1 #ifndef _MIT_INTERNALS_H_
2 #define _MIT_INTERNALS_H_
4 /* must be included after krb5.h to override definitons from there */
7 * MIT Kerberos 1.3.x replay cache implementation causes major problems
8 * with Microsoft Kerberos5 implementation by incorrectly detecting
9 * Microsoft authenticators as replays. The problem is being worked on
10 * by both MIT and Microsoft but until a definite fix is available, we
11 * must disable the replay cache in order to work with Microsoft clients.
12 * The only working way to do this seems to be overriding the function
13 * that stores authenticators in replay cache with one that does nothing.
14 * Note that disabling replay cache is potentially unsecure.
17 /* Definition from MIT krb5-1.3.3 krb5.h */
18 typedef struct _krb5_donot_replay {
20 char *server; /* null-terminated */
21 char *client; /* null-terminated */
26 /* Definitions from MIT krb5-1.3.3 k5-int.h */
30 krb5_error_code (KRB5_CALLCONV *init)
31 (krb5_context, krb5_rcache,krb5_deltat); /* create */
32 krb5_error_code (KRB5_CALLCONV *recover)
33 (krb5_context, krb5_rcache); /* open */
34 krb5_error_code (KRB5_CALLCONV *destroy)
35 (krb5_context, krb5_rcache);
36 krb5_error_code (KRB5_CALLCONV *close)
37 (krb5_context, krb5_rcache);
38 krb5_error_code (KRB5_CALLCONV *store)
39 (krb5_context, krb5_rcache,krb5_donot_replay *);
40 krb5_error_code (KRB5_CALLCONV *expunge)
41 (krb5_context, krb5_rcache);
42 krb5_error_code (KRB5_CALLCONV *get_span)
43 (krb5_context, krb5_rcache,krb5_deltat *);
44 char *(KRB5_CALLCONV *get_name)
45 (krb5_context, krb5_rcache);
46 krb5_error_code (KRB5_CALLCONV *resolve)
47 (krb5_context, krb5_rcache, char *);
50 typedef struct _krb5_rc_ops krb5_rc_ops;
52 /* Definitions from MIT krb5-1.3.3 rc_dfl.h */
53 extern krb5_error_code KRB5_CALLCONV krb5_rc_dfl_init
57 extern krb5_error_code KRB5_CALLCONV krb5_rc_dfl_recover
60 extern krb5_error_code KRB5_CALLCONV krb5_rc_dfl_destroy
63 extern krb5_error_code KRB5_CALLCONV krb5_rc_dfl_close
66 extern krb5_error_code KRB5_CALLCONV krb5_rc_dfl_expunge
69 extern krb5_error_code KRB5_CALLCONV krb5_rc_dfl_get_span
73 extern char * KRB5_CALLCONV krb5_rc_dfl_get_name
76 extern krb5_error_code KRB5_CALLCONV krb5_rc_dfl_resolve
81 /* Definition from MIT krb5-1.3.3 k5-int.h */
82 /* kouril: use the _internal suffix in order to avoid conflicts with
83 * the definition in krb5.h */
84 struct krb5_rc_st_internal {
86 const struct _krb5_rc_ops *ops;
90 typedef struct krb5_rc_st_internal *krb5_rcache_internal;
92 /* Definitions from MIT krb5-1.3.3 gssapiP_krb5.h */
93 typedef struct _krb5_gss_cred_id_rec {
94 /* name/type of credential */
95 gss_cred_usage_t usage;
96 krb5_principal princ; /* this is not interned as a gss_name_t */
100 /* keytab (accept) data */
102 krb5_rcache_internal rcache;
104 /* ccache (init) data */
106 krb5_timestamp tgt_expire;
107 } krb5_gss_cred_id_rec, *krb5_gss_cred_id_t;
109 #endif _MIT_INTERNALS_H_