1 /*
2  *  Unix SMB/CIFS implementation.
3  *  kerberos utility library
4  *
5  *  Copyright (C) Andrew Tridgell			2001
6  *  Copyright (C) Remus Koos (remuskoos@yahoo.com)	2001
7  *  Copyright (C) Luke Howard				2002-2003
8  *  Copyright (C) Jim McDonough <jmcd@us.ibm.com>	2003
9  *  Copyright (C) Guenther Deschner			2003-2008
10  *  Copyright (C) Andrew Bartlett <abartlet@samba.org>	2004-2005
11  *  Copyright (C) Jeremy Allison			2004,2007
12  *  Copyright (C) Stefan Metzmacher			2004-2005
13  *  Copyright (C) Nalin Dahyabhai <nalin@redhat.com>	2004
14  *  Copyright (C) Gerald Carter				2006
15  *
16  *  This program is free software; you can redistribute it and/or modify
17  *  it under the terms of the GNU General Public License as published by
18  *  the Free Software Foundation; either version 3 of the License, or
19  *  (at your option) any later version.
20  *
21  *  This program is distributed in the hope that it will be useful,
22  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
23  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
24  *  GNU General Public License for more details.
25  *
26  *  You should have received a copy of the GNU General Public License
27  *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
28  */
29 
30 #ifndef _LIBADS_KERBEROS_PROTO_H_
31 #define _LIBADS_KERBEROS_PROTO_H_
32 
33 #include "system/kerberos.h"
34 
35 struct PAC_DATA;
36 
37 struct PAC_DATA_CTR {
38 	DATA_BLOB pac_blob;
39 	struct PAC_DATA *pac_data;
40 };
41 
42 #define DEFAULT_KRB5_PORT 88
43 
44 #include "libads/ads_status.h"
45 
46 /* The following definitions come from libads/kerberos.c  */
47 
48 int kerberos_kinit_password_ext(const char *given_principal,
49 				const char *password,
50 				int time_offset,
51 				time_t *expire_time,
52 				time_t *renew_till_time,
53 				const char *cache_name,
54 				bool request_pac,
55 				bool add_netbios_addr,
56 				time_t renewable_time,
57 				TALLOC_CTX *mem_ctx,
58 				char **_canon_principal,
59 				char **_canon_realm,
60 				NTSTATUS *ntstatus);
61 int ads_kdestroy(const char *cc_name);
62 
63 int kerberos_kinit_password(const char *principal,
64 			    const char *password,
65 			    int time_offset,
66 			    const char *cache_name);
67 bool create_local_private_krb5_conf_for_domain(const char *realm,
68 						const char *domain,
69 						const char *sitename,
70 					        const struct sockaddr_storage *pss);
71 
72 /* The following definitions come from libads/authdata.c  */
73 
74 NTSTATUS kerberos_return_pac(TALLOC_CTX *mem_ctx,
75 			     const char *name,
76 			     const char *pass,
77 			     time_t time_offset,
78 			     time_t *expire_time,
79 			     time_t *renew_till_time,
80 			     const char *cache_name,
81 			     bool request_pac,
82 			     bool add_netbios_addr,
83 			     time_t renewable_time,
84 			     const char *impersonate_princ_s,
85 			     const char *local_service,
86 			     struct PAC_DATA_CTR **pac_data_ctr);
87 
88 /* The following definitions come from libads/krb5_setpw.c  */
89 
90 ADS_STATUS ads_krb5_set_password(const char *kdc_host, const char *princ,
91 				 const char *newpw, int time_offset);
92 ADS_STATUS kerberos_set_password(const char *kpasswd_server,
93 				 const char *auth_principal, const char *auth_password,
94 				 const char *target_principal, const char *new_password,
95 				 int time_offset);
96 
97 #ifdef HAVE_KRB5
98 int create_kerberos_key_from_string(krb5_context context,
99 					krb5_principal host_princ,
100 					krb5_principal salt_princ,
101 					krb5_data *password,
102 					krb5_keyblock *key,
103 					krb5_enctype enctype,
104 					bool no_salt);
105 #endif
106 
107 #endif /* _LIBADS_KERBEROS_PROTO_H_ */
108