From 8f926e950029287017aae9fab9f11ba5ae9bddd4 Mon Sep 17 00:00:00 2001 From: Chris Provenzano Date: Fri, 10 Mar 1995 17:12:29 +0000 Subject: [PATCH] * func-proto.h (krb5_mk_req(), krb5_mk_req_extended(), krb5_rd_rep(), krb5_sendauth(), krb5_mk_priv(), krb5_rd_priv(), krb5_mk_safe(), and krb5_rd_safe()). Added a krb5_auth_context argument and eliminated many of the other arguments because they are included in the krb5_auth_context structure. * fieldbits.h Added #define AP_OPTS_USE_SUBKEY 0x00000001 for a new option to an ap req message. This is mainly a clean way to inform krb5_mk_req() and krb5_mk_req_extended() to create the subkey without adding an extra argument. * safepriv.h Replace safe/priv flags with flags for krb5_auth_context and add krb5_replay_data structure for when the appilication want to do it's own replay detection for safe and priv calls. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@5095 dc483132-0cff-0310-8789-dd5450dbe970 --- src/include/krb5/ChangeLog | 20 +++++- src/include/krb5/fieldbits.h | 2 +- src/include/krb5/func-proto.h | 129 ++++++++++++++++++++++++---------- src/include/krb5/safepriv.h | 15 ++-- 4 files changed, 121 insertions(+), 45 deletions(-) diff --git a/src/include/krb5/ChangeLog b/src/include/krb5/ChangeLog index 7c7d97dc6..dbe465580 100644 --- a/src/include/krb5/ChangeLog +++ b/src/include/krb5/ChangeLog @@ -1,6 +1,24 @@ +Fri Mar 10 10:04:41 1995 Chris Provenzano (proven@mit.edu) + + * func-proto.h (krb5_mk_req(), krb5_mk_req_extended(), krb5_rd_rep(), + krb5_sendauth(), krb5_mk_priv(), krb5_rd_priv(), krb5_mk_safe(), + and krb5_rd_safe()). Added a krb5_auth_context argument and + eliminated many of the other arguments because they are + included in the krb5_auth_context structure. + + * fieldbits.h Added #define AP_OPTS_USE_SUBKEY 0x00000001 for a + new option to an ap req message. This is mainly a clean way + to inform krb5_mk_req() and krb5_mk_req_extended() to + create the subkey without adding an extra argument. + + * safepriv.h Replace safe/priv flags with flags for krb5_auth_context + and add krb5_replay_data structure for when the appilication + want to do it's own replay detection for safe and priv calls. + + Thu Mar 9 18:29:24 1995 Mark Eichin - * Makefile.in (all-windows): tabs, not spaces. + * Makefile.in (all-windows): tabs, not spaces. Tue Mar 7 14:54:02 1995 Keith Vetter (keithv@fusion.com) diff --git a/src/include/krb5/fieldbits.h b/src/include/krb5/fieldbits.h index 23e1d860f..26c060669 100644 --- a/src/include/krb5/fieldbits.h +++ b/src/include/krb5/fieldbits.h @@ -108,7 +108,7 @@ /* #define AP_OPTS_RESERVED 0x00000008 */ /* #define AP_OPTS_RESERVED 0x00000004 */ /* #define AP_OPTS_RESERVED 0x00000002 */ -/* #define AP_OPTS_RESERVED 0x00000001 */ +#define AP_OPTS_USE_SUBKEY 0x00000001 /* definitions for ad_type fields. */ #define AD_TYPE_RESERVED 0x8000 diff --git a/src/include/krb5/func-proto.h b/src/include/krb5/func-proto.h index e8b50d1cf..3609b976d 100644 --- a/src/include/krb5/func-proto.h +++ b/src/include/krb5/func-proto.h @@ -92,19 +92,19 @@ krb5_error_code INTERFACE krb5_get_for_creds krb5_data * )); krb5_error_code INTERFACE krb5_mk_req PROTOTYPE((krb5_context, - krb5_const_principal, + krb5_auth_context **, const krb5_flags, - const krb5_checksum *, + char *, + char *, + krb5_data *, krb5_ccache, krb5_data * )); krb5_error_code INTERFACE krb5_mk_req_extended PROTOTYPE((krb5_context, + krb5_auth_context **, const krb5_flags, - const krb5_checksum *, - krb5_int32, - krb5_keyblock **, + krb5_data *, krb5_creds *, - krb5_authenticator *, krb5_data * )); krb5_error_code INTERFACE krb5_rd_req_simple PROTOTYPE((krb5_context, @@ -119,8 +119,8 @@ krb5_error_code INTERFACE krb5_mk_rep krb5_data *)); krb5_error_code INTERFACE krb5_rd_rep PROTOTYPE((krb5_context, + krb5_auth_context *, const krb5_data *, - const krb5_keyblock *, krb5_ap_rep_enc_part **)); krb5_error_code INTERFACE krb5_mk_error PROTOTYPE((krb5_context, @@ -132,23 +132,16 @@ krb5_error_code INTERFACE krb5_rd_error krb5_error ** )); krb5_error_code INTERFACE krb5_rd_safe PROTOTYPE((krb5_context, + krb5_auth_context *, const krb5_data *, - const krb5_keyblock *, - const krb5_address *, - const krb5_address *, - krb5_int32, krb5_int32, - krb5_rcache, - krb5_data * )); + krb5_data *, + krb5_replay_data *)); krb5_error_code INTERFACE krb5_rd_priv PROTOTYPE((krb5_context, + krb5_auth_context *, const krb5_data *, - const krb5_keyblock *, - const krb5_address *, - const krb5_address *, - krb5_int32, krb5_int32, - krb5_pointer, - krb5_rcache, - krb5_data * )); + krb5_data *, + krb5_replay_data *)); krb5_error_code INTERFACE krb5_parse_name PROTOTYPE((krb5_context, const char *, @@ -545,25 +538,16 @@ krb5_error_code INTERFACE krb5_kt_read_service_key krb5_keyblock **)); krb5_error_code INTERFACE krb5_mk_safe PROTOTYPE((krb5_context, + krb5_auth_context *, const krb5_data *, - const krb5_cksumtype , - const krb5_keyblock *, - const krb5_address *, - const krb5_address *, - krb5_int32, krb5_int32, - krb5_rcache, - krb5_data * )); + krb5_data *, + krb5_replay_data *)); krb5_error_code INTERFACE krb5_mk_priv PROTOTYPE((krb5_context, + krb5_auth_context *, const krb5_data *, - const krb5_enctype, - const krb5_keyblock *, - const krb5_address *, - const krb5_address *, - krb5_int32, krb5_int32, - krb5_rcache, - krb5_pointer, - krb5_data * )); + krb5_data *, + krb5_replay_data *)); krb5_error_code INTERFACE krb5_cc_register PROTOTYPE((krb5_context, krb5_cc_ops *, @@ -571,16 +555,15 @@ krb5_error_code INTERFACE krb5_cc_register krb5_error_code INTERFACE krb5_sendauth PROTOTYPE((krb5_context, + krb5_auth_context **, krb5_pointer, char *, krb5_principal, krb5_principal, krb5_flags, - krb5_checksum *, + krb5_data *, krb5_creds *, krb5_ccache, - krb5_int32 *, - krb5_keyblock **, krb5_error **, krb5_ap_rep_enc_part **, krb5_creds **)); @@ -616,6 +599,76 @@ krb5_error_code INTERFACE krb5_mk_cred krb5_address *, krb5_data *)); +krb5_error_code INTERFACE krb5_auth_con_init + PROTOTYPE((krb5_context, + krb5_auth_context **)); + +krb5_error_code INTERFACE krb5_auth_con_free + PROTOTYPE((krb5_context, + krb5_auth_context *)); + +krb5_error_code INTERFACE krb5_auth_con_setflags + PROTOTYPE((krb5_context, + krb5_auth_context *, + krb5_int32)); + +krb5_error_code INTERFACE krb5_auth_con_getflags + PROTOTYPE((krb5_context, + krb5_auth_context *, + krb5_int32 *)); + +krb5_error_code INTERFACE krb5_auth_con_setaddrs + PROTOTYPE((krb5_context, + krb5_auth_context *, + krb5_address *, + krb5_address *)); + +krb5_error_code INTERFACE krb5_auth_con_getaddrs + PROTOTYPE((krb5_context, + krb5_auth_context *, + krb5_address **, + krb5_address **)); + +krb5_error_code INTERFACE krb5_auth_con_getlocalsubkey + PROTOTYPE((krb5_context, + krb5_auth_context *, + krb5_keyblock **)); + +krb5_error_code INTERFACE krb5_auth_con_setcksumtype + PROTOTYPE((krb5_context, + krb5_auth_context *, + krb5_cksumtype)); + +krb5_error_code INTERFACE krb5_auth_con_getcksumtype + PROTOTYPE((krb5_context, + krb5_auth_context *, + krb5_cksumtype *)); + +krb5_error_code INTERFACE krb5_auth_con_getlocalseqnumber + PROTOTYPE((krb5_context, + krb5_auth_context *, + krb5_int32 *)); + +krb5_error_code INTERFACE krb5_auth_con_setivector + PROTOTYPE((krb5_context, + krb5_auth_context *, + krb5_pointer)); + +krb5_error_code INTERFACE krb5_auth_con_getivector + PROTOTYPE((krb5_context, + krb5_auth_context *, + krb5_pointer *)); + +krb5_error_code INTERFACE krb5_auth_con_setrcache + PROTOTYPE((krb5_context, + krb5_auth_context *, + krb5_rcache)); + +krb5_error_code INTERFACE krb5_auth_con_getrcache + PROTOTYPE((krb5_context, + krb5_auth_context *, + krb5_rcache *)); + #define KRB5_REALM_BRANCH_CHAR '.' #endif /* KRB5_FUNC_PROTO__ */ diff --git a/src/include/krb5/safepriv.h b/src/include/krb5/safepriv.h index d7702e16e..2ae742e5d 100644 --- a/src/include/krb5/safepriv.h +++ b/src/include/krb5/safepriv.h @@ -28,10 +28,15 @@ #ifndef KRB5_SAFE_PRIV__ #define KRB5_SAFE_PRIV__ -#define KRB5_SAFE_NOTIME 0x1 -#define KRB5_SAFE_DOSEQUENCE 0x2 - -#define KRB5_PRIV_NOTIME 0x1 -#define KRB5_PRIV_DOSEQUENCE 0x2 +#define KRB5_AUTH_CONTEXT_DO_TIME 0x00000001 +#define KRB5_AUTH_CONTEXT_RET_TIME 0x00000002 +#define KRB5_AUTH_CONTEXT_DO_SEQUENCE 0x00000004 +#define KRB5_AUTH_CONTEXT_RET_SEQUENCE 0x00000008 + +typedef struct krb5_replay_data { + krb5_timestamp timestamp; + krb5_int32 usec; + krb5_int32 seq; +} krb5_replay_data; #endif /* KRB5_SAFE_PRIV__ */ -- 2.26.2