HTTPS transport (Microsoft KKDCPP implementation)

Add an 'HTTPS' transport type which connects to an [MS-KKDCP] proxy
server using HTTPS to communicate with a KDC.  The KDC's name should
take the form of an HTTPS URL (e.g. "https://proxybox/KdcProxy").

An HTTPS connection's encryption layer can be reading and writing when
the application layer is expecting to write and read, so the HTTPS
callbacks have to handle being called multiple times.

[nalin@redhat.com: use cleanup labels, make sure we always send the
 realm name, keep a copy of the URI on-hand, move most of the
 conditionally-compiled sections into their own conditionally-built
 functions, break out HTTPS request formatting into a helper function,
 handle the MS-KKDCP length bytes, update comments to mention specific
 versions of the MS-KKDCP spec, differentiate TCP and HTTP trace
 messages, trace unparseable responses]

ticket: 7929

1 files changed, 2 insertions, 0 deletions

diff --git a/src/lib/krb5/os/os-proto.h b/src/lib/krb5/os/os-proto.h
index e60ccd04a..34bf02891 100644
--- a/src/lib/krb5/os/os-proto.h
+++ b/src/lib/krb5/os/os-proto.h
@@ -42,6 +42,7 @@ typedef enum {
     TCP_OR_UDP = 0,
     TCP,
     UDP,
+    HTTPS,
 } k5_transport;
 
 typedef enum {
@@ -55,6 +56,7 @@ struct server_entry {
     char *hostname;             /* NULL -> use addrlen/addr instead */
     int port;                   /* Used only if hostname set */
     k5_transport transport;     /* May be 0 for UDP/TCP if hostname set */
+    char *uri_path;             /* Used only if transport is HTTPS */
     int family;                 /* May be 0 (aka AF_UNSPEC) if hostname set */
     size_t addrlen;
     struct sockaddr_storage addr;