1 /* 2 * Copyright 2003,2006,2007,2009,2011,2012 Red Hat, Inc. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, and the entire permission notice in its entirety, 9 * including the disclaimer of warranties. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. The name of the author may not be used to endorse or promote 14 * products derived from this software without specific prior 15 * written permission. 16 * 17 * ALTERNATIVELY, this product may be distributed under the terms of the 18 * GNU Lesser General Public License, in which case the provisions of the 19 * LGPL are required INSTEAD OF the above restrictions. 20 * 21 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED 22 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 23 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN 24 * NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 25 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 26 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF 27 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON 28 * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 29 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 30 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 31 */ 32 33 #ifndef pam_krb5_v5_h 34 #define pam_krb5_v5_h 35 36 #include "options.h" 37 #include "stash.h" 38 #include "userinfo.h" 39 40 #define PAM_KRB5_PRINCIPAL_COMPONENT_SEPARATORS ",/@" 41 42 int v5_get_creds(krb5_context ctx, 43 pam_handle_t *pamh, 44 krb5_ccache *ccache, 45 krb5_ccache *armor_ccache, 46 const char *user, 47 struct _pam_krb5_user_info *userinfo, 48 struct _pam_krb5_options *options, 49 char *service, 50 char *password, 51 krb5_get_init_creds_opt *gic_options, 52 krb5_error_code prompter(krb5_context, 53 void *, 54 const char *, 55 const char *, 56 int, 57 krb5_prompt[]), 58 int *expired, 59 int *result); 60 61 int v5_save_for_user(krb5_context ctx, 62 struct _pam_krb5_stash *stash, 63 const char *user, 64 struct _pam_krb5_user_info *userinfo, 65 struct _pam_krb5_options *options, 66 const char **ccname); 67 int v5_save_for_kuserok(krb5_context ctx, 68 struct _pam_krb5_stash *stash, 69 const char *user, 70 struct _pam_krb5_user_info *userinfo, 71 struct _pam_krb5_options *options, 72 const char **ccname); 73 void v5_destroy(krb5_context ctx, struct _pam_krb5_stash *stash, 74 struct _pam_krb5_options *options); 75 76 krb5_error_code v5_ccache_has_tgt(krb5_context ctx, krb5_ccache ccache, 77 const char *tgs_realm, krb5_creds *creds); 78 krb5_error_code v5_ccache_has_pwc(krb5_context ctx, krb5_ccache ccache, 79 krb5_creds *creds); 80 krb5_error_code v5_cc_copy(krb5_context ctx, const char *tgt_realm, 81 krb5_ccache occache, krb5_ccache *nccache); 82 int v5_creds_check_initialized(krb5_context ctx, krb5_creds *creds); 83 int v5_creds_check_initialized_pwc(krb5_context ctx, krb5_creds *creds); 84 int v5_creds_get_etype(krb5_creds *creds); 85 void v5_creds_set_etype(krb5_context ctx, krb5_creds *creds, int etype); 86 krb5_keyblock *v5_creds_get_key(krb5_creds *creds); 87 int v5_enctype_to_string(krb5_context ctx, krb5_enctype enctype, 88 char *buf, size_t length); 89 90 krb5_principal v5_ticket_get_client(krb5_ticket *ticket); 91 krb5_error_code v5_auth_con_setuserkey(krb5_context ctx, 92 krb5_auth_context auth_con, 93 krb5_keyblock *key); 94 95 void v5_free_unparsed_name(krb5_context ctx, char *name); 96 void v5_free_default_realm(krb5_context ctx, char *realm); 97 void v5_appdefault_string(krb5_context context, 98 const char *realm, 99 const char *option, 100 const char *default_value, 101 char **ret_value); 102 void v5_appdefault_boolean(krb5_context context, 103 const char *realm, 104 const char *option, 105 krb5_boolean default_value, 106 krb5_boolean *ret_value); 107 108 const char *v5_error_message(int error); 109 const char *v5_passwd_error_message(int error); 110 111 int v5_set_principal_realm(krb5_context ctx, krb5_principal *principal, 112 const char *realm); 113 114 int v5_cc_retrieve_match(void); 115 116 krb5_keyblock *v5_creds_key(krb5_creds *creds); 117 int v5_creds_key_type(krb5_creds *creds); 118 int v5_creds_key_length(krb5_creds *creds); 119 const unsigned char *v5_creds_key_contents(krb5_creds *creds); 120 krb5_flags v5_creds_get_flags(krb5_creds *creds); 121 krb5_boolean v5_creds_get_is_skey(krb5_creds *creds); 122 int v5_creds_address_count(krb5_creds *creds); 123 int v5_creds_address_type(krb5_creds *creds, int i); 124 int v5_creds_address_length(krb5_creds *creds, int i); 125 const unsigned char *v5_creds_address_contents(krb5_creds *creds, int i); 126 int v5_creds_authdata_count(krb5_creds *creds); 127 int v5_creds_authdata_type(krb5_creds *creds, int i); 128 int v5_creds_authdata_length(krb5_creds *creds, int i); 129 const unsigned char *v5_creds_authdata_contents(krb5_creds *creds, int i); 130 int v5_princ_component_count(krb5_principal princ); 131 int v5_princ_component_type(krb5_principal princ, int i); 132 int v5_princ_component_length(krb5_principal princ, int i); 133 const char *v5_princ_component_contents(krb5_principal princ, int i); 134 int v5_princ_realm_length(krb5_principal princ); 135 const char *v5_princ_realm_contents(krb5_principal princ); 136 137 krb5_error_code v5_parse_name(krb5_context ctx, 138 struct _pam_krb5_options *options, 139 const char *name, 140 krb5_principal *principal); 141 krb5_error_code v5_alloc_get_init_creds_opt(krb5_context ctx, 142 krb5_get_init_creds_opt **opt); 143 void v5_free_get_init_creds_opt(krb5_context ctx, 144 krb5_get_init_creds_opt *opt); 145 char *v5_user_info_subst(krb5_context ctx, 146 const char *user, 147 struct _pam_krb5_user_info *userinfo, 148 struct _pam_krb5_options *options, 149 const char *template_value); 150 int v5_change_password(krb5_context ctx, krb5_creds *creds, char *password, 151 int *result_code, krb5_data *result_code_string, 152 krb5_data *result_string); 153 #endif 154