summaryrefslogtreecommitdiffstats
path: root/src/kdc/kdc_util.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/kdc/kdc_util.h')
-rw-r--r--src/kdc/kdc_util.h64
1 files changed, 25 insertions, 39 deletions
diff --git a/src/kdc/kdc_util.h b/src/kdc/kdc_util.h
index 0cd7989fc..2f215a741 100644
--- a/src/kdc/kdc_util.h
+++ b/src/kdc/kdc_util.h
@@ -32,10 +32,12 @@
#include "kdb.h"
#include "net-server.h"
+#include "realm_data.h"
+#include "reqstate.h"
krb5_error_code check_hot_list (krb5_ticket *);
-krb5_boolean realm_compare (krb5_const_principal, krb5_const_principal);
-krb5_boolean is_local_principal(krb5_const_principal princ1);
+krb5_boolean is_local_principal(kdc_realm_t *kdc_active_realm,
+ krb5_const_principal princ1);
krb5_boolean krb5_is_tgs_principal (krb5_const_principal);
krb5_boolean is_cross_tgs_principal(krb5_const_principal);
krb5_error_code
@@ -49,7 +51,8 @@ compress_transited (krb5_data *,
krb5_principal,
krb5_data *);
krb5_error_code
-concat_authorization_data (krb5_authdata **,
+concat_authorization_data (krb5_context,
+ krb5_authdata **,
krb5_authdata **,
krb5_authdata ***);
krb5_error_code
@@ -58,7 +61,7 @@ fetch_last_req_info (krb5_db_entry *, krb5_last_req_entry ***);
krb5_error_code
kdc_convert_key (krb5_keyblock *, krb5_keyblock *, int);
krb5_error_code
-kdc_process_tgs_req (krb5_kdc_req *,
+kdc_process_tgs_req (kdc_realm_t *, krb5_kdc_req *,
const krb5_fulladdr *,
krb5_data *,
krb5_ticket **,
@@ -67,12 +70,12 @@ kdc_process_tgs_req (krb5_kdc_req *,
krb5_pa_data **pa_tgs_req);
krb5_error_code
-kdc_get_server_key (krb5_ticket *, unsigned int,
+kdc_get_server_key (krb5_context, krb5_ticket *, unsigned int,
krb5_boolean match_enctype,
krb5_db_entry **, krb5_keyblock **, krb5_kvno *);
int
-validate_as_request (krb5_kdc_req *, krb5_db_entry,
+validate_as_request (kdc_realm_t *, krb5_kdc_req *, krb5_db_entry,
krb5_db_entry, krb5_timestamp,
const char **, krb5_pa_data ***);
@@ -82,7 +85,7 @@ validate_forwardable(krb5_kdc_req *, krb5_db_entry,
const char **);
int
-validate_tgs_request (krb5_kdc_req *, krb5_db_entry,
+validate_tgs_request (kdc_realm_t *, krb5_kdc_req *, krb5_db_entry,
krb5_ticket *, krb5_timestamp,
const char **, krb5_pa_data ***);
@@ -90,7 +93,7 @@ int
fetch_asn1_field (unsigned char *, unsigned int, unsigned int, krb5_data *);
krb5_enctype
-select_session_keytype (krb5_context context,
+select_session_keytype (kdc_realm_t *kdc_active_realm,
krb5_db_entry *server,
int nktypes,
krb5_enctype *ktypes);
@@ -106,12 +109,12 @@ rep_etypes2str(char *s, size_t len, krb5_kdc_rep *rep);
/* do_as_req.c */
void
process_as_req (krb5_kdc_req *, krb5_data *,
- const krb5_fulladdr *,
+ const krb5_fulladdr *, kdc_realm_t *,
verto_ctx *, loop_respond_fn, void *);
/* do_tgs_req.c */
krb5_error_code
-process_tgs_req (krb5_data *,
+process_tgs_req (struct server_handle *, krb5_data *,
const krb5_fulladdr *,
krb5_data ** );
/* dispatch.c */
@@ -125,8 +128,6 @@ dispatch (void *,
loop_respond_fn,
void *);
-krb5_error_code
-setup_server_realm (krb5_principal);
void
kdc_err(krb5_context call_context, errcode_t code, const char *fmt, ...)
#if !defined(__cplusplus) && (__GNUC__ > 2)
@@ -159,7 +160,7 @@ get_preauth_hint_list(krb5_kdc_req *request,
krb5_kdcpreauth_rock rock, krb5_pa_data ***e_data_out,
kdc_hint_respond_fn respond, void *arg);
void
-load_preauth_plugins(krb5_context context);
+load_preauth_plugins(struct server_handle * handle, krb5_context context);
void
unload_preauth_plugins(krb5_context context);
@@ -180,9 +181,6 @@ return_padata(krb5_context context, krb5_kdcpreauth_rock rock,
void
free_padata_context(krb5_context context, void *padata_context);
-krb5_pa_data *
-find_pa_data (krb5_pa_data **padata, krb5_preauthtype pa_type);
-
krb5_error_code
add_pa_data_element (krb5_context context,
krb5_pa_data *padata,
@@ -222,13 +220,13 @@ handle_authdata (krb5_context context,
/* replay.c */
krb5_error_code kdc_init_lookaside(krb5_context context);
-krb5_boolean kdc_check_lookaside (krb5_data *, krb5_data **);
-void kdc_insert_lookaside (krb5_data *, krb5_data *);
+krb5_boolean kdc_check_lookaside (krb5_context, krb5_data *, krb5_data **);
+void kdc_insert_lookaside (krb5_context, krb5_data *, krb5_data *);
void kdc_remove_lookaside (krb5_context kcontext, krb5_data *);
void kdc_free_lookaside(krb5_context);
/* kdc_util.c */
-void reset_for_hangup(void);
+void reset_for_hangup(void *);
krb5_boolean
include_pac_p(krb5_context context, krb5_kdc_req *request);
@@ -242,7 +240,7 @@ return_enc_padata(krb5_context context,
krb5_boolean is_referral);
krb5_error_code
-kdc_process_s4u2self_req (krb5_context context,
+kdc_process_s4u2self_req (kdc_realm_t *kdc_active_realm,
krb5_kdc_req *request,
krb5_const_principal client_princ,
const krb5_db_entry *server,
@@ -262,7 +260,7 @@ kdc_make_s4u2self_rep (krb5_context context,
krb5_enc_kdc_rep_part *reply_encpart);
krb5_error_code
-kdc_process_s4u2proxy_req (krb5_context context,
+kdc_process_s4u2proxy_req (kdc_realm_t *kdc_active_realm,
krb5_kdc_req *request,
const krb5_enc_tkt_part *t2enc,
const krb5_db_entry *server,
@@ -271,7 +269,7 @@ kdc_process_s4u2proxy_req (krb5_context context,
const char **status);
krb5_error_code
-kdc_check_transited_list (krb5_context context,
+kdc_check_transited_list (kdc_realm_t *kdc_active_realm,
const krb5_data *trans,
const krb5_data *realm1,
const krb5_data *realm2);
@@ -296,7 +294,7 @@ validate_transit_path(krb5_context context,
krb5_db_entry *server,
krb5_db_entry *krbtgt);
void
-kdc_get_ticket_endtime(krb5_context context,
+kdc_get_ticket_endtime(kdc_realm_t *kdc_active_realm,
krb5_timestamp now,
krb5_timestamp endtime,
krb5_timestamp till,
@@ -305,7 +303,7 @@ kdc_get_ticket_endtime(krb5_context context,
krb5_timestamp *out_endtime);
void
-log_as_req(const krb5_fulladdr *from,
+log_as_req(krb5_context context, const krb5_fulladdr *from,
krb5_kdc_req *request, krb5_kdc_rep *reply,
krb5_db_entry *client, const char *cname,
krb5_db_entry *server, const char *sname,
@@ -319,20 +317,7 @@ log_tgs_req(const krb5_fulladdr *from,
unsigned int c_flags, const char *s4u_name,
const char *status, krb5_error_code errcode, const char *emsg);
void
-log_tgs_alt_tgt(krb5_principal p);
-
-/*Request state*/
-
-struct kdc_request_state {
- krb5_keyblock *armor_key;
- krb5_keyblock *strengthen_key;
- krb5_pa_data *cookie;
- krb5_int32 fast_options;
- krb5_int32 fast_internal_flags;
-};
-
-krb5_error_code kdc_make_rstate(struct kdc_request_state **out);
-void kdc_free_rstate (struct kdc_request_state *s);
+log_tgs_alt_tgt(krb5_context context, krb5_principal p);
/* FAST*/
enum krb5_fast_kdc_flags {
@@ -374,7 +359,8 @@ krb5_error_code kdc_fast_handle_reply_key(struct kdc_request_state *state,
krb5_error_code kdc_preauth_get_cookie(struct kdc_request_state *state,
krb5_pa_data **cookie);
krb5_error_code
-kdc_handle_protected_negotiation( krb5_data *req_pkt, krb5_kdc_req *request,
+kdc_handle_protected_negotiation( krb5_context context,
+ krb5_data *req_pkt, krb5_kdc_req *request,
const krb5_keyblock *reply_key,
krb5_pa_data ***out_enc_padata);
krb5_error_code
generated by cgit (git 2.34.1) at 2024-09-23 06:32:04 +0000