search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
8322 nl: misleading-indentation
[unleashed/tickless.git] / usr / src / lib / smbsrv / libsmbns / common / smbns_krb.h
blob50c398556442f807873dec731f1033408a93942b
1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
23 * Copyright 2014 Nexenta Systems, Inc. All rights reserved.
24 */
25
26 #ifndef _SMBSRV_SMB_KRB_H
27 #define _SMBSRV_SMB_KRB_H
28
29 #include <kerberosv5/krb5.h>
30
31 #ifdef __cplusplus
32 extern "C" {
33 #endif
34
35 #define SMBNS_KRB5_KEYTAB "/etc/krb5/krb5.keytab"
36 #define SMBNS_KRB5_KEYTAB_TMP "/etc/krb5/krb5.keytab.tmp.XXXXXX"
37
38 #define SMB_PN_SPN_ATTR 0x0001 /* w/o REALM portion */
39 #define SMB_PN_UPN_ATTR 0x0002 /* w/ REALM */
40 #define SMB_PN_KEYTAB_ENTRY 0x0004 /* w/ REALM */
41 #define SMB_PN_SALT 0x0008 /* w/ REALM */
42
43 #define SMB_PN_SVC_HOST "host"
44 #define SMB_PN_SVC_CIFS "cifs"
45 #define SMB_PN_SVC_NFS "nfs"
46 #define SMB_PN_SVC_HTTP "HTTP"
47 #define SMB_PN_SVC_ROOT "root"
48
49 /* Assign an identifier for each principal name format */
50 typedef enum smb_krb5_pn_id {
51 SMB_KRB5_PN_ID_SALT,
52 SMB_KRB5_PN_ID_HOST_FQHN, /* fully qualified name */
53 SMB_KRB5_PN_ID_HOST_SHORT, /* short name */
54 SMB_KRB5_PN_ID_CIFS_FQHN,
55 SMB_KRB5_PN_ID_CIFS_SHORT,
56 SMB_KRB5_PN_ID_MACHINE, /* the machine account */
57 SMB_KRB5_PN_ID_NFS_FQHN,
58 SMB_KRB5_PN_ID_HTTP_FQHN,
59 SMB_KRB5_PN_ID_ROOT_FQHN,
60 } smb_krb5_pn_id_t;
61
62 /*
63 * A principal name can be constructed based on the following:
64 *
65 * p_id - identifier for a principal name.
66 * p_svc - service with which the principal is associated.
67 * p_flags - usage of the principal is identified - whether it can be used as a
68 * SPN attribute, UPN attribute, or/and keytab entry, etc.
69 */
70 typedef struct smb_krb5_pn {
71 smb_krb5_pn_id_t p_id;
72 char *p_svc;
73 uint32_t p_flags;
74 } smb_krb5_pn_t;
75
76 /*
77 * A set of principal names
78 *
79 * ps_cnt - the number of principal names in the array.
80 * ps_set - An array of principal names terminated with a NULL pointer.
81 */
82 typedef struct smb_krb5_pn_set {
83 uint32_t s_cnt;
84 char **s_pns;
85 } smb_krb5_pn_set_t;
86
87 int smb_kinit(char *, char *, char *);
88 int smb_krb5_ctx_init(krb5_context *);
89 void smb_krb5_ctx_fini(krb5_context);
90 int smb_krb5_get_kprincs(krb5_context, char **, size_t, krb5_principal **);
91 void smb_krb5_free_kprincs(krb5_context, krb5_principal *, size_t);
92 int smb_krb5_setpwd(krb5_context, const char *, char *);
93
94 int smb_krb5_kt_populate(krb5_context, const char *, krb5_principal *,
95 int, char *, krb5_kvno, char *, krb5_enctype *, int);
96 boolean_t smb_krb5_kt_find(smb_krb5_pn_id_t, const char *, char *);
97
98 uint32_t smb_krb5_get_pn_set(smb_krb5_pn_set_t *, uint32_t, char *);
99 void smb_krb5_free_pn_set(smb_krb5_pn_set_t *);
100 void smb_krb5_log_errmsg(krb5_context, const char *, krb5_error_code);
101
102 #ifdef __cplusplus
103 }
104 #endif
105
106 #endif /* _SMBSRV_SMB_KRB_H */
unleashed repo fork