#ifndef __KERBEROSLOGIN__
#define __KERBEROSLOGIN__
#if defined(macintosh) || (defined(__MACH__) && defined(__APPLE__))
# include <TargetConditionals.h>
# if TARGET_RT_MAC_CFM
# error "Use KfM 4.0 SDK headers for CFM compilation."
# endif
#endif
#if (__GNUC__ * 10000 + __GNUC_MINOR__ * 100 + __GNUC_PATCHLEVEL__) >= 30203
# define KERBEROSLOGIN_DEPRECATED __attribute__((deprecated))
#else
# define KERBEROSLOGIN_DEPRECATED
#endif
#include <sys/types.h>
#include <krb5.h>
#ifdef __cplusplus
extern "C" {
#endif
#if TARGET_OS_MAC
# pragma pack(push,2)
#endif
enum {
kerberosVersion_Any = 0,
kerberosVersion_V4 = 1,
kerberosVersion_V5 = 2,
kerberosVersion_All = 0xFFFFFFFF
};
typedef int32_t KLEKerberosVersion;
enum {
loginLibrary_LoginDialog,
loginLibrary_OptionsDialog,
loginLibrary_ChangePasswordDialog,
loginLibrary_ProgressDialog,
loginLibrary_PrompterDialog,
loginLibrary_UnknownDialog = -1
};
typedef int32_t KLEDialogIdentifiers;
enum {
loginOption_LoginName = 'name',
loginOption_LoginInstance = 'inst',
loginOption_RememberPrincipal = 'prin',
loginOption_RememberExtras = 'extr',
loginOption_MinimalTicketLifetime = '-lif',
loginOption_MaximalTicketLifetime = '+lif',
loginOption_DefaultTicketLifetime = '0lif',
loginOption_DefaultRenewableTicket = '0rtx',
loginOption_MinimalRenewableLifetime = '-rlf',
loginOption_MaximalRenewableLifetime = '+rlf',
loginOption_DefaultRenewableLifetime = '0rlf',
loginOption_DefaultForwardableTicket = '0fwd',
loginOption_DefaultProxiableTicket = '0prx',
loginOption_DefaultAddresslessTicket = '0adr'
};
typedef int32_t KLEDefaultLoginOptions;
enum {
realmList_Start = 0,
realmList_End = 0xFFFF
};
typedef int32_t KLERealmListIndexes;
#define klFirstError 19276
#define klLastError 19876
enum {
klNoErr = 0,
klParameterErr = 19276,
klBadPrincipalErr,
klBadPasswordErr,
klBadLoginOptionsErr,
klInvalidVersionErr,
klCapsLockErr,
klBadV5ContextErr,
klBufferTooSmallErr = 19376,
klBufferTooLargeErr,
klInvalidOptionErr,
klBadOptionValueErr,
klUserCanceledErr = 19476,
klMemFullErr,
klPreferencesReadErr,
klPreferencesWriteErr,
klV5InitializationFailedErr,
klPrincipalDoesNotExistErr,
klSystemDefaultDoesNotExistErr,
klCredentialsExpiredErr,
klNoRealmsErr,
klRealmDoesNotExistErr,
klNoCredentialsErr,
klCredentialsBadAddressErr,
klCacheDoesNotExistErr,
klNoHostnameErr,
klCredentialsNeedValidationErr,
klPasswordMismatchErr = 19576,
klInsecurePasswordErr,
klPasswordChangeFailedErr,
klCantContactServerErr = 19776,
klCantDisplayUIErr,
klServerInsecureErr
};
typedef int32_t KLEStatus;
typedef int32_t KLStatus;
typedef u_int32_t KLKerberosVersion;
typedef u_int32_t KLDefaultLoginOption;
typedef u_int32_t KLLoginMode;
typedef u_int32_t KLDialogIdentifier;
typedef u_int32_t KLIndex;
typedef u_int32_t KLLifetime;
typedef u_int32_t KLTime;
typedef u_int32_t KLSize;
typedef u_int32_t KLRefCon;
typedef int8_t KLBoolean;
typedef int16_t KLSInt16;
typedef void (*KLIdleCallback) (KLRefCon appData);
#define CallKLIdleCallback(userRoutine, appData) ((userRoutine) (appData))
typedef struct kim_identity_opaque *KLPrincipal;
typedef struct kim_options_opaque *KLLoginOptions;
KLStatus KLAcquireTickets (KLPrincipal inPrincipal,
KLPrincipal *outPrincipal,
char **outCredCacheName)
KERBEROSLOGIN_DEPRECATED;
KLStatus KLAcquireNewTickets (KLPrincipal inPrincipal,
KLPrincipal *outPrincipal,
char **outCredCacheName)
KERBEROSLOGIN_DEPRECATED;
KLStatus KLAcquireTicketsWithPassword (KLPrincipal inPrincipal,
KLLoginOptions inLoginOptions,
const char *inPassword,
char **outCredCacheName)
KERBEROSLOGIN_DEPRECATED;
KLStatus KLAcquireNewTicketsWithPassword (KLPrincipal inPrincipal,
KLLoginOptions inLoginOptions,
const char *inPassword,
char **outCredCacheName)
KERBEROSLOGIN_DEPRECATED;
KLStatus KLSetApplicationOptions (const void *inAppOptions)
KERBEROSLOGIN_DEPRECATED;
KLStatus KLGetApplicationOptions (void *outAppOptions)
KERBEROSLOGIN_DEPRECATED;
KLStatus KLAcquireInitialTickets (KLPrincipal inPrincipal,
KLLoginOptions inLoginOptions,
KLPrincipal *outPrincipal,
char **outCredCacheName);
KLStatus KLAcquireNewInitialTickets (KLPrincipal inPrincipal,
KLLoginOptions inLoginOptions,
KLPrincipal *outPrincipal,
char **outCredCacheName);
KLStatus KLDestroyTickets (KLPrincipal inPrincipal);
KLStatus KLChangePassword (KLPrincipal inPrincipal);
KLStatus KLAcquireInitialTicketsWithPassword (KLPrincipal inPrincipal,
KLLoginOptions inLoginOptions,
const char *inPassword,
char **outCredCacheName);
KLStatus KLAcquireNewInitialTicketsWithPassword (KLPrincipal inPrincipal,
KLLoginOptions inLoginOptions,
const char *inPassword,
char **outCredCacheName);
KLStatus KLAcquireNewInitialTicketCredentialsWithPassword (KLPrincipal inPrincipal,
KLLoginOptions inLoginOptions,
const char *inPassword,
krb5_context inV5Context,
KLBoolean *outGotV4Credentials,
KLBoolean *outGotV5Credentials,
void *outV4Credentials,
krb5_creds *outV5Credentials);
KLStatus KLStoreNewInitialTicketCredentials (KLPrincipal inPrincipal,
krb5_context inV5Context,
void *inV4Credentials,
krb5_creds *inV5Credentials,
char **outCredCacheName);
KLStatus KLVerifyInitialTickets (KLPrincipal inPrincipal,
KLBoolean inFailIfNoHostKey,
char **outCredCacheName);
KLStatus KLVerifyInitialTicketCredentials (void *inV4Credentials,
krb5_creds *inV5Credentials,
KLBoolean inFailIfNoHostKey);
KLStatus KLAcquireNewInitialTicketsWithKeytab (KLPrincipal inPrincipal,
KLLoginOptions inLoginOptions,
const char *inKeytabName,
char **outCredCacheName);
KLStatus KLRenewInitialTickets (KLPrincipal inPrincipal,
KLLoginOptions inLoginOptions,
KLPrincipal *outPrincipal,
char **outCredCacheName);
KLStatus KLValidateInitialTickets (KLPrincipal inPrincipal,
KLLoginOptions inLoginOptions,
char **outCredCacheName);
KLStatus KLLastChangedTime (KLTime *outLastChangedTime);
KLStatus KLCacheHasValidTickets (KLPrincipal inPrincipal,
KLKerberosVersion inKerberosVersion,
KLBoolean *outFoundValidTickets,
KLPrincipal *outPrincipal,
char **outCredCacheName);
KLStatus KLTicketStartTime (KLPrincipal inPrincipal,
KLKerberosVersion inKerberosVersion,
KLTime *outStartTime);
KLStatus KLTicketExpirationTime (KLPrincipal inPrincipal,
KLKerberosVersion inKerberosVersion,
KLTime *outExpirationTime);
KLStatus KLSetSystemDefaultCache (KLPrincipal inPrincipal);
KLStatus KLHandleError (KLStatus inError,
KLDialogIdentifier inDialogIdentifier,
KLBoolean inShowAlert);
KLStatus KLGetErrorString (KLStatus inError,
char **outErrorString);
KLStatus KLCancelAllDialogs (void);
KLStatus KLChangePasswordWithPasswords (KLPrincipal inPrincipal,
const char *inOldPassword,
const char *inNewPassword,
KLBoolean *outRejected,
char **outRejectionError,
char **outRejectionDescription);
KLStatus KLSetIdleCallback (const KLIdleCallback inCallback,
const KLRefCon inRefCon);
KLStatus KLGetIdleCallback (KLIdleCallback* inCallback,
KLRefCon* inRefCon);
KLStatus KLGetDefaultLoginOption (const KLDefaultLoginOption inOption,
void *ioBuffer,
KLSize *ioBufferSize);
KLStatus KLSetDefaultLoginOption (const KLDefaultLoginOption inOption,
const void *inBuffer,
const KLSize inBufferSize);
KLStatus KLFindKerberosRealmByName (const char *inRealmName,
KLIndex *outIndex);
KLStatus KLGetKerberosRealm (KLIndex inIndex,
char **outRealmName);
KLStatus KLSetKerberosRealm (KLIndex inIndex,
const char *inRealmName);
KLStatus KLRemoveKerberosRealm (KLIndex inIndex);
KLStatus KLInsertKerberosRealm (KLIndex inInsertBeforeIndex,
const char *inRealmName);
KLStatus KLRemoveAllKerberosRealms (void);
KLSize KLCountKerberosRealms (void);
KLStatus KLGetKerberosDefaultRealm(KLIndex *outIndex);
KLStatus KLGetKerberosDefaultRealmByName (char **outRealmName);
KLStatus KLSetKerberosDefaultRealm (KLIndex inIndex);
KLStatus KLSetKerberosDefaultRealmByName (const char *inRealm);
KLStatus KLCreatePrincipalFromTriplet (const char *inName,
const char *inInstance,
const char *inRealm,
KLPrincipal *outPrincipal);
KLStatus KLCreatePrincipalFromString (const char *inFullPrincipal,
KLKerberosVersion inKerberosVersion,
KLPrincipal *outPrincipal);
KLStatus KLCreatePrincipalFromKerberos5Principal (krb5_principal inKerberos5Principal,
KLPrincipal *outPrincipal);
KLStatus KLCreatePrincipalFromPrincipal (KLPrincipal inPrincipal,
KLPrincipal *outPrincipal);
KLStatus KLGetTripletFromPrincipal (KLPrincipal inPrincipal,
char **outName,
char **outInstance,
char **outRealm);
KLStatus KLGetStringFromPrincipal (KLPrincipal inPrincipal,
KLKerberosVersion inKerberosVersion,
char **outFullPrincipal);
KLStatus KLGetDisplayStringFromPrincipal (KLPrincipal inPrincipal,
KLKerberosVersion inKerberosVersion,
char **outFullPrincipal);
KLStatus KLComparePrincipal (KLPrincipal inFirstPrincipal,
KLPrincipal inSecondPrincipal,
KLBoolean *outAreEquivalent);
KLStatus KLDisposePrincipal (KLPrincipal inPrincipal);
KLStatus KLCreateLoginOptions (KLLoginOptions *outOptions);
KLStatus KLLoginOptionsSetTicketLifetime (KLLoginOptions ioOptions,
KLLifetime inTicketLifetime);
KLStatus KLLoginOptionsSetForwardable (KLLoginOptions ioOptions,
KLBoolean inForwardable);
KLStatus KLLoginOptionsSetProxiable (KLLoginOptions ioOptions,
KLBoolean inProxiable);
KLStatus KLLoginOptionsSetRenewableLifetime (KLLoginOptions ioOptions,
KLLifetime inRenewableLifetime);
KLStatus KLLoginOptionsSetAddressless (KLLoginOptions ioOptions,
KLBoolean inAddressless);
KLStatus KLLoginOptionsSetTicketStartTime (KLLoginOptions ioOptions,
KLTime inStartTime);
KLStatus KLLoginOptionsSetServiceName (KLLoginOptions ioOptions,
const char *inServiceName);
KLStatus KLDisposeLoginOptions(KLLoginOptions ioOptions);
KLStatus KLDisposeString (char *inStringToDispose);
#if TARGET_OS_MAC
# pragma pack(pop)
#endif
#ifdef __cplusplus
}
#endif
#endif