23
23
#include "auth/kerberos/krb5_init_context.h"
24
24
#include "librpc/gen_ndr/krb5pac.h"
26
struct auth_serversupplied_info;
26
struct auth_user_info_dc;
27
27
struct cli_credentials;
29
29
struct ccache_container {
53
53
#define KRB5_KEY_DATA(k) ((k)->contents)
54
54
#endif /* HAVE_KRB5_KEYBLOCK_KEYVALUE */
56
#define ENC_ALL_TYPES (ENC_CRC32 | ENC_RSA_MD5 | ENC_RC4_HMAC_MD5 | \
57
ENC_HMAC_SHA1_96_AES128 | ENC_HMAC_SHA1_96_AES256)
56
59
#ifndef HAVE_KRB5_SET_REAL_TIME
57
60
krb5_error_code krb5_set_real_time(krb5_context context, int32_t seconds, int32_t microseconds);
88
91
krb5_ccache ccache,
89
92
krb5_data *outbuf);
90
93
bool get_auth_data_from_tkt(TALLOC_CTX *mem_ctx, DATA_BLOB *auth_data, krb5_ticket *tkt);
91
int kerberos_kinit_password_cc(krb5_context ctx, krb5_ccache cc,
92
krb5_principal principal, const char *password,
93
time_t *expire_time, time_t *kdc_time);
94
int kerberos_kinit_keyblock_cc(krb5_context ctx, krb5_ccache cc,
95
krb5_principal principal, krb5_keyblock *keyblock,
96
time_t *expire_time, time_t *kdc_time);
94
krb5_error_code kerberos_kinit_password_cc(krb5_context ctx, krb5_ccache cc,
95
krb5_principal principal, const char *password,
96
krb5_principal impersonate_principal, const char *target_service,
97
krb5_get_init_creds_opt *krb_options,
98
time_t *expire_time, time_t *kdc_time);
99
krb5_error_code kerberos_kinit_keyblock_cc(krb5_context ctx, krb5_ccache cc,
100
krb5_principal principal, krb5_keyblock *keyblock,
101
const char *target_service,
102
krb5_get_init_creds_opt *krb_options,
103
time_t *expire_time, time_t *kdc_time);
97
104
krb5_principal kerberos_fetch_salt_princ_for_host_princ(krb5_context context,
98
105
krb5_principal host_princ,
102
109
void kerberos_free_data_contents(krb5_context context, krb5_data *pdata);
103
110
krb5_error_code smb_krb5_kt_free_entry(krb5_context context, krb5_keytab_entry *kt_entry);
104
111
char *smb_get_krb5_error_message(krb5_context context, krb5_error_code code, TALLOC_CTX *mem_ctx);
105
krb5_error_code kinit_to_ccache(TALLOC_CTX *parent_ctx,
106
struct cli_credentials *credentials,
107
struct smb_krb5_context *smb_krb5_context,
109
krb5_error_code principal_from_credentials(TALLOC_CTX *parent_ctx,
110
struct cli_credentials *credentials,
111
struct smb_krb5_context *smb_krb5_context,
112
krb5_principal *princ);
113
112
NTSTATUS kerberos_decode_pac(TALLOC_CTX *mem_ctx,
114
struct smb_iconv_convenience *iconv_convenience,
115
113
struct PAC_DATA **pac_data_out,
117
115
krb5_context context,
121
119
time_t tgs_authtime,
122
120
krb5_error_code *k5ret);
123
121
NTSTATUS kerberos_pac_logon_info(TALLOC_CTX *mem_ctx,
124
struct smb_iconv_convenience *iconv_convenience,
125
122
struct PAC_LOGON_INFO **logon_info,
127
124
krb5_context context,
131
128
time_t tgs_authtime,
132
129
krb5_error_code *k5ret);
133
130
krb5_error_code kerberos_encode_pac(TALLOC_CTX *mem_ctx,
134
struct smb_iconv_convenience *iconv_convenience,
135
131
struct PAC_DATA *pac_data,
136
132
krb5_context context,
137
133
const krb5_keyblock *krbtgt_keyblock,
138
134
const krb5_keyblock *service_keyblock,
140
136
krb5_error_code kerberos_create_pac(TALLOC_CTX *mem_ctx,
141
struct smb_iconv_convenience *iconv_convenience,
142
struct auth_serversupplied_info *server_info,
137
struct auth_user_info_dc *user_info_dc,
143
138
krb5_context context,
144
139
const krb5_keyblock *krbtgt_keyblock,
145
140
const krb5_keyblock *service_keyblock,
147
142
time_t tgs_authtime,
149
144
struct loadparm_context;
147
uint32_t kerberos_enctype_to_bitmap(krb5_enctype enc_type_enum);
148
/* Translate between the Microsoft msDS-SupportedEncryptionTypes values and the IETF encryption type values */
149
krb5_enctype kerberos_enctype_bitmap_to_enctype(uint32_t enctype_bitmap);
150
krb5_error_code smb_krb5_update_keytab(TALLOC_CTX *parent_ctx,
151
struct smb_krb5_context *smb_krb5_context,
152
struct ldb_context *ldb,
153
struct ldb_message *msg,
154
bool delete_all_kvno,
155
const char **error_string);
151
157
#include "auth/kerberos/proto.h"