Split normal kinit from s4u2 flavored kinit

[idra/samba.git] / lib / krb5_wrap / krb5_samba.h

diff --git a/lib/krb5_wrap/krb5_samba.h b/lib/krb5_wrap/krb5_samba.h
index 3800b024adb5cb14482264205380d9816e7270ea..864cda67bb90c391d10d65d7165546380118cb8e 100644 (file)
--- a/lib/krb5_wrap/krb5_samba.h
+++ b/lib/krb5_wrap/krb5_samba.h
@@ -28,6 +28,10 @@
 #define KRB5_PRIVATE    1       /* this file uses PRIVATE interfaces! */
 /* this file uses DEPRECATED interfaces! */
 
+#ifdef KRB5_DEPRECATED
+#undef KRB5_DEPRECATED
+#endif
+
 #if defined(HAVE_KRB5_DEPRECATED_WITH_IDENTIFIER)
 #define KRB5_DEPRECATED 1
 #else
@@ -57,6 +61,14 @@
 #define AP_OPTS_USE_SUBKEY 0
 #endif
 
+#ifndef krb5_princ_size
+#if defined(HAVE_KRB5_KRB5_PRINCIPAL_GET_NUM_COMP)
+#define krb5_princ_size krb5_principal_get_num_comp
+#else
+#error krb5_princ_size unavailable
+#endif
+#endif
+
 typedef struct {
 #if defined(HAVE_MAGIC_IN_KRB5_ADDRESS) && defined(HAVE_ADDRTYPE_IN_KRB5_ADDRESS) /* MIT */
        krb5_address **addrs;
@@ -186,6 +198,33 @@ krb5_error_code smb_krb5_get_creds(const char *server_s,
                                   const char *cc,
                                   const char *impersonate_princ_s,
                                   krb5_creds **creds_p);
+krb5_error_code kerberos_kinit_keyblock_cc(krb5_context ctx, krb5_ccache cc,
+                                          krb5_principal principal,
+                                          krb5_keyblock *keyblock,
+                                          const char *target_service,
+                                          krb5_get_init_creds_opt *krb_options,
+                                          time_t *expire_time,
+                                          time_t *kdc_time);
+krb5_error_code kerberos_kinit_password_cc(krb5_context ctx,
+                                          krb5_ccache cc,
+                                          krb5_principal principal,
+                                          const char *password,
+                                          const char *target_service,
+                                          krb5_get_init_creds_opt *krb_options,
+                                          time_t *expire_time,
+                                          time_t *kdc_time);
+#ifdef SAMBA4_USES_HEIMDAL
+krb5_error_code kerberos_kinit_s4u2_cc(krb5_context ctx,
+                                       krb5_ccache store_cc,
+                                       krb5_principal init_principal,
+                                       const char *init_password,
+                                       krb5_principal impersonate_principal,
+                                       const char *self_service,
+                                       const char *target_service,
+                                       krb5_get_init_creds_opt *krb_options,
+                                       time_t *expire_time,
+                                       time_t *kdc_time);
+#endif
 char *smb_krb5_principal_get_realm(krb5_context context,
                                   krb5_principal principal);
 
@@ -198,18 +237,17 @@ char *smb_get_krb5_error_message(krb5_context context,
                                 krb5_error_code code,
                                 TALLOC_CTX *mem_ctx);
 
-int cli_krb5_get_ticket(TALLOC_CTX *mem_ctx,
-                       const char *principal, time_t time_offset,
-                       DATA_BLOB *ticket, DATA_BLOB *session_key_krb5,
-                       uint32_t extra_ap_opts, const char *ccname,
-                       time_t *tgs_expire,
-                       const char *impersonate_princ_s);
-
 bool unwrap_edata_ntstatus(TALLOC_CTX *mem_ctx,
                           DATA_BLOB *edata,
                           DATA_BLOB *edata_out);
 
 #endif /* HAVE_KRB5 */
 
+int cli_krb5_get_ticket(TALLOC_CTX *mem_ctx,
+                       const char *principal, time_t time_offset,
+                       DATA_BLOB *ticket, DATA_BLOB *session_key_krb5,
+                       uint32_t extra_ap_opts, const char *ccname,
+                       time_t *tgs_expire,
+                       const char *impersonate_princ_s);
 
 #endif /* _KRB5_SAMBA_H */