os-proto.h
/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/* lib/krb5/os/os-proto.h */
/*
* Copyright 1990,1991,2009 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* Export of this software from the United States of America may
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
*
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
* notice appear in all copies and that both that copyright notice and
* this permission notice appear in supporting documentation, and that
* the name of M.I.T. not be used in advertising or publicity pertaining
* to distribution of the software without specific, written prior
* permission. Furthermore if you modify this software you must label
* your software as modified software and not distribute it in such a
* fashion that it might be confused with the original M.I.T. software.
* M.I.T. makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
*/
/*
*
* LIBOS internal function prototypes.
*/
#ifndef KRB5_LIBOS_INT_PROTO__
#define KRB5_LIBOS_INT_PROTO__
#ifdef HAVE_SYS_TIME_H
#include <sys/time.h>
#endif
#include <krb5/locate_plugin.h>
typedef enum {
TCP_OR_UDP = 0,
TCP,
UDP,
HTTPS,
} k5_transport;
typedef enum {
UDP_FIRST = 0,
UDP_LAST,
NO_UDP,
ONLY_UDP
} k5_transport_strategy;
/* A single server hostname or address. */
struct server_entry {
char *hostname; /* NULL -> use addrlen/addr instead */
int port; /* Used only if hostname set */
k5_transport transport; /* May be 0 for UDP/TCP if hostname set */
char *uri_path; /* Used only if transport is HTTPS */
int family; /* May be 0 (aka AF_UNSPEC) if hostname set */
int primary; /* True, false, or -1 for unknown. */
size_t addrlen;
struct sockaddr_storage addr;
};
/* A list of server hostnames/addresses. */
struct serverlist {
struct server_entry *servers;
size_t nservers;
};
#define SERVERLIST_INIT { NULL, 0 }
struct kdclist;
struct remote_address {
k5_transport transport;
int family;
socklen_t len;
struct sockaddr_storage saddr;
};
struct sendto_callback_info {
int (*pfn_callback)(SOCKET fd, void *data, krb5_data *message);
void (*pfn_cleanup)(void *data, krb5_data *message);
void *data;
};
/*
* Initialize with all zeros except for princ. Set no_hostrealm to disable
* host-to-realm lookup, which ordinarily happens during fallback processing
* after canonicalizing the host part. Set subst_defrealm to substitute the
* default realm for the referral realm after realm lookup. Do not set both
* flags. Free with free_canonprinc() when done.
*
* no_hostrealm only applies if fallback processing is in use
* (dns_canonicalize_hostname = fallback). It will not remove the realm if
* krb5_sname_to_principal() already canonicalized the hostname and looked up a
* realm. subst_defrealm applies whether or not fallback processing is in use.
*/
struct canonprinc {
krb5_const_principal princ;
krb5_boolean no_hostrealm;
krb5_boolean subst_defrealm;
int step;
char *canonhost;
char *realm;
krb5_principal_data copy;
krb5_data components[2];
};
/* Yield one or two candidate canonical principal names for iter, then NULL.
* Output names are valid for one iteration and must not be freed. */
krb5_error_code k5_canonprinc(krb5_context context, struct canonprinc *iter,
krb5_const_principal *princ_out);
static inline void
free_canonprinc(struct canonprinc *iter)
{
free(iter->canonhost);
free(iter->realm);
}
krb5_error_code k5_expand_hostname(krb5_context context, const char *host,
krb5_boolean is_fallback,
char **canonhost_out);
krb5_error_code k5_locate_server(krb5_context, const krb5_data *realm,
struct serverlist *serverlist,
enum locate_service_type svc,
krb5_boolean no_udp);
krb5_error_code k5_locate_kdc(krb5_context context, const krb5_data *realm,
struct serverlist *serverlist,
krb5_boolean get_primaries, krb5_boolean no_udp);
void k5_free_serverlist(struct serverlist *);
/* Create an object for remembering a history of KDCs contacted during an
* exchange. */
krb5_error_code k5_kdclist_create(struct kdclist **kdcs_out);
/* Add a server entry to kdcs. Transfer ownership of memory from *server and
* zero it. */
krb5_error_code k5_kdclist_add(struct kdclist *kdcs, const krb5_data *realm,
struct server_entry *server);
/* Return true if any KDC entries in kdcs are replicas, looking up realms'
* primary KDCs as necessary. */
krb5_boolean k5_kdclist_any_replicas(krb5_context context,
struct kdclist *kdcs);
void k5_kdclist_free(struct kdclist *kdcs);
#ifdef HAVE_NETINET_IN_H
krb5_error_code krb5_unpack_full_ipaddr(krb5_context,
const krb5_address *,
krb5_int32 *,
krb5_int16 *);
krb5_error_code krb5_make_full_ipaddr(krb5_context,
krb5_int32,
int, /* unsigned short promotes to signed int */
krb5_address **);
#endif /* HAVE_NETINET_IN_H */
struct srv_dns_entry {
struct srv_dns_entry *next;
int priority;
int weight;
unsigned short port;
char *host;
};
krb5_error_code
krb5int_make_srv_query_realm(krb5_context context, const krb5_data *realm,
const char *service, const char *protocol,
const char *sitename,
struct srv_dns_entry **answers);
void krb5int_free_srv_dns_data(struct srv_dns_entry *);
krb5_error_code
k5_make_uri_query(krb5_context context, const krb5_data *realm,
const char *service, const char *sitename,
struct srv_dns_entry **answers);
krb5_error_code k5_try_realm_txt_rr(krb5_context context, const char *prefix,
const char *name, char **realm);
char *k5_primary_domain(void);
int _krb5_use_dns_realm (krb5_context);
int _krb5_use_dns_kdc (krb5_context);
int _krb5_conf_boolean (const char *);
krb5_error_code k5_sendto(krb5_context context, const krb5_data *message,
const krb5_data *realm,
const struct serverlist *addrs,
k5_transport_strategy strategy,
struct sendto_callback_info *callback_info,
krb5_data *reply, struct sockaddr *remoteaddr,
socklen_t *remoteaddrlen, int *server_used,
int (*msg_handler)(krb5_context, const krb5_data *,
void *),
void *msg_handler_data);
krb5_error_code k5_sendto_kdc(krb5_context context, const krb5_data *message,
const krb5_data *realm, krb5_boolean use_primary,
krb5_boolean no_udp, krb5_data *reply_out,
struct kdclist *hist);
krb5_error_code krb5int_get_fq_local_hostname(char **);
/* The io vector is *not* const here, unlike writev()! */
int krb5int_net_writev (krb5_context, int, sg_buf *, int);
int k5_getcurtime(struct timeval *tvp);
krb5_error_code k5_expand_path_tokens(krb5_context context,
const char *path_in, char **path_out);
krb5_error_code k5_expand_path_tokens_extra(krb5_context context,
const char *path_in,
char **path_out, ...);
krb5_error_code k5_create_secure_file(krb5_context, const char * pathname);
krb5_error_code k5_sync_disk_file(krb5_context, FILE *fp);
krb5_error_code k5_os_init_context(krb5_context context, profile_t profile,
krb5_flags flags);
void k5_os_free_context(krb5_context);
krb5_error_code k5_os_hostaddr(krb5_context, const char *, krb5_address ***);
krb5_error_code k5_time_with_offset(krb5_timestamp offset,
krb5_int32 offset_usec,
krb5_timestamp *time_out,
krb5_int32 *usec_out);
void k5_set_prompt_types(krb5_context, krb5_prompt_type *);
krb5_boolean k5_is_numeric_address(const char *name);
krb5_error_code k5_make_realmlist(const char *realm, char ***realms_out);
krb5_error_code k5_kt_client_default_name(krb5_context context,
char **name_out);
krb5_error_code k5_write_messages(krb5_context, krb5_pointer, krb5_data *,
int);
void k5_init_trace(krb5_context context);
#include "k5-thread.h"
extern k5_mutex_t krb5int_us_time_mutex;
extern unsigned int krb5_max_skdc_timeout;
extern unsigned int krb5_skdc_timeout_shift;
extern unsigned int krb5_skdc_timeout_1;
void k5_hostrealm_free_context(krb5_context);
krb5_error_code hostrealm_profile_initvt(krb5_context context, int maj_ver,
int min_ver,
krb5_plugin_vtable vtable);
krb5_error_code hostrealm_registry_initvt(krb5_context context, int maj_ver,
int min_ver,
krb5_plugin_vtable vtable);
krb5_error_code hostrealm_dns_initvt(krb5_context context, int maj_ver,
int min_ver, krb5_plugin_vtable vtable);
krb5_error_code hostrealm_domain_initvt(krb5_context context, int maj_ver,
int min_ver,
krb5_plugin_vtable vtable);
void k5_localauth_free_context(krb5_context);
krb5_error_code localauth_names_initvt(krb5_context context, int maj_ver,
int min_ver, krb5_plugin_vtable vtable);
krb5_error_code localauth_rule_initvt(krb5_context context, int maj_ver,
int min_ver, krb5_plugin_vtable vtable);
krb5_error_code localauth_k5login_initvt(krb5_context context, int maj_ver,
int min_ver,
krb5_plugin_vtable vtable);
krb5_error_code localauth_an2ln_initvt(krb5_context context, int maj_ver,
int min_ver, krb5_plugin_vtable vtable);
#endif /* KRB5_LIBOS_INT_PROTO__ */
