2
* Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan
3
* (Royal Institute of Technology, Stockholm, Sweden).
6
* Redistribution and use in source and binary forms, with or without
7
* modification, are permitted provided that the following conditions
10
* 1. Redistributions of source code must retain the above copyright
11
* notice, this list of conditions and the following disclaimer.
13
* 2. Redistributions in binary form must reproduce the above copyright
14
* notice, this list of conditions and the following disclaimer in the
15
* documentation and/or other materials provided with the distribution.
17
* 3. Neither the name of the Institute nor the names of its contributors
18
* may be used to endorse or promote products derived from this software
19
* without specific prior written permission.
21
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36
#ifndef GSSKRB5_LOCL_H
37
#define GSSKRB5_LOCL_H
43
#include <krb5_locl.h>
44
#include <gkrb5_err.h>
46
#include <gssapi_mech.h>
58
struct krb5_auth_context_data *auth_context;
59
krb5_principal source, target;
60
#define IS_DCE_STYLE(ctx) (((ctx)->flags & GSS_C_DCE_STYLE) != 0)
62
enum { LOCAL = 1, OPEN = 2,
64
COMPAT_OLD_DES3_SELECTED = 8,
69
enum gss_ctx_id_t_state {
70
/* initiator states */
73
INITIATOR_WAIT_FOR_MUTAL,
77
ACCEPTOR_WAIT_FOR_DCESTYLE,
82
struct krb5_ticket *ticket;
84
HEIMDAL_MUTEX ctx_id_mutex;
85
struct gss_msg_order *order;
86
krb5_keyblock *service_keyblock;
91
krb5_principal principal;
93
#define GSS_CF_DESTROY_CRED_ON_RELEASE 1
94
#define GSS_CF_NO_CI_FLAGS 2
95
struct krb5_keytab_data *keytab;
97
gss_cred_usage_t usage;
98
gss_OID_set mechanisms;
99
struct krb5_ccache_data *ccache;
100
HEIMDAL_MUTEX cred_id_mutex;
101
krb5_enctype *enctypes;
104
typedef struct Principal *gsskrb5_name;
110
extern krb5_keytab _gsskrb5_keytab;
111
extern HEIMDAL_MUTEX gssapi_keytab_mutex;
113
struct gssapi_thr_context {
122
#include <krb5/gsskrb5-private.h>
124
#define GSSAPI_KRB5_INIT(ctx) do { \
125
krb5_error_code kret_gss_init; \
126
if((kret_gss_init = _gsskrb5_init (ctx)) != 0) { \
127
*minor_status = kret_gss_init; \
128
return GSS_S_FAILURE; \
132
/* sec_context flags */
134
#define SC_LOCAL_ADDRESS 0x01
135
#define SC_REMOTE_ADDRESS 0x02
136
#define SC_KEYBLOCK 0x04
137
#define SC_LOCAL_SUBKEY 0x08
138
#define SC_REMOTE_SUBKEY 0x10
140
/* type to signal that that dns canon maybe should be done */
141
#define MAGIC_HOSTBASED_NAME_TYPE 4711