+static authn_status authn_krb_password(request_rec *r, const char *user,
+ const char *password)
+{
+ char *auth_line = NULL;
+ int ret;
+ const char *type = NULL;
+
+ type = ap_auth_type(r);
+ auth_line = ap_pbase64encode (r->pool, apr_psprintf(r->pool, "%s:%s", user, password));
+ auth_line = apr_psprintf(r->pool, "Basic %s", auth_line);
+
+ ret = authenticate_user(r, auth_line, type, 1, 1);
+
+ if (ret == OK) return AUTH_GRANTED;
+ else return AUTH_USER_NOT_FOUND;
+}
+
+static int
+kerb_authenticate_user(request_rec *r)
+{
+ kerb_auth_config *conf =
+ (kerb_auth_config *) ap_get_module_config(r->per_dir_config,
+ &auth_kerb_module);
+ char *auth_line = NULL;
+ int ret, use_krb4 = 0, use_krb5 = 0;
+ const char *type = NULL;
+
+ /* get the type specified in .htaccess */
+ type = ap_auth_type(r);
+
+ log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
+ "kerb_authenticate_user entered with user %s and auth_type %s",
+ (MK_USER)?MK_USER:"(NULL)",type?type:"(NULL)");
+
+ if (type && strcasecmp(type, "Kerberos") == 0)
+ use_krb5 = use_krb4 = 1;
+ else if(type && strcasecmp(type, "KerberosV5") == 0)
+ use_krb5 = 1;
+ else if(type && strcasecmp(type, "KerberosV4") == 0)
+ use_krb4 = 1;
+ else
+ return DECLINED;
+
+#if 0
+ if (conf->krb_ssl_preauthentication) {
+ const char *ssl_client_verify = ssl_var_lookup(r->pool, r->server,
+ r->connection, r, "SSL_CLIENT_VERIFY");
+
+ if (ssl_client_verify && strcmp(ssl_client_verify, "SUCCESS") == 0)
+ return OK;
+ }
+#endif
+
+ /* get what the user sent us in the HTTP header */
+ auth_line = (char *)MK_TABLE_GET(r->headers_in, (r->proxyreq == PROXYREQ_PROXY)
+ ? "Proxy-Authorization"
+ : "Authorization");
+ ret = authenticate_user(r, auth_line, type, use_krb4, use_krb5);
+
+ return ret;
+}
+
+int
+have_rcache_type(const char *type)
+{
+ krb5_error_code ret;
+ krb5_context context;
+ krb5_rcache id = NULL;
+ int found;
+
+ ret = krb5_init_context(&context);
+ if (ret)
+ return 0;
+
+ ret = krb5_rc_resolve_full(context, &id, "none:");
+ found = (ret == 0);
+
+ if (ret == 0)
+ krb5_rc_destroy(context, id);
+ krb5_free_context(context);
+
+ return found;
+}