kssl.h
Go to the documentation of this file.00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026
00027
00028
00029
00030
00031
00032
00033
00034
00035
00036
00037
00038
00039
00040
00041
00042
00043
00044
00045
00046
00047
00048
00049
00050
00051
00052
00053
00054
00055
00056
00057
00058
00059
00060
00061
00062
00063 #ifndef KSSL_H
00064 #define KSSL_H
00065
00066 #include <openssl/opensslconf.h>
00067
00068 #ifndef OPENSSL_NO_KRB5
00069
00070 #include <stdio.h>
00071 #include <ctype.h>
00072 #include <krb5.h>
00073
00074 #ifdef __cplusplus
00075 extern "C" {
00076 #endif
00077
00078
00079
00080
00081
00082 #ifdef KRB5_HEIMDAL
00083 typedef unsigned char krb5_octet;
00084 #define FAR
00085 #else
00086
00087 #ifndef FAR
00088 #define FAR
00089 #endif
00090
00091 #endif
00092
00093
00094
00095
00096
00097
00098
00099 #ifndef KRB5SVC
00100 #define KRB5SVC "host"
00101 #endif
00102
00103 #ifndef KRB5KEYTAB
00104 #define KRB5KEYTAB "/etc/krb5.keytab"
00105 #endif
00106
00107 #ifndef KRB5SENDAUTH
00108 #define KRB5SENDAUTH 1
00109 #endif
00110
00111 #ifndef KRB5CHECKAUTH
00112 #define KRB5CHECKAUTH 1
00113 #endif
00114
00115 #ifndef KSSL_CLOCKSKEW
00116 #define KSSL_CLOCKSKEW 300;
00117 #endif
00118
00119 #define KSSL_ERR_MAX 255
00120 typedef struct kssl_err_st {
00121 int reason;
00122 char text[KSSL_ERR_MAX+1];
00123 } KSSL_ERR;
00124
00125
00126
00127
00128
00129
00130 typedef struct kssl_ctx_st
00131 {
00132
00133 char *service_name;
00134 char *service_host;
00135 char *client_princ;
00136 char *keytab_file;
00137 char *cred_cache;
00138 krb5_enctype enctype;
00139 int length;
00140 krb5_octet FAR *key;
00141 } KSSL_CTX;
00142
00143 #define KSSL_CLIENT 1
00144 #define KSSL_SERVER 2
00145 #define KSSL_SERVICE 3
00146 #define KSSL_KEYTAB 4
00147
00148 #define KSSL_CTX_OK 0
00149 #define KSSL_CTX_ERR 1
00150 #define KSSL_NOMEM 2
00151
00152
00153 krb5_error_code kssl_ctx_setstring(KSSL_CTX *kssl_ctx, int which, char *text);
00154 KSSL_CTX *kssl_ctx_new(void);
00155 KSSL_CTX *kssl_ctx_free(KSSL_CTX *kssl_ctx);
00156 void kssl_ctx_show(KSSL_CTX *kssl_ctx);
00157 krb5_error_code kssl_ctx_setprinc(KSSL_CTX *kssl_ctx, int which,
00158 krb5_data *realm, krb5_data *entity, int nentities);
00159 krb5_error_code kssl_cget_tkt(KSSL_CTX *kssl_ctx, krb5_data **enc_tktp,
00160 krb5_data *authenp, KSSL_ERR *kssl_err);
00161 krb5_error_code kssl_sget_tkt(KSSL_CTX *kssl_ctx, krb5_data *indata,
00162 krb5_ticket_times *ttimes, KSSL_ERR *kssl_err);
00163 krb5_error_code kssl_ctx_setkey(KSSL_CTX *kssl_ctx, krb5_keyblock *session);
00164 void kssl_err_set(KSSL_ERR *kssl_err, int reason, char *text);
00165 void kssl_krb5_free_data_contents(krb5_context context, krb5_data *data);
00166 krb5_error_code kssl_build_principal_2(krb5_context context,
00167 krb5_principal *princ, int rlen, const char *realm,
00168 int slen, const char *svc, int hlen, const char *host);
00169 krb5_error_code kssl_validate_times(krb5_timestamp atime,
00170 krb5_ticket_times *ttimes);
00171 krb5_error_code kssl_check_authent(KSSL_CTX *kssl_ctx, krb5_data *authentp,
00172 krb5_timestamp *atimep, KSSL_ERR *kssl_err);
00173 unsigned char *kssl_skip_confound(krb5_enctype enctype, unsigned char *authn);
00174
00175 #ifdef __cplusplus
00176 }
00177 #endif
00178 #endif
00179 #endif