_con_initivector
- (krb5_context,
- krb5_auth_context);
+KRB5_ATTR_DEPRECATED krb5_error_code KRB5_CALLCONV
+krb5_auth_con_initivector(krb5_context, krb5_auth_context);
#endif
-krb5_error_code KRB5_CALLCONV krb5_auth_con_setrcache
- (krb5_context,
- krb5_auth_context,
- krb5_rcache);
+krb5_error_code KRB5_CALLCONV
+krb5_auth_con_setrcache(krb5_context, krb5_auth_context, krb5_rcache);
-krb5_error_code KRB5_CALLCONV_WRONG krb5_auth_con_getrcache
- (krb5_context,
- krb5_auth_context,
- krb5_rcache *);
+krb5_error_code KRB5_CALLCONV_WRONG
+krb5_auth_con_getrcache(krb5_context, krb5_auth_context, krb5_rcache *);
-krb5_error_code KRB5_CALLCONV krb5_auth_con_getauthenticator
- (krb5_context,
- krb5_auth_context,
- krb5_authenticator **);
+krb5_error_code KRB5_CALLCONV
+krb5_auth_con_getauthenticator(krb5_context, krb5_auth_context,
+ krb5_authenticator **);
#define KRB5_REALM_BRANCH_CHAR '.'
@@ -2289,74 +2064,65 @@ krb5_error_code KRB5_CALLCONV krb5_auth_con_getauthenticator
* begin stuff from libos.h
*/
-krb5_error_code KRB5_CALLCONV krb5_read_password
- (krb5_context,
- const char *,
- const char *,
- char *,
- unsigned int * );
-krb5_error_code KRB5_CALLCONV krb5_aname_to_localname
- (krb5_context,
- krb5_const_principal,
- int,
- char * );
-krb5_error_code KRB5_CALLCONV krb5_get_host_realm
- (krb5_context,
- const char *,
- char *** );
-krb5_error_code KRB5_CALLCONV krb5_get_fallback_host_realm
- (krb5_context,
- krb5_data *,
- char *** );
-krb5_error_code KRB5_CALLCONV krb5_free_host_realm
- (krb5_context,
- char * const * );
-krb5_boolean KRB5_CALLCONV krb5_kuserok
- (krb5_context,
- krb5_principal, const char *);
-krb5_error_code KRB5_CALLCONV krb5_auth_con_genaddrs
- (krb5_context,
- krb5_auth_context,
- int, int);
-krb5_error_code KRB5_CALLCONV krb5_set_real_time
- (krb5_context, krb5_timestamp, krb5_int32);
-
-krb5_error_code KRB5_CALLCONV krb5_get_time_offsets
- (krb5_context, krb5_timestamp *, krb5_int32 *);
+krb5_error_code KRB5_CALLCONV
+krb5_read_password(krb5_context, const char *, const char *, char *,
+ unsigned int * );
+
+krb5_error_code KRB5_CALLCONV
+krb5_aname_to_localname(krb5_context, krb5_const_principal, int, char *);
+
+krb5_error_code KRB5_CALLCONV
+krb5_get_host_realm(krb5_context, const char *, char ***);
+
+krb5_error_code KRB5_CALLCONV
+krb5_get_fallback_host_realm(krb5_context, krb5_data *, char ***);
+
+krb5_error_code KRB5_CALLCONV
+krb5_free_host_realm(krb5_context, char * const * );
+
+krb5_boolean KRB5_CALLCONV
+krb5_kuserok(krb5_context, krb5_principal, const char *);
+
+krb5_error_code KRB5_CALLCONV
+krb5_auth_con_genaddrs(krb5_context, krb5_auth_context, int, int);
+
+krb5_error_code KRB5_CALLCONV
+krb5_set_real_time(krb5_context, krb5_timestamp, krb5_int32);
+
+krb5_error_code KRB5_CALLCONV
+krb5_get_time_offsets(krb5_context, krb5_timestamp *, krb5_int32 *);
/* str_conv.c */
-krb5_error_code KRB5_CALLCONV krb5_string_to_enctype
- (char *, krb5_enctype *);
-krb5_error_code KRB5_CALLCONV krb5_string_to_salttype
- (char *, krb5_int32 *);
-krb5_error_code KRB5_CALLCONV krb5_string_to_cksumtype
- (char *, krb5_cksumtype *);
-krb5_error_code KRB5_CALLCONV krb5_string_to_timestamp
- (char *, krb5_timestamp *);
-krb5_error_code KRB5_CALLCONV krb5_string_to_deltat
- (char *, krb5_deltat *);
-krb5_error_code KRB5_CALLCONV krb5_enctype_to_string
- (krb5_enctype, char *, size_t);
-krb5_error_code KRB5_CALLCONV krb5_salttype_to_string
- (krb5_int32, char *, size_t);
-krb5_error_code KRB5_CALLCONV krb5_cksumtype_to_string
- (krb5_cksumtype, char *, size_t);
-krb5_error_code KRB5_CALLCONV krb5_timestamp_to_string
- (krb5_timestamp, char *, size_t);
-krb5_error_code KRB5_CALLCONV krb5_timestamp_to_sfstring
- (krb5_timestamp, char *, size_t, char *);
-krb5_error_code KRB5_CALLCONV krb5_deltat_to_string
- (krb5_deltat, char *, size_t);
+krb5_error_code KRB5_CALLCONV krb5_string_to_enctype(char *, krb5_enctype *);
+krb5_error_code KRB5_CALLCONV krb5_string_to_salttype(char *, krb5_int32 *);
+krb5_error_code KRB5_CALLCONV krb5_string_to_cksumtype(char *,
+ krb5_cksumtype *);
+krb5_error_code KRB5_CALLCONV krb5_string_to_timestamp(char *,
+ krb5_timestamp *);
+krb5_error_code KRB5_CALLCONV krb5_string_to_deltat(char *, krb5_deltat *);
+krb5_error_code KRB5_CALLCONV krb5_enctype_to_string(krb5_enctype, char *,
+ size_t);
+krb5_error_code KRB5_CALLCONV krb5_salttype_to_string(krb5_int32, char *,
+ size_t);
+krb5_error_code KRB5_CALLCONV krb5_cksumtype_to_string(krb5_cksumtype, char *,
+ size_t);
+krb5_error_code KRB5_CALLCONV krb5_timestamp_to_string(krb5_timestamp, char *,
+ size_t);
+krb5_error_code KRB5_CALLCONV krb5_timestamp_to_sfstring(krb5_timestamp,
+ char *, size_t,
+ char *);
+krb5_error_code KRB5_CALLCONV krb5_deltat_to_string(krb5_deltat, char *,
+ size_t);
/* The name of the Kerberos ticket granting service... and its size */
-#define KRB5_TGS_NAME "krbtgt"
-#define KRB5_TGS_NAME_SIZE 6
+#define KRB5_TGS_NAME "krbtgt"
+#define KRB5_TGS_NAME_SIZE 6
/* flags for recvauth */
-#define KRB5_RECVAUTH_SKIP_VERSION 0x0001
-#define KRB5_RECVAUTH_BADAUTHVERS 0x0002
+#define KRB5_RECVAUTH_SKIP_VERSION 0x0001
+#define KRB5_RECVAUTH_BADAUTHVERS 0x0002
/* initial ticket api functions */
typedef struct _krb5_prompt {
@@ -2365,21 +2131,15 @@ typedef struct _krb5_prompt {
krb5_data *reply;
} krb5_prompt;
-typedef krb5_error_code (KRB5_CALLCONV *krb5_prompter_fct)(krb5_context context,
- void *data,
- const char *name,
- const char *banner,
- int num_prompts,
- krb5_prompt prompts[]);
-
+typedef krb5_error_code
+(KRB5_CALLCONV *krb5_prompter_fct)(krb5_context context, void *data,
+ const char *name, const char *banner,
+ int num_prompts, krb5_prompt prompts[]);
krb5_error_code KRB5_CALLCONV
-krb5_prompter_posix (krb5_context context,
- void *data,
- const char *name,
- const char *banner,
- int num_prompts,
- krb5_prompt prompts[]);
+krb5_prompter_posix(krb5_context context, void *data, const char *name,
+ const char *banner, int num_prompts,
+ krb5_prompt prompts[]);
typedef struct _krb5_get_init_creds_opt {
krb5_flags flags;
@@ -2395,83 +2155,70 @@ typedef struct _krb5_get_init_creds_opt {
krb5_data *salt;
} krb5_get_init_creds_opt;
-#define KRB5_GET_INIT_CREDS_OPT_TKT_LIFE 0x0001
-#define KRB5_GET_INIT_CREDS_OPT_RENEW_LIFE 0x0002
-#define KRB5_GET_INIT_CREDS_OPT_FORWARDABLE 0x0004
-#define KRB5_GET_INIT_CREDS_OPT_PROXIABLE 0x0008
-#define KRB5_GET_INIT_CREDS_OPT_ETYPE_LIST 0x0010
-#define KRB5_GET_INIT_CREDS_OPT_ADDRESS_LIST 0x0020
-#define KRB5_GET_INIT_CREDS_OPT_PREAUTH_LIST 0x0040
-#define KRB5_GET_INIT_CREDS_OPT_SALT 0x0080
-#define KRB5_GET_INIT_CREDS_OPT_CHG_PWD_PRMPT 0x0100
-#define KRB5_GET_INIT_CREDS_OPT_CANONICALIZE 0x0200
+#define KRB5_GET_INIT_CREDS_OPT_TKT_LIFE 0x0001
+#define KRB5_GET_INIT_CREDS_OPT_RENEW_LIFE 0x0002
+#define KRB5_GET_INIT_CREDS_OPT_FORWARDABLE 0x0004
+#define KRB5_GET_INIT_CREDS_OPT_PROXIABLE 0x0008
+#define KRB5_GET_INIT_CREDS_OPT_ETYPE_LIST 0x0010
+#define KRB5_GET_INIT_CREDS_OPT_ADDRESS_LIST 0x0020
+#define KRB5_GET_INIT_CREDS_OPT_PREAUTH_LIST 0x0040
+#define KRB5_GET_INIT_CREDS_OPT_SALT 0x0080
+#define KRB5_GET_INIT_CREDS_OPT_CHG_PWD_PRMPT 0x0100
+#define KRB5_GET_INIT_CREDS_OPT_CANONICALIZE 0x0200
krb5_error_code KRB5_CALLCONV
-krb5_get_init_creds_opt_alloc
-(krb5_context context,
- krb5_get_init_creds_opt **opt);
+krb5_get_init_creds_opt_alloc(krb5_context context,
+ krb5_get_init_creds_opt **opt);
void KRB5_CALLCONV
-krb5_get_init_creds_opt_free
-(krb5_context context,
- krb5_get_init_creds_opt *opt);
+krb5_get_init_creds_opt_free(krb5_context context,
+ krb5_get_init_creds_opt *opt);
void KRB5_CALLCONV
-krb5_get_init_creds_opt_init
-(krb5_get_init_creds_opt *opt);
+krb5_get_init_creds_opt_init(krb5_get_init_creds_opt *opt);
void KRB5_CALLCONV
-krb5_get_init_creds_opt_set_tkt_life
-(krb5_get_init_creds_opt *opt,
- krb5_deltat tkt_life);
+krb5_get_init_creds_opt_set_tkt_life(krb5_get_init_creds_opt *opt,
+ krb5_deltat tkt_life);
void KRB5_CALLCONV
-krb5_get_init_creds_opt_set_renew_life
-(krb5_get_init_creds_opt *opt,
- krb5_deltat renew_life);
+krb5_get_init_creds_opt_set_renew_life(krb5_get_init_creds_opt *opt,
+ krb5_deltat renew_life);
void KRB5_CALLCONV
-krb5_get_init_creds_opt_set_forwardable
-(krb5_get_init_creds_opt *opt,
- int forwardable);
+krb5_get_init_creds_opt_set_forwardable(krb5_get_init_creds_opt *opt,
+ int forwardable);
void KRB5_CALLCONV
-krb5_get_init_creds_opt_set_proxiable
-(krb5_get_init_creds_opt *opt,
- int proxiable);
+krb5_get_init_creds_opt_set_proxiable(krb5_get_init_creds_opt *opt,
+ int proxiable);
void KRB5_CALLCONV
-krb5_get_init_creds_opt_set_canonicalize
-(krb5_get_init_creds_opt *opt,
- int canonicalize);
+krb5_get_init_creds_opt_set_canonicalize(krb5_get_init_creds_opt *opt,
+ int canonicalize);
void KRB5_CALLCONV
-krb5_get_init_creds_opt_set_etype_list
-(krb5_get_init_creds_opt *opt,
- krb5_enctype *etype_list,
- int etype_list_length);
+krb5_get_init_creds_opt_set_etype_list(krb5_get_init_creds_opt *opt,
+ krb5_enctype *etype_list,
+ int etype_list_length);
void KRB5_CALLCONV
-krb5_get_init_creds_opt_set_address_list
-(krb5_get_init_creds_opt *opt,
- krb5_address **addresses);
+krb5_get_init_creds_opt_set_address_list(krb5_get_init_creds_opt *opt,
+ krb5_address **addresses);
void KRB5_CALLCONV
-krb5_get_init_creds_opt_set_preauth_list
-(krb5_get_init_creds_opt *opt,
- krb5_preauthtype *preauth_list,
- int preauth_list_length);
+krb5_get_init_creds_opt_set_preauth_list(krb5_get_init_creds_opt *opt,
+ krb5_preauthtype *preauth_list,
+ int preauth_list_length);
void KRB5_CALLCONV
-krb5_get_init_creds_opt_set_salt
-(krb5_get_init_creds_opt *opt,
- krb5_data *salt);
+krb5_get_init_creds_opt_set_salt(krb5_get_init_creds_opt *opt,
+ krb5_data *salt);
void KRB5_CALLCONV
-krb5_get_init_creds_opt_set_change_password_prompt
-(krb5_get_init_creds_opt *opt,
- int prompt);
+krb5_get_init_creds_opt_set_change_password_prompt(krb5_get_init_creds_opt
+ *opt, int prompt);
/* Generic preauth option attribute/value pairs */
typedef struct _krb5_gic_opt_pa_data {
@@ -2488,105 +2235,77 @@ typedef struct _krb5_gic_opt_pa_data {
* obtained using krb5_get_init_creds_opt_alloc()
*/
krb5_error_code KRB5_CALLCONV
-krb5_get_init_creds_opt_set_pa
- (krb5_context context,
- krb5_get_init_creds_opt *opt,
- const char *attr,
- const char *value);
-
-krb5_error_code KRB5_CALLCONV krb5_get_init_creds_opt_set_fast_ccache_name
-(krb5_context context, krb5_get_init_creds_opt *opt,
- const char * fast_ccache_name);
- /* This API sets a ccache name that will contain some TGT on
- calls to get_init_creds functions. If set, this ccache will
- be used for FAST (draft-ietf-krb-wg-preauth-framework) to
- protect the AS-REQ from observation and active attack. If
- the fast_ccache_name is set, then FAST may be required by the
- client library. In this version FAST is required.*/
-krb5_error_code KRB5_CALLCONV
-krb5_get_init_creds_password
-(krb5_context context,
- krb5_creds *creds,
- krb5_principal client,
- char *password,
- krb5_prompter_fct prompter,
- void *data,
- krb5_deltat start_time,
- char *in_tkt_service,
- krb5_get_init_creds_opt *k5_gic_options);
-
-krb5_error_code KRB5_CALLCONV
-krb5_get_init_creds_keytab
-(krb5_context context,
- krb5_creds *creds,
- krb5_principal client,
- krb5_keytab arg_keytab,
- krb5_deltat start_time,
- char *in_tkt_service,
- krb5_get_init_creds_opt *k5_gic_options);
+krb5_get_init_creds_opt_set_pa(krb5_context context,
+ krb5_get_init_creds_opt *opt, const char *attr,
+ const char *value);
+
+krb5_error_code KRB5_CALLCONV
+krb5_get_init_creds_opt_set_fast_ccache_name(krb5_context context,
+ krb5_get_init_creds_opt *opt,
+ const char *fast_ccache_name);
+
+/* This API sets a ccache name that will contain some TGT on
+ calls to get_init_creds functions. If set, this ccache will
+ be used for FAST (draft-ietf-krb-wg-preauth-framework) to
+ protect the AS-REQ from observation and active attack. If
+ the fast_ccache_name is set, then FAST may be required by the
+ client library. In this version FAST is required.*/
+krb5_error_code KRB5_CALLCONV
+krb5_get_init_creds_password(krb5_context context, krb5_creds *creds,
+ krb5_principal client, char *password,
+ krb5_prompter_fct prompter, void *data,
+ krb5_deltat start_time, char *in_tkt_service,
+ krb5_get_init_creds_opt *k5_gic_options);
+
+krb5_error_code KRB5_CALLCONV
+krb5_get_init_creds_keytab(krb5_context context, krb5_creds *creds,
+ krb5_principal client, krb5_keytab arg_keytab,
+ krb5_deltat start_time, char *in_tkt_service,
+ krb5_get_init_creds_opt *k5_gic_options);
typedef struct _krb5_verify_init_creds_opt {
krb5_flags flags;
int ap_req_nofail;
} krb5_verify_init_creds_opt;
-#define KRB5_VERIFY_INIT_CREDS_OPT_AP_REQ_NOFAIL 0x0001
+#define KRB5_VERIFY_INIT_CREDS_OPT_AP_REQ_NOFAIL 0x0001
void KRB5_CALLCONV
-krb5_verify_init_creds_opt_init
-(krb5_verify_init_creds_opt *k5_vic_options);
+krb5_verify_init_creds_opt_init(krb5_verify_init_creds_opt *k5_vic_options);
+
void KRB5_CALLCONV
-krb5_verify_init_creds_opt_set_ap_req_nofail
-(krb5_verify_init_creds_opt *k5_vic_options,
- int ap_req_nofail);
+krb5_verify_init_creds_opt_set_ap_req_nofail(krb5_verify_init_creds_opt *
+ k5_vic_options,
+ int ap_req_nofail);
krb5_error_code KRB5_CALLCONV
-krb5_verify_init_creds
-(krb5_context context,
- krb5_creds *creds,
- krb5_principal ap_req_server,
- krb5_keytab ap_req_keytab,
- krb5_ccache *ccache,
- krb5_verify_init_creds_opt *k5_vic_options);
+krb5_verify_init_creds(krb5_context context, krb5_creds *creds,
+ krb5_principal ap_req_server, krb5_keytab ap_req_keytab,
+ krb5_ccache *ccache,
+ krb5_verify_init_creds_opt *k5_vic_options);
krb5_error_code KRB5_CALLCONV
-krb5_get_validated_creds
-(krb5_context context,
- krb5_creds *creds,
- krb5_principal client,
- krb5_ccache ccache,
- char *in_tkt_service);
+krb5_get_validated_creds(krb5_context context, krb5_creds *creds,
+ krb5_principal client, krb5_ccache ccache,
+ char *in_tkt_service);
krb5_error_code KRB5_CALLCONV
-krb5_get_renewed_creds
-(krb5_context context,
- krb5_creds *creds,
- krb5_principal client,
- krb5_ccache ccache,
- char *in_tkt_service);
+krb5_get_renewed_creds(krb5_context context, krb5_creds *creds,
+ krb5_principal client, krb5_ccache ccache,
+ char *in_tkt_service);
krb5_error_code KRB5_CALLCONV
-krb5_decode_ticket
-(const krb5_data *code,
- krb5_ticket **rep);
+krb5_decode_ticket(const krb5_data *code, krb5_ticket **rep);
void KRB5_CALLCONV
-krb5_appdefault_string
-(krb5_context context,
- const char *appname,
- const krb5_data *realm,
- const char *option,
- const char *default_value,
- char ** ret_value);
+krb5_appdefault_string(krb5_context context, const char *appname,
+ const krb5_data *realm, const char *option,
+ const char *default_value, char ** ret_value);
void KRB5_CALLCONV
-krb5_appdefault_boolean
-(krb5_context context,
- const char *appname,
- const krb5_data *realm,
- const char *option,
- int default_value,
- int *ret_value);
+krb5_appdefault_boolean(krb5_context context, const char *appname,
+ const krb5_data *realm, const char *option,
+ int default_value, int *ret_value);
/*
* Prompter enhancements
@@ -2599,24 +2318,23 @@ krb5_appdefault_boolean
typedef krb5_int32 krb5_prompt_type;
-krb5_prompt_type* KRB5_CALLCONV krb5_get_prompt_types
- (krb5_context context);
+krb5_prompt_type* KRB5_CALLCONV krb5_get_prompt_types(krb5_context context);
/* Error reporting */
void KRB5_CALLCONV_C
-krb5_set_error_message (krb5_context, krb5_error_code, const char *, ...)
+krb5_set_error_message(krb5_context, krb5_error_code, const char *, ...)
#if !defined(__cplusplus) && (__GNUC__ > 2)
__attribute__((__format__(__printf__, 3, 4)))
#endif
;
void KRB5_CALLCONV
-krb5_vset_error_message (krb5_context, krb5_error_code, const char *, va_list)
+krb5_vset_error_message(krb5_context, krb5_error_code, const char *, va_list)
#if !defined(__cplusplus) && (__GNUC__ > 2)
__attribute__((__format__(__printf__, 3, 0)))
#endif
;
void KRB5_CALLCONV
-krb5_copy_error_message (krb5_context, krb5_context);
+krb5_copy_error_message(krb5_context, krb5_context);
/*
* The behavior of krb5_get_error_message is only defined the first
@@ -2629,38 +2347,40 @@ krb5_copy_error_message (krb5_context, krb5_context);
* krb5_free_error_message.
*/
const char * KRB5_CALLCONV
-krb5_get_error_message (krb5_context, krb5_error_code);
+krb5_get_error_message(krb5_context, krb5_error_code);
void KRB5_CALLCONV
-krb5_free_error_message (krb5_context, const char *);
+krb5_free_error_message(krb5_context, const char *);
void KRB5_CALLCONV
-krb5_clear_error_message (krb5_context);
+krb5_clear_error_message(krb5_context);
krb5_error_code KRB5_CALLCONV
krb5_decode_authdata_container(krb5_context context,
- krb5_authdatatype type,
- const krb5_authdata *container,
- krb5_authdata ***authdata);
+ krb5_authdatatype type,
+ const krb5_authdata *container,
+ krb5_authdata ***authdata);
+
krb5_error_code KRB5_CALLCONV
krb5_encode_authdata_container(krb5_context context,
- krb5_authdatatype type,
- krb5_authdata * const*authdata,
- krb5_authdata ***container);
+ krb5_authdatatype type,
+ krb5_authdata * const*authdata,
+ krb5_authdata ***container);
/*
* AD-KDCIssued
*/
krb5_error_code KRB5_CALLCONV
krb5_make_authdata_kdc_issued(krb5_context context,
- const krb5_keyblock *key,
- krb5_const_principal issuer,
- krb5_authdata *const *authdata,
- krb5_authdata ***ad_kdcissued);
+ const krb5_keyblock *key,
+ krb5_const_principal issuer,
+ krb5_authdata *const *authdata,
+ krb5_authdata ***ad_kdcissued);
+
krb5_error_code KRB5_CALLCONV
krb5_verify_authdata_kdc_issued(krb5_context context,
- const krb5_keyblock *key,
- const krb5_authdata *ad_kdcissued,
- krb5_principal *issuer,
- krb5_authdata ***authdata);
+ const krb5_keyblock *key,
+ const krb5_authdata *ad_kdcissued,
+ krb5_principal *issuer,
+ krb5_authdata ***authdata);
/*
* Windows PAC
@@ -2669,51 +2389,31 @@ struct krb5_pac_data;
typedef struct krb5_pac_data *krb5_pac;
krb5_error_code KRB5_CALLCONV
-krb5_pac_add_buffer
-(krb5_context context,
- krb5_pac pac,
- krb5_ui_4 type,
- const krb5_data *data);
+krb5_pac_add_buffer(krb5_context context, krb5_pac pac, krb5_ui_4 type,
+ const krb5_data *data);
void KRB5_CALLCONV
-krb5_pac_free
-(krb5_context context,
- krb5_pac pac);
+krb5_pac_free(krb5_context context, krb5_pac pac);
krb5_error_code KRB5_CALLCONV
-krb5_pac_get_buffer
-(krb5_context context,
- krb5_pac pac,
- krb5_ui_4 type,
- krb5_data *data);
+krb5_pac_get_buffer(krb5_context context, krb5_pac pac, krb5_ui_4 type,
+ krb5_data *data);
krb5_error_code KRB5_CALLCONV
-krb5_pac_get_types
-(krb5_context context,
- krb5_pac pac,
- size_t *len,
- krb5_ui_4 **types);
+krb5_pac_get_types(krb5_context context, krb5_pac pac, size_t *len,
+ krb5_ui_4 **types);
krb5_error_code KRB5_CALLCONV
-krb5_pac_init
-(krb5_context context,
- krb5_pac *pac);
+krb5_pac_init(krb5_context context, krb5_pac *pac);
krb5_error_code KRB5_CALLCONV
-krb5_pac_parse
-(krb5_context context,
- const void *ptr,
- size_t len,
- krb5_pac *pac);
+krb5_pac_parse(krb5_context context, const void *ptr, size_t len,
+ krb5_pac *pac);
krb5_error_code KRB5_CALLCONV
-krb5_pac_verify
-(krb5_context context,
- const krb5_pac pac,
- krb5_timestamp authtime,
- krb5_const_principal principal,
- const krb5_keyblock *server,
- const krb5_keyblock *privsvr);
+krb5_pac_verify(krb5_context context, const krb5_pac pac,
+ krb5_timestamp authtime, krb5_const_principal principal,
+ const krb5_keyblock *server, const krb5_keyblock *privsvr);
#if TARGET_OS_MAC
# pragma pack(pop)
diff --git a/src/include/krb5/locate_plugin.h b/src/include/krb5/locate_plugin.h
index 8496f276bb..3bdac348cd 100644
--- a/src/include/krb5/locate_plugin.h
+++ b/src/include/krb5/locate_plugin.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* <krb5/locate_plugin.h>
*
@@ -16,7 +17,7 @@
* this permission notice appear in supporting documentation, and that
* the name of M.I.T. not be used in advertising or publicity pertaining
* to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
+ * permission. Furthermore if you modify this software you must label
* your software as modified software and not distribute it in such a
* fashion that it might be confused with the original M.I.T. software.
* M.I.T. makes no representations about the suitability of
@@ -40,7 +41,7 @@ enum locate_service_type {
};
typedef struct krb5plugin_service_locate_ftable {
- int minor_version; /* currently 0 */
+ int minor_version; /* currently 0 */
/* Per-context setup and teardown. Returned void* blob is
private to the plugin. */
krb5_error_code (*init)(krb5_context, void **);
@@ -51,10 +52,10 @@ typedef struct krb5plugin_service_locate_ftable {
lookup function should only return an error if it detects a
problem, not if the callback function tells it to quit. */
krb5_error_code (*lookup)(void *,
- enum locate_service_type svc, const char *realm,
- int socktype, int family,
- int (*cbfunc)(void *,int,struct sockaddr *),
- void *cbdata);
+ enum locate_service_type svc, const char *realm,
+ int socktype, int family,
+ int (*cbfunc)(void *,int,struct sockaddr *),
+ void *cbdata);
} krb5plugin_service_locate_ftable;
/* extern krb5plugin_service_locate_ftable service_locator; */
#endif
diff --git a/src/include/krb5/preauth_plugin.h b/src/include/krb5/preauth_plugin.h
index dd0820af18..6271316140 100644
--- a/src/include/krb5/preauth_plugin.h
+++ b/src/include/krb5/preauth_plugin.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* <krb5/preauth_plugin.h>
*
@@ -53,45 +54,45 @@ struct _krb5_preauth_client_rock;
/* Provides a real answer which we can send back to the KDC (client-only). The
* client assumes that one real answer will be enough. */
-#define PA_REAL 0x00000001
+#define PA_REAL 0x00000001
/* Doesn't provide a real answer, but must be given a chance to run before any
* REAL mechanism callbacks (client-only). */
-#define PA_INFO 0x00000002
+#define PA_INFO 0x00000002
/* Causes the KDC to include this mechanism in a list of supported preauth
* types if the user's DB entry flags the user as requiring hardware-based
* preauthentication (server-only). */
-#define PA_HARDWARE 0x00000004
+#define PA_HARDWARE 0x00000004
/* Causes the KDC to include this mechanism in a list of supported preauth
* types if the user's DB entry flags the user as requiring preauthentication,
* and to fail preauthentication if we can't verify the client data. The
* flipside of PA_SUFFICIENT (server-only). */
-#define PA_REQUIRED 0x00000008
+#define PA_REQUIRED 0x00000008
/* Causes the KDC to include this mechanism in a list of supported preauth
* types if the user's DB entry flags the user as requiring preauthentication,
* and to mark preauthentication as successful if we can verify the client
* data. The flipside of PA_REQUIRED (server-only). */
-#define PA_SUFFICIENT 0x00000010
+#define PA_SUFFICIENT 0x00000010
/* Marks this preauthentication mechanism as one which changes the key which is
* used for encrypting the response to the client. Modules which have this
* flag have their server_return_proc called before modules which do not, and
* are passed over if a previously-called module has modified the encrypting
* key (server-only). */
-#define PA_REPLACES_KEY 0x00000020
+#define PA_REPLACES_KEY 0x00000020
/* Causes the KDC to check with this preauthentication module even if the
* client has no entry in the realm database. If the module returns a success
* code, continue processing and assume that its return_padata callback will
* supply us with a key for encrypting the AS reply (server-only). */
-/* #define PA_VIRTUAL (0x00000040 | PA_REPLACES_KEY) */
+/* #define PA_VIRTUAL (0x00000040 | PA_REPLACES_KEY) */
/* Not really a padata type, so don't include it in any list of preauth types
* which gets sent over the wire. */
-#define PA_PSEUDO 0x00000080
+#define PA_PSEUDO 0x00000080
/***************************************************************************
@@ -109,14 +110,14 @@ struct _krb5_preauth_client_rock;
*/
typedef krb5_error_code
(*preauth_get_as_key_proc)(krb5_context,
- krb5_principal,
- krb5_enctype,
- krb5_prompter_fct,
- void *prompter_data,
- krb5_data *salt,
- krb5_data *s2kparams,
- krb5_keyblock *as_key,
- void *gak_data);
+ krb5_principal,
+ krb5_enctype,
+ krb5_prompter_fct,
+ void *prompter_data,
+ krb5_data *salt,
+ krb5_data *s2kparams,
+ krb5_keyblock *as_key,
+ void *gak_data);
/*
* A client module's callback functions are allowed to request various
@@ -138,13 +139,13 @@ enum krb5plugin_preauth_client_request_type {
* acceptable to set data to NULL and free the keyblock using
* krb5_free_keyblock; in that case, this frees the krb5_data
* only.*/
-krb5plugin_preauth_client_free_fast_armor = 4,
+ krb5plugin_preauth_client_free_fast_armor = 4,
};
typedef krb5_error_code
(*preauth_get_client_data_proc)(krb5_context,
- struct _krb5_preauth_client_rock *,
- krb5_int32 request_type,
- krb5_data **);
+ struct _krb5_preauth_client_rock *,
+ krb5_int32 request_type,
+ krb5_data **);
/* Per-plugin initialization/cleanup. The init function is called
* by libkrb5 when the plugin is loaded, and the fini function is
@@ -154,17 +155,17 @@ typedef krb5_error_code
* the krb5_context */
typedef krb5_error_code
(*preauth_client_plugin_init_proc)(krb5_context context,
- void **plugin_context);
+ void **plugin_context);
typedef void
(*preauth_client_plugin_fini_proc)(krb5_context context,
- void *plugin_context);
+ void *plugin_context);
/* A callback which returns flags indicating if the module is a "real" or
* an "info" mechanism, and so on. This function is called for each entry
* in the client_pa_type_list. */
typedef int
(*preauth_client_get_flags_proc)(krb5_context context,
- krb5_preauthtype pa_type);
+ krb5_preauthtype pa_type);
/* Per-request initialization/cleanup. The request_init function is
* called when beginning to process a get_init_creds request and the
@@ -173,12 +174,12 @@ typedef int
* the lifetime of a krb5_context. */
typedef void
(*preauth_client_request_init_proc)(krb5_context context,
- void *plugin_context,
- void **request_context);
+ void *plugin_context,
+ void **request_context);
typedef void
(*preauth_client_request_fini_proc)(krb5_context context,
- void *plugin_context,
- void *request_context);
+ void *plugin_context,
+ void *request_context);
/* Client function which processes server-supplied data in pa_data,
* returns created data in out_pa_data, storing any of its own state in
@@ -190,23 +191,23 @@ typedef void
* obtained from a previous call to this function. */
typedef krb5_error_code
(*preauth_client_process_proc)(krb5_context context,
- void *plugin_context,
- void *request_context,
- krb5_get_init_creds_opt *opt,
- preauth_get_client_data_proc get_data_proc,
- struct _krb5_preauth_client_rock *rock,
- krb5_kdc_req *request,
- krb5_data *encoded_request_body,
- krb5_data *encoded_previous_request,
- krb5_pa_data *pa_data,
- krb5_prompter_fct prompter,
- void *prompter_data,
- preauth_get_as_key_proc gak_fct,
- void *gak_data,
- krb5_data *salt,
- krb5_data *s2kparams,
- krb5_keyblock *as_key,
- krb5_pa_data ***out_pa_data);
+ void *plugin_context,
+ void *request_context,
+ krb5_get_init_creds_opt *opt,
+ preauth_get_client_data_proc get_data_proc,
+ struct _krb5_preauth_client_rock *rock,
+ krb5_kdc_req *request,
+ krb5_data *encoded_request_body,
+ krb5_data *encoded_previous_request,
+ krb5_pa_data *pa_data,
+ krb5_prompter_fct prompter,
+ void *prompter_data,
+ preauth_get_as_key_proc gak_fct,
+ void *gak_data,
+ krb5_data *salt,
+ krb5_data *s2kparams,
+ krb5_keyblock *as_key,
+ krb5_pa_data ***out_pa_data);
/* Client function which can attempt to use e-data in the error response to
* try to recover from the given error. If this function is not NULL, and
@@ -214,24 +215,24 @@ typedef krb5_error_code
* of in_pa_data, then the client library will retransmit the request. */
typedef krb5_error_code
(*preauth_client_tryagain_proc)(krb5_context context,
- void *plugin_context,
- void *request_context,
- krb5_get_init_creds_opt *opt,
- preauth_get_client_data_proc get_data_proc,
- struct _krb5_preauth_client_rock *rock,
- krb5_kdc_req *request,
- krb5_data *encoded_request_body,
- krb5_data *encoded_previous_request,
- krb5_pa_data *in_pa_data,
- krb5_error *error,
- krb5_prompter_fct prompter,
- void *prompter_data,
- preauth_get_as_key_proc gak_fct,
- void *gak_data,
- krb5_data *salt,
- krb5_data *s2kparams,
- krb5_keyblock *as_key,
- krb5_pa_data ***out_pa_data);
+ void *plugin_context,
+ void *request_context,
+ krb5_get_init_creds_opt *opt,
+ preauth_get_client_data_proc get_data_proc,
+ struct _krb5_preauth_client_rock *rock,
+ krb5_kdc_req *request,
+ krb5_data *encoded_request_body,
+ krb5_data *encoded_previous_request,
+ krb5_pa_data *in_pa_data,
+ krb5_error *error,
+ krb5_prompter_fct prompter,
+ void *prompter_data,
+ preauth_get_as_key_proc gak_fct,
+ void *gak_data,
+ krb5_data *salt,
+ krb5_data *s2kparams,
+ krb5_keyblock *as_key,
+ krb5_pa_data ***out_pa_data);
/*
* Client function which receives krb5_get_init_creds_opt information.
@@ -240,10 +241,10 @@ typedef krb5_error_code
*/
typedef krb5_error_code
(*preauth_client_supply_gic_opts_proc)(krb5_context context,
- void *plugin_context,
- krb5_get_init_creds_opt *opt,
- const char *attr,
- const char *value);
+ void *plugin_context,
+ krb5_get_init_creds_opt *opt,
+ const char *attr,
+ const char *value);
/*
* The function table / structure which a preauth client module must export as
@@ -346,20 +347,20 @@ enum krb5plugin_preauth_entry_request_type {
and free the keyblock using krb5_free_keyblock; in that case,
this function simply frees the data*/
krb5plugin_preauth_free_fast_armor = 6,
- };
+};
typedef krb5_error_code
(*preauth_get_entry_data_proc)(krb5_context,
- krb5_kdc_req *,
- struct _krb5_db_entry_new *,
- krb5_int32 request_type,
- krb5_data **);
+ krb5_kdc_req *,
+ struct _krb5_db_entry_new *,
+ krb5_int32 request_type,
+ krb5_data **);
/* Preauth plugin initialization function */
typedef krb5_error_code
(*preauth_server_init_proc)(krb5_context context,
- void **plugin_context,
- const char** realmnames);
+ void **plugin_context,
+ const char** realmnames);
/* Preauth plugin cleanup function */
typedef void
@@ -385,12 +386,12 @@ typedef int
* case a context might otherwise hang around forever. */
typedef krb5_error_code
(*preauth_server_edata_proc)(krb5_context,
- krb5_kdc_req *request,
- struct _krb5_db_entry_new *client,
- struct _krb5_db_entry_new *server,
- preauth_get_entry_data_proc,
- void *pa_module_context,
- krb5_pa_data *data);
+ krb5_kdc_req *request,
+ struct _krb5_db_entry_new *client,
+ struct _krb5_db_entry_new *server,
+ preauth_get_entry_data_proc,
+ void *pa_module_context,
+ krb5_pa_data *data);
/* Verify preauthentication data sent by the client, setting the
* TKT_FLG_PRE_AUTH or TKT_FLG_HW_AUTH flag in the enc_tkt_reply's "flags"
@@ -398,16 +399,16 @@ typedef krb5_error_code
* context data for consumption by the return_proc or freepa_proc below. */
typedef krb5_error_code
(*preauth_server_verify_proc)(krb5_context context,
- struct _krb5_db_entry_new *client,
- krb5_data *req_pkt,
- krb5_kdc_req *request,
- krb5_enc_tkt_part *enc_tkt_reply,
- krb5_pa_data *data,
- preauth_get_entry_data_proc,
- void *pa_module_context,
- void **pa_request_context,
- krb5_data **e_data,
- krb5_authdata ***authz_data);
+ struct _krb5_db_entry_new *client,
+ krb5_data *req_pkt,
+ krb5_kdc_req *request,
+ krb5_enc_tkt_part *enc_tkt_reply,
+ krb5_pa_data *data,
+ preauth_get_entry_data_proc,
+ void *pa_module_context,
+ void **pa_request_context,
+ krb5_data **e_data,
+ krb5_authdata ***authz_data);
/* Generate preauthentication response data to send to the client as part
* of the AS-REP. If it needs to override the key which is used to encrypt
@@ -416,25 +417,25 @@ typedef krb5_error_code
* context data it saved in "pa_request_context". */
typedef krb5_error_code
(*preauth_server_return_proc)(krb5_context context,
- krb5_pa_data * padata,
- struct _krb5_db_entry_new *client,
- krb5_data *req_pkt,
- krb5_kdc_req *request,
- krb5_kdc_rep *reply,
- struct _krb5_key_data *client_keys,
- krb5_keyblock *encrypting_key,
- krb5_pa_data **send_pa,
- preauth_get_entry_data_proc,
- void *pa_module_context,
- void **pa_request_context);
+ krb5_pa_data * padata,
+ struct _krb5_db_entry_new *client,
+ krb5_data *req_pkt,
+ krb5_kdc_req *request,
+ krb5_kdc_rep *reply,
+ struct _krb5_key_data *client_keys,
+ krb5_keyblock *encrypting_key,
+ krb5_pa_data **send_pa,
+ preauth_get_entry_data_proc,
+ void *pa_module_context,
+ void **pa_request_context);
/* Free up the server-side per-request context, in cases where
* server_return_proc() didn't or for whatever reason was not called.
* Can be NULL. */
typedef krb5_error_code
(*preauth_server_free_reqcontext_proc)(krb5_context,
- void *pa_module_context,
- void **request_pa_context);
+ void *pa_module_context,
+ void **request_pa_context);
/*
* The function table / structure which a preauth server module must export as
@@ -507,20 +508,18 @@ typedef struct krb5plugin_preauth_server_ftable_v1 {
* obtained using krb5_get_init_creds_opt_alloc()
*/
krb5_error_code KRB5_CALLCONV
-krb5_get_init_creds_opt_get_pa
- (krb5_context context,
- krb5_get_init_creds_opt *opt,
- int *num_preauth_data,
- krb5_gic_opt_pa_data **preauth_data);
+krb5_get_init_creds_opt_get_pa(krb5_context context,
+ krb5_get_init_creds_opt *opt,
+ int *num_preauth_data,
+ krb5_gic_opt_pa_data **preauth_data);
/*
* This function frees the preauth_data that was returned by
* krb5_get_init_creds_opt_get_pa().
*/
void KRB5_CALLCONV
-krb5_get_init_creds_opt_free_pa
- (krb5_context context,
- int num_preauth_data,
- krb5_gic_opt_pa_data *preauth_data);
+krb5_get_init_creds_opt_free_pa(krb5_context context,
+ int num_preauth_data,
+ krb5_gic_opt_pa_data *preauth_data);
#endif /* KRB5_PREAUTH_PLUGIN_H_INCLUDED */
diff --git a/src/include/osconf.hin b/src/include/osconf.hin
index dd3f976c79..6d0e7bc091 100644
--- a/src/include/osconf.hin
+++ b/src/include/osconf.hin
@@ -1,5 +1,5 @@
-/* -*- c -*-
- * include/krb5/stock/osconf.h
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
+/* include/krb5/stock/osconf.h
*
* Copyright 1990,1991,2008 by the Massachusetts Institute of Technology.
* All Rights Reserved.
@@ -31,7 +31,7 @@
#define KRB5_OSCONF__
#if !defined(_WIN32)
- /* Don't try to pull in autoconf.h for Windows, since it's not used */
+/* Don't try to pull in autoconf.h for Windows, since it's not used */
#ifndef KRB5_AUTOCONF__
#define KRB5_AUTOCONF__
#include "autoconf.h"
@@ -44,8 +44,8 @@
#if defined(_WIN32)
#define DEFAULT_PROFILE_FILENAME "krb5.ini"
-#define DEFAULT_LNAME_FILENAME "/aname"
-#define DEFAULT_KEYTAB_NAME "FILE:%s\\krb5kt"
+#define DEFAULT_LNAME_FILENAME "/aname"
+#define DEFAULT_KEYTAB_NAME "FILE:%s\\krb5kt"
#else /* !_WINDOWS */
#if TARGET_OS_MAC
#define DEFAULT_SECURE_PROFILE_PATH "/Library/Preferences/edu.mit.Kerberos:/etc/krb5.conf:@SYSCONFDIR/krb5.conf"
@@ -54,41 +54,41 @@
#define KDB5_PLUGIN_BUNDLE_DIR "/System/Library/KerberosPlugins/KerberosDatabasePlugins"
#define KRB5_AUTHDATA_PLUGIN_BUNDLE_DIR "/System/Library/KerberosPlugins/KerberosAuthDataPlugins"
#else
-#define DEFAULT_SECURE_PROFILE_PATH "/etc/krb5.conf:@SYSCONFDIR/krb5.conf"
+#define DEFAULT_SECURE_PROFILE_PATH "/etc/krb5.conf:@SYSCONFDIR/krb5.conf"
#define DEFAULT_PROFILE_PATH DEFAULT_SECURE_PROFILE_PATH
#endif
-#define DEFAULT_KEYTAB_NAME "FILE:/etc/krb5.keytab"
-#define DEFAULT_LNAME_FILENAME "@PREFIX/lib/krb5.aname"
+#define DEFAULT_KEYTAB_NAME "FILE:/etc/krb5.keytab"
+#define DEFAULT_LNAME_FILENAME "@PREFIX/lib/krb5.aname"
#endif /* _WINDOWS */
#define DEFAULT_KDB_FILE "@LOCALSTATEDIR/krb5kdc/principal"
-#define DEFAULT_KEYFILE_STUB "@LOCALSTATEDIR/krb5kdc/.k5."
-#define KRB5_DEFAULT_ADMIN_ACL "@LOCALSTATEDIR/krb5kdc/krb5_adm.acl"
+#define DEFAULT_KEYFILE_STUB "@LOCALSTATEDIR/krb5kdc/.k5."
+#define KRB5_DEFAULT_ADMIN_ACL "@LOCALSTATEDIR/krb5kdc/krb5_adm.acl"
/* Used by old admin server */
-#define DEFAULT_ADMIN_ACL "@LOCALSTATEDIR/krb5kdc/kadm_old.acl"
+#define DEFAULT_ADMIN_ACL "@LOCALSTATEDIR/krb5kdc/kadm_old.acl"
/* Location of KDC profile */
-#define DEFAULT_KDC_PROFILE "@LOCALSTATEDIR/krb5kdc/kdc.conf"
-#define KDC_PROFILE_ENV "KRB5_KDC_PROFILE"
+#define DEFAULT_KDC_PROFILE "@LOCALSTATEDIR/krb5kdc/kdc.conf"
+#define KDC_PROFILE_ENV "KRB5_KDC_PROFILE"
#if TARGET_OS_MAC
-#define DEFAULT_KDB_LIB_PATH { KDB5_PLUGIN_BUNDLE_DIR, "@MODULEDIR/kdb", NULL }
+#define DEFAULT_KDB_LIB_PATH { KDB5_PLUGIN_BUNDLE_DIR, "@MODULEDIR/kdb", NULL }
#else
-#define DEFAULT_KDB_LIB_PATH { "@MODULEDIR/kdb", NULL }
+#define DEFAULT_KDB_LIB_PATH { "@MODULEDIR/kdb", NULL }
#endif
-#define DEFAULT_KDC_ENCTYPE ENCTYPE_DES3_CBC_SHA1
-#define KDCRCACHE "dfl:krb5kdc_rcache"
+#define DEFAULT_KDC_ENCTYPE ENCTYPE_DES3_CBC_SHA1
+#define KDCRCACHE "dfl:krb5kdc_rcache"
-#define KDC_PORTNAME "kerberos" /* for /etc/services or equiv. */
-#define KDC_SECONDARY_PORTNAME "kerberos-sec" /* For backwards */
- /* compatibility with */
- /* port 750 clients */
+#define KDC_PORTNAME "kerberos" /* for /etc/services or equiv. */
+#define KDC_SECONDARY_PORTNAME "kerberos-sec" /* For backwards */
+/* compatibility with */
+/* port 750 clients */
-#define KRB5_DEFAULT_PORT 88
-#define KRB5_DEFAULT_SEC_PORT 750
+#define KRB5_DEFAULT_PORT 88
+#define KRB5_DEFAULT_SEC_PORT 750
-#define DEFAULT_KPASSWD_PORT 464
+#define DEFAULT_KPASSWD_PORT 464
#define KPASSWD_PORTNAME "kpasswd"
#define DEFAULT_KDC_UDP_PORTLIST "88,750"
@@ -97,27 +97,27 @@
/*
* Defaults for the KADM5 admin system.
*/
-#define DEFAULT_KADM5_KEYTAB "@LOCALSTATEDIR/krb5kdc/kadm5.keytab"
-#define DEFAULT_KADM5_ACL_FILE "@LOCALSTATEDIR/krb5kdc/kadm5.acl"
-#define DEFAULT_KADM5_PORT 749 /* assigned by IANA */
+#define DEFAULT_KADM5_KEYTAB "@LOCALSTATEDIR/krb5kdc/kadm5.keytab"
+#define DEFAULT_KADM5_ACL_FILE "@LOCALSTATEDIR/krb5kdc/kadm5.acl"
+#define DEFAULT_KADM5_PORT 749 /* assigned by IANA */
-#define KRB5_DEFAULT_SUPPORTED_ENCTYPES \
- "aes256-cts-hmac-sha1-96:normal " \
- "aes128-cts-hmac-sha1-96:normal " \
- "des3-cbc-sha1:normal arcfour-hmac-md5:normal"
+#define KRB5_DEFAULT_SUPPORTED_ENCTYPES \
+ "aes256-cts-hmac-sha1-96:normal " \
+ "aes128-cts-hmac-sha1-96:normal " \
+ "des3-cbc-sha1:normal arcfour-hmac-md5:normal"
-#define MAX_DGRAM_SIZE 4096
+#define MAX_DGRAM_SIZE 4096
#define MAX_SKDC_TIMEOUT 30
-#define SKDC_TIMEOUT_SHIFT 2 /* left shift of timeout for backoff */
-#define SKDC_TIMEOUT_1 1 /* seconds for first timeout */
+#define SKDC_TIMEOUT_SHIFT 2 /* left shift of timeout for backoff */
+#define SKDC_TIMEOUT_1 1 /* seconds for first timeout */
-#define RCTMPDIR "@KRB5RCTMPDIR" /* directory to store replay caches */
+#define RCTMPDIR "@KRB5RCTMPDIR" /* directory to store replay caches */
-#define KRB5_PATH_TTY "/dev/tty"
-#define KRB5_PATH_LOGIN "@SBINDIR/login.krb5"
+#define KRB5_PATH_TTY "/dev/tty"
+#define KRB5_PATH_LOGIN "@SBINDIR/login.krb5"
#define KRB5_PATH_RLOGIN "@BINDIR/rlogin"
-#define KRB5_ENV_CCNAME "KRB5CCNAME"
+#define KRB5_ENV_CCNAME "KRB5CCNAME"
/*
* krb5 slave support follows
diff --git a/src/include/pkinit_apple_utils.h b/src/include/pkinit_apple_utils.h
index 857b1685cb..11751095c6 100644
--- a/src/include/pkinit_apple_utils.h
+++ b/src/include/pkinit_apple_utils.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (c) 2004-2008 Apple Inc. All Rights Reserved.
*
@@ -29,7 +30,7 @@
* Created 19 May 2004 by Doug Mitchell.
*/
-#ifndef _PKINIT_APPLE_UTILS_H_
+#ifndef _PKINIT_APPLE_UTILS_H_
#define _PKINIT_APPLE_UTILS_H_
#include <krb5/krb5.h>
@@ -45,7 +46,7 @@ extern "C" {
#define PKI_DEBUG 0
#endif
-#if PKI_DEBUG
+#if PKI_DEBUG
#include <stdio.h>
@@ -54,7 +55,7 @@ extern "C" {
#else
#define pkiDebug(args...)
#define pkiCssmErr(str, rtn)
-#endif /* PKI_DEBUG */
+#endif /* PKI_DEBUG */
/*
* Macros used to initialize a declared CSSM_DATA and krb5_data to zero/NULL values.
@@ -71,10 +72,10 @@ CSSM_CL_HANDLE pkiClStartup(void);
*/
krb5_error_code pkiDataToInt(
const CSSM_DATA *cdata,
- krb5_int32 *i); /* RETURNED */
+ krb5_int32 *i); /* RETURNED */
krb5_error_code pkiIntToData(
- krb5_int32 num,
+ krb5_int32 num,
CSSM_DATA *cdata, /* allocated in coder space and RETURNED */
SecAsn1CoderRef coder);
@@ -84,7 +85,7 @@ krb5_error_code pkiIntToData(
krb5_error_code pkiDataToKrb5Data(
const void *data,
unsigned dataLen,
- krb5_data *kd); /* content mallocd and RETURNED */
+ krb5_data *kd); /* content mallocd and RETURNED */
/*
* CSSM_DATA <--> krb5_data
@@ -93,7 +94,7 @@ krb5_error_code pkiDataToKrb5Data(
*/
krb5_error_code pkiCssmDataToKrb5Data(
const CSSM_DATA *cd,
- krb5_data *kd); /* content mallocd and RETURNED */
+ krb5_data *kd); /* content mallocd and RETURNED */
krb5_error_code pkiKrb5DataToCssm(
@@ -105,19 +106,19 @@ krb5_error_code pkiKrb5DataToCssm(
* CFDataRef --> krb5_data, mallocing the destination contents.
*/
krb5_error_code pkiCfDataToKrb5Data(
- CFDataRef cfData,
- krb5_data *kd); /* content mallocd and RETURNED */
+ CFDataRef cfData,
+ krb5_data *kd); /* content mallocd and RETURNED */
/*
* Non-mallocing conversion between CSSM_DATA and krb5_data
*/
-#define PKI_CSSM_TO_KRB_DATA(cd, kd) \
- (kd)->data = (char *)(cd)->Data; \
- (kd)->length = (cd)->Length;
+#define PKI_CSSM_TO_KRB_DATA(cd, kd) \
+ (kd)->data = (char *)(cd)->Data; \
+ (kd)->length = (cd)->Length;
-#define PKI_KRB_TO_CSSM_DATA(kd, cd) \
- (cd)->Data = (uint8 *)(kd)->data; \
- (cd)->Length = (kd)->length;
+#define PKI_KRB_TO_CSSM_DATA(kd, cd) \
+ (cd)->Data = (uint8 *)(kd)->data; \
+ (cd)->Length = (kd)->length;
/*
* Compare to CSSM_DATAs. Return TRUE if they're the same else FALSE.
@@ -131,12 +132,12 @@ krb5_boolean pkiCompareCssmData(
*/
krb5_error_code pkiKrbTimestampToStr(
krb5_timestamp kts,
- char **str); /* mallocd and RETURNED */
+ char **str); /* mallocd and RETURNED */
krb5_error_code pkiTimeStrToKrbTimestamp(
- const char *str,
- unsigned len,
- krb5_timestamp *kts); /* RETURNED */
+ const char *str,
+ unsigned len,
+ krb5_timestamp *kts); /* RETURNED */
/*
* How many items in a NULL-terminated array of pointers?
diff --git a/src/include/pkinit_asn1.h b/src/include/pkinit_asn1.h
index 8e33a69a60..44b01e9664 100644
--- a/src/include/pkinit_asn1.h
+++ b/src/include/pkinit_asn1.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (c) 2004-2008 Apple Inc. All Rights Reserved.
*
@@ -29,7 +30,7 @@
* Created 18 May 2004 by Doug Mitchell.
*/
-#ifndef _PKINIT_ASN1_H_
+#ifndef _PKINIT_ASN1_H_
#define _PKINIT_ASN1_H_
#include <krb5/krb5.h>
@@ -40,31 +41,31 @@ extern "C" {
/* RFC 3280 AlgorithmIdentifier */
typedef struct {
- krb5_data algorithm; /* OID */
- krb5_data parameters; /* ASN_ANY, defined by algorithm */
+ krb5_data algorithm; /* OID */
+ krb5_data parameters; /* ASN_ANY, defined by algorithm */
} krb5int_algorithm_id;
/*
* Encode and decode AuthPack, public key version (no Diffie-Hellman components).
*/
krb5_error_code krb5int_pkinit_auth_pack_encode(
- krb5_timestamp kctime,
- krb5_int32 cusec, /* microseconds */
- krb5_ui_4 nonce,
- const krb5_checksum *pa_checksum,
- const krb5int_algorithm_id *cms_types, /* optional */
- krb5_ui_4 num_cms_types,
- krb5_data *auth_pack); /* mallocd and RETURNED */
+ krb5_timestamp kctime,
+ krb5_int32 cusec, /* microseconds */
+ krb5_ui_4 nonce,
+ const krb5_checksum *pa_checksum,
+ const krb5int_algorithm_id *cms_types, /* optional */
+ krb5_ui_4 num_cms_types,
+ krb5_data *auth_pack); /* mallocd and RETURNED */
/* all returned values are optional - pass NULL if you don't want them */
krb5_error_code krb5int_pkinit_auth_pack_decode(
- const krb5_data *auth_pack, /* DER encoded */
- krb5_timestamp *kctime, /* RETURNED */
- krb5_ui_4 *cusec, /* microseconds, RETURNED */
- krb5_ui_4 *nonce, /* RETURNED */
- krb5_checksum *pa_checksum, /* contents mallocd and RETURNED */
- krb5int_algorithm_id **cms_types, /* mallocd and RETURNED */
- krb5_ui_4 *num_cms_types); /* RETURNED */
+ const krb5_data *auth_pack, /* DER encoded */
+ krb5_timestamp *kctime, /* RETURNED */
+ krb5_ui_4 *cusec, /* microseconds, RETURNED */
+ krb5_ui_4 *nonce, /* RETURNED */
+ krb5_checksum *pa_checksum, /* contents mallocd and RETURNED */
+ krb5int_algorithm_id **cms_types, /* mallocd and RETURNED */
+ krb5_ui_4 *num_cms_types); /* RETURNED */
/*
@@ -72,7 +73,7 @@ krb5_error_code krb5int_pkinit_auth_pack_decode(
* IssuerAndSerialNumber.
*/
krb5_error_code krb5int_pkinit_issuer_serial_encode(
- const krb5_data *issuer, /* DER encoded */
+ const krb5_data *issuer, /* DER encoded */
const krb5_data *serial_num,
krb5_data *issuer_and_serial); /* content mallocd and RETURNED */
@@ -81,8 +82,8 @@ krb5_error_code krb5int_pkinit_issuer_serial_encode(
*/
krb5_error_code krb5int_pkinit_issuer_serial_decode(
const krb5_data *issuer_and_serial, /* DER encoded */
- krb5_data *issuer, /* DER encoded, RETURNED */
- krb5_data *serial_num); /* RETURNED */
+ krb5_data *issuer, /* DER encoded, RETURNED */
+ krb5_data *serial_num); /* RETURNED */
/*
* Top-level encode for PA-PK-AS-REQ.
@@ -90,12 +91,12 @@ krb5_error_code krb5int_pkinit_issuer_serial_decode(
* specific tag 0, during encode.
*/
krb5_error_code krb5int_pkinit_pa_pk_as_req_encode(
- const krb5_data *signed_auth_pack, /* DER encoded ContentInfo */
- const krb5_data *trusted_CAs, /* optional: trustedCertifiers. Contents are
- * DER-encoded issuer/serialNumbers. */
- krb5_ui_4 num_trusted_CAs,
- const krb5_data *kdc_cert, /* optional kdcPkId, DER encoded issuer/serial */
- krb5_data *pa_pk_as_req); /* mallocd and RETURNED */
+ const krb5_data *signed_auth_pack, /* DER encoded ContentInfo */
+ const krb5_data *trusted_CAs, /* optional: trustedCertifiers. Contents are
+ * DER-encoded issuer/serialNumbers. */
+ krb5_ui_4 num_trusted_CAs,
+ const krb5_data *kdc_cert, /* optional kdcPkId, DER encoded issuer/serial */
+ krb5_data *pa_pk_as_req); /* mallocd and RETURNED */
/*
* Top-level decode for PA-PK-AS-REQ. Does not perform cert verification on the
@@ -105,15 +106,15 @@ krb5_error_code krb5int_pkinit_pa_pk_as_req_encode(
*/
krb5_error_code krb5int_pkinit_pa_pk_as_req_decode(
const krb5_data *pa_pk_as_req,
- krb5_data *signed_auth_pack, /* DER encoded ContentInfo, RETURNED */
+ krb5_data *signed_auth_pack, /* DER encoded ContentInfo, RETURNED */
/*
* Remainder are optionally RETURNED (specify NULL for pointers to
* items you're not interested in).
*/
- krb5_ui_4 *num_trusted_CAs, /* sizeof trusted_CAs */
- krb5_data **trusted_CAs, /* mallocd array of DER-encoded TrustedCAs
- * issuer/serial */
- krb5_data *kdc_cert); /* DER encoded issuer/serial */
+ krb5_ui_4 *num_trusted_CAs, /* sizeof trusted_CAs */
+ krb5_data **trusted_CAs, /* mallocd array of DER-encoded TrustedCAs
+ * issuer/serial */
+ krb5_data *kdc_cert); /* DER encoded issuer/serial */
/*
* Encode a ReplyKeyPack. The result is used as the Content of a SignedData.
@@ -121,15 +122,15 @@ krb5_error_code krb5int_pkinit_pa_pk_as_req_decode(
krb5_error_code krb5int_pkinit_reply_key_pack_encode(
const krb5_keyblock *key_block,
const krb5_checksum *checksum,
- krb5_data *reply_key_pack); /* mallocd and RETURNED */
+ krb5_data *reply_key_pack); /* mallocd and RETURNED */
/*
* Decode a ReplyKeyPack.
*/
krb5_error_code krb5int_pkinit_reply_key_pack_decode(
- const krb5_data *reply_key_pack,
- krb5_keyblock *key_block, /* RETURNED */
- krb5_checksum *checksum); /* contents mallocd and RETURNED */
+ const krb5_data *reply_key_pack,
+ krb5_keyblock *key_block, /* RETURNED */
+ krb5_checksum *checksum); /* contents mallocd and RETURNED */
/*
* Encode a PA-PK-AS-REP.
@@ -141,8 +142,8 @@ krb5_error_code krb5int_pkinit_reply_key_pack_decode(
*/
krb5_error_code krb5int_pkinit_pa_pk_as_rep_encode(
const krb5_data *dh_signed_data,
- const krb5_data *enc_key_pack, /* EnvelopedData(signedData(ReplyKeyPack) */
- krb5_data *pa_pk_as_rep); /* mallocd and RETURNED */
+ const krb5_data *enc_key_pack, /* EnvelopedData(signedData(ReplyKeyPack) */
+ krb5_data *pa_pk_as_rep); /* mallocd and RETURNED */
/*
* Decode a PA-PK-AS-REP.
@@ -155,18 +156,18 @@ krb5_error_code krb5int_pkinit_pa_pk_as_rep_encode(
*/
krb5_error_code krb5int_pkinit_pa_pk_as_rep_decode(
const krb5_data *pa_pk_as_rep,
- krb5_data *dh_signed_data,
- krb5_data *enc_key_pack);
+ krb5_data *dh_signed_data,
+ krb5_data *enc_key_pack);
/*
* Given a DER encoded certificate, obtain the associated IssuerAndSerialNumber.
*/
krb5_error_code krb5int_pkinit_get_issuer_serial(
- const krb5_data *cert,
- krb5_data *issuer_and_serial);
+ const krb5_data *cert,
+ krb5_data *issuer_and_serial);
#ifdef __cplusplus
}
#endif
-#endif /* _PKINIT_ASN1_H_ */
+#endif /* _PKINIT_ASN1_H_ */
diff --git a/src/include/pkinit_cert_store.h b/src/include/pkinit_cert_store.h
index b7f70d3889..1524f1c0cd 100644
--- a/src/include/pkinit_cert_store.h
+++ b/src/include/pkinit_cert_store.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (c) 2004-2008 Apple Inc. All Rights Reserved.
*
@@ -29,7 +30,7 @@
* Created 26 May 2004 by Doug Mitchell at Apple.
*/
-#ifndef _PKINIT_CERT_STORE_H_
+#ifndef _PKINIT_CERT_STORE_H_
#define _PKINIT_CERT_STORE_H_
#ifdef __cplusplus
@@ -62,15 +63,15 @@ typedef void *krb5_pkinit_cert_db_t;
* Returns KRB5_PRINC_NOMATCH if client cert not found.
*/
krb5_error_code krb5_pkinit_get_client_cert(
- const char *principal, /* full principal string */
- krb5_pkinit_signing_cert_t *client_cert); /* RETURNED */
+ const char *principal, /* full principal string */
+ krb5_pkinit_signing_cert_t *client_cert); /* RETURNED */
/*
* Determine if the specified client has a signing cert. Returns TRUE
* if so, else returns FALSE.
*/
krb5_boolean krb5_pkinit_have_client_cert(
- const char *principal); /* full principal string */
+ const char *principal); /* full principal string */
/*
* Store the specified certificate (or, more likely, some platform-dependent
@@ -79,20 +80,20 @@ krb5_boolean krb5_pkinit_have_client_cert(
* in the cert storage.
*/
krb5_error_code krb5_pkinit_set_client_cert_from_signing_cert(
- const char *principal, /* full principal string */
- krb5_pkinit_signing_cert_t client_cert);
+ const char *principal, /* full principal string */
+ krb5_pkinit_signing_cert_t client_cert);
krb5_error_code krb5_pkinit_set_client_cert(
- const char *principal, /* full principal string */
- krb5_pkinit_cert_t client_cert);
+ const char *principal, /* full principal string */
+ krb5_pkinit_cert_t client_cert);
/*
* Obtain a reference to the client's cert database. Specify either principal
* name or client_cert as obtained from krb5_pkinit_get_client_cert().
*/
krb5_error_code krb5_pkinit_get_client_cert_db(
- const char *principal, /* optional, full principal string */
- krb5_pkinit_signing_cert_t client_cert, /* optional, from krb5_pkinit_get_client_cert() */
- krb5_pkinit_cert_db_t *client_cert_db); /* RETURNED */
+ const char *principal, /* optional, full principal string */
+ krb5_pkinit_signing_cert_t client_cert, /* optional, from krb5_pkinit_get_client_cert() */
+ krb5_pkinit_cert_db_t *client_cert_db); /* RETURNED */
/*
* Obtain the KDC signing cert, with optional CA and specific cert specifiers.
@@ -110,16 +111,16 @@ krb5_error_code krb5_pkinit_get_client_cert_db(
*
*/
krb5_error_code krb5_pkinit_get_kdc_cert(
- krb5_ui_4 num_trusted_CAs, /* sizeof *trusted_CAs */
- krb5_data *trusted_CAs, /* optional */
- krb5_data *client_spec, /* optional */
- krb5_pkinit_signing_cert_t *kdc_cert); /* RETURNED */
+ krb5_ui_4 num_trusted_CAs, /* sizeof *trusted_CAs */
+ krb5_data *trusted_CAs, /* optional */
+ krb5_data *client_spec, /* optional */
+ krb5_pkinit_signing_cert_t *kdc_cert); /* RETURNED */
/*
* Obtain a reference to the KDC's cert database.
*/
krb5_error_code krb5_pkinit_get_kdc_cert_db(
- krb5_pkinit_cert_db_t *kdc_cert_db); /* RETURNED */
+ krb5_pkinit_cert_db_t *kdc_cert_db); /* RETURNED */
/*
* Release certificate references obtained via krb5_pkinit_get_client_cert() and
@@ -133,7 +134,7 @@ extern void krb5_pkinit_release_cert(
* krb5_pkinit_get_kdc_cert_db().
*/
extern void krb5_pkinit_release_cert_db(
- krb5_pkinit_cert_db_t cert_db);
+ krb5_pkinit_cert_db_t cert_db);
/*
* Obtain a mallocd C-string representation of a certificate's SHA1 digest.
@@ -152,9 +153,9 @@ char *krb5_pkinit_cert_hash_str(
krb5_error_code krb5_pkinit_get_server_certs(
const char *client_principal,
const char *server_principal,
- krb5_data **trusted_CAs, /* RETURNED, though return value may be NULL */
- krb5_ui_4 *num_trusted_CAs, /* RETURNED */
- krb5_data *kdc_cert); /* RETURNED, though may be 0/NULL */
+ krb5_data **trusted_CAs, /* RETURNED, though return value may be NULL */
+ krb5_ui_4 *num_trusted_CAs, /* RETURNED */
+ krb5_data *kdc_cert); /* RETURNED, though may be 0/NULL */
#ifdef __cplusplus
}
diff --git a/src/include/pkinit_client.h b/src/include/pkinit_client.h
index 3b9a841baf..d3182cc84b 100644
--- a/src/include/pkinit_client.h
+++ b/src/include/pkinit_client.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (c) 2004-2008 Apple Inc. All Rights Reserved.
*
@@ -44,37 +45,37 @@ extern "C" {
* Create a PA-PK-AS-REQ message.
*/
krb5_error_code krb5int_pkinit_as_req_create(
- krb5_context context,
- krb5_timestamp kctime,
- krb5_int32 cusec, /* microseconds */
- krb5_ui_4 nonce,
- const krb5_checksum *cksum,
- krb5_pkinit_signing_cert_t client_cert, /* required! */
+ krb5_context context,
+ krb5_timestamp kctime,
+ krb5_int32 cusec, /* microseconds */
+ krb5_ui_4 nonce,
+ const krb5_checksum *cksum,
+ krb5_pkinit_signing_cert_t client_cert, /* required! */
/*
* trusted_CAs correponds to PA-PK-AS-REQ.trustedCertifiers.
* Expressed here as an optional list of DER-encoded certs.
*/
- const krb5_data *trusted_CAs,
- krb5_ui_4 num_trusted_CAs,
+ const krb5_data *trusted_CAs,
+ krb5_ui_4 num_trusted_CAs,
/* optional PA-PK-AS-REQ.kdcPkId, expressed here as a
* DER-encoded cert */
- const krb5_data *kdc_cert,
- krb5_data *as_req); /* mallocd and RETURNED */
+ const krb5_data *kdc_cert,
+ krb5_data *as_req); /* mallocd and RETURNED */
/*
* Parse PA-PK-AS-REP message. Optionally evaluates the message's certificate chain.
* Optionally returns various components.
*/
krb5_error_code krb5int_pkinit_as_rep_parse(
- krb5_context context,
- const krb5_data *as_rep,
- krb5_pkinit_signing_cert_t client_cert, /* required for decryption */
- krb5_keyblock *key_block, /* RETURNED */
- krb5_checksum *checksum, /* checksum of corresponding AS-REQ */
- /* contents mallocd and RETURNED */
- krb5int_cert_sig_status *cert_status, /* RETURNED */
+ krb5_context context,
+ const krb5_data *as_rep,
+ krb5_pkinit_signing_cert_t client_cert, /* required for decryption */
+ krb5_keyblock *key_block, /* RETURNED */
+ krb5_checksum *checksum, /* checksum of corresponding AS-REQ */
+ /* contents mallocd and RETURNED */
+ krb5int_cert_sig_status *cert_status, /* RETURNED */
/*
* Cert fields, all optionally RETURNED.
@@ -83,9 +84,9 @@ krb5_error_code krb5int_pkinit_as_rep_parse(
* all_certs is an array of all of the certs in the incoming SignedData,
* in full DER-encoded form.
*/
- krb5_data *signer_cert, /* content mallocd */
- unsigned *num_all_certs, /* sizeof *all_certs */
- krb5_data **all_certs); /* krb5_data's and their content mallocd */
+ krb5_data *signer_cert, /* content mallocd */
+ unsigned *num_all_certs, /* sizeof *all_certs */
+ krb5_data **all_certs); /* krb5_data's and their content mallocd */
#ifdef __cplusplus
}
diff --git a/src/include/pkinit_cms.h b/src/include/pkinit_cms.h
index accf8bfb32..d46358dd9d 100644
--- a/src/include/pkinit_cms.h
+++ b/src/include/pkinit_cms.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (c) 2004-2008 Apple Inc. All Rights Reserved.
*
@@ -76,22 +77,22 @@ typedef krb5_int32 krb5int_cms_content_type;
*/
enum {
pki_cs_good = 0,
- pki_not_signed, /* message not signed */
- pki_not_evaluated, /* signed, but not evaluated per caller request */
+ pki_not_signed, /* message not signed */
+ pki_not_evaluated, /* signed, but not evaluated per caller request */
/* remainder imply good signature on the message proper, i.e., these
* are all certificate errors. */
pki_cs_sig_verify_fail, /* signature verification failed */
- pki_cs_bad_leaf, /* leaf/subject cert itself is plain bad */
- pki_cs_no_root, /* looks good but not verifiable to any root */
+ pki_cs_bad_leaf, /* leaf/subject cert itself is plain bad */
+ pki_cs_no_root, /* looks good but not verifiable to any root */
pki_cs_unknown_root, /* verified to root we don't recognize */
- pki_cs_expired, /* expired */
+ pki_cs_expired, /* expired */
pki_cs_not_valid_yet, /* cert not valid yet */
- pki_cs_revoked, /* revoked via CRL or OCSP */
- pki_cs_untrusted, /* marked by user as untrusted */
- pki_bad_cms, /* CMS Format precluded verification */
- pki_bad_key_use, /* Bad ExtendedKeyUse or KeyUsage extension */
- pki_bad_digest, /* unacceptable CMS digest algorithm */
- pki_cs_other_err /* other cert verify error */
+ pki_cs_revoked, /* revoked via CRL or OCSP */
+ pki_cs_untrusted, /* marked by user as untrusted */
+ pki_bad_cms, /* CMS Format precluded verification */
+ pki_bad_key_use, /* Bad ExtendedKeyUse or KeyUsage extension */
+ pki_bad_digest, /* unacceptable CMS digest algorithm */
+ pki_cs_other_err /* other cert verify error */
};
typedef krb5_int32 krb5int_cert_sig_status;
@@ -111,13 +112,13 @@ typedef krb5_int32 krb5int_cert_sig_status;
* creation of the CMS message.
*/
krb5_error_code krb5int_pkinit_create_cms_msg(
- const krb5_data *content, /* Content */
- krb5_pkinit_signing_cert_t signing_cert, /* optional: signed by this cert */
- const krb5_data *recip_cert, /* optional: encrypted with this cert */
- krb5int_cms_content_type content_type, /* OID for EncapsulatedData */
- krb5_ui_4 num_cms_types, /* optional */
- const krb5int_algorithm_id *cms_types, /* optional */
- krb5_data *content_info); /* contents mallocd and RETURNED */
+ const krb5_data *content, /* Content */
+ krb5_pkinit_signing_cert_t signing_cert, /* optional: signed by this cert */
+ const krb5_data *recip_cert, /* optional: encrypted with this cert */
+ krb5int_cms_content_type content_type, /* OID for EncapsulatedData */
+ krb5_ui_4 num_cms_types, /* optional */
+ const krb5int_algorithm_id *cms_types, /* optional */
+ krb5_data *content_info); /* contents mallocd and RETURNED */
/*
* Parse a ContentInfo as best we can. All returned fields are optional -
@@ -136,19 +137,19 @@ krb5_error_code krb5int_pkinit_create_cms_msg(
*/
krb5_error_code krb5int_pkinit_parse_cms_msg(
const krb5_data *content_info,
- krb5_pkinit_cert_db_t cert_db, /* may be required for SignedData */
- krb5_boolean is_client_msg, /* TRUE : msg is from client */
- krb5_boolean *is_signed, /* RETURNED */
- krb5_boolean *is_encrypted, /* RETURNED */
- krb5_data *raw_data, /* RETURNED */
- krb5int_cms_content_type *inner_content_type,/* Returned, ContentType of */
- /* EncapsulatedData if */
- /* *is_signed true */
+ krb5_pkinit_cert_db_t cert_db, /* may be required for SignedData */
+ krb5_boolean is_client_msg, /* TRUE : msg is from client */
+ krb5_boolean *is_signed, /* RETURNED */
+ krb5_boolean *is_encrypted, /* RETURNED */
+ krb5_data *raw_data, /* RETURNED */
+ krb5int_cms_content_type *inner_content_type,/* Returned, ContentType of
+ * EncapsulatedData if
+ * *is_signed true */
/* returned for type SignedData only */
- krb5_data *signer_cert, /* RETURNED */
+ krb5_data *signer_cert, /* RETURNED */
krb5int_cert_sig_status *signer_cert_status,/* RETURNED */
- unsigned *num_all_certs, /* size of *all_certs RETURNED */
- krb5_data **all_certs); /* entire cert chain RETURNED */
+ unsigned *num_all_certs, /* size of *all_certs RETURNED */
+ krb5_data **all_certs); /* entire cert chain RETURNED */
/*
* An AuthPack contains an optional set of AlgorithmIdentifiers
@@ -165,12 +166,12 @@ krb5_error_code krb5int_pkinit_parse_cms_msg(
* from krb5int_pkinit_get_cms_types() as necessary.
*/
krb5_error_code krb5int_pkinit_get_cms_types(
- krb5int_algorithm_id **supported_cms_types, /* RETURNED */
- krb5_ui_4 *num_supported_cms_types); /* RETURNED */
+ krb5int_algorithm_id **supported_cms_types, /* RETURNED */
+ krb5_ui_4 *num_supported_cms_types); /* RETURNED */
krb5_error_code krb5int_pkinit_free_cms_types(
krb5int_algorithm_id *supported_cms_types,
- krb5_ui_4 num_supported_cms_types);
+ krb5_ui_4 num_supported_cms_types);
#ifdef __cplusplus
}
diff --git a/src/include/port-sockets.h b/src/include/port-sockets.h
index 35ed2b4c42..bb2b5173f9 100644
--- a/src/include/port-sockets.h
+++ b/src/include/port-sockets.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
#ifndef _PORT_SOCKET_H
#define _PORT_SOCKET_H
#if defined(_WIN32)
@@ -10,14 +11,14 @@
typedef WSABUF sg_buf;
-#define SG_ADVANCE(SG, N) \
- ((SG)->len < (N) \
- ? (abort(), 0) \
- : ((SG)->buf += (N), (SG)->len -= (N), 0))
+#define SG_ADVANCE(SG, N) \
+ ((SG)->len < (N) \
+ ? (abort(), 0) \
+ : ((SG)->buf += (N), (SG)->len -= (N), 0))
-#define SG_LEN(SG) ((SG)->len + 0)
-#define SG_BUF(SG) ((SG)->buf + 0)
-#define SG_SET(SG, B, N) ((SG)->buf = (char *)(B),(SG)->len = (N))
+#define SG_LEN(SG) ((SG)->len + 0)
+#define SG_BUF(SG) ((SG)->buf + 0)
+#define SG_SET(SG, B, N) ((SG)->buf = (char *)(B),(SG)->len = (N))
#define SOCKET_INITIALIZE() 0
#define SOCKET_CLEANUP()
@@ -26,9 +27,9 @@ typedef WSABUF sg_buf;
#define SOCKET_NFDS(f) (0) /* select()'s first arg is ignored */
#define SOCKET_READ(fd, b, l) (recv(fd, b, l, 0))
#define SOCKET_WRITE(fd, b, l) (send(fd, b, l, 0))
-#define SOCKET_CONNECT connect /* XXX */
-#define SOCKET_GETSOCKNAME getsockname /* XXX */
-#define SOCKET_CLOSE close /* XXX */
+#define SOCKET_CONNECT connect /* XXX */
+#define SOCKET_GETSOCKNAME getsockname /* XXX */
+#define SOCKET_CLOSE close /* XXX */
#define SOCKET_EINTR WSAEINTR
/* Return -1 for error or number of bytes written.
@@ -36,12 +37,12 @@ typedef WSABUF sg_buf;
must be used by this macro (to avoid compiler warnings). */
/* WSASend returns 0 or SOCKET_ERROR. */
#define SOCKET_WRITEV_TEMP DWORD
-#define SOCKET_WRITEV(FD, SG, LEN, TMP) \
- (WSASend((FD), (SG), (LEN), &(TMP), 0, 0, 0) ? -1 : (TMP))
+#define SOCKET_WRITEV(FD, SG, LEN, TMP) \
+ (WSASend((FD), (SG), (LEN), &(TMP), 0, 0, 0) ? -1 : (TMP))
-#define SHUTDOWN_READ SD_RECEIVE
-#define SHUTDOWN_WRITE SD_SEND
-#define SHUTDOWN_BOTH SD_BOTH
+#define SHUTDOWN_READ SD_RECEIVE
+#define SHUTDOWN_WRITE SD_SEND
+#define SHUTDOWN_BOTH SD_BOTH
#ifndef EINPROGRESS
#define EINPROGRESS WSAEINPROGRESS
@@ -79,23 +80,23 @@ typedef int socklen_t;
#include "autoconf.h"
#include <sys/types.h>
-#include <netinet/in.h> /* For struct sockaddr_in and in_addr */
-#include <arpa/inet.h> /* For inet_ntoa */
+#include <netinet/in.h> /* For struct sockaddr_in and in_addr */
+#include <arpa/inet.h> /* For inet_ntoa */
#include <netdb.h>
#ifndef HAVE_NETDB_H_H_ERRNO
-extern int h_errno; /* In case it's missing, e.g., HP-UX 10.20. */
+extern int h_errno; /* In case it's missing, e.g., HP-UX 10.20. */
#endif
-#include <sys/param.h> /* For MAXHOSTNAMELEN */
-#include <sys/socket.h> /* For SOCK_*, AF_*, etc */
-#include <sys/time.h> /* For struct timeval */
-#include <net/if.h> /* For struct ifconf, for localaddr.c */
+#include <sys/param.h> /* For MAXHOSTNAMELEN */
+#include <sys/socket.h> /* For SOCK_*, AF_*, etc */
+#include <sys/time.h> /* For struct timeval */
+#include <net/if.h> /* For struct ifconf, for localaddr.c */
#ifdef HAVE_SYS_UIO_H
-#include <sys/uio.h> /* For struct iovec, for sg_buf */
+#include <sys/uio.h> /* For struct iovec, for sg_buf */
#endif
#ifdef HAVE_SYS_FILIO_H
-#include <sys/filio.h> /* For FIONBIO on Solaris. */
+#include <sys/filio.h> /* For FIONBIO on Solaris. */
#endif
/* Either size_t or int or unsigned int is probably right. Under
@@ -118,59 +119,59 @@ struct krb5int_sockaddr_storage {
/*
* Compatability with WinSock calls on MS-Windows...
*/
-#define SOCKET int
-#define INVALID_SOCKET ((SOCKET)~0)
-#define closesocket close
-#define ioctlsocket ioctl
-#define SOCKET_ERROR (-1)
+#define SOCKET int
+#define INVALID_SOCKET ((SOCKET)~0)
+#define closesocket close
+#define ioctlsocket ioctl
+#define SOCKET_ERROR (-1)
typedef struct iovec sg_buf;
-#define SG_ADVANCE(SG, N) \
- ((SG)->iov_len < (N) \
- ? (abort(), 0) \
- : ((SG)->iov_base = (char *) (SG)->iov_base + (N), \
- (SG)->iov_len -= (N), 0))
+#define SG_ADVANCE(SG, N) \
+ ((SG)->iov_len < (N) \
+ ? (abort(), 0) \
+ : ((SG)->iov_base = (char *) (SG)->iov_base + (N), \
+ (SG)->iov_len -= (N), 0))
-#define SG_LEN(SG) ((SG)->iov_len + 0)
-#define SG_BUF(SG) ((char*)(SG)->iov_base + 0)
-#define SG_SET(SG, B, L) ((SG)->iov_base = (char*)(B), (SG)->iov_len = (L))
+#define SG_LEN(SG) ((SG)->iov_len + 0)
+#define SG_BUF(SG) ((char*)(SG)->iov_base + 0)
+#define SG_SET(SG, B, L) ((SG)->iov_base = (char*)(B), (SG)->iov_len = (L))
/* Some of our own infrastructure where the WinSock stuff was too hairy
to dump into a clean Unix program... */
-#define SOCKET_INITIALIZE() (0) /* No error (or anything else) */
-#define SOCKET_CLEANUP() /* nothing */
-#define SOCKET_ERRNO errno
-#define SOCKET_SET_ERRNO(x) (errno = (x))
-#define SOCKET_NFDS(f) ((f)+1) /* select() arg for a single fd */
-#define SOCKET_READ read
-#define SOCKET_WRITE write
-#define SOCKET_CONNECT connect
-#define SOCKET_GETSOCKNAME getsockname
-#define SOCKET_CLOSE close
-#define SOCKET_EINTR EINTR
+#define SOCKET_INITIALIZE() (0) /* No error (or anything else) */
+#define SOCKET_CLEANUP() /* nothing */
+#define SOCKET_ERRNO errno
+#define SOCKET_SET_ERRNO(x) (errno = (x))
+#define SOCKET_NFDS(f) ((f)+1) /* select() arg for a single fd */
+#define SOCKET_READ read
+#define SOCKET_WRITE write
+#define SOCKET_CONNECT connect
+#define SOCKET_GETSOCKNAME getsockname
+#define SOCKET_CLOSE close
+#define SOCKET_EINTR EINTR
#define SOCKET_WRITEV_TEMP int
/* Use TMP to avoid compiler warnings and keep things consistent with
Windoze version. */
-#define SOCKET_WRITEV(FD, SG, LEN, TMP) \
- ((TMP) = writev((FD), (SG), (LEN)), (TMP))
+#define SOCKET_WRITEV(FD, SG, LEN, TMP) \
+ ((TMP) = writev((FD), (SG), (LEN)), (TMP))
-#define SHUTDOWN_READ 0
-#define SHUTDOWN_WRITE 1
-#define SHUTDOWN_BOTH 2
+#define SHUTDOWN_READ 0
+#define SHUTDOWN_WRITE 1
+#define SHUTDOWN_BOTH 2
#ifndef HAVE_INET_NTOP
-#define inet_ntop(AF,SRC,DST,CNT) \
- ((AF) == AF_INET \
- ? ((CNT) < 16 \
- ? (SOCKET_SET_ERRNO(ENOSPC), (const char *)NULL) \
- : (sprintf((DST), "%d.%d.%d.%d", \
- ((const unsigned char *)(const void *)(SRC))[0] & 0xff, \
- ((const unsigned char *)(const void *)(SRC))[1] & 0xff, \
- ((const unsigned char *)(const void *)(SRC))[2] & 0xff, \
- ((const unsigned char *)(const void *)(SRC))[3] & 0xff), \
- (DST))) \
+#define inet_ntop(AF,SRC,DST,CNT) \
+ ((AF) == AF_INET \
+ ? ((CNT) < 16 \
+ ? (SOCKET_SET_ERRNO(ENOSPC), (const char *)NULL) \
+ : (sprintf((DST), "%d.%d.%d.%d", \
+ ((const unsigned char *)(const void *)(SRC))[0] & 0xff, \
+ ((const unsigned char *)(const void *)(SRC))[1] & 0xff, \
+ ((const unsigned char *)(const void *)(SRC))[2] & 0xff, \
+ ((const unsigned char *)(const void *)(SRC))[3] & 0xff), \
+ (DST))) \
: (SOCKET_SET_ERRNO(EAFNOSUPPORT), (const char *)NULL))
#define HAVE_INET_NTOP
#endif
diff --git a/src/include/socket-utils.h b/src/include/socket-utils.h
index d874058019..19145c85f8 100644
--- a/src/include/socket-utils.h
+++ b/src/include/socket-utils.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* Copyright (C) 2001,2005 by the Massachusetts Institute of Technology,
* Cambridge, MA, USA. All Rights Reserved.
diff --git a/src/include/spnego-asn1.h b/src/include/spnego-asn1.h
index 211ba37d8b..35f446e522 100644
--- a/src/include/spnego-asn1.h
+++ b/src/include/spnego-asn1.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* spnego-asn1.h
*
@@ -38,18 +39,18 @@
/* Context flags recognized by SPNEGO*/
enum {
- SPNEGO_DELEG_FLAG = 0x80,
- SPNEGO_MUTUAL_FLAG = 0x40,
- SPNEGO_ANON_FLAG=0x20,
- SPNEGO_CONF_FLAG = 0x10
+ SPNEGO_DELEG_FLAG = 0x80,
+ SPNEGO_MUTUAL_FLAG = 0x40,
+ SPNEGO_ANON_FLAG=0x20,
+ SPNEGO_CONF_FLAG = 0x10
};
/* Results of a negotiation*/
enum {
- SPNEGO_ACCEPT_COMPLETED = 0,
- SPNEGO_ACCEPT_INCOMPLETE = 1,
- SPNEGO_REJECT = 2,
- SPNEGO_UNSPEC_RESULT = 3
+ SPNEGO_ACCEPT_COMPLETED = 0,
+ SPNEGO_ACCEPT_INCOMPLETE = 1,
+ SPNEGO_REJECT = 2,
+ SPNEGO_UNSPEC_RESULT = 3
};
typedef krb5_data spnego_oid;
@@ -79,7 +80,7 @@ typedef struct _spnego_acceptor_token {
krb5_error_code krb5int_encode_spnego_acceptor_token
(krb5_context , spnego_acceptor_token *,
- krb5_data **);
+ krb5_data **);
krb5_error_code krb5int_encode_spnego_initiator_token
(krb5_context, spnego_initiator_token *,
diff --git a/src/include/win-mac.h b/src/include/win-mac.h
index 4086487657..85f7a376f6 100644
--- a/src/include/win-mac.h
+++ b/src/include/win-mac.h
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* This file is now only used on Windows
*/
@@ -72,10 +73,10 @@
#ifndef KRB5_SYSTYPES__
#define KRB5_SYSTYPES__
#include <sys/types.h>
-typedef unsigned long u_long; /* Not part of sys/types.h on the pc */
-typedef unsigned int u_int;
-typedef unsigned short u_short;
-typedef unsigned char u_char;
+typedef unsigned long u_long; /* Not part of sys/types.h on the pc */
+typedef unsigned int u_int;
+typedef unsigned short u_short;
+typedef unsigned char u_char;
typedef unsigned int uint32_t;
typedef int int32_t;
#if _INTEGRAL_MAX_BITS >= 64
@@ -87,9 +88,9 @@ typedef __int64 int64_t;
#undef ssize_t
#endif
#ifdef _WIN64
-typedef __int64 ssize_t;
+typedef __int64 ssize_t;
#else
-typedef _W64 int ssize_t;
+typedef _W64 int ssize_t;
#endif
#define SSIZE_T_DEFINED
#endif
@@ -128,7 +129,7 @@ typedef _W64 int ssize_t;
#ifdef CYGNUS
#define KERBEROS_HLP "kerbnet.hlp"
#else
-#define KERBEROS_HLP "krb5clnt.hlp"
+#define KERBEROS_HLP "krb5clnt.hlp"
#endif
#define INI_DEFAULTS "Defaults"
#define INI_USER "User" /* Default user */
@@ -145,12 +146,12 @@ typedef _W64 int ssize_t;
#define INI_KRB_CONF "krb.conf" /* Location of krb.conf file */
#define DEF_KRB_CONF "krb.conf" /* Default name for krb.conf file */
#else
-#define INI_KRB5_CONF "krb5.ini" /* From k5-config.h */
-#define INI_KRB_CONF INI_KRB5_CONF /* Location of krb.conf file */
-#define DEF_KRB_CONF INI_KRB5_CONF /* Default name for krb.conf file */
+#define INI_KRB5_CONF "krb5.ini" /* From k5-config.h */
+#define INI_KRB_CONF INI_KRB5_CONF /* Location of krb.conf file */
+#define DEF_KRB_CONF INI_KRB5_CONF /* Default name for krb.conf file */
#define INI_TICKETOPTS "TicketOptions" /* Ticket options */
#define INI_FORWARDABLE "Forwardable" /* get forwardable tickets */
-#define INI_KRB_CCACHE "krb5cc" /* From k5-config.h */
+#define INI_KRB_CCACHE "krb5cc" /* From k5-config.h */
#endif
#define INI_KRB_REALMS "krb.realms" /* Location of krb.realms file */
#define DEF_KRB_REALMS "krb.realms" /* Default name for krb.realms file */
@@ -207,10 +208,10 @@ typedef _W64 int ssize_t;
HINSTANCE get_lib_instance(void);
-#define GETSOCKNAME_ARG2_TYPE struct sockaddr
-#define GETSOCKNAME_ARG3_TYPE size_t
-#define GETPEERNAME_ARG2_TYPE GETSOCKNAME_ARG2_TYPE
-#define GETPEERNAME_ARG3_TYPE GETSOCKNAME_ARG3_TYPE
+#define GETSOCKNAME_ARG2_TYPE struct sockaddr
+#define GETSOCKNAME_ARG3_TYPE size_t
+#define GETPEERNAME_ARG2_TYPE GETSOCKNAME_ARG2_TYPE
+#define GETPEERNAME_ARG3_TYPE GETSOCKNAME_ARG3_TYPE
#endif /* !RES_ONLY */
generated by cgit (git 2.34.1) at 2024-06-21 22:04:10 +0000