5 #ifndef _MIT_INTERNALS_H_
6 #define _MIT_INTERNALS_H_
8 /* must be included after krb5.h to override definitons from there */
11 * MIT Kerberos 1.3.x replay cache implementation causes major problems
12 * with Microsoft Kerberos5 implementation by incorrectly detecting
13 * Microsoft authenticators as replays. The problem is being worked on
14 * by both MIT and Microsoft but until a definite fix is available, we
15 * must disable the replay cache in order to work with Microsoft clients.
16 * The only working way to do this seems to be overriding the function
17 * that stores authenticators in replay cache with one that does nothing.
18 * Note that disabling replay cache is potentially unsecure.
21 /* Definition from MIT krb5-1.3.3 krb5.h */
22 typedef struct _krb5_donot_replay {
24 char *server; /* null-terminated */
25 char *client; /* null-terminated */
30 /* Definitions from MIT krb5-1.3.3 k5-int.h */
34 krb5_error_code (KRB5_CALLCONV *init)
35 (krb5_context, krb5_rcache,krb5_deltat); /* create */
36 krb5_error_code (KRB5_CALLCONV *recover)
37 (krb5_context, krb5_rcache); /* open */
38 krb5_error_code (KRB5_CALLCONV *destroy)
39 (krb5_context, krb5_rcache);
40 krb5_error_code (KRB5_CALLCONV *close)
41 (krb5_context, krb5_rcache);
42 krb5_error_code (KRB5_CALLCONV *store)
43 (krb5_context, krb5_rcache,krb5_donot_replay *);
44 krb5_error_code (KRB5_CALLCONV *expunge)
45 (krb5_context, krb5_rcache);
46 krb5_error_code (KRB5_CALLCONV *get_span)
47 (krb5_context, krb5_rcache,krb5_deltat *);
48 char *(KRB5_CALLCONV *get_name)
49 (krb5_context, krb5_rcache);
50 krb5_error_code (KRB5_CALLCONV *resolve)
51 (krb5_context, krb5_rcache, char *);
54 typedef struct _krb5_rc_ops krb5_rc_ops;
56 /* Definitions from MIT krb5-1.3.3 rc_dfl.h */
57 extern krb5_error_code KRB5_CALLCONV krb5_rc_dfl_init
61 extern krb5_error_code KRB5_CALLCONV krb5_rc_dfl_recover
64 extern krb5_error_code KRB5_CALLCONV krb5_rc_dfl_destroy
67 extern krb5_error_code KRB5_CALLCONV krb5_rc_dfl_close
70 extern krb5_error_code KRB5_CALLCONV krb5_rc_dfl_expunge
73 extern krb5_error_code KRB5_CALLCONV krb5_rc_dfl_get_span
77 extern char * KRB5_CALLCONV krb5_rc_dfl_get_name
80 extern krb5_error_code KRB5_CALLCONV krb5_rc_dfl_resolve
85 /* Definition from MIT krb5-1.3.3 k5-int.h */
86 /* kouril: use the _internal suffix in order to avoid conflicts with
87 * the definition in krb5.h */
88 struct krb5_rc_st_internal {
90 const struct _krb5_rc_ops *ops;
94 typedef struct krb5_rc_st_internal *krb5_rcache_internal;
96 /* Definitions from MIT krb5-1.3.3 gssapiP_krb5.h */
97 typedef struct _krb5_gss_cred_id_rec {
98 /* name/type of credential */
99 gss_cred_usage_t usage;
100 krb5_principal princ; /* this is not interned as a gss_name_t */
104 /* keytab (accept) data */
106 krb5_rcache_internal rcache;
108 /* ccache (init) data */
110 krb5_timestamp tgt_expire;
111 } krb5_gss_cred_id_rec, *krb5_gss_cred_id_t;
113 #endif /* _MIT_INTERNALS_H_ */