* Initial commit of C CCAPI implementation

ticket: 2753

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16840 dc483132-0cff-0310-8789-dd5450dbe970

6 files changed, 1547 insertions, 0 deletions

diff --git a/src/lib/ccapi/include/ChangeLog b/src/lib/ccapi/include/ChangeLog
new file mode 100644
index 000000000..aaa59da72
--- /dev/null
+++ b/src/lib/ccapi/include/ChangeLog
@@ -0,0 +1,4 @@
+2004-10-27   Jeffrey Altman  <jaltman@mit.edu>
+
+ * Initial commit of C CCAPI implementation
+
diff --git a/src/lib/ccapi/include/CredentialsCache.h b/src/lib/ccapi/include/CredentialsCache.h
new file mode 100644
index 000000000..dd60fa46d
--- /dev/null
+++ b/src/lib/ccapi/include/CredentialsCache.h
@@ -0,0 +1,567 @@
+/* $Copyright:
+ *
+ * Copyright 1998-2004 by the Massachusetts Institute of Technology.
+ * 
+ * All rights reserved.
+ * 
+ * Export of this software from the United States of America may require a
+ * specific license from the United States Government.  It is the
+ * responsibility of any person or organization contemplating export to
+ * obtain such a license before exporting.
+ * 
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and distribute
+ * this software and its documentation for any purpose and without fee is
+ * hereby granted, provided that the above copyright notice appear in all
+ * copies and that both that copyright notice and this permission notice
+ * appear in supporting documentation, and that the name of M.I.T. not be
+ * used in advertising or publicity pertaining to distribution of the
+ * software without specific, written prior permission.  Furthermore if you
+ * modify this software you must label your software as modified software
+ * and not distribute it in such a fashion that it might be confused with
+ * the original MIT software. M.I.T. makes no representations about the
+ * suitability of this software for any purpose.  It is provided "as is"
+ * without express or implied warranty.
+ * 
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ * 
+ * Individual source code files are copyright MIT, Cygnus Support,
+ * OpenVision, Oracle, Sun Soft, FundsXpress, and others.
+ * 
+ * Project Athena, Athena, Athena MUSE, Discuss, Hesiod, Kerberos, Moira,
+ * and Zephyr are trademarks of the Massachusetts Institute of Technology
+ * (MIT).  No commercial use of these trademarks may be made without prior
+ * written permission of MIT.
+ * 
+ * "Commercial use" means use of a name in a product or other for-profit
+ * manner.  It does NOT prevent a commercial firm from referring to the MIT
+ * trademarks in order to convey information (although in doing so,
+ * recognition of their trademark status should be given).
+ * $
+ */
+
+/* $Header$ */
+
+/*
+ * Declarations for Credentials Cache API Library
+ *
+ * API specification: <http://web.mit.edu/pismere/kerberos/ccache-api-v2.html>
+ *
+ *	Revision 1: Frank Dabek, 6/4/1998
+ *	Revision 2: meeroh, 2/24/1999
+ *      Revision 3: meeroh, 11/12/1999
+ *      Revision 4: jaltman, 10/27/2004
+ *
+ */
+ 
+#ifndef __CREDENTIALSCACHE__
+#define __CREDENTIALSCACHE__
+
+#if defined(macintosh) || (defined(__MACH__) && defined(__APPLE__))
+	#include <TargetConditionals.h>
+    #if TARGET_RT_MAC_CFM
+        #error "Use KfM 4.0 SDK headers for CFM compilation."
+    #endif
+#endif
+
+#if TARGET_OS_MAC
+    #include <sys/types.h>
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif /* __cplusplus */
+
+#if TARGET_OS_MAC
+    #if defined(__MWERKS__)
+        #pragma import on
+        #pragma enumsalwaysint on
+    #endif
+    #pragma options align=mac68k
+#endif
+
+#include <time.h>
+
+/*
+ * Constants
+ */
+ 
+/* API versions */
+enum {
+    ccapi_version_2 = 2,
+    ccapi_version_3 = 3,
+    ccapi_version_4 = 4,
+    ccapi_version_5 = 5
+};
+ 
+/* Errors */
+enum {
+    ccNoError							= 0,
+
+    ccIteratorEnd						= 201,
+    ccErrBadParam,
+    ccErrNoMem,
+    ccErrInvalidContext,
+    ccErrInvalidCCache,
+
+    ccErrInvalidString,					/* 206 */
+    ccErrInvalidCredentials,
+    ccErrInvalidCCacheIterator,
+    ccErrInvalidCredentialsIterator,
+    ccErrInvalidLock,
+
+    ccErrBadName,						/* 211 */
+    ccErrBadCredentialsVersion,
+    ccErrBadAPIVersion,
+    ccErrContextLocked,
+    ccErrContextUnlocked,
+
+    ccErrCCacheLocked,					/* 216 */
+    ccErrCCacheUnlocked,
+    ccErrBadLockType,
+    ccErrNeverDefault,
+    ccErrCredentialsNotFound,
+
+    ccErrCCacheNotFound,					/* 221 */
+    ccErrContextNotFound,
+    ccErrServerUnavailable,
+    ccErrServerInsecure,
+    ccErrServerCantBecomeUID,
+    
+    ccErrTimeOffsetNotSet,				/* 226 */
+    ccErrBadInternalMessage,
+    ccErrNotImplemented
+};
+
+/* Credentials versions */
+enum {
+    cc_credentials_v4 = 1,
+    cc_credentials_v5 = 2,
+    cc_credentials_v4_v5 = 3
+};
+
+/* Lock types */
+enum {
+    cc_lock_read = 1,
+    cc_lock_write = 2
+};
+
+/* Locking Modes */
+enum {
+    cc_lock_noblock = 0,
+    cc_lock_block = 1
+};
+
+/*
+ * Basic types
+ */
+ 
+typedef char           cc_int8;
+typedef unsigned char  cc_uint8;
+typedef int            cc_int32;
+typedef unsigned int   cc_uint32;
+typedef time_t         cc_time_t;
+typedef void *         cc_handle;
+
+/*
+ * API types
+ */
+ 
+/* Forward declarations */
+struct cc_context_f;
+typedef struct cc_context_f cc_context_f;
+
+struct cc_ccache_f;
+typedef struct cc_ccache_f cc_ccache_f;
+
+struct cc_ccache_iterator_f;
+typedef struct cc_ccache_iterator_f cc_ccache_iterator_f;
+
+struct cc_ccache_iterator_f;
+typedef struct cc_credentials_iterator_f cc_credentials_iterator_f;
+
+struct cc_string_f;
+typedef struct cc_string_f cc_string_f;
+
+struct cc_credentials_f;
+typedef struct cc_credentials_f cc_credentials_f;
+
+/* Credentials types */
+
+enum {	/* Make sure all of these are multiples of four (for alignment sanity) */
+    cc_v4_name_size		= 40,
+    cc_v4_instance_size	= 40,
+    cc_v4_realm_size	= 40,
+    cc_v4_ticket_size	= 1254
+};
+
+enum cc_string_to_key_type {
+    cc_v4_stk_afs = 0,
+    cc_v4_stk_des = 1,
+    cc_v4_stk_columbia_special = 2,
+    cc_v4_stk_krb5 = 3,
+    cc_v4_stk_unknown = 4
+};
+
+struct cc_credentials_v4_t {
+    cc_uint32			version;
+    char			principal [cc_v4_name_size];
+    char			principal_instance [cc_v4_instance_size];
+    char			service [cc_v4_name_size];
+    char			service_instance [cc_v4_instance_size];
+    char			realm [cc_v4_realm_size];
+    unsigned char		session_key [8];
+    cc_int32			kvno;
+    cc_int32			string_to_key_type;
+    cc_time_t			issue_date;
+    cc_int32			lifetime;
+    cc_uint32			address;
+    cc_int32			ticket_size;
+    unsigned char		ticket [cc_v4_ticket_size];
+};      
+typedef struct cc_credentials_v4_t cc_credentials_v4_t;
+
+struct cc_data {
+    cc_uint32			type;
+    cc_uint32			length;
+    void*			data;
+};      
+typedef struct cc_data cc_data;
+
+struct cc_credentials_v5_t {
+    char*			client;
+    char*			server;
+    cc_data			keyblock;
+    cc_time_t			authtime;
+    cc_time_t			starttime;
+    cc_time_t			endtime;
+    cc_time_t			renew_till;
+    cc_uint32			is_skey;
+    cc_uint32			ticket_flags;
+    cc_data**			addresses;
+    cc_data			ticket;
+    cc_data			second_ticket;
+    cc_data**			authdata;
+};      
+typedef struct cc_credentials_v5_t cc_credentials_v5_t;
+
+struct cc_credentials_union {
+    cc_int32			version;
+    union {
+        cc_credentials_v4_t*	credentials_v4;
+        cc_credentials_v5_t*	credentials_v5;
+    }				credentials;
+};
+typedef struct cc_credentials_union cc_credentials_union;
+
+/* Exposed parts */
+
+struct cc_context_d {
+    const cc_context_f*	functions;
+#if TARGET_OS_MAC
+    const cc_context_f*	otherFunctions;
+#endif
+};
+typedef struct cc_context_d cc_context_d;
+typedef cc_context_d*	cc_context_t;
+
+struct cc_ccache_d {
+    const cc_ccache_f*	functions;
+#if TARGET_OS_MAC
+    const cc_ccache_f*	otherFunctions;
+#endif
+};
+typedef struct cc_ccache_d cc_ccache_d;
+typedef cc_ccache_d*	cc_ccache_t;
+
+struct cc_ccache_iterator_d {
+    const cc_ccache_iterator_f*	functions;
+#if TARGET_OS_MAC
+    const cc_ccache_iterator_f*	otherFunctions;
+#endif
+};
+typedef struct cc_ccache_iterator_d cc_ccache_iterator_d;
+typedef cc_ccache_iterator_d*	cc_ccache_iterator_t;
+
+struct cc_credentials_iterator_d {
+    const cc_credentials_iterator_f*	functions;
+#if TARGET_OS_MAC
+    const cc_credentials_iterator_f*	otherFunctions;
+#endif
+};
+typedef struct cc_credentials_iterator_d cc_credentials_iterator_d;
+typedef cc_credentials_iterator_d*	cc_credentials_iterator_t;
+
+struct cc_string_d {
+    const char*			data;
+    const cc_string_f*	functions;
+#if TARGET_OS_MAC
+    const cc_string_f*	otherFunctions;
+#endif
+};
+typedef struct cc_string_d cc_string_d;
+typedef cc_string_d*	cc_string_t;
+
+struct cc_credentials_d {
+    const cc_credentials_union* data;
+    const cc_credentials_f* functions;
+#if TARGET_OS_MAC
+    const cc_credentials_f*	otherFunctions;
+#endif
+};
+typedef struct cc_credentials_d cc_credentials_d;
+typedef cc_credentials_d* cc_credentials_t;
+
+/* Function pointer structs */
+
+struct  cc_context_f {
+    cc_int32    (*release) (
+                                cc_context_t context);
+    cc_int32    (*get_change_time) (
+                                cc_context_t context,
+                                cc_time_t* time);
+    cc_int32    (*get_default_ccache_name) (
+                                cc_context_t context,
+                                cc_string_t* name);
+    cc_int32    (*open_ccache) (
+                                cc_context_t context,
+                                const char* name,
+                                cc_ccache_t* ccache);
+    cc_int32    (*open_default_ccache) (
+                                cc_context_t context,
+                                cc_ccache_t* ccache);
+    cc_int32    (*create_ccache) (
+                                cc_context_t context,
+                                const char* name,
+                                cc_uint32 cred_vers,
+                                const char* principal, 
+                                cc_ccache_t* ccache);
+    cc_int32    (*create_default_ccache) (
+                                cc_context_t context,
+                                cc_uint32 cred_vers,
+                                const char* principal, 
+                                cc_ccache_t* ccache);
+    cc_int32    (*create_new_ccache) (
+                                cc_context_t context,
+                                cc_uint32 cred_vers,
+                                const char* principal, 
+                                cc_ccache_t* ccache);
+    cc_int32    (*new_ccache_iterator) (
+                                cc_context_t context,
+                                cc_ccache_iterator_t* iterator);
+    cc_int32    (*lock) (
+                                cc_context_t context,
+                                cc_uint32 lock_type,
+                                cc_uint32 block);
+    cc_int32    (*unlock) (
+                                cc_context_t context);
+    cc_int32    (*compare) (
+                                cc_context_t context,
+                                cc_context_t compare_to,
+                                cc_uint32* equal);
+};
+
+struct cc_ccache_f {
+    cc_int32    (*release) (
+                                 cc_ccache_t ccache);
+    cc_int32    (*destroy) (
+                                 cc_ccache_t ccache);
+    cc_int32    (*set_default) (
+                                 cc_ccache_t ccache);
+    cc_int32    (*get_credentials_version) (
+                                 cc_ccache_t ccache,
+                                 cc_uint32* credentials_version);
+    cc_int32    (*get_name) (
+                                 cc_ccache_t ccache,
+                                 cc_string_t* name);
+    cc_int32    (*get_principal) (
+                                 cc_ccache_t ccache,
+                                 cc_uint32 credentials_version,
+                                 cc_string_t* principal);
+    cc_int32    (*set_principal) (
+                                 cc_ccache_t ccache,
+                                 cc_uint32 credentials_version,
+                                 const char* principal);
+    cc_int32    (*store_credentials) (
+                                 cc_ccache_t ccache,
+                                 const cc_credentials_union* credentials);
+    cc_int32    (*remove_credentials) (
+                                 cc_ccache_t ccache,
+                                 cc_credentials_t credentials);
+    cc_int32    (*new_credentials_iterator) (
+                                 cc_ccache_t ccache,
+                                 cc_credentials_iterator_t* iterator);
+    cc_int32    (*move) (
+                                 cc_ccache_t source,
+                                 cc_ccache_t destination);
+    cc_int32    (*lock) (
+                                 cc_ccache_t ccache,
+                                 cc_uint32 block,
+                                 cc_uint32 lock_type);
+    cc_int32    (*unlock) (
+                                 cc_ccache_t ccache);
+    cc_int32    (*get_last_default_time) (
+                                 cc_ccache_t ccache,
+                                 cc_time_t* time);
+    cc_int32    (*get_change_time) (
+                                 cc_ccache_t ccache,
+                                 cc_time_t* time);
+    cc_int32    (*compare) (
+                                cc_ccache_t ccache,
+                                cc_ccache_t compare_to,
+                                cc_uint32* equal);
+    cc_int32	(*get_kdc_time_offset) (
+                                cc_ccache_t ccache,
+                                cc_int32	credentials_version,
+                                cc_time_t*	time_offset);
+    cc_int32	(*set_kdc_time_offset) (
+                                cc_ccache_t ccache,
+                                cc_int32	credentials_version,
+                                cc_time_t	time_offset);
+                                
+    cc_int32	(*clear_kdc_time_offset) (
+                                cc_ccache_t	ccache,
+                                cc_int32	credentials_version);
+};
+
+struct cc_string_f {
+    cc_int32	(*release) (
+                                cc_string_t string);
+};
+
+struct cc_credentials_f {
+    cc_int32	(*release) (
+                                cc_credentials_t credentials);
+    cc_int32    (*compare) (
+                                cc_credentials_t credentials,
+                                cc_credentials_t compare_to,
+                                cc_uint32* equal);
+};
+
+			   
+struct cc_ccache_iterator_f {
+    cc_int32    (*release) (
+                                 cc_ccache_iterator_t iter);
+    cc_int32    (*next) (
+                                 cc_ccache_iterator_t iter,
+                                 cc_ccache_t* ccache);
+};
+
+struct cc_credentials_iterator_f {
+    cc_int32    (*release) (
+                                 cc_credentials_iterator_t iter);
+    cc_int32    (*next) (
+                                 cc_credentials_iterator_t iter,
+                                 cc_credentials_t* ccache);
+};
+
+/*
+ * API functions
+ */
+ 
+cc_int32 cc_initialize (
+	cc_context_t*		outContext,
+	cc_int32			inVersion,
+	cc_int32*			outSupportedVersion,
+	char const**		outVendor);
+	
+/*
+ * Convenience macros
+ */
+ 
+#define		cc_context_release(context)												\
+			((context) -> functions -> release (context))
+#define		cc_context_get_change_time(context, time)								\
+			((context) -> functions -> get_change_time (context, time))
+#define		cc_context_get_default_ccache_name(context, name)						\
+			((context) -> functions -> get_default_ccache_name (context, name))
+#define		cc_context_open_ccache(context, name, ccache)							\
+			((context) -> functions -> open_ccache (context, name, ccache))
+#define		cc_context_open_default_ccache(context, ccache)							\
+			((context) -> functions -> open_default_ccache (context, ccache))
+#define		cc_context_create_ccache(context, name, version, principal, ccache)		\
+			((context) -> functions -> create_ccache (context, name, version, principal, ccache))
+#define		cc_context_create_default_ccache(context, version, principal, ccache)	\
+			((context) -> functions -> create_default_ccache (context, version, principal, ccache))
+#define		cc_context_create_new_ccache(context, version, principal, ccache)		\
+			((context) -> functions -> create_new_ccache (context, version, principal, ccache))
+#define		cc_context_new_ccache_iterator(context, iterator)						\
+			((context) -> functions -> new_ccache_iterator (context, iterator))
+#define		cc_context_lock(context, type, lock)									\
+			((context) -> functions -> lock (context, type, lock))
+#define		cc_context_unlock(context)												\
+			((context) -> functions -> unlock (context))
+#define		cc_context_compare(context, compare_to, equal)							\
+			((context) -> functions -> compare (context, compare_to, equal))
+
+#define		cc_ccache_release(ccache)												\
+			((ccache) -> functions -> release (ccache))
+#define		cc_ccache_destroy(ccache)												\
+			((ccache) -> functions -> destroy (ccache))
+#define		cc_ccache_set_default(ccache)											\
+			((ccache) -> functions -> set_default (ccache))
+#define		cc_ccache_get_credentials_version(ccache, version)						\
+			((ccache) -> functions -> get_credentials_version (ccache, version))
+#define		cc_ccache_get_name(ccache, name)										\
+			((ccache) -> functions -> get_name (ccache, name))
+#define		cc_ccache_get_principal(ccache, version, principal)						\
+			((ccache) -> functions -> get_principal (ccache, version, principal))
+#define		cc_ccache_set_principal(ccache, version, principal)						\
+			((ccache) -> functions -> set_principal (ccache, version, principal))
+#define		cc_ccache_store_credentials(ccache, credentials)						\
+			((ccache) -> functions -> store_credentials (ccache, credentials))
+#define		cc_ccache_remove_credentials(ccache, credentials)						\
+			((ccache) -> functions -> remove_credentials (ccache, credentials))
+#define		cc_ccache_new_credentials_iterator(ccache, iterator)					\
+			((ccache) -> functions -> new_credentials_iterator (ccache, iterator))
+#define		cc_ccache_lock(ccache, lock)											\
+			((ccache) -> functions -> lock (ccache, lock))
+#define		cc_ccache_unlock(ccache, unlock)										\
+			((ccache) -> functions -> unlock (ccache, unlock))
+#define		cc_ccache_get_last_default_time(ccache, time)							\
+			((ccache) -> functions -> get_last_default_time (ccache, time))
+#define		cc_ccache_get_change_time(ccache, time)									\
+			((ccache) -> functions -> get_change_time (ccache, time))
+#define		cc_ccache_move(source, destination)										\
+			((source) -> functions -> move (source, destination))
+#define		cc_ccache_compare(ccache, compare_to, equal)							\
+			((ccache) -> functions -> compare (ccache, compare_to, equal))
+#define		cc_ccache_get_kdc_time_offset(ccache, version, time)					\
+            ((ccache) -> functions -> get_kdc_time_offset (version, time))
+#define		cc_ccache_set_kdc_time_offset(ccache, version, time)					\
+            ((ccache) -> functions -> set_kdc_time_offset (version, time))
+#define		cc_ccache_clear_kdc_time_offset(ccache, version)						\
+            ((ccache) -> functions -> clear_kdc_time_offset (version))
+
+#define		cc_string_release(string)												\
+			((string) -> functions -> release (string))
+
+#define		cc_credentials_release(credentials)										\
+			((credentials) -> functions -> release (credentials))
+#define		cc_credentials_compare(credentials, compare_to, equal)					\
+			((credentials) -> functions -> compare (credentials, compare_to, equal))
+
+#define		cc_ccache_iterator_release(iterator)									\
+			((iterator) -> functions -> release (iterator))
+#define		cc_ccache_iterator_next(iterator, ccache)								\
+			((iterator) -> functions -> next (iterator, ccache))
+	
+#define		cc_credentials_iterator_release(iterator)								\
+			((iterator) -> functions -> release (iterator))
+#define		cc_credentials_iterator_next(iterator, credentials)						\
+			((iterator) -> functions -> next (iterator, credentials))
+			
+#if TARGET_OS_MAC
+    #if defined(__MWERKS__)
+        #pragma enumsalwaysint reset
+        #pragma import reset
+    #endif
+	#pragma options align=reset
+#endif
+
+#ifdef __cplusplus
+}
+#endif /* __cplusplus */
+
+#endif /* __CREDENTIALSCACHE__ */
diff --git a/src/lib/ccapi/include/CredentialsCache2.h b/src/lib/ccapi/include/CredentialsCache2.h
new file mode 100644
index 000000000..401e093f4
--- /dev/null
+++ b/src/lib/ccapi/include/CredentialsCache2.h
@@ -0,0 +1,308 @@
+/* $Copyright:
+ *
+ * Copyright 1998-2004 by the Massachusetts Institute of Technology.
+ * 
+ * All rights reserved.
+ * 
+ * Export of this software from the United States of America may require a
+ * specific license from the United States Government.  It is the
+ * responsibility of any person or organization contemplating export to
+ * obtain such a license before exporting.
+ * 
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and distribute
+ * this software and its documentation for any purpose and without fee is
+ * hereby granted, provided that the above copyright notice appear in all
+ * copies and that both that copyright notice and this permission notice
+ * appear in supporting documentation, and that the name of M.I.T. not be
+ * used in advertising or publicity pertaining to distribution of the
+ * software without specific, written prior permission.  Furthermore if you
+ * modify this software you must label your software as modified software
+ * and not distribute it in such a fashion that it might be confused with
+ * the original MIT software. M.I.T. makes no representations about the
+ * suitability of this software for any purpose.  It is provided "as is"
+ * without express or implied warranty.
+ * 
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ * 
+ * Individual source code files are copyright MIT, Cygnus Support,
+ * OpenVision, Oracle, Sun Soft, FundsXpress, and others.
+ * 
+ * Project Athena, Athena, Athena MUSE, Discuss, Hesiod, Kerberos, Moira,
+ * and Zephyr are trademarks of the Massachusetts Institute of Technology
+ * (MIT).  No commercial use of these trademarks may be made without prior
+ * written permission of MIT.
+ * 
+ * "Commercial use" means use of a name in a product or other for-profit
+ * manner.  It does NOT prevent a commercial firm from referring to the MIT
+ * trademarks in order to convey information (although in doing so,
+ * recognition of their trademark status should be given).
+ * $
+ */
+/*
+ * This is backwards compatibility for CCache API v2 clients to be able to run 
+ * against the CCache API v3 library
+ */
+ 
+#ifndef __CREDENTIALSCACHE2__
+#define __CREDENTIALSCACHE2__
+ 
+#include <Kerberos/CredentialsCache.h>
+#if defined(macintosh) || (defined(__MACH__) && defined(__APPLE__))
+	#include <TargetConditionals.h>
+    #if TARGET_RT_MAC_CFM
+        #error "Use KfM 4.0 SDK headers for CFM compilation."
+    #endif
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif /* __cplusplus */
+
+#if TARGET_OS_MAC
+    #if defined(__MWERKS__)
+        #pragma import on
+        #pragma enumsalwaysint on
+    #endif
+    #pragma options align=mac68k
+#endif
+
+/* Some old types get directly mapped to new types */
+
+typedef cc_context_d apiCB;
+typedef cc_ccache_d ccache_p;
+typedef cc_credentials_iterator_d ccache_cit_creds;
+typedef cc_ccache_iterator_d ccache_cit_ccache;
+typedef cc_data cc_data_compat;
+typedef cc_int32 cc_cred_vers;
+typedef cc_int32 cc_result;
+
+/* This doesn't exist in API v3 */
+typedef cc_uint32 cc_flags;
+
+/* Credentials types are visible to the caller so we have to keep binary compatibility */
+
+typedef struct cc_credentials_v5_compat {
+    char*			client;
+    char*			server;
+    cc_data_compat		keyblock;
+    cc_time_t			authtime;
+    cc_time_t			starttime;
+    cc_time_t			endtime;
+    cc_time_t			renew_till;
+    cc_uint32			is_skey;
+    cc_uint32			ticket_flags;
+    cc_data_compat**	        addresses;
+    cc_data_compat		ticket;
+    cc_data_compat		second_ticket;
+    cc_data_compat**	        authdata;
+} cc_credentials_v5_compat;
+ 
+enum {
+    MAX_V4_CRED_LEN = 1250
+};
+ 
+enum {
+    KRB_NAME_SZ = 40,
+    KRB_INSTANCE_SZ = 40,
+    KRB_REALM_SZ = 40
+};
+ 
+typedef struct cc_credentials_v4_compat {
+    unsigned char	kversion;
+    char		principal[KRB_NAME_SZ+1];
+    char		principal_instance[KRB_INSTANCE_SZ+1];
+    char		service[KRB_NAME_SZ+1];
+    char		service_instance[KRB_INSTANCE_SZ+1];
+    char		realm[KRB_REALM_SZ+1];
+    unsigned char	session_key[8];
+    cc_int32		kvno;
+    cc_int32		str_to_key;
+    long		issue_date;
+    cc_int32		lifetime;
+    cc_uint32		address;
+    cc_int32		ticket_sz;
+    unsigned char	ticket[MAX_V4_CRED_LEN];
+    unsigned long	oops;
+} cc_credentials_v4_compat;
+
+typedef union cred_ptr_union_compat {
+    cc_credentials_v4_compat*	pV4Cred;
+    cc_credentials_v5_compat*	pV5Cred;
+} cred_ptr_union_compat;
+ 
+typedef struct cred_union {
+    cc_int32				cred_type;  // cc_cred_vers
+    cred_ptr_union_compat	cred;
+} cred_union;
+
+/* NC info structure is gone in v3 */
+
+struct infoNC {
+    char*	name;
+    char*	principal;
+    cc_int32	vers;
+};
+
+typedef struct infoNC infoNC;
+
+/* Some old type names */
+
+typedef cc_credentials_v4_compat V4Cred_type;
+typedef cc_credentials_v5_compat cc_creds;
+struct ccache_cit;
+typedef struct ccache_cit ccache_cit;
+
+enum {
+    CC_API_VER_2 = ccapi_version_2
+};
+
+enum {
+    CC_NOERROR,
+    CC_BADNAME,
+    CC_NOTFOUND,
+    CC_END,
+    CC_IO,
+    CC_WRITE,
+    CC_NOMEM,
+    CC_FORMAT,
+    CC_LOCKED,
+    CC_BAD_API_VERSION,
+    CC_NO_EXIST,
+    CC_NOT_SUPP,
+    CC_BAD_PARM,
+    CC_ERR_CACHE_ATTACH,
+    CC_ERR_CACHE_RELEASE,
+    CC_ERR_CACHE_FULL,
+    CC_ERR_CRED_VERSION
+};      
+
+enum {
+    CC_CRED_UNKNOWN,
+    CC_CRED_V4,
+    CC_CRED_V5,
+    CC_CRED_MAX
+};
+
+cc_int32 cc_shutdown (
+        apiCB**				ioContext);
+	
+cc_int32 cc_get_NC_info (
+	apiCB*				inContext,
+	infoNC***			outInfo);
+	
+cc_int32 cc_get_change_time (
+	apiCB*				inContext,
+	cc_time_t*			outTime);
+	
+cc_int32 cc_open (
+	apiCB*				inContext,
+	const char*			inName,
+	cc_int32			inVersion,
+	cc_uint32			inFlags,
+	ccache_p**			outCCache);
+	
+cc_int32 cc_create (
+	apiCB*				inContext,
+	const char*			inName,
+	const char*			inPrincipal,
+	cc_int32			inVersion,
+	cc_uint32			inFlags,
+	ccache_p**			outCCache);
+	
+cc_int32 cc_close (
+	apiCB*				inContext,
+	ccache_p**			ioCCache);
+	
+cc_int32 cc_destroy (
+	apiCB*				inContext,
+	ccache_p**			ioCCache);
+	
+cc_int32 cc_seq_fetch_NCs_begin (
+	apiCB*				inContext,
+	ccache_cit**		outIterator);
+
+cc_int32 cc_seq_fetch_NCs_next (
+	apiCB*				inContext,
+	ccache_p**			outCCache,
+	ccache_cit*			inIterator);
+
+cc_int32 cc_seq_fetch_NCs_end (
+	apiCB*				inContext,
+	ccache_cit**		ioIterator);
+
+cc_int32 cc_get_name (
+	apiCB*				inContext,
+	ccache_p*			inCCache,
+	char**				outName);
+	
+cc_int32 cc_get_cred_version (
+	apiCB*				inContext,
+	ccache_p*			inCCache,
+	cc_int32*			outVersion);
+	
+cc_int32 cc_set_principal (
+	apiCB*				inContext,
+	ccache_p*			inCCache,
+	cc_int32			inVersion,
+	char*				inPrincipal);
+	
+cc_int32 cc_get_principal (
+	apiCB*				inContext,
+	ccache_p*			inCCache,
+	char**				outPrincipal);
+	
+cc_int32 cc_store (
+	apiCB*				inContext,
+	ccache_p*			inCCache,
+	cred_union			inCredentials);
+
+cc_int32 cc_remove_cred (
+	apiCB*				inContext,
+	ccache_p*			inCCache,
+	cred_union			inCredentials);
+
+cc_int32 cc_seq_fetch_creds_begin (
+	apiCB*				inContext,
+	const ccache_p*		inCCache,
+	ccache_cit**		outIterator);
+
+cc_int32 cc_seq_fetch_creds_next (
+	apiCB*				inContext,
+	cred_union**		outCreds,
+	ccache_cit*			inIterator);
+	
+cc_int32 cc_seq_fetch_creds_end (
+	apiCB*				inContext,
+	ccache_cit**		ioIterator);
+	
+cc_int32 cc_free_principal (
+	apiCB*				inContext,
+	char**				ioPrincipal);
+
+cc_int32 cc_free_name (
+	apiCB*				inContext,
+	char**				ioName);
+
+cc_int32 cc_free_creds (
+	apiCB*				inContext,
+	cred_union**		creds);
+
+cc_int32 cc_free_NC_info (
+	apiCB*				inContext,
+	infoNC***			ioInfo);
+	
+#if TARGET_OS_MAC
+    #if defined(__MWERKS__)
+        #pragma enumsalwaysint reset
+        #pragma import reset
+    #endif
+	#pragma options align=reset
+#endif
+
+#ifdef __cplusplus
+}
+#endif /* __cplusplus */
+
+#endif /* __CREDENTIALSCACHE2__ */
\ No newline at end of file
diff --git a/src/lib/ccapi/include/marshall.h b/src/lib/ccapi/include/marshall.h
new file mode 100644
index 000000000..19b9463b0
--- /dev/null
+++ b/src/lib/ccapi/include/marshall.h
@@ -0,0 +1,93 @@
+/* $Copyright:
+ *
+ * Copyright 2004 by the Massachusetts Institute of Technology.
+ * 
+ * All rights reserved.
+ * 
+ * Export of this software from the United States of America may require a
+ * specific license from the United States Government.  It is the
+ * responsibility of any person or organization contemplating export to
+ * obtain such a license before exporting.
+ * 
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and distribute
+ * this software and its documentation for any purpose and without fee is
+ * hereby granted, provided that the above copyright notice appear in all
+ * copies and that both that copyright notice and this permission notice
+ * appear in supporting documentation, and that the name of M.I.T. not be
+ * used in advertising or publicity pertaining to distribution of the
+ * software without specific, written prior permission.  Furthermore if you
+ * modify this software you must label your software as modified software
+ * and not distribute it in such a fashion that it might be confused with
+ * the original MIT software. M.I.T. makes no representations about the
+ * suitability of this software for any purpose.  It is provided "as is"
+ * without express or implied warranty.
+ * 
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ * 
+ * Individual source code files are copyright MIT, Cygnus Support,
+ * OpenVision, Oracle, Sun Soft, FundsXpress, and others.
+ * 
+ * Project Athena, Athena, Athena MUSE, Discuss, Hesiod, Kerberos, Moira,
+ * and Zephyr are trademarks of the Massachusetts Institute of Technology
+ * (MIT).  No commercial use of these trademarks may be made without prior
+ * written permission of MIT.
+ * 
+ * "Commercial use" means use of a name in a product or other for-profit
+ * manner.  It does NOT prevent a commercial firm from referring to the MIT
+ * trademarks in order to convey information (although in doing so,
+ * recognition of their trademark status should be given).
+ * $
+ */
+
+#define FLAT_CREDS_V5_VERSION   1
+struct cc_flat_data {
+    cc_uint32                   type;
+    cc_uint32                   length;
+    cc_uint32                   data;
+};
+typedef struct cc_flat_data cc_flat_data;
+
+struct cci_flat_creds_v5 {
+    cc_uint32                   version;        /* version of this structure */
+    cc_flat_data                client;
+    cc_flat_data                server;
+    cc_flat_data		keyblock;
+    cc_time_t			authtime;
+    cc_time_t			starttime;
+    cc_time_t			endtime;
+    cc_time_t			renew_till;
+    cc_uint32			is_skey;
+    cc_uint32			ticket_flags;
+    cc_uint32                   address_count;
+    cc_uint32                   addresses; /* offset to array */
+    cc_flat_data		ticket;
+    cc_flat_data		second_ticket;
+    cc_uint32                   authdata_count;
+    cc_uint32 			authdata;  /* offset to array */
+};
+
+cc_int32
+cci_creds_v4_marshall( cc_credentials_v4_t * creds, 
+                       char ** flat, 
+                       cc_uint32 * len);
+
+cc_int32
+cci_creds_v4_unmarshall( char * flat, 
+                         cc_uint32 len,
+                         cc_credentials_union * creds);
+
+cc_int32
+cci_creds_v5_marshall( cc_credentials_v5_t * creds, 
+                       char ** pflat, 
+                       cc_uint32 * plen);
+
+cc_int32
+cci_creds_v5_unmarshall( char * flat, 
+                         cc_uint32 len,
+                         cc_credentials_union * creds_union);
+
+
+
+
diff --git a/src/lib/ccapi/include/msg.h b/src/lib/ccapi/include/msg.h
new file mode 100644
index 000000000..0d712d666
--- /dev/null
+++ b/src/lib/ccapi/include/msg.h
@@ -0,0 +1,146 @@
+/* $Copyright:
+ *
+ * Copyright 2004 by the Massachusetts Institute of Technology.
+ * 
+ * All rights reserved.
+ * 
+ * Export of this software from the United States of America may require a
+ * specific license from the United States Government.  It is the
+ * responsibility of any person or organization contemplating export to
+ * obtain such a license before exporting.
+ * 
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and distribute
+ * this software and its documentation for any purpose and without fee is
+ * hereby granted, provided that the above copyright notice appear in all
+ * copies and that both that copyright notice and this permission notice
+ * appear in supporting documentation, and that the name of M.I.T. not be
+ * used in advertising or publicity pertaining to distribution of the
+ * software without specific, written prior permission.  Furthermore if you
+ * modify this software you must label your software as modified software
+ * and not distribute it in such a fashion that it might be confused with
+ * the original MIT software. M.I.T. makes no representations about the
+ * suitability of this software for any purpose.  It is provided "as is"
+ * without express or implied warranty.
+ * 
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ * 
+ * Individual source code files are copyright MIT, Cygnus Support,
+ * OpenVision, Oracle, Sun Soft, FundsXpress, and others.
+ * 
+ * Project Athena, Athena, Athena MUSE, Discuss, Hesiod, Kerberos, Moira,
+ * and Zephyr are trademarks of the Massachusetts Institute of Technology
+ * (MIT).  No commercial use of these trademarks may be made without prior
+ * written permission of MIT.
+ * 
+ * "Commercial use" means use of a name in a product or other for-profit
+ * manner.  It does NOT prevent a commercial firm from referring to the MIT
+ * trademarks in order to convey information (although in doing so,
+ * recognition of their trademark status should be given).
+ * $
+ */
+
+/*
+ * Verifiable, extensible message format.
+ *
+ * Format:
+ * <size of header block (header_len)>
+ * <size of *entire* message, including previous field (flat_len)>
+ * <message type (type)>
+ * <type specific header (header)>
+ * <magic number (magic)>
+ * <data blob 1 length>
+ * <data blob 1>
+ * <data blob 2 length>
+ * <data blob 2>
+ * ...
+ * <magic number (magic)>
+ *
+ * If the header has variable length data it is included in the data blobs. 
+ * The header field has the offset from the beginning of the message of the 1st 
+ * byte of the data and the length of the data.
+ *
+ */
+
+#ifndef __CC_MSG_H__
+#define __CC_MSG_H__
+
+#include "CredentialsCache.h"
+
+struct  cc_msg_t {
+    cc_uint32 type;			/*type of message*/
+    cc_uint8 *flat;			/*flattened representation of this message*/
+    cc_uint8 *header;			/*fixed length header determined by message type*/
+    cc_uint32 flat_len;			/*length of flat rep*/
+    cc_uint32 header_len;		/*length of header*/
+    cc_uint32 magic;			/*magic number for verification purposes*/
+    cc_generic_list_head_t* data_blobs;	/*variable length data*/
+};      
+typedef struct cc_msg_t cc_msg_t;
+
+/*Types of messages*/
+enum {
+    ccmsg_ACK,
+    ccmsg_NACK,
+    ccmsg_INIT,
+    ccmsg_CTX_RELEASE,
+    ccmsg_CTX_GET_CHANGE_TIME,
+    ccmsg_CTX_GET_DEFAULT_CCACHE_NAME,
+    ccmsg_CTX_COMPARE,
+    ccmsg_CTX_NEW_CCACHE_ITERATOR,
+    ccmsg_CTX_LOCK,
+    ccmsg_CTX_UNLOCK,
+    ccmsg_CTX_CLONE,
+    ccmsg_CCACHE_OPEN,
+    ccmsg_CCACHE_OPEN_DEFAULT,
+    ccmsg_CCACHE_CREATE,
+    ccmsg_CCACHE_CREATE_DEFAULT,
+    ccmsg_CCACHE_CREATE_UNIQUE,
+    ccmsg_CCACHE_RELEASE,
+    ccmsg_CCACHE_DESTROY,
+    ccmsg_CCACHE_SET_DEFAULT,
+    ccmsg_CCACHE_GET_CREDS_VERSION,
+    ccmsg_CCACHE_GET_NAME,
+    ccmsg_CCACHE_GET_PRINCIPAL,
+    ccmsg_CCACHE_SET_PRINCIPAL,
+    ccmsg_CCACHE_CREDS_ITERATOR,
+    ccmsg_CCACHE_STORE_CREDS,
+    ccmsg_CCACHE_REM_CREDS,
+    ccmsg_CCACHE_GET_LAST_DEFAULT_TIME,
+    ccmsg_CCACHE_GET_CHANGE_TIME,
+    ccmsg_CCACHE_MOVE,
+    ccmsg_CCACHE_COMPARE,
+    ccmsg_CCACHE_GET_KDC_TIME_OFFSET,
+    ccmsg_CCACHE_SET_KDC_TIME_OFFSET,
+    ccmsg_CCACHE_CLEAR_KDC_TIME_OFFSET,
+    ccmsg_CCACHE_ITERATOR_RELEASE,
+    ccmsg_CCACHE_ITERATOR_NEXT,
+    ccmsg_CCACHE_LOCK,
+    ccmsg_CCACHE_UNLOCK,
+    ccmsg_CREDS_ITERATOR_RELEASE,
+    ccmsg_CREDS_ITERATOR_NEXT,
+    ccmsg_CREDS_RELEASE,
+    ccmsg_CREDS_V4,
+    ccmsg_CREDS_V5
+};      
+
+#define CC_MSG_MAX_SIZE	1073741824 /*2^30*/
+#define CC_MSG_MAX_TYPE ccmsg_CREDS_V5
+#define BLOB_LEN (sizeof(cc_uint32))
+#define MAGIC_DATA_LEN (sizeof(cc_uint32))
+#define MAGIC_HEAD_LEN (sizeof(cc_uint32))
+
+cc_int32 cci_msg_new(cc_uint32 type, cc_msg_t** msgpp);
+cc_int32 cci_msg_calc_size(cc_msg_t* msg, cc_uint32 * sizep);
+cc_int32 cci_msg_calc_header_size(cc_msg_t* msg, cc_uint32 * sizep);
+cc_int32 cci_msg_add_data_blob(cc_msg_t* msg, void *data, cc_uint32 len, cc_uint32 * sizep);
+cc_int32 cci_msg_add_header(cc_msg_t* msg, void *header, cc_uint32 header_len);
+cc_int32 cci_msg_calc_blob_pos(cc_msg_t* msg, void *data, cc_uint32 len, cc_uint32 * sizep);
+cc_int32 cci_msg_flatten(cc_msg_t* msg, void **);
+cc_int32 cci_msg_calc_magic(void *flat, int flat_len, cc_uint32 * sizep);
+cc_int32 cci_msg_verify(void* flat, int flat_len, cc_uint32 * sizep);
+cc_int32 cci_msg_unflatten(void *flat, int flat_len, cc_msg_t** msgpp);
+cc_int32 cci_msg_retrieve_blob(cc_msg_t* msg, cc_uint32 blob_offset, cc_uint32 blob_len, void **);
+cc_int32 cci_msg_destroy(cc_msg_t* msg);
+#endif /*__CC_MSG_H__*/
diff --git a/src/lib/ccapi/include/msg_headers.h b/src/lib/ccapi/include/msg_headers.h
new file mode 100644
index 000000000..a27c2d2f1
--- /dev/null
+++ b/src/lib/ccapi/include/msg_headers.h
@@ -0,0 +1,429 @@
+/* $Copyright:
+ *
+ * Copyright 2004 by the Massachusetts Institute of Technology.
+ * 
+ * All rights reserved.
+ * 
+ * Export of this software from the United States of America may require a
+ * specific license from the United States Government.  It is the
+ * responsibility of any person or organization contemplating export to
+ * obtain such a license before exporting.
+ * 
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and distribute
+ * this software and its documentation for any purpose and without fee is
+ * hereby granted, provided that the above copyright notice appear in all
+ * copies and that both that copyright notice and this permission notice
+ * appear in supporting documentation, and that the name of M.I.T. not be
+ * used in advertising or publicity pertaining to distribution of the
+ * software without specific, written prior permission.  Furthermore if you
+ * modify this software you must label your software as modified software
+ * and not distribute it in such a fashion that it might be confused with
+ * the original MIT software. M.I.T. makes no representations about the
+ * suitability of this software for any purpose.  It is provided "as is"
+ * without express or implied warranty.
+ * 
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+ * MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ * 
+ * Individual source code files are copyright MIT, Cygnus Support,
+ * OpenVision, Oracle, Sun Soft, FundsXpress, and others.
+ * 
+ * Project Athena, Athena, Athena MUSE, Discuss, Hesiod, Kerberos, Moira,
+ * and Zephyr are trademarks of the Massachusetts Institute of Technology
+ * (MIT).  No commercial use of these trademarks may be made without prior
+ * written permission of MIT.
+ * 
+ * "Commercial use" means use of a name in a product or other for-profit
+ * manner.  It does NOT prevent a commercial firm from referring to the MIT
+ * trademarks in order to convey information (although in doing so,
+ * recognition of their trademark status should be given).
+ * $
+ */
+
+/*
+ * Message type specific header structures.
+ *
+ */
+
+#ifndef __MSG_HEADERS_H__
+#define __MSG_HEADERS_H__
+
+#include "CredentialsCache.h"
+
+/*
+ * All header structs must have sizes divisible by 4, and
+ * all individual fields within the structs must also have
+ * size divisible by 4. This is to ensure correct alignment
+ * and stop different compilers from inserting padding bytes in
+ * different places.
+ */
+
+struct ccmsg_ctx_only_t {
+    cc_handle ctx;
+};
+typedef struct ccmsg_ctx_only_t ccmsg_ctx_only_t;
+
+struct ccmsg_nack_t {
+    cc_uint32	err_code;	/*error code that caused failure*/
+};
+typedef struct ccmsg_nack_t ccmsg_nack_t;
+
+struct ccmsg_init_t {
+    cc_uint32	in_version;		/*client API version*/
+};
+struct ccmsg_init_resp_t {
+    cc_handle	out_ctx;		/*handle on this ctx*/
+    cc_uint32	out_version;		/*server API version*/
+    cc_uint32	vendor_offset;		/*offset of vendor blob*/
+    cc_uint32	vendor_length;		/*length of vendor blob*/
+};      
+typedef struct ccmsg_init_t ccmsg_init_t;
+typedef struct ccmsg_init_resp_t ccmsg_init_resp_t;
+
+struct ccmsg_clone_t {
+    cc_handle   ctx;
+    cc_uint32	in_version;		/*client API version*/
+};
+struct ccmsg_clone_resp_t {
+    cc_handle	out_ctx;		/*handle on this ctx*/
+    cc_uint32	out_version;		/*server API version*/
+    cc_uint32	vendor_offset;		/*offset of vendor blob*/
+    cc_uint32	vendor_length;		/*length of vendor blob*/
+};      
+typedef struct ccmsg_clone_t ccmsg_clone_t;
+typedef struct ccmsg_clone_resp_t ccmsg_clone_resp_t;
+
+struct ccmsg_ctx_release_t {
+    cc_handle 	ctx;	/*# of ctx to release*/
+};
+typedef struct ccmsg_ctx_release_t ccmsg_ctx_release_t;
+
+struct ccmsg_ctx_get_change_time_t {
+    cc_handle	ctx;
+};
+struct ccmsg_ctx_get_change_time_resp_t {
+    cc_time_t	time;
+};
+typedef struct ccmsg_ctx_get_change_time_t ccmsg_ctx_get_change_time_t;
+typedef struct ccmsg_ctx_get_change_time_resp_t ccmsg_ctx_get_change_time_resp_t;
+
+struct ccmsg_ctx_get_default_ccache_name_t {
+    cc_handle	ctx;
+};
+struct ccmsg_ctx_get_default_ccache_name_resp_t {
+    cc_uint32	name_offset;
+    cc_uint32	name_len;
+};
+typedef struct ccmsg_ctx_get_default_ccache_name_t ccmsg_ctx_get_default_ccache_name_t;
+typedef struct ccmsg_ctx_get_default_ccache_name_resp_t ccmsg_ctx_get_default_ccache_name_resp_t;
+
+struct ccmsg_ctx_compare_t {
+    cc_handle	ctx1;
+    cc_handle	ctx2;
+};
+struct ccmsg_ctx_compare_resp_t {
+    cc_uint32	is_equal;	
+};
+typedef struct ccmsg_ctx_compare_t ccmsg_ctx_compare_t;
+typedef struct ccmsg_ctx_compare_resp_t ccmsg_ctx_compare_resp_t;
+
+struct ccmsg_ctx_new_ccache_iterator_t {
+    cc_handle	ctx;
+};
+struct ccmsg_ctx_new_ccache_iterator_resp_t {
+    cc_handle	iterator;
+};
+typedef struct ccmsg_ctx_new_ccache_iterator_t ccmsg_ctx_new_ccache_iterator_t;
+typedef struct ccmsg_ctx_new_ccache_iterator_resp_t ccmsg_ctx_new_ccache_iterator_resp_t;
+
+struct ccmsg_ctx_lock_t {
+    cc_handle   ctx;
+    cc_uint32   lock_type;
+};
+typedef struct ccmsg_ctx_lock_t ccmsg_ctx_lock_t;
+
+struct ccmsg_ctx_unlock_t {
+    cc_handle   ctx;
+};
+typedef struct ccmsg_ctx_unlock_t ccmsg_ctx_unlock_t;
+
+struct ccmsg_ccache_open_t {
+    cc_handle	ctx;
+    cc_uint32	name_offset;
+    cc_uint32	name_len;
+};      
+struct ccmsg_ccache_open_resp_t {
+    cc_handle	ccache;
+};
+typedef struct ccmsg_ccache_open_t ccmsg_ccache_open_t;
+typedef struct ccmsg_ccache_open_resp_t ccmsg_ccache_open_resp_t;
+
+struct ccmsg_ccache_open_default_t {
+    cc_handle	ctx;
+};
+typedef struct ccmsg_ccache_open_default_t ccmsg_ccache_open_default_t;
+
+struct ccmsg_ccache_create_t {
+    cc_handle	ctx;
+    cc_uint32	version;
+    cc_uint32	principal_offset;
+    cc_uint32	principal_len;
+    cc_uint32	name_offset;
+    cc_uint32	name_len;
+};
+struct ccmsg_ccache_create_default_t {
+    cc_handle	ctx;
+    cc_uint32	version;
+    cc_uint32	principal_offset;
+    cc_uint32	principal_len;
+};
+struct ccmsg_ccache_create_unique_t {
+    cc_handle	ctx;
+    cc_uint32	version;
+    cc_uint32	principal_offset;
+    cc_uint32	principal_len;
+};
+
+struct ccmsg_ccache_create_resp_t {
+    cc_handle	ccache;
+};
+typedef struct ccmsg_ccache_create_t ccmsg_ccache_create_t;
+typedef struct ccmsg_ccache_create_default_t ccmsg_ccache_create_default_t;
+typedef struct ccmsg_ccache_create_unique_t ccmsg_ccache_create_unique_t;
+typedef struct ccmsg_ccache_create_resp_t ccmsg_ccache_create_resp_t;
+
+struct ccmsg_ccache_release_t {
+    cc_handle	ctx;
+    cc_handle	ccache;
+};
+typedef struct ccmsg_ccache_release_t ccmsg_ccache_release_t;
+
+struct ccmsg_ccache_destroy_t {
+    cc_handle	ctx;
+    cc_handle	ccache;
+};
+typedef struct ccmsg_ccache_destroy_t ccmsg_ccache_destroy_t;
+
+struct ccmsg_ccache_set_default_t {
+    cc_handle	ctx;
+    cc_handle	ccache;
+};
+typedef struct ccmsg_ccache_set_default_t ccmsg_ccache_set_default_t;
+
+struct ccmsg_ccache_get_creds_version_t {
+    cc_handle	ctx;
+    cc_handle	ccache;
+};
+struct ccmsg_ccache_get_creds_version_resp_t {
+    cc_uint32	version;
+};
+typedef struct ccmsg_ccache_get_creds_version_t ccmsg_ccache_get_creds_version_t;
+typedef struct ccmsg_ccache_get_creds_version_resp_t ccmsg_ccache_get_creds_version_resp_t;
+
+struct ccmsg_ccache_get_name_t {
+    cc_handle	ctx;
+    cc_handle	ccache;
+};
+struct ccmsg_ccache_get_name_resp_t {
+    cc_uint32	name_offset;
+    cc_uint32	name_len;
+};      
+typedef struct ccmsg_ccache_get_name_t ccmsg_ccache_get_name_t;
+typedef struct ccmsg_ccache_get_name_resp_t ccmsg_ccache_get_name_resp_t;
+
+struct ccmsg_ccache_get_principal_t {
+    cc_handle	ctx;
+    cc_handle	ccache;
+    cc_uint32	version;
+};
+struct ccmsg_ccache_get_principal_resp_t {
+    cc_uint32	principal_offset;
+    cc_uint32	principal_len;
+};
+typedef struct ccmsg_ccache_get_principal_t ccmsg_ccache_get_principal_t;
+typedef struct ccmsg_ccache_get_principal_resp_t ccmsg_ccache_get_principal_resp_t;
+
+struct ccmsg_ccache_set_principal_t {
+    cc_handle	ctx;
+    cc_handle	ccache;
+    cc_uint32	version;	
+    cc_uint32	principal_offset;
+    cc_uint32	principal_len;
+};
+typedef struct ccmsg_ccache_set_principal_t ccmsg_ccache_set_principal_t;
+
+struct ccmsg_ccache_creds_iterator_t {
+    cc_handle	ctx;
+    cc_handle	ccache;
+};
+struct ccmsg_ccache_creds_iterator_resp_t {
+    cc_handle	iterator;
+};
+typedef struct ccmsg_ccache_creds_iterator_t ccmsg_ccache_creds_iterator_t;
+typedef struct ccmsg_ccache_creds_iterator_resp_t ccmsg_ccache_creds_iterator_resp_t;
+
+struct ccmsg_ccache_store_creds_t {
+    cc_handle	ctx;
+    cc_handle	ccache;
+    cc_uint32   creds_version;
+    cc_uint32	creds_offset;
+    cc_uint32	creds_len;
+};
+typedef struct ccmsg_ccache_store_creds_t ccmsg_ccache_store_creds_t;
+
+struct ccmsg_ccache_rem_creds_t {
+    cc_handle	ctx;
+    cc_handle	ccache;
+    cc_handle   creds;
+};
+typedef struct ccmsg_ccache_rem_creds_t ccmsg_ccache_rem_creds_t;
+
+struct ccmsg_ccache_lock_t {
+    cc_handle	ctx;
+    cc_handle   ccache;
+    cc_uint32   lock_type;
+};
+typedef struct ccmsg_ccache_lock_t ccmsg_ccache_lock_t;
+
+struct ccmsg_ccache_unlock_t {
+    cc_handle	ctx;
+    cc_handle   ccache;
+};
+typedef struct ccmsg_ccache_unlock_t ccmsg_ccache_unlock_t;
+
+struct ccmsg_ccache_move_t {
+    cc_handle	ctx;
+    cc_handle	ccache_source;
+    cc_handle   ccache_dest;
+};
+typedef struct ccmsg_ccache_move_t ccmsg_ccache_move_t;
+
+struct ccmsg_ccache_get_last_default_time_t {
+    cc_handle	ctx;
+    cc_handle	ccache;
+};
+struct ccmsg_ccache_get_last_default_time_resp_t {
+    cc_time_t	last_default_time;
+};
+typedef struct ccmsg_ccache_get_last_default_time_t ccmsg_ccache_get_last_default_time_t;
+typedef struct ccmsg_ccache_get_last_default_time_resp_t ccmsg_ccache_get_last_default_time_resp_t;
+
+struct ccmsg_ccache_get_change_time_t {
+    cc_handle   ctx;
+    cc_handle	ccache;
+};
+struct ccmsg_ccache_get_change_time_resp_t {
+    cc_time_t	time;
+};
+typedef struct ccmsg_ccache_get_change_time_t ccmsg_ccache_get_change_time_t;
+typedef struct ccmsg_ccache_get_change_time_resp_t ccmsg_ccache_get_change_time_resp_t;
+
+struct ccmsg_ccache_compare_t {
+    cc_handle	ctx;
+    cc_handle	ccache1;
+    cc_handle	ccache2;
+};
+struct ccmsg_ccache_compare_resp_t {
+    cc_uint32	is_equal;
+};
+typedef struct ccmsg_ccache_compare_t ccmsg_ccache_compare_t;
+typedef struct ccmsg_ccache_compare_resp_t ccmsg_ccache_compare_resp_t;
+
+struct ccmsg_ccache_get_kdc_time_offset_t {
+    cc_handle	ctx;
+    cc_handle	ccache;
+    cc_int32    creds_version;
+};      
+struct ccmsg_ccache_get_kdc_time_offset_resp_t {
+    cc_time_t	offset;
+};
+typedef struct ccmsg_ccache_get_kdc_time_offset_t ccmsg_ccache_get_kdc_time_offset_t;
+typedef struct ccmsg_ccache_get_kdc_time_offset_resp_t ccmsg_ccache_get_kdc_time_offset_resp_t;
+
+struct ccmsg_ccache_set_kdc_time_offset_t {
+    cc_handle	ctx;
+    cc_handle	ccache;
+    cc_time_t	offset;
+    cc_int32    creds_version;
+};
+typedef struct ccmsg_ccache_set_kdc_time_offset_t ccmsg_ccache_set_kdc_time_offset_t;
+
+struct ccmsg_ccache_clear_kdc_time_offset_t {
+    cc_handle	ctx;
+    cc_handle	ccache;
+    cc_int32    creds_version;
+};
+typedef struct ccmsg_ccache_clear_kdc_time_offset_t ccmsg_ccache_clear_kdc_time_offset_t;
+
+struct ccmsg_ccache_iterator_release_t {
+    cc_handle	ctx;
+    cc_handle	iterator;
+};
+typedef struct ccmsg_ccache_iterator_release_t ccmsg_ccache_iterator_release_t;
+
+struct ccmsg_ccache_iterator_next_t {
+    cc_handle	ctx;
+    cc_handle	iterator;
+};
+struct ccmsg_ccache_iterator_next_resp_t {
+    cc_handle	ccache;
+};
+typedef struct ccmsg_ccache_iterator_next_t ccmsg_ccache_iterator_next_t;
+typedef struct ccmsg_ccache_iterator_next_resp_t ccmsg_ccache_iterator_next_resp_t;
+
+struct ccmsg_creds_iterator_release_t {
+    cc_handle	ctx;
+    cc_handle	ccache;
+    cc_handle	iterator;
+};
+typedef struct ccmsg_creds_iterator_release_t ccmsg_creds_iterator_release_t;
+
+struct ccmsg_creds_iterator_next_t {
+    cc_handle	ctx;
+    cc_handle	ccache;
+    cc_handle	iterator;
+};
+struct ccmsg_creds_iterator_next_resp_t {
+    cc_uint32	version;
+    cc_handle   creds_handle;
+    cc_uint32	creds_offset;
+    cc_uint32	creds_len;
+};
+typedef struct ccmsg_creds_iterator_next_t ccmsg_creds_iterator_next_t;
+typedef struct ccmsg_creds_iterator_next_resp_t ccmsg_creds_iterator_next_resp_t;
+
+struct ccmsg_creds_v4_t {
+    cc_uint32 offset;
+    cc_uint32 len;
+};
+typedef struct ccmsg_creds_v4_t ccmsg_creds_v4_t;
+
+struct ccmsg_creds_v5_t {
+    cc_uint32 client_offset;
+    cc_uint32 client_len;
+    cc_uint32 server_offset;
+    cc_uint32 server_len;
+    cc_uint32 keyblock_offset;
+    cc_uint32 keyblock_len;
+    cc_time_t authtime;
+    cc_time_t starttime;
+    cc_time_t endtime;
+    cc_time_t renewtime;
+    cc_uint32 is_skey;
+    cc_uint32 ticket_flags;
+    cc_uint32 address_count;
+    cc_uint32 address_offset;
+    cc_uint32 address_len;
+    cc_uint32 ticket_offset;
+    cc_uint32 ticket_len;
+    cc_uint32 ticket2_offset;
+    cc_uint32 ticket2_len;
+    cc_uint32 authdata_count;
+    cc_uint32 authdata_offset;
+    cc_uint32 authdata_len;
+};
+typedef struct ccmsg_creds_v5_t ccmsg_creds_v5_t;
+
+
+#endif /*__MSG_HEADERS_H__*/