1 /* C K U A T H . H -- "C-Kermit to Authentication" interface */ 2 3 /* 4 Author: Jeffrey E Altman <jaltman@secure-endpoints.com>, 5 Secure Endpoints Inc., New York City. 6 7 Copyright (C) 1999, 2009, 8 Trustees of Columbia University in the City of New York. 9 All rights reserved. See the C-Kermit COPYING.TXT file or the 10 copyright text in the ckcmai.c module for disclaimer and permissions. 11 */ 12 13 /* 14 * Based on a concatenation of all necessary include files distributed with 15 * the Kerberos 5 NT Alpha 2 Telnet package from MIT. 16 */ 17 18 #ifndef KRB5_KERMIT_H 19 #define KRB5_KERMIT_H 20 21 #ifndef BOOL 22 #define BOOL int 23 #endif 24 25 /* Header file for encrypted-stream library. 26 * Written by Ken Raeburn (Raeburn@Cygnus.COM). 27 * Copyright (C) 1991, 1992, 1994 by Cygnus Support. 28 * 29 * Permission to use, copy, modify, and 30 * distribute this software and its documentation for any purpose and 31 * without fee is hereby granted, provided that the above copyright 32 * notice appear in all copies and that both that copyright notice and 33 * this permission notice appear in supporting documentation. 34 * Cygnus Support makes no representations about the suitability of 35 * this software for any purpose. It is provided "as is" without express 36 * or implied warranty. 37 */ 38 39 #ifndef K5STREAM_H 40 #define K5STREAM_H 41 42 typedef void *kstream_ptr; /* Data send on the kstream */ 43 struct kstream_data_block { 44 kstream_ptr ptr; 45 size_t length; 46 }; 47 48 typedef struct kstream_int { /* Object we pass around */ 49 int fd; /* Open socket descriptor */ 50 int (*encrypt)(struct kstream_data_block *, /* output */ 51 struct kstream_data_block *); /* input */ 52 int encrypt_type; 53 int (*decrypt)(struct kstream_data_block *, /* output */ 54 struct kstream_data_block *); /* input */ 55 int decrypt_type; 56 } *kstream; 57 58 /* Prototypes */ 59 60 int kstream_destroy(); 61 void kstream_set_buffer_mode(int); 62 int kstream_create_from_fd(int fd, kstream_ptr); 63 int kstream_write(void *, size_t); 64 int kstream_read(void *, size_t); 65 66 #endif /* K5STREAM_H */ 67 68 /* 69 * Implements Telnet authentication and encryption 70 */ 71 72 #ifndef TELNET_AUTH_H 73 #define TELNET_AUTH_H 74 75 int auth_parse(unsigned char *, int); 76 77 int auth_init(kstream); 78 79 void auth_destroy(void); 80 81 int auth_encrypt(struct kstream_data_block *, struct kstream_data_block *); 82 83 int auth_decrypt(struct kstream_data_block *, struct kstream_data_block *); 84 85 extern BOOL forward_flag; 86 extern BOOL forwardable_flag; 87 extern BOOL forwarded_tickets; 88 #endif /* TEL_AUTH_H */ 89 90 91 /* C-Kermit specific functions */ 92 _PROTOTYP(void auth_finished,(int)); 93 _PROTOTYP(int ck_auth_init, (char *, char *, char *, int)); 94 _PROTOTYP(int ck_tn_auth_valid, (VOID)); 95 _PROTOTYP(int ck_tn_auth_in_progress,(VOID)); 96 _PROTOTYP(int ck_tn_sb_auth, (char *, int)); 97 _PROTOTYP(int ck_tn_sb_encrypt, (char *, int)); 98 _PROTOTYP(int ck_tn_auth_request, (VOID)); 99 _PROTOTYP(void ck_tn_encrypt, (char *, int)); 100 _PROTOTYP(void ck_tn_decrypt, (char *, int)); 101 _PROTOTYP(void ck_tn_encrypt_start, (VOID)); 102 _PROTOTYP(void ck_tn_encrypt_stop, (VOID)); 103 _PROTOTYP(int ck_tn_authenticated, (VOID)); 104 #ifdef CK_ENCRYPTION 105 _PROTOTYP(int ck_tn_encrypting, (VOID)); 106 _PROTOTYP(int ck_tn_decrypting, (VOID)); 107 #endif /* CK_ENCRYPTION */ 108 #ifdef CK_SSL 109 _PROTOTYP(int ck_tn_tls_negotiate, (VOID)); 110 _PROTOTYP(int SendSSLAuthSB, (int, void *, int)); 111 #endif /* CK_SSL */ 112 113 #ifdef CK_KERBEROS 114 /* Define MIT_CURRENT to compile the code for use with versions of */ 115 /* Kerberos later than KRB5 1.0.5. Note. This will not compile */ 116 /* successfully in Kermit 95 due to the segmentation of crypto */ 117 /* into a separate DLL. */ 118 119 #ifndef KRB5_INIT_ETS 120 /* krb5_init_ets() is a no-op in Kerberos 1.4.x and later */ 121 /* and in some installations it can't be found so now by default */ 122 /* we don't use it. */ 123 #define NO_KRB5_INIT_ETS 124 #endif /* KRB5_INIT_ETS */ 125 126 #define KRB_DEFTIM 600 /* Default lifetime (minutes) */ 127 128 /* Kerberos structure definitions */ 129 130 struct krb_op_data { /* Operational data for all actions */ 131 int version; /* Kerberos version */ 132 char * cache; /* Kerberos cache file */ 133 }; 134 135 struct krb4_init_data { /* INITIALIZE data structure */ 136 int lifetime; 137 char * principal; /* Principal string */ 138 char * instance; 139 char * realm; /* Realm string */ 140 char * password; /* Kerberos password */ 141 int preauth; /* Use preauth mode? */ 142 int verbose; /* Verbose output? */ 143 }; 144 145 #define KRB5_NUM_OF_ADDRS 16 146 struct krb5_init_data { /* INITIALIZE data structure */ 147 int forwardable; /* Switch values */ 148 int proxiable; /* Correspond to switch names... */ 149 int lifetime; 150 int renew; 151 int renewable; 152 int validate; 153 char * postdate; 154 char * service; 155 char * principal; /* Principal string */ 156 char * instance; 157 char * realm; /* Realm string */ 158 char * password; /* Kerberos password */ 159 int preauth; /* Use preauth mode? */ 160 int verbose; /* Verbose output? */ 161 int getk4; /* Get K4 TGT? */ 162 char * addrs[KRB5_NUM_OF_ADDRS+1]; /* List of IP Addresses */ 163 int no_addresses; /* Do not include IP Addresses */ 164 }; 165 166 struct krb5_list_cred_data { /* List Credentials data */ 167 int encryption; 168 int flags; 169 int addr; 170 }; 171 172 _PROTOTYP(int ck_krb5_autoget_TGT, (char *)); 173 _PROTOTYP(int ck_krb5_initTGT, (struct krb_op_data *,struct krb5_init_data *, 174 struct krb4_init_data *)); 175 _PROTOTYP(int ck_krb5_destroy, (struct krb_op_data *)); 176 _PROTOTYP(int ck_krb5_list_creds, (struct krb_op_data *, 177 struct krb5_list_cred_data *)); 178 _PROTOTYP(char * ck_krb5_getrealm, (char *)); 179 _PROTOTYP(char * ck_krb5_getprincipal, (char *)); 180 _PROTOTYP(char * ck_krb5_get_cc_name, (VOID)); 181 182 _PROTOTYP(int ck_krb4_autoget_TGT, (char *)); 183 _PROTOTYP(int ck_krb4_initTGT, (struct krb_op_data *,struct krb4_init_data *)); 184 _PROTOTYP(int ck_krb4_destroy, (struct krb_op_data *)); 185 _PROTOTYP(int ck_krb4_list_creds, (struct krb_op_data *)); 186 _PROTOTYP(char * ck_krb4_getrealm, (VOID)); 187 _PROTOTYP(char * ck_krb4_getprincipal, (VOID)); 188 189 _PROTOTYP(int ck_krb4_get_tkts, (VOID)); 190 _PROTOTYP(char * ck_krb4_get_next_tkt, (VOID)); 191 _PROTOTYP(int ck_krb4_tkt_isvalid,(char *)); 192 _PROTOTYP(int ck_krb4_is_tgt_valid,(VOID)); 193 _PROTOTYP(int ck_krb4_tkt_time,(char *)); 194 195 _PROTOTYP(int ck_krb5_get_tkts, (char *)); 196 _PROTOTYP(char * ck_krb5_get_next_tkt, (VOID)); 197 _PROTOTYP(int ck_krb5_tkt_isvalid,(char *,char *)); 198 _PROTOTYP(char * ck_krb5_tkt_flags,(char *,char *)); 199 _PROTOTYP(int ck_krb5_is_tgt_valid,(VOID)); 200 _PROTOTYP(int ck_krb5_tkt_time,(char *,char *)); 201 202 _PROTOTYP(int krb4_des_avail,(int)); 203 _PROTOTYP(int krb4_des_write,(int,char *,int)); 204 _PROTOTYP(int krb4_des_read, (int,char *,int)); 205 _PROTOTYP(int krb5_des_avail,(int)); 206 _PROTOTYP(int krb5_des_write,(int,char *,int,int)); 207 _PROTOTYP(int krb5_des_read, (int,char *,int,int)); 208 _PROTOTYP(int krb5_u2u_avail,(int)); 209 _PROTOTYP(int krb5_u2u_write,(int,char *,int)); 210 _PROTOTYP(int krb5_u2u_read, (int,char *,int)); 211 _PROTOTYP(int k5_user_to_user_server_auth,(VOID)); 212 _PROTOTYP(int k5_user_to_user_client_auth,(VOID)); 213 #endif /* CK_KERBEROS */ 214 215 _PROTOTYP(int ck_krb5_is_installed,(void)); 216 _PROTOTYP(int ck_krb4_is_installed,(void)); 217 _PROTOTYP(int ck_srp_is_installed,(void)); 218 _PROTOTYP(int ck_ntlm_is_installed,(void)); 219 _PROTOTYP(int ck_crypt_is_installed,(void)); 220 _PROTOTYP(int ck_ssleay_is_installed,(void)); 221 _PROTOTYP(int ck_gssapi_is_installed,(void)); 222 _PROTOTYP(int ck_krypto_is_installed,(void)); 223 224 _PROTOTYP(VOID ck_encrypt_send_support,(VOID)); 225 _PROTOTYP(int ck_get_crypt_table,(struct keytab **, int *)); 226 _PROTOTYP(char * ck_krb4_realmofhost,(char *)); 227 _PROTOTYP(char * ck_krb5_realmofhost,(char *)); 228 229 #define FORWARD /* allow forwarding of credential */ 230 #ifdef FORWARD 231 _PROTOTYP(int kerberos5_forward,(VOID)); 232 #endif /* FORWARD */ 233 234 #define AUTHTYPLSTSZ 8 235 #endif /*KRB5_KERMIT_H*/ 236