You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
82 lines
2.9 KiB
82 lines
2.9 KiB
/** |
|
* Copyright (c) 2006-2009 Apple Inc. All rights reserved. |
|
* |
|
* Licensed under the Apache License, Version 2.0 (the "License"); |
|
* you may not use this file except in compliance with the License. |
|
* You may obtain a copy of the License at |
|
* |
|
* http://www.apache.org/licenses/LICENSE-2.0 |
|
* |
|
* Unless required by applicable law or agreed to in writing, software |
|
* distributed under the License is distributed on an "AS IS" BASIS, |
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
|
* See the License for the specific language governing permissions and |
|
* limitations under the License. |
|
**/ |
|
#ifndef KERBEROS_GSS_H |
|
#define KERBEROS_GSS_H |
|
|
|
#include <stdbool.h> |
|
|
|
#include <gssapi/gssapi.h> |
|
#include <gssapi/gssapi_generic.h> |
|
#include <gssapi/gssapi_krb5.h> |
|
|
|
#define krb5_get_err_text(context,code) error_message(code) |
|
|
|
#define AUTH_GSS_ERROR -1 |
|
#define AUTH_GSS_COMPLETE 1 |
|
#define AUTH_GSS_CONTINUE 0 |
|
|
|
#define GSS_AUTH_P_NONE 1 |
|
#define GSS_AUTH_P_INTEGRITY 2 |
|
#define GSS_AUTH_P_PRIVACY 4 |
|
|
|
typedef struct { |
|
int return_code; |
|
char *message; |
|
} gss_client_response; |
|
|
|
typedef struct { |
|
gss_ctx_id_t context; |
|
gss_name_t server_name; |
|
long int gss_flags; |
|
char* username; |
|
char* response; |
|
char* credentials_cache; |
|
} gss_client_state; |
|
|
|
typedef struct { |
|
gss_ctx_id_t context; |
|
gss_name_t server_name; |
|
gss_name_t client_name; |
|
gss_cred_id_t server_creds; |
|
gss_cred_id_t client_creds; |
|
char* username; |
|
char* targetname; |
|
char* response; |
|
bool constrained_delegation; |
|
char* delegated_credentials_cache; |
|
} gss_server_state; |
|
|
|
// char* server_principal_details(const char* service, const char* hostname); |
|
|
|
gss_client_response *authenticate_gss_client_init(const char* service, long int gss_flags, const char* credentials_cache, gss_client_state* state); |
|
gss_client_response *authenticate_gss_client_clean(gss_client_state *state); |
|
gss_client_response *authenticate_gss_client_step(gss_client_state *state, const char *challenge); |
|
gss_client_response *authenticate_gss_client_unwrap(gss_client_state* state, const char* challenge); |
|
gss_client_response *authenticate_gss_client_wrap(gss_client_state* state, const char* challenge, const char* user); |
|
|
|
gss_client_response *authenticate_gss_server_init(const char* service, bool constrained_delegation, const char *username, gss_server_state* state); |
|
gss_client_response *authenticate_gss_server_clean(gss_server_state *state); |
|
gss_client_response *authenticate_gss_server_step(gss_server_state *state, const char *challenge); |
|
|
|
gss_client_response *authenticate_user_krb5_password(const char *username, |
|
const char *password, |
|
const char *service); |
|
|
|
OM_uint32 gss_krb5_import_cred(OM_uint32 *minor_status, |
|
krb5_ccache id, krb5_principal keytab_principal, |
|
krb5_keytab keytab, gss_cred_id_t *cred); |
|
|
|
#endif
|
|
|