44
44
CRED_MUST_USE_KERBEROS /* Sometimes administrators are parinoid, so always do kerberos */
47
enum credentials_krb_forwardable {
48
CRED_AUTO_KRB_FORWARDABLE = 0, /* Default, follow library defaults */
49
CRED_NO_KRB_FORWARDABLE, /* not forwardable */
50
CRED_FORCE_KRB_FORWARDABLE /* forwardable */
47
53
#define CLI_CRED_NTLM2 0x01
48
54
#define CLI_CRED_NTLMv2_AUTH 0x02
49
55
#define CLI_CRED_LANMAN_AUTH 0x04
119
128
/* Should we be trying to use kerberos? */
120
129
enum credentials_use_kerberos use_kerberos;
131
/* Should we get a forwardable ticket? */
132
enum credentials_krb_forwardable krb_forwardable;
122
134
/* gensec features which should be used for connections */
123
135
uint32_t gensec_features;
155
168
const char *cli_credentials_get_realm(struct cli_credentials *cred);
156
169
const char *cli_credentials_get_username(struct cli_credentials *cred);
157
170
int cli_credentials_get_krb5_context(struct cli_credentials *cred,
158
struct tevent_context *event_ctx,
159
171
struct loadparm_context *lp_ctx,
160
172
struct smb_krb5_context **smb_krb5_context);
161
173
int cli_credentials_get_ccache(struct cli_credentials *cred,
162
174
struct tevent_context *event_ctx,
163
175
struct loadparm_context *lp_ctx,
164
struct ccache_container **ccc);
176
struct ccache_container **ccc,
177
const char **error_string);
178
int cli_credentials_get_named_ccache(struct cli_credentials *cred,
179
struct tevent_context *event_ctx,
180
struct loadparm_context *lp_ctx,
182
struct ccache_container **ccc, const char **error_string);
165
183
int cli_credentials_get_keytab(struct cli_credentials *cred,
166
struct tevent_context *event_ctx,
167
184
struct loadparm_context *lp_ctx,
168
185
struct keytab_container **_ktc);
169
186
const char *cli_credentials_get_domain(struct cli_credentials *cred);
174
191
struct loadparm_context *lp_ctx);
175
192
const char *cli_credentials_get_principal(struct cli_credentials *cred, TALLOC_CTX *mem_ctx);
176
193
int cli_credentials_get_server_gss_creds(struct cli_credentials *cred,
177
struct tevent_context *event_ctx,
178
194
struct loadparm_context *lp_ctx,
179
195
struct gssapi_creds_container **_gcc);
180
196
int cli_credentials_get_client_gss_creds(struct cli_credentials *cred,
181
197
struct tevent_context *event_ctx,
182
198
struct loadparm_context *lp_ctx,
183
struct gssapi_creds_container **_gcc);
199
struct gssapi_creds_container **_gcc,
200
const char **error_string);
184
201
void cli_credentials_set_kerberos_state(struct cli_credentials *creds,
185
202
enum credentials_use_kerberos use_kerberos);
203
void cli_credentials_set_krb_forwardable(struct cli_credentials *creds,
204
enum credentials_krb_forwardable krb_forwardable);
186
205
bool cli_credentials_set_domain(struct cli_credentials *cred,
188
207
enum credentials_obtained obtained);
209
228
enum credentials_obtained obtained);
210
229
void cli_credentials_set_secure_channel_type(struct cli_credentials *cred,
211
230
enum netr_SchannelType secure_channel_type);
231
void cli_credentials_set_password_last_changed_time(struct cli_credentials *cred,
232
time_t last_change_time);
212
233
void cli_credentials_set_netlogon_creds(struct cli_credentials *cred,
213
234
struct netlogon_creds_CredentialState *netlogon_creds);
214
235
NTSTATUS cli_credentials_set_krb5_context(struct cli_credentials *cred,
215
236
struct smb_krb5_context *smb_krb5_context);
216
237
NTSTATUS cli_credentials_set_stored_principal(struct cli_credentials *cred,
217
struct tevent_context *event_ctx,
218
238
struct loadparm_context *lp_ctx,
219
239
const char *serviceprincipal);
220
240
NTSTATUS cli_credentials_set_machine_account(struct cli_credentials *cred,
230
250
bool cli_credentials_set_password_callback(struct cli_credentials *cred,
231
251
const char *(*password_cb) (struct cli_credentials *));
232
252
enum netr_SchannelType cli_credentials_get_secure_channel_type(struct cli_credentials *cred);
253
time_t cli_credentials_get_password_last_changed_time(struct cli_credentials *cred);
233
254
void cli_credentials_set_kvno(struct cli_credentials *cred,
235
256
bool cli_credentials_set_nt_hash(struct cli_credentials *cred,
240
261
const DATA_BLOB *nt_response,
241
262
enum credentials_obtained obtained);
242
263
int cli_credentials_set_keytab_name(struct cli_credentials *cred,
243
struct tevent_context *event_ctx,
244
264
struct loadparm_context *lp_ctx,
245
265
const char *keytab_name,
246
266
enum credentials_obtained obtained);
247
int cli_credentials_update_keytab(struct cli_credentials *cred,
248
struct tevent_context *event_ctx,
249
struct loadparm_context *lp_ctx);
250
267
void cli_credentials_set_gensec_features(struct cli_credentials *creds, uint32_t gensec_features);
251
268
uint32_t cli_credentials_get_gensec_features(struct cli_credentials *creds);
252
269
int cli_credentials_set_ccache(struct cli_credentials *cred,
253
struct tevent_context *event_ctx,
254
270
struct loadparm_context *lp_ctx,
255
271
const char *name,
256
enum credentials_obtained obtained);
272
enum credentials_obtained obtained,
273
const char **error_string);
257
274
bool cli_credentials_parse_password_file(struct cli_credentials *credentials, const char *file, enum credentials_obtained obtained);
258
275
bool cli_credentials_parse_password_fd(struct cli_credentials *credentials,
259
276
int fd, enum credentials_obtained obtained);
260
277
void cli_credentials_invalidate_ccache(struct cli_credentials *cred,
261
278
enum credentials_obtained obtained);
262
279
void cli_credentials_set_salt_principal(struct cli_credentials *cred, const char *principal);
280
void cli_credentials_set_impersonate_principal(struct cli_credentials *cred, const char *principal);
281
void cli_credentials_set_target_service(struct cli_credentials *cred, const char *principal);
282
const char *cli_credentials_get_salt_principal(struct cli_credentials *cred);
283
const char *cli_credentials_get_impersonate_principal(struct cli_credentials *cred);
284
const char *cli_credentials_get_target_service(struct cli_credentials *cred);
263
285
enum credentials_use_kerberos cli_credentials_get_kerberos_state(struct cli_credentials *creds);
286
enum credentials_krb_forwardable cli_credentials_get_krb_forwardable(struct cli_credentials *creds);
264
287
NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred,
265
struct tevent_context *event_ctx,
266
288
struct loadparm_context *lp_ctx,
267
289
struct ldb_context *ldb,
268
290
const char *base,
292
char **error_string);
270
293
int cli_credentials_get_kvno(struct cli_credentials *cred);
272
296
#endif /* __CREDENTIALS_H__ */