| 1 | /* work around broken krb5.h on sles9 */
|
|---|
| 2 | #ifdef SIZEOF_LONG
|
|---|
| 3 | #undef SIZEOF_LONG
|
|---|
| 4 | #endif
|
|---|
| 5 |
|
|---|
| 6 |
|
|---|
| 7 | #if defined(HAVE_KRB5)
|
|---|
| 8 | krb5_error_code smb_krb5_parse_name(krb5_context context,
|
|---|
| 9 | const char *name, /* in unix charset */
|
|---|
| 10 | krb5_principal *principal);
|
|---|
| 11 |
|
|---|
| 12 | krb5_error_code smb_krb5_unparse_name(TALLOC_CTX *mem_ctx,
|
|---|
| 13 | krb5_context context,
|
|---|
| 14 | krb5_const_principal principal,
|
|---|
| 15 | char **unix_name);
|
|---|
| 16 |
|
|---|
| 17 | #ifndef HAVE_KRB5_SET_REAL_TIME
|
|---|
| 18 | krb5_error_code krb5_set_real_time(krb5_context context, int32_t seconds, int32_t microseconds);
|
|---|
| 19 | #endif
|
|---|
| 20 |
|
|---|
| 21 | krb5_error_code krb5_set_default_tgs_ktypes(krb5_context ctx, const krb5_enctype *enc);
|
|---|
| 22 |
|
|---|
| 23 | #if defined(HAVE_KRB5_AUTH_CON_SETKEY) && !defined(HAVE_KRB5_AUTH_CON_SETUSERUSERKEY)
|
|---|
| 24 | krb5_error_code krb5_auth_con_setuseruserkey(krb5_context context, krb5_auth_context auth_context, krb5_keyblock *keyblock);
|
|---|
| 25 | #endif
|
|---|
| 26 |
|
|---|
| 27 | #ifndef HAVE_KRB5_FREE_UNPARSED_NAME
|
|---|
| 28 | void krb5_free_unparsed_name(krb5_context ctx, char *val);
|
|---|
| 29 | #endif
|
|---|
| 30 |
|
|---|
| 31 | /* Stub out initialize_krb5_error_table since it is not present in all
|
|---|
| 32 | * Kerberos implementations. If it's not present, it's not necessary to
|
|---|
| 33 | * call it.
|
|---|
| 34 | */
|
|---|
| 35 | #ifndef HAVE_INITIALIZE_KRB5_ERROR_TABLE
|
|---|
| 36 | #define initialize_krb5_error_table()
|
|---|
| 37 | #endif
|
|---|
| 38 |
|
|---|
| 39 | /* Samba wrapper function for krb5 functionality. */
|
|---|
| 40 | bool setup_kaddr( krb5_address *pkaddr, struct sockaddr_storage *paddr);
|
|---|
| 41 | int create_kerberos_key_from_string(krb5_context context, krb5_principal host_princ, krb5_data *password, krb5_keyblock *key, krb5_enctype enctype, bool no_salt);
|
|---|
| 42 | bool get_auth_data_from_tkt(TALLOC_CTX *mem_ctx, DATA_BLOB *auth_data, krb5_ticket *tkt);
|
|---|
| 43 | krb5_const_principal get_principal_from_tkt(krb5_ticket *tkt);
|
|---|
| 44 | krb5_error_code smb_krb5_locate_kdc(krb5_context ctx, const krb5_data *realm, struct sockaddr **addr_pp, int *naddrs, int get_masters);
|
|---|
| 45 | #if defined(HAVE_KRB5_LOCATE_KDC)
|
|---|
| 46 | krb5_error_code krb5_locate_kdc(krb5_context ctx, const krb5_data *realm, struct sockaddr **addr_pp, int *naddrs, int get_masters);
|
|---|
| 47 | #endif
|
|---|
| 48 | krb5_error_code get_kerberos_allowed_etypes(krb5_context context, krb5_enctype **enctypes);
|
|---|
| 49 | bool get_krb5_smb_session_key(krb5_context context, krb5_auth_context auth_context, DATA_BLOB *session_key, bool remote);
|
|---|
| 50 | krb5_error_code smb_krb5_kt_free_entry(krb5_context context, krb5_keytab_entry *kt_entry);
|
|---|
| 51 | krb5_principal kerberos_fetch_salt_princ_for_host_princ(krb5_context context, krb5_principal host_princ, int enctype);
|
|---|
| 52 | void kerberos_set_creds_enctype(krb5_creds *pcreds, int enctype);
|
|---|
| 53 | bool kerberos_compatible_enctypes(krb5_context context, krb5_enctype enctype1, krb5_enctype enctype2);
|
|---|
| 54 | void kerberos_free_data_contents(krb5_context context, krb5_data *pdata);
|
|---|
| 55 | NTSTATUS decode_pac_data(TALLOC_CTX *mem_ctx,
|
|---|
| 56 | DATA_BLOB *pac_data_blob,
|
|---|
| 57 | krb5_context context,
|
|---|
| 58 | krb5_keyblock *service_keyblock,
|
|---|
| 59 | krb5_const_principal client_principal,
|
|---|
| 60 | time_t tgs_authtime,
|
|---|
| 61 | struct PAC_DATA **pac_data_out);
|
|---|
| 62 | void smb_krb5_checksum_from_pac_sig(krb5_checksum *cksum,
|
|---|
| 63 | struct PAC_SIGNATURE_DATA *sig);
|
|---|
| 64 | krb5_error_code smb_krb5_verify_checksum(krb5_context context,
|
|---|
| 65 | const krb5_keyblock *keyblock,
|
|---|
| 66 | krb5_keyusage usage,
|
|---|
| 67 | krb5_checksum *cksum,
|
|---|
| 68 | uint8 *data,
|
|---|
| 69 | size_t length);
|
|---|
| 70 | time_t get_authtime_from_tkt(krb5_ticket *tkt);
|
|---|
| 71 | void smb_krb5_free_ap_req(krb5_context context,
|
|---|
| 72 | krb5_ap_req *ap_req);
|
|---|
| 73 | krb5_error_code smb_krb5_get_keyinfo_from_ap_req(krb5_context context,
|
|---|
| 74 | const krb5_data *inbuf,
|
|---|
| 75 | krb5_kvno *kvno,
|
|---|
| 76 | krb5_enctype *enctype);
|
|---|
| 77 | krb5_error_code krb5_rd_req_return_keyblock_from_keytab(krb5_context context,
|
|---|
| 78 | krb5_auth_context *auth_context,
|
|---|
| 79 | const krb5_data *inbuf,
|
|---|
| 80 | krb5_const_principal server,
|
|---|
| 81 | krb5_keytab keytab,
|
|---|
| 82 | krb5_flags *ap_req_options,
|
|---|
| 83 | krb5_ticket **ticket,
|
|---|
| 84 | krb5_keyblock **keyblock);
|
|---|
| 85 | krb5_error_code smb_krb5_parse_name_norealm(krb5_context context,
|
|---|
| 86 | const char *name,
|
|---|
| 87 | krb5_principal *principal);
|
|---|
| 88 | bool smb_krb5_principal_compare_any_realm(krb5_context context,
|
|---|
| 89 | krb5_const_principal princ1,
|
|---|
| 90 | krb5_const_principal princ2);
|
|---|
| 91 | int cli_krb5_get_ticket(const char *principal, time_t time_offset,
|
|---|
| 92 | DATA_BLOB *ticket, DATA_BLOB *session_key_krb5,
|
|---|
| 93 | uint32 extra_ap_opts, const char *ccname,
|
|---|
| 94 | time_t *tgs_expire,
|
|---|
| 95 | const char *impersonate_princ_s);
|
|---|
| 96 | krb5_error_code smb_krb5_renew_ticket(const char *ccache_string, const char *client_string, const char *service_string, time_t *expire_time);
|
|---|
| 97 | krb5_error_code kpasswd_err_to_krb5_err(krb5_error_code res_code);
|
|---|
| 98 | krb5_error_code smb_krb5_gen_netbios_krb5_address(smb_krb5_addresses **kerb_addr);
|
|---|
| 99 | krb5_error_code smb_krb5_free_addresses(krb5_context context, smb_krb5_addresses *addr);
|
|---|
| 100 | NTSTATUS krb5_to_nt_status(krb5_error_code kerberos_error);
|
|---|
| 101 | krb5_error_code nt_status_to_krb5(NTSTATUS nt_status);
|
|---|
| 102 | void smb_krb5_free_error(krb5_context context, krb5_error *krberror);
|
|---|
| 103 | krb5_error_code handle_krberror_packet(krb5_context context,
|
|---|
| 104 | krb5_data *packet);
|
|---|
| 105 |
|
|---|
| 106 | void smb_krb5_get_init_creds_opt_free(krb5_context context,
|
|---|
| 107 | krb5_get_init_creds_opt *opt);
|
|---|
| 108 | krb5_error_code smb_krb5_get_init_creds_opt_alloc(krb5_context context,
|
|---|
| 109 | krb5_get_init_creds_opt **opt);
|
|---|
| 110 | krb5_error_code smb_krb5_mk_error(krb5_context context,
|
|---|
| 111 | krb5_error_code error_code,
|
|---|
| 112 | const krb5_principal server,
|
|---|
| 113 | krb5_data *reply);
|
|---|
| 114 | krb5_enctype smb_get_enctype_from_kt_entry(krb5_keytab_entry *kt_entry);
|
|---|
| 115 | krb5_error_code smb_krb5_enctype_to_string(krb5_context context,
|
|---|
| 116 | krb5_enctype enctype,
|
|---|
| 117 | char **etype_s);
|
|---|
| 118 | krb5_error_code smb_krb5_open_keytab(krb5_context context,
|
|---|
| 119 | const char *keytab_name,
|
|---|
| 120 | bool write_access,
|
|---|
| 121 | krb5_keytab *keytab);
|
|---|
| 122 | krb5_error_code smb_krb5_keytab_name(TALLOC_CTX *mem_ctx,
|
|---|
| 123 | krb5_context context,
|
|---|
| 124 | krb5_keytab keytab,
|
|---|
| 125 | const char **keytab_name);
|
|---|
| 126 | int smb_krb5_kt_add_entry_ext(krb5_context context,
|
|---|
| 127 | krb5_keytab keytab,
|
|---|
| 128 | krb5_kvno kvno,
|
|---|
| 129 | const char *princ_s,
|
|---|
| 130 | krb5_enctype *enctypes,
|
|---|
| 131 | krb5_data password,
|
|---|
| 132 | bool no_salt,
|
|---|
| 133 | bool keep_old_entries);
|
|---|
| 134 | krb5_error_code smb_krb5_get_credentials(krb5_context context,
|
|---|
| 135 | krb5_ccache ccache,
|
|---|
| 136 | krb5_principal me,
|
|---|
| 137 | krb5_principal server,
|
|---|
| 138 | krb5_principal impersonate_princ,
|
|---|
| 139 | krb5_creds **out_creds);
|
|---|
| 140 | krb5_error_code smb_krb5_get_creds(const char *server_s,
|
|---|
| 141 | time_t time_offset,
|
|---|
| 142 | const char *cc,
|
|---|
| 143 | const char *impersonate_princ_s,
|
|---|
| 144 | krb5_creds **creds_p);
|
|---|
| 145 | char *smb_krb5_principal_get_realm(krb5_context context,
|
|---|
| 146 | krb5_principal principal);
|
|---|
| 147 | #endif /* HAVE_KRB5 */
|
|---|
| 148 |
|
|---|
