1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
|
/*
* Copyright (c) 2005 Massachusetts Institute of Technology
*
* Permission is hereby granted, free of charge, to any person
* obtaining a copy of this software and associated documentation
* files (the "Software"), to deal in the Software without
* restriction, including without limitation the rights to use, copy,
* modify, merge, publish, distribute, sublicense, and/or sell copies
* of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be
* included in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
* NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
* BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
* ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
* SOFTWARE.
*/
/* $Id$ */
/* Adapted from multiple Leash header files */
#ifndef __KHIMAIRA_KRB5FUNCS_H
#define __KHIMAIRA_KRB5FUNCS_H
#include<stdlib.h>
#include<krb5.h>
#include <windows.h>
#define SECURITY_WIN32
#include <security.h>
#if _WIN32_WINNT < 0x0501
#define KHM_SAVE_WIN32_WINNT _WIN32_WINNT
#undef _WIN32_WINNT
#define _WIN32_WINNT 0x0501
#endif
#include<ntsecapi.h>
#ifdef KHM_SAVE_WIN32_WINNT
#undef _WIN32_WINNT
#define _WIN32_WINNT KHM_SAVE_WIN32_WINNT
#undef KHM_SAVE_WIN32_WINNT
#endif
#include <krb5common.h>
#define LEASH_DEBUG_CLASS_GENERIC 0
#define LEASH_DEBUG_CLASS_KRB4 1
#define LEASH_DEBUG_CLASS_KRB4_APP 2
#define LEASH_PRIORITY_LOW 0
#define LEASH_PRIORITY_HIGH 1
#define KRB5_DEFAULT_LIFE 60*60*10 /* 10 hours */
#define KRB5_MAXCCH_CCNAME 1024
#define KRB5_CONF_YES "yes"
#define KRB5_CONF_NO "no"
typedef struct tag_k5params {
khm_int32 source_reg; /* flags indicating which fields were
retrieved using the registry */
khm_int32 source_prof; /* flags indicating which fields were
retrieved using krb5.ini */
khm_boolean renewable;
khm_boolean forwardable;
khm_boolean proxiable;
khm_boolean addressless;
khm_ui_4 publicIP;
krb5_deltat lifetime;
krb5_deltat lifetime_min;
krb5_deltat lifetime_max;
krb5_deltat renew_life;
krb5_deltat renew_life_min;
krb5_deltat renew_life_max;
} k5_params;
#define K5PARAM_F_RENEW 0x00000001
#define K5PARAM_F_FORW 0x00000002
#define K5PARAM_F_PROX 0x00000004
#define K5PARAM_F_ADDL 0x00000008
#define K5PARAM_F_PUBIP 0x00000010
#define K5PARAM_F_LIFE 0x00000020
#define K5PARAM_F_RLIFE 0x00000040
#define K5PARAM_F_LIFE_L 0x00000080
#define K5PARAM_F_LIFE_H 0x00000100
#define K5PARAM_F_RLIFE_L 0x00000200
#define K5PARAM_F_RLIFE_H 0x00000400
#define K5PARAM_FM_ALL 0x000007ff
#define K5PARAM_FM_PROF 0x0000007f
/* Credential and principal operations */
BOOL
khm_krb5_ms2mit(char * match_princ,
BOOL match_realm,
BOOL save_creds,
khm_handle * ret_ident);
int
khm_krb5_kinit(krb5_context alt_ctx,
char * principal_name,
char * password,
char * ccache,
krb5_deltat lifetime,
DWORD forwardable,
DWORD proxiable,
krb5_deltat renew_life,
DWORD addressless,
DWORD publicIP,
krb5_prompter_fct prompter,
void * p_data,
char ** pp_error_message);
long
khm_krb5_changepwd(char * principal,
char * password,
char * newpassword,
char** error_str);
int
khm_krb5_destroy_by_credset(khm_handle p_cs);
int
khm_krb5_destroy_identity(khm_handle identity);
long
khm_convert524(krb5_context ctx);
int
khm_krb5_renew_cred(khm_handle cred);
int
khm_krb5_renew_ident(khm_handle identity);
long
khm_krb5_list_tickets(krb5_context *krbv5Context);
long
khm_krb5_copy_ccache_by_name(krb5_context in_ctx,
wchar_t * wscc_dest,
wchar_t * wscc_src);
long
khm_krb5_get_temp_ccache(krb5_context ctx,
krb5_ccache * cc);
khm_int32 KHMAPI
khm_krb5_creds_is_equal(khm_handle vcred1, khm_handle vcred2, void * dummy);
/* Configuration */
BOOL
khm_krb5_get_profile_file(LPSTR confname, UINT szConfname);
BOOL
khm_krb5_get_temp_profile_file(LPSTR confname, UINT szConfname);
wchar_t *
khm_krb5_get_default_realm(void);
long
khm_krb5_set_default_realm(wchar_t * realm);
wchar_t *
khm_krb5_get_realm_list(void);
khm_int32
khm_krb5_get_identity_config(khm_handle ident,
khm_int32 flags,
khm_handle * ret_csp);
void
khm_krb5_set_identity_flags(khm_handle identity,
khm_int32 flag_mask,
khm_int32 flag_value);
khm_int32
khm_krb5_get_identity_flags(khm_handle identity);
khm_int32
khm_krb5_set_identity_params(khm_handle ident, const k5_params * p);
khm_int32
khm_krb5_get_identity_params(khm_handle ident, k5_params * p);
khm_int32
khm_krb5_get_identity_default_ccache(khm_handle ident, wchar_t * buf, khm_size * pcb);
khm_int32
khm_krb5_get_identity_default_ccacheA(khm_handle ident, char * buf, khm_size * pcb);
/* Utility */
wchar_t *
khm_get_realm_from_princ(wchar_t * princ);
long
khm_krb5_canon_cc_name(wchar_t * wcc_name,
size_t cb_cc_name);
int
khm_krb5_cc_name_cmp(const wchar_t * cc_name_1,
const wchar_t * cc_name_2);
int
khm_krb5_parse_boolean(const char *s, khm_boolean * b);
#endif
|
