X-Git-Url: https://git.decadent.org.uk/gitweb/?p=nfs-utils.git;a=blobdiff_plain;f=utils%2Fgssd%2Fkrb5_util.h;h=eed12944a73024c015d79f1c4aace2a9d31a1688;hp=36dfcc87f07b66bac35380525585f4728be6b07a;hb=HEAD;hpb=72e1cf8784fbcb1bffa28b08f663ea9469634590 diff --git a/utils/gssd/krb5_util.h b/utils/gssd/krb5_util.h index 36dfcc8..eed1294 100644 --- a/utils/gssd/krb5_util.h +++ b/utils/gssd/krb5_util.h @@ -3,9 +3,16 @@ #include +#ifdef HAVE_LIBTIRPC +#include +#else +#include "gss_oids.h" +#endif + /* * List of principals from our keytab that we - * may try to get credentials for + * will try to use to obtain credentials + * (known as a principal list entry (ple)) */ struct gssd_k5_kt_princ { struct gssd_k5_kt_princ *next; @@ -16,15 +23,24 @@ struct gssd_k5_kt_princ { }; -void gssd_setup_krb5_user_gss_ccache(uid_t uid, char *servername); +int gssd_setup_krb5_user_gss_ccache(uid_t uid, char *servername, + char *dirname); int gssd_get_krb5_machine_cred_list(char ***list); -int gssd_refresh_krb5_machine_creds(void); void gssd_free_krb5_machine_cred_list(char **list); void gssd_setup_krb5_machine_gss_ccache(char *servername); void gssd_destroy_krb5_machine_creds(void); +int gssd_refresh_krb5_machine_credential(char *hostname, + struct gssd_k5_kt_princ *ple, + char *service, + char *tgtname); +char *gssd_k5_err_msg(krb5_context context, krb5_error_code code); +void gssd_k5_get_default_realm(char **def_realm); + +int gssd_acquire_user_cred(uid_t uid, gss_cred_id_t *gss_cred); #ifdef HAVE_SET_ALLOWABLE_ENCTYPES -int limit_krb5_enctypes(struct rpc_gss_sec *sec, uid_t uid); +extern int limit_to_legacy_enctypes; +int limit_krb5_enctypes(struct rpc_gss_sec *sec); #endif /* @@ -40,6 +56,8 @@ int limit_krb5_enctypes(struct rpc_gss_sec *sec, uid_t uid); #define k5_free_unparsed_name(ctx, name) free(name) #define k5_free_default_realm(ctx, realm) free(realm) #define k5_free_kt_entry(ctx, kte) krb5_kt_free_entry((ctx),(kte)) +#undef USE_GSS_KRB5_CCACHE_NAME +#define USE_GSS_KRB5_CCACHE_NAME 1 #endif #endif /* KRB5_UTIL_H */