2 * This program is free software; you can redistribute it and/or modify
3 * it under the terms of the GNU General Public License as published by
4 * the Free Software Foundation; either version 2 of the License, or
5 * (at your option) any later version.
7 * This program is distributed in the hope that it will be useful,
8 * but WITHOUT ANY WARRANTY; without even the implied warranty of
9 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 * GNU General Public License for more details.
12 * You should have received a copy of the GNU General Public License
13 * along with this program; if not, write to the Free Software
14 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
20 * @brief types and function signatures for rlm_krb5.
22 * @copyright 2013 The FreeRADIUS server project
23 * @copyright 2013 Arran Cudbard-Bell <a.cudbardb@freeradius.org>
25 RCSIDH(krb5_h, "$Id$")
27 #if defined(KRB5_IS_THREAD_SAFE) && !defined(HAVE_PTHREAD_H)
28 # undef KRB5_IS_THREAD_SAFE
34 typedef struct rlm_krb5_handle {
40 krb5_verify_opt options;
44 /** Instance configuration for rlm_krb5
46 * Holds the configuration and preparsed data for a instance of rlm_krb5.
48 typedef struct rlm_krb5_t {
49 #ifdef KRB5_IS_THREAD_SAFE
50 fr_connection_pool_t *pool; //!< Connection pool instance.
52 rlm_krb5_handle_t *conn;
55 char const *xlat_name; //!< This module's instance name.
56 char const *keytabname; //!< The keytab to resolve the service in.
57 char const *service_princ; //!< The service name provided by the
60 char *hostname; //!< The hostname component of
61 //!< service_princ, or NULL.
62 char *service; //!< The service component of service_princ, or NULL.
64 krb5_context context; //!< The kerberos context (cloned once per request).
67 krb5_get_init_creds_opt *gic_options; //!< Options to pass to the get_initial_credentials
69 krb5_verify_init_creds_opt *vic_options; //!< Options to pass to the validate_initial_creds
72 krb5_principal server; //!< A structure representing the parsed
78 * MIT Kerberos uses comm_err, so the macro just expands to a call
83 # include <et/com_err.h>
87 # define rlm_krb5_error(_x, _y) error_message(_y)
89 char const *rlm_krb5_error(krb5_context context, krb5_error_code code);
92 void *mod_conn_create(void *instance);
94 int mod_conn_delete(UNUSED void *instance, void *handle);