2 * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 /* $Id: krb5.h,v 1.205 2002/09/03 17:31:47 joda Exp $ */
40 #include <krb5-types.h>
47 #include <krb5_asn1.h>
49 /* name confusion with MIT */
50 #ifndef KRB5KDC_ERR_KEY_EXP
51 #define KRB5KDC_ERR_KEY_EXP KRB5KDC_ERR_KEY_EXPIRED
54 /* simple constants */
61 typedef int krb5_boolean;
63 typedef int32_t krb5_error_code;
65 typedef int krb5_kvno;
67 typedef u_int32_t krb5_flags;
69 typedef void *krb5_pointer;
70 typedef const void *krb5_const_pointer;
72 typedef octet_string krb5_data;
74 struct krb5_crypto_data;
75 typedef struct krb5_crypto_data *krb5_crypto;
77 typedef CKSUMTYPE krb5_cksumtype;
79 typedef Checksum krb5_checksum;
81 typedef ENCTYPE krb5_enctype;
83 /* alternative names */
85 ENCTYPE_NULL = ETYPE_NULL,
86 ENCTYPE_DES_CBC_CRC = ETYPE_DES_CBC_CRC,
87 ENCTYPE_DES_CBC_MD4 = ETYPE_DES_CBC_MD4,
88 ENCTYPE_DES_CBC_MD5 = ETYPE_DES_CBC_MD5,
89 ENCTYPE_DES3_CBC_MD5 = ETYPE_DES3_CBC_MD5,
90 ENCTYPE_OLD_DES3_CBC_SHA1 = ETYPE_OLD_DES3_CBC_SHA1,
91 ENCTYPE_SIGN_DSA_GENERATE = ETYPE_SIGN_DSA_GENERATE,
92 ENCTYPE_ENCRYPT_RSA_PRIV = ETYPE_ENCRYPT_RSA_PRIV,
93 ENCTYPE_ENCRYPT_RSA_PUB = ETYPE_ENCRYPT_RSA_PUB,
94 ENCTYPE_DES3_CBC_SHA1 = ETYPE_DES3_CBC_SHA1,
95 ENCTYPE_ARCFOUR_HMAC_MD5 = ETYPE_ARCFOUR_HMAC_MD5,
96 ENCTYPE_ARCFOUR_HMAC_MD5_56 = ETYPE_ARCFOUR_HMAC_MD5_56,
97 ENCTYPE_ENCTYPE_PK_CROSS = ETYPE_ENCTYPE_PK_CROSS,
98 ENCTYPE_DES_CBC_NONE = ETYPE_DES_CBC_NONE,
99 ENCTYPE_DES3_CBC_NONE = ETYPE_DES3_CBC_NONE,
100 ENCTYPE_DES_CFB64_NONE = ETYPE_DES_CFB64_NONE,
101 ENCTYPE_DES_PCBC_NONE = ETYPE_DES_PCBC_NONE,
104 typedef PADATA_TYPE krb5_preauthtype;
106 typedef enum krb5_key_usage {
107 KRB5_KU_PA_ENC_TIMESTAMP = 1,
108 /* AS-REQ PA-ENC-TIMESTAMP padata timestamp, encrypted with the
109 client key (section 5.4.1) */
111 /* AS-REP Ticket and TGS-REP Ticket (includes tgs session key or
112 application session key), encrypted with the service key
114 KRB5_KU_AS_REP_ENC_PART = 3,
115 /* AS-REP encrypted part (includes tgs session key or application
116 session key), encrypted with the client key (section 5.4.2) */
117 KRB5_KU_TGS_REQ_AUTH_DAT_SESSION = 4,
118 /* TGS-REQ KDC-REQ-BODY AuthorizationData, encrypted with the tgs
119 session key (section 5.4.1) */
120 KRB5_KU_TGS_REQ_AUTH_DAT_SUBKEY = 5,
121 /* TGS-REQ KDC-REQ-BODY AuthorizationData, encrypted with the tgs
122 authenticator subkey (section 5.4.1) */
123 KRB5_KU_TGS_REQ_AUTH_CKSUM = 6,
124 /* TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator cksum, keyed
125 with the tgs session key (sections 5.3.2, 5.4.1) */
126 KRB5_KU_TGS_REQ_AUTH = 7,
127 /* TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator (includes tgs
128 authenticator subkey), encrypted with the tgs session key
130 KRB5_KU_TGS_REP_ENC_PART_SESSION = 8,
131 /* TGS-REP encrypted part (includes application session key),
132 encrypted with the tgs session key (section 5.4.2) */
133 KRB5_KU_TGS_REP_ENC_PART_SUB_KEY = 9,
134 /* TGS-REP encrypted part (includes application session key),
135 encrypted with the tgs authenticator subkey (section 5.4.2) */
136 KRB5_KU_AP_REQ_AUTH_CKSUM = 10,
137 /* AP-REQ Authenticator cksum, keyed with the application session
138 key (section 5.3.2) */
139 KRB5_KU_AP_REQ_AUTH = 11,
140 /* AP-REQ Authenticator (includes application authenticator
141 subkey), encrypted with the application session key (section
143 KRB5_KU_AP_REQ_ENC_PART = 12,
144 /* AP-REP encrypted part (includes application session subkey),
145 encrypted with the application session key (section 5.5.2) */
146 KRB5_KU_KRB_PRIV = 13,
147 /* KRB-PRIV encrypted part, encrypted with a key chosen by the
148 application (section 5.7.1) */
149 KRB5_KU_KRB_CRED = 14,
150 /* KRB-CRED encrypted part, encrypted with a key chosen by the
151 application (section 5.8.1) */
152 KRB5_KU_KRB_SAFE_CKSUM = 15,
153 /* KRB-SAFE cksum, keyed with a key chosen by the application
155 KRB5_KU_OTHER_ENCRYPTED = 16,
156 /* Data which is defined in some specification outside of
157 Kerberos to be encrypted using an RFC1510 encryption type. */
158 KRB5_KU_OTHER_CKSUM = 17,
159 /* Data which is defined in some specification outside of
160 Kerberos to be checksummed using an RFC1510 checksum type. */
161 KRB5_KU_KRB_ERROR = 18,
162 /* Krb-error checksum */
163 KRB5_KU_AD_KDC_ISSUED = 19,
164 /* AD-KDCIssued checksum */
165 KRB5_KU_MANDATORY_TICKET_EXTENSION = 20,
166 /* Checksum for Mandatory Ticket Extensions */
167 KRB5_KU_AUTH_DATA_TICKET_EXTENSION = 21,
168 /* Checksum in Authorization Data in Ticket Extensions */
169 KRB5_KU_USAGE_SEAL = 22,
170 /* seal in GSSAPI krb5 mechanism */
171 KRB5_KU_USAGE_SIGN = 23,
172 /* sign in GSSAPI krb5 mechanism */
173 KRB5_KU_USAGE_SEQ = 24
174 /* SEQ in GSSAPI krb5 mechanism */
177 typedef krb5_key_usage krb5_keyusage;
179 typedef enum krb5_salttype {
180 KRB5_PW_SALT = KRB5_PADATA_PW_SALT,
181 KRB5_AFS3_SALT = KRB5_PADATA_AFS3_SALT
184 typedef struct krb5_salt {
185 krb5_salttype salttype;
189 typedef ETYPE_INFO krb5_preauthinfo;
192 krb5_preauthtype type;
193 krb5_preauthinfo info; /* list of preauthinfo for this type */
194 } krb5_preauthdata_entry;
196 typedef struct krb5_preauthdata {
198 krb5_preauthdata_entry *val;
201 typedef enum krb5_address_type {
202 KRB5_ADDRESS_INET = 2,
203 KRB5_ADDRESS_INET6 = 24,
204 KRB5_ADDRESS_ADDRPORT = 256,
205 KRB5_ADDRESS_IPPORT = 257
209 AP_OPTS_USE_SESSION_KEY = 1,
210 AP_OPTS_MUTUAL_REQUIRED = 2,
211 AP_OPTS_USE_SUBKEY = 4 /* library internal */
214 typedef HostAddress krb5_address;
216 typedef HostAddresses krb5_addresses;
218 typedef enum krb5_keytype {
225 typedef EncryptionKey krb5_keyblock;
227 typedef AP_REQ krb5_ap_req;
231 #define KRB5_DEFAULT_CCFILE_ROOT "/tmp/krb5cc_"
233 #define KRB5_DEFAULT_CCROOT "FILE:" KRB5_DEFAULT_CCFILE_ROOT
235 #define KRB5_ACCEPT_NULL_ADDRESSES(C) \
236 krb5_config_get_bool_default((C), NULL, TRUE, \
237 "libdefaults", "accept_null_addresses", \
240 typedef void *krb5_cc_cursor;
242 typedef struct krb5_ccache_data {
243 const struct krb5_cc_ops *ops;
247 typedef struct krb5_ccache_data *krb5_ccache;
249 typedef struct krb5_context_data *krb5_context;
251 typedef Realm krb5_realm;
252 typedef const char *krb5_const_realm; /* stupid language */
254 #define krb5_realm_length(r) strlen(r)
255 #define krb5_realm_data(r) (r)
257 typedef Principal krb5_principal_data;
258 typedef struct Principal *krb5_principal;
259 typedef const struct Principal *krb5_const_principal;
261 typedef time_t krb5_deltat;
262 typedef time_t krb5_timestamp;
264 typedef struct krb5_times {
265 krb5_timestamp authtime;
266 krb5_timestamp starttime;
267 krb5_timestamp endtime;
268 krb5_timestamp renew_till;
276 /* options for krb5_get_in_tkt() */
277 #define KDC_OPT_FORWARDABLE (1 << 1)
278 #define KDC_OPT_FORWARDED (1 << 2)
279 #define KDC_OPT_PROXIABLE (1 << 3)
280 #define KDC_OPT_PROXY (1 << 4)
281 #define KDC_OPT_ALLOW_POSTDATE (1 << 5)
282 #define KDC_OPT_POSTDATED (1 << 6)
283 #define KDC_OPT_RENEWABLE (1 << 8)
284 #define KDC_OPT_REQUEST_ANONYMOUS (1 << 14)
285 #define KDC_OPT_DISABLE_TRANSITED_CHECK (1 << 26)
286 #define KDC_OPT_RENEWABLE_OK (1 << 27)
287 #define KDC_OPT_ENC_TKT_IN_SKEY (1 << 28)
288 #define KDC_OPT_RENEW (1 << 30)
289 #define KDC_OPT_VALIDATE (1 << 31)
296 /* flags for krb5_verify_ap_req */
298 #define KRB5_VERIFY_AP_REQ_IGNORE_INVALID (1 << 0)
300 #define KRB5_GC_CACHED (1U << 0)
301 #define KRB5_GC_USER_USER (1U << 1)
303 /* constants for compare_creds (and cc_retrieve_cred) */
304 #define KRB5_TC_DONT_MATCH_REALM (1U << 31)
305 #define KRB5_TC_MATCH_KEYTYPE (1U << 30)
307 typedef AuthorizationData krb5_authdata;
309 typedef KRB_ERROR krb5_error;
311 typedef struct krb5_creds {
312 krb5_principal client;
313 krb5_principal server;
314 krb5_keyblock session;
317 krb5_data second_ticket;
318 krb5_authdata authdata;
319 krb5_addresses addresses;
320 krb5_ticket_flags flags;
323 typedef struct krb5_cc_ops {
325 const char* (*get_name)(krb5_context, krb5_ccache);
326 krb5_error_code (*resolve)(krb5_context, krb5_ccache *, const char *);
327 krb5_error_code (*gen_new)(krb5_context, krb5_ccache *);
328 krb5_error_code (*init)(krb5_context, krb5_ccache, krb5_principal);
329 krb5_error_code (*destroy)(krb5_context, krb5_ccache);
330 krb5_error_code (*close)(krb5_context, krb5_ccache);
331 krb5_error_code (*store)(krb5_context, krb5_ccache, krb5_creds*);
332 krb5_error_code (*retrieve)(krb5_context, krb5_ccache,
333 krb5_flags, krb5_creds*, krb5_creds);
334 krb5_error_code (*get_princ)(krb5_context, krb5_ccache, krb5_principal*);
335 krb5_error_code (*get_first)(krb5_context, krb5_ccache, krb5_cc_cursor *);
336 krb5_error_code (*get_next)(krb5_context, krb5_ccache,
337 krb5_cc_cursor*, krb5_creds*);
338 krb5_error_code (*end_get)(krb5_context, krb5_ccache, krb5_cc_cursor*);
339 krb5_error_code (*remove_cred)(krb5_context, krb5_ccache,
340 krb5_flags, krb5_creds*);
341 krb5_error_code (*set_flags)(krb5_context, krb5_ccache, krb5_flags);
342 int (*get_version)(krb5_context, krb5_ccache);
345 struct krb5_log_facility;
347 struct krb5_config_binding {
348 enum { krb5_config_string, krb5_config_list } type;
350 struct krb5_config_binding *next;
353 struct krb5_config_binding *list;
358 typedef struct krb5_config_binding krb5_config_binding;
360 typedef krb5_config_binding krb5_config_section;
362 typedef struct krb5_context_data {
363 krb5_enctype *etypes;
364 krb5_enctype *etypes_des;
365 char **default_realms;
368 unsigned max_retries;
369 int32_t kdc_sec_offset;
370 int32_t kdc_usec_offset;
371 krb5_config_section *cf;
372 struct et_list *et_list;
373 struct krb5_log_facility *warn_dest;
376 const char *http_proxy;
377 const char *time_fmt;
378 krb5_boolean log_utc;
379 const char *default_keytab;
380 const char *default_keytab_modify;
381 krb5_boolean use_admin_kdc;
382 krb5_addresses *extra_addresses;
383 krb5_boolean scan_interfaces; /* `ifconfig -a' */
384 krb5_boolean srv_lookup; /* do SRV lookups */
385 krb5_boolean srv_try_txt; /* try TXT records also */
386 int32_t fcache_vno; /* create cache files w/ this
388 int num_kt_types; /* # of registered keytab types */
389 struct krb5_keytab_data *kt_types; /* registered keytab types */
390 const char *date_fmt;
393 krb5_addresses *ignore_addresses;
396 typedef struct krb5_ticket {
397 EncTicketPart ticket;
398 krb5_principal client;
399 krb5_principal server;
402 typedef Authenticator krb5_authenticator_data;
404 typedef krb5_authenticator_data *krb5_authenticator;
406 struct krb5_rcache_data;
407 typedef struct krb5_rcache_data *krb5_rcache;
408 typedef Authenticator krb5_donot_replay;
410 #define KRB5_STORAGE_HOST_BYTEORDER 0x01 /* old */
411 #define KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS 0x02
412 #define KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE 0x04
413 #define KRB5_STORAGE_KEYBLOCK_KEYTYPE_TWICE 0x08
414 #define KRB5_STORAGE_BYTEORDER_MASK 0x60
415 #define KRB5_STORAGE_BYTEORDER_BE 0x00 /* default */
416 #define KRB5_STORAGE_BYTEORDER_LE 0x20
417 #define KRB5_STORAGE_BYTEORDER_HOST 0x40
419 struct krb5_storage_data;
420 typedef struct krb5_storage_data krb5_storage;
422 typedef struct krb5_keytab_entry {
423 krb5_principal principal;
425 krb5_keyblock keyblock;
429 typedef struct krb5_kt_cursor {
435 struct krb5_keytab_data;
437 typedef struct krb5_keytab_data *krb5_keytab;
439 struct krb5_keytab_data {
441 krb5_error_code (*resolve)(krb5_context, const char*, krb5_keytab);
442 krb5_error_code (*get_name)(krb5_context, krb5_keytab, char*, size_t);
443 krb5_error_code (*close)(krb5_context, krb5_keytab);
444 krb5_error_code (*get)(krb5_context, krb5_keytab, krb5_const_principal,
445 krb5_kvno, krb5_enctype, krb5_keytab_entry*);
446 krb5_error_code (*start_seq_get)(krb5_context, krb5_keytab, krb5_kt_cursor*);
447 krb5_error_code (*next_entry)(krb5_context, krb5_keytab,
448 krb5_keytab_entry*, krb5_kt_cursor*);
449 krb5_error_code (*end_seq_get)(krb5_context, krb5_keytab, krb5_kt_cursor*);
450 krb5_error_code (*add)(krb5_context, krb5_keytab, krb5_keytab_entry*);
451 krb5_error_code (*remove)(krb5_context, krb5_keytab, krb5_keytab_entry*);
456 typedef struct krb5_keytab_data krb5_kt_ops;
458 struct krb5_keytab_key_proc_args {
460 krb5_principal principal;
463 typedef struct krb5_keytab_key_proc_args krb5_keytab_key_proc_args;
465 typedef struct krb5_replay_data {
466 krb5_timestamp timestamp;
471 /* flags for krb5_auth_con_setflags */
473 KRB5_AUTH_CONTEXT_DO_TIME = 1,
474 KRB5_AUTH_CONTEXT_RET_TIME = 2,
475 KRB5_AUTH_CONTEXT_DO_SEQUENCE = 4,
476 KRB5_AUTH_CONTEXT_RET_SEQUENCE = 8,
477 KRB5_AUTH_CONTEXT_PERMIT_ALL = 16
480 /* flags for krb5_auth_con_genaddrs */
482 KRB5_AUTH_CONTEXT_GENERATE_LOCAL_ADDR = 1,
483 KRB5_AUTH_CONTEXT_GENERATE_LOCAL_FULL_ADDR = 3,
484 KRB5_AUTH_CONTEXT_GENERATE_REMOTE_ADDR = 4,
485 KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR = 12
488 typedef struct krb5_auth_context_data {
491 krb5_address *local_address;
492 krb5_address *remote_address;
495 krb5_keyblock *keyblock;
496 krb5_keyblock *local_subkey;
497 krb5_keyblock *remote_subkey;
499 u_int32_t local_seqnumber;
500 u_int32_t remote_seqnumber;
502 krb5_authenticator authenticator;
504 krb5_pointer i_vector;
508 krb5_keytype keytype; /* ¿requested key type ? */
509 krb5_cksumtype cksumtype; /* ¡requested checksum type! */
511 }krb5_auth_context_data, *krb5_auth_context;
515 EncKDCRepPart enc_part;
519 extern const char *heimdal_version, *heimdal_long_version;
521 typedef void (*krb5_log_log_func_t)(const char*, const char*, void*);
522 typedef void (*krb5_log_close_func_t)(void*);
524 typedef struct krb5_log_facility {
527 struct facility *val;
530 typedef EncAPRepPart krb5_ap_rep_enc_part;
532 #define KRB5_RECVAUTH_IGNORE_VERSION 1
534 #define KRB5_SENDAUTH_VERSION "KRB5_SENDAUTH_V1.0"
536 #define KRB5_TGS_NAME_SIZE (6)
537 #define KRB5_TGS_NAME ("krbtgt")
541 extern const char *krb5_config_file;
542 extern const char *krb5_defkeyname;
545 KRB5_PROMPT_TYPE_PASSWORD = 0x1,
546 KRB5_PROMPT_TYPE_NEW_PASSWORD = 0x2,
547 KRB5_PROMPT_TYPE_NEW_PASSWORD_AGAIN = 0x3,
548 KRB5_PROMPT_TYPE_PREAUTH = 0x4
551 typedef struct _krb5_prompt {
555 krb5_prompt_type type;
558 typedef int (*krb5_prompter_fct)(krb5_context context,
563 krb5_prompt prompts[]);
565 typedef krb5_error_code (*krb5_key_proc)(krb5_context context,
568 krb5_const_pointer keyseed,
569 krb5_keyblock **key);
570 typedef krb5_error_code (*krb5_decrypt_proc)(krb5_context context,
572 krb5_key_usage usage,
573 krb5_const_pointer decrypt_arg,
574 krb5_kdc_rep *dec_rep);
577 typedef struct _krb5_get_init_creds_opt {
579 krb5_deltat tkt_life;
580 krb5_deltat renew_life;
584 krb5_enctype *etype_list;
585 int etype_list_length;
586 krb5_addresses *address_list;
587 #if 0 /* this is the MIT-way */
588 krb5_address **address_list;
590 /* XXX the next three should not be used, as they may be
592 krb5_preauthtype *preauth_list;
593 int preauth_list_length;
595 } krb5_get_init_creds_opt;
597 #define KRB5_GET_INIT_CREDS_OPT_TKT_LIFE 0x0001
598 #define KRB5_GET_INIT_CREDS_OPT_RENEW_LIFE 0x0002
599 #define KRB5_GET_INIT_CREDS_OPT_FORWARDABLE 0x0004
600 #define KRB5_GET_INIT_CREDS_OPT_PROXIABLE 0x0008
601 #define KRB5_GET_INIT_CREDS_OPT_ETYPE_LIST 0x0010
602 #define KRB5_GET_INIT_CREDS_OPT_ADDRESS_LIST 0x0020
603 #define KRB5_GET_INIT_CREDS_OPT_PREAUTH_LIST 0x0040
604 #define KRB5_GET_INIT_CREDS_OPT_SALT 0x0080
605 #define KRB5_GET_INIT_CREDS_OPT_ANONYMOUS 0x0100
607 typedef struct _krb5_verify_init_creds_opt {
610 } krb5_verify_init_creds_opt;
612 #define KRB5_VERIFY_INIT_CREDS_OPT_AP_REQ_NOFAIL 0x0001
614 typedef struct krb5_verify_opt {
622 #define KRB5_VERIFY_LREALMS 1
623 #define KRB5_VERIFY_NO_ADDRESSES 2
625 extern const krb5_cc_ops krb5_fcc_ops;
626 extern const krb5_cc_ops krb5_mcc_ops;
628 extern const krb5_kt_ops krb5_fkt_ops;
629 extern const krb5_kt_ops krb5_mkt_ops;
630 extern const krb5_kt_ops krb5_akf_ops;
631 extern const krb5_kt_ops krb4_fkt_ops;
632 extern const krb5_kt_ops krb5_srvtab_fkt_ops;
633 extern const krb5_kt_ops krb5_any_ops;
635 #define KRB5_KPASSWD_SUCCESS 0
636 #define KRB5_KPASSWD_MALFORMED 1
637 #define KRB5_KPASSWD_HARDERROR 2
638 #define KRB5_KPASSWD_AUTHERROR 3
639 #define KRB5_KPASSWD_SOFTERROR 4
641 #define KPASSWD_PORT 464
643 /* types for the new krbhst interface */
644 struct krb5_krbhst_data;
645 typedef struct krb5_krbhst_data *krb5_krbhst_handle;
647 #define KRB5_KRBHST_KDC 1
648 #define KRB5_KRBHST_ADMIN 2
649 #define KRB5_KRBHST_CHANGEPW 3
650 #define KRB5_KRBHST_KRB524 4
652 typedef struct krb5_krbhst_info {
653 enum { KRB5_KRBHST_UDP,
655 KRB5_KRBHST_HTTP } proto;
657 unsigned short def_port;
659 struct krb5_krbhst_info *next;
660 char hostname[1]; /* has to come last */
664 struct credentials; /* this is to keep the compiler happy */
668 #include <krb5-protos.h>
670 #endif /* __KRB5_H__ */