/* util_krb.c */
#ifdef HAVE_HEIMDAL_VERSION
+
+#define KRB_TIME_FOREVER ((time_t)~0L)
+
#define KRB_KEY_TYPE(key) ((key)->keytype)
#define KRB_KEY_DATA(key) ((key)->keyvalue.data)
#define KRB_KEY_LENGTH(key) ((key)->keyvalue.length)
-#else
-#define KRB_KEY_TYPE(key) ((key)->enctype)
-#define KRB_KEY_DATA(key) ((key)->contents)
-#define KRB_KEY_LENGTH(key) ((key)->length)
-#endif /* HAVE_HEIMDAL_VERSION */
-#define KRB_KEY_INIT(key) do { \
- KRB_KEY_TYPE(key) = ENCTYPE_NULL; \
- KRB_KEY_DATA(key) = NULL; \
- KRB_KEY_LENGTH(key) = 0; \
- } while (0)
-
-#ifdef HAVE_HEIMDAL_VERSION
#define KRB_PRINC_LENGTH(princ) ((princ)->name.name_string.len)
#define KRB_PRINC_TYPE(princ) ((princ)->name.name_type)
#define KRB_PRINC_NAME(princ) ((princ)->name.name_string.val)
+#define KRB_PRINC_REALM(princ) ((princ)->realm)
+
+#define KRB_KT_ENT_KEYBLOCK(e) (&(e)->keyblock)
+#define KRB_KT_ENT_FREE(c, e) krb5_kt_free_entry((c), (e))
+
#define KRB_CRYPTO_CONTEXT(ctx) (krbCrypto)
+
#else
+
+#define KRB_TIME_FOREVER KRB5_INT32_MAX
+
+#define KRB_KEY_TYPE(key) ((key)->enctype)
+#define KRB_KEY_DATA(key) ((key)->contents)
+#define KRB_KEY_LENGTH(key) ((key)->length)
+
#define KRB_PRINC_LENGTH(princ) (krb5_princ_size(NULL, (princ)))
#define KRB_PRINC_TYPE(princ) (krb5_princ_type(NULL, (princ)))
#define KRB_PRINC_NAME(princ) (krb5_princ_name(NULL, (princ)))
+#define KRB_PRINC_REALM(princ) (krb5_princ_realm(NULL, (princ)))
+
+#define KRB_KT_ENT_KEYBLOCK(e) (&(e)->key)
+#define KRB_KT_ENT_FREE(c, e) krb5_free_keytab_entry_contents((c), (e))
+
#define KRB_CRYPTO_CONTEXT(ctx) (&(ctx)->rfc3961Key)
+
#endif /* HAVE_HEIMDAL_VERSION */
+#define KRB_KEY_INIT(key) do { \
+ KRB_KEY_TYPE(key) = ENCTYPE_NULL; \
+ KRB_KEY_DATA(key) = NULL; \
+ KRB_KEY_LENGTH(key) = 0; \
+ } while (0)
+
#ifdef HAVE_HEIMDAL_VERSION
#define GSS_IOV_BUFFER_FLAG_ALLOCATE GSS_IOV_BUFFER_TYPE_FLAG_ALLOCATE
#define GSS_IOV_BUFFER_FLAG_ALLOCATED GSS_IOV_BUFFER_TYPE_FLAG_ALLOCATED
const char *prefix,
gss_buffer_t string);
+krb5_error_code
+krbMakeAuthDataKdcIssued(krb5_context context,
+ const krb5_keyblock *key,
+ krb5_const_principal issuer,
+#ifdef HAVE_HEIMDAL_VERSION
+ const AuthorizationData *authdata,
+ AuthorizationData *adKdcIssued
+#else
+ krb5_authdata *const *authdata,
+ krb5_authdata ***adKdcIssued
+#endif
+ );
+
+krb5_error_code
+krbMakeCred(krb5_context context,
+ krb5_auth_context authcontext,
+ krb5_creds *creds,
+ krb5_data *data);
+
/* util_lucid.c */
OM_uint32
gssEapExportLucidSecContext(OM_uint32 *minor,
gss_OID *const pInternalizedOid);
OM_uint32
+gssEapReleaseOid(OM_uint32 *minor, gss_OID *oid);
+
+OM_uint32
gssEapDefaultMech(OM_uint32 *minor,
gss_OID *oid);
int index, gss_buffer_t buffer)
{
#ifdef HAVE_HEIMDAL_VERSION
- buffer->value = (void *)krbPrinc->name.name_string.val[index];
+ buffer->value = (void *)KRB_PRINC_NAME(krbPrinc)[index];
buffer->length = strlen((char *)buffer->value);
#else
buffer->value = (void *)krb5_princ_component(NULL, krbPrinc, index)->data;
krbPrincRealmToGssBuffer(krb5_principal krbPrinc, gss_buffer_t buffer)
{
#ifdef HAVE_HEIMDAL_VERSION
- buffer->value = (void *)krbPrinc->realm;
- buffer->length = strlen(krbPrinc->realm);
+ buffer->value = (void *)KRB_PRINC_REALM(krbPrinc);
+ buffer->length = strlen((char *)buffer->value);
#else
- krbDataToGssBuffer(krb5_princ_realm(NULL, krbPrinc), buffer);
+ krbDataToGssBuffer(KRB_PRINC_REALM(krbPrinc), buffer);
#endif
}