2 * Copyright 2000, International Business Machines Corporation and others.
5 * This software has been released under the terms of the IBM Public
6 * License. For details, see the LICENSE file in the top-level source
7 * directory or online at http://www.openafs.org/dl/license10.html
11 * Excerpted from krb.sed
15 * Copyright 1987, 1988 by the Massachusetts Institute of Technology.
17 * For copying and distribution information, please see the file
20 * Include file for the Kerberos library.
23 /* Only one time, please */
27 /* Need some defs from des.h */
30 /* General definitions */
34 /* The maximum sizes for aname, realm, sname, and instance +1 */
39 /* include space for '.' and '@' */
40 #define MAX_K_NAME_SZ (ANAME_SZ + INST_SZ + REALM_SZ + 2)
44 #define DATE_SZ 26 /* RTI date output */
48 #ifndef DEFAULT_TKT_LIFE /* allow compile-time override */
49 #define DEFAULT_TKT_LIFE 120 /* default lifetime 10 hrs */
52 /* Definition of text structure used to pass text around */
53 #define MAX_KTXT_LEN 1250
56 unsigned int length; /* Length of the text */
57 unsigned char dat[MAX_KTXT_LEN]; /* The data itself */
58 unsigned long mbz; /* zero to catch runaway strings */
61 typedef struct ktext *KTEXT;
62 typedef struct ktext KTEXT_ST;
65 /* Definitions for send_to_kdc */
66 #define CLIENT_KRB_TIMEOUT 4 /* time between retries */
67 #define CLIENT_KRB_RETRY 5 /* retry this many times */
68 #define CLIENT_KRB_BUFLEN 512 /* max unfragmented packet */
70 /* Parameters for rd_ap_req */
71 /* Maximum alloable clock skew in seconds */
72 #define CLOCK_SKEW 5*60
74 /* Error codes returned from the KDC */
75 #define KDC_OK 0 /* Request OK */
76 #define KDC_NAME_EXP 1 /* Principal expired */
77 #define KDC_SERVICE_EXP 2 /* Service expired */
78 #define KDC_AUTH_EXP 3 /* Auth expired */
79 #define KDC_PKT_VER 4 /* Protocol version unknown */
80 #define KDC_P_MKEY_VER 5 /* Wrong master key version */
81 #define KDC_S_MKEY_VER 6 /* Wrong master key version */
82 #define KDC_BYTE_ORDER 7 /* Byte order unknown */
83 #define KDC_PR_UNKNOWN 8 /* Principal unknown */
84 #define KDC_PR_N_UNIQUE 9 /* Principal not unique */
85 #define KDC_NULL_KEY 10 /* Principal has null key */
86 #define KDC_GEN_ERR 20 /* Generic error from KDC */
89 /* Values returned by get_credentials */
90 #define GC_OK 0 /* Retrieve OK */
91 #define RET_OK 0 /* Retrieve OK */
92 #define GC_TKFIL 21 /* Can't read ticket file */
93 #define RET_TKFIL 21 /* Can't read ticket file */
94 #define GC_NOTKT 22 /* Can't find ticket or TGT */
95 #define RET_NOTKT 22 /* Can't find ticket or TGT */
98 /* Values returned by mk_ap_req */
99 #define MK_AP_OK 0 /* Success */
100 #define MK_AP_TGTEXP 26 /* TGT Expired */
102 /* Values returned by rd_ap_req */
103 #define RD_AP_OK 0 /* Request authentic */
104 #define RD_AP_UNDEC 31 /* Can't decode authenticator */
105 #define RD_AP_EXP 32 /* Ticket expired */
106 #define RD_AP_NYV 33 /* Ticket not yet valid */
107 #define RD_AP_REPEAT 34 /* Repeated request */
108 #define RD_AP_NOT_US 35 /* The ticket isn't for us */
109 #define RD_AP_INCON 36 /* Request is inconsistent */
110 #define RD_AP_TIME 37 /* delta_t too big */
111 #define RD_AP_BADD 38 /* Incorrect net address */
112 #define RD_AP_VERSION 39 /* protocol version mismatch */
113 #define RD_AP_MSG_TYPE 40 /* invalid msg type */
114 #define RD_AP_MODIFIED 41 /* message stream modified */
115 #define RD_AP_ORDER 42 /* message out of order */
116 #define RD_AP_UNAUTHOR 43 /* unauthorized request */
118 /* Values returned by get_pw_tkt */
119 #define GT_PW_OK 0 /* Got password changing tkt */
120 #define GT_PW_NULL 51 /* Current PW is null */
121 #define GT_PW_BADPW 52 /* Incorrect current password */
122 #define GT_PW_PROT 53 /* Protocol Error */
123 #define GT_PW_KDCERR 54 /* Error returned by KDC */
124 #define GT_PW_NULLTKT 55 /* Null tkt returned by KDC */
127 /* Values returned by send_to_kdc */
128 #define SKDC_OK 0 /* Response received */
129 #define SKDC_RETRY 56 /* Retry count exceeded */
130 #define SKDC_CANT 57 /* Can't send request */
133 * Values returned by get_intkt
134 * (can also return SKDC_* and KDC errors)
137 #define INTK_OK 0 /* Ticket obtained */
138 #define INTK_W_NOTALL 61 /* Not ALL tickets returned */
139 #define INTK_BADPW 62 /* Incorrect password */
140 #define INTK_PROT 63 /* Protocol Error */
141 #define INTK_ERR 70 /* Other error */
143 /* Values returned by get_adtkt */
144 #define AD_OK 0 /* Ticket Obtained */
145 #define AD_NOTGT 71 /* Don't have tgt */
147 /* Error codes returned by ticket file utilities */
148 #define NO_TKT_FIL 76 /* No ticket file found */
149 #define TKT_FIL_ACC 77 /* Couldn't access tkt file */
150 #define TKT_FIL_LCK 78 /* Couldn't lock ticket file */
151 #define TKT_FIL_FMT 79 /* Bad ticket file format */
152 #define TKT_FIL_INI 80 /* tf_init not called first */
154 /* Error code returned by kparse_name */
155 #define KNAME_FMT 81 /* Bad Kerberos name format */
157 /* Error code returned by krb_mk_safe */
158 #define SAFE_PRIV_ERROR -1 /* syscall error */
162 * macros for byte swapping; also scratch space
163 * u_quad 0-->7, 1-->6, 2-->5, 3-->4, 4-->3, 5-->2, 6-->1, 7-->0
164 * u_long 0-->3, 1-->2, 2-->1, 3-->0
165 * u_short 0-->1, 1-->0
168 #define swap_u_16(x) {\
169 unsigned long _krb_swap_tmp[4];\
170 swab(((char *) x) +0, ((char *) _krb_swap_tmp) +14 ,2); \
171 swab(((char *) x) +2, ((char *) _krb_swap_tmp) +12 ,2); \
172 swab(((char *) x) +4, ((char *) _krb_swap_tmp) +10 ,2); \
173 swab(((char *) x) +6, ((char *) _krb_swap_tmp) +8 ,2); \
174 swab(((char *) x) +8, ((char *) _krb_swap_tmp) +6 ,2); \
175 swab(((char *) x) +10,((char *) _krb_swap_tmp) +4 ,2); \
176 swab(((char *) x) +12,((char *) _krb_swap_tmp) +2 ,2); \
177 swab(((char *) x) +14,((char *) _krb_swap_tmp) +0 ,2); \
178 memcpy((char *)x, (char *)_krb_swap_tmp, 16);\
181 #define swap_u_12(x) {\
182 unsigned long _krb_swap_tmp[4];\
183 swab(( char *) x, ((char *) _krb_swap_tmp) +10 ,2); \
184 swab(((char *) x) +2, ((char *) _krb_swap_tmp) +8 ,2); \
185 swab(((char *) x) +4, ((char *) _krb_swap_tmp) +6 ,2); \
186 swab(((char *) x) +6, ((char *) _krb_swap_tmp) +4 ,2); \
187 swab(((char *) x) +8, ((char *) _krb_swap_tmp) +2 ,2); \
188 swab(((char *) x) +10,((char *) _krb_swap_tmp) +0 ,2); \
189 memcpy((char *)x, (char *)_krb_swap_tmp, 12);\
192 #define swap_C_Block(x) {\
193 unsigned long _krb_swap_tmp[4];\
194 swab(( char *) x, ((char *) _krb_swap_tmp) +6 ,2); \
195 swab(((char *) x) +2,((char *) _krb_swap_tmp) +4 ,2); \
196 swab(((char *) x) +4,((char *) _krb_swap_tmp) +2 ,2); \
197 swab(((char *) x) +6,((char *) _krb_swap_tmp) ,2); \
198 memcpy((char *)x, (char *)_krb_swap_tmp, 8);\
200 #define swap_u_quad(x) {\
201 unsigned long _krb_swap_tmp[4];\
202 swab(( char *) &x, ((char *) _krb_swap_tmp) +6 ,2); \
203 swab(((char *) &x) +2,((char *) _krb_swap_tmp) +4 ,2); \
204 swab(((char *) &x) +4,((char *) _krb_swap_tmp) +2 ,2); \
205 swab(((char *) &x) +6,((char *) _krb_swap_tmp) ,2); \
206 memcpy((char *)&x, (char *)_krb_swap_tmp, 8);\
209 #define swap_u_long(x) {\
210 unsigned long _krb_swap_tmp[4];\
211 swab((char *) &x, ((char *) _krb_swap_tmp) +2 ,2); \
212 swab(((char *) &x) +2,((char *) _krb_swap_tmp),2); \
213 x = _krb_swap_tmp[0]; \
216 #define swap_u_short(x) {\
217 unsigned short _krb_swap_sh_tmp; \
218 swab((char *) &x, ( &_krb_swap_sh_tmp) ,2); \
219 x = (unsigned short) _krb_swap_sh_tmp; \
223 #include "krb_prot.h"
229 #endif /* KRB_DEFS */