1 /* C K U A T H . H -- "C-Kermit to Authentication" interface */
4 Author: Jeffrey E Altman <jaltman@secure-endpoints.com>,
5 Secure Endpoints Inc., New York City.
7 Copyright (C) 1999, 2009,
8 Trustees of Columbia University in the City of New York.
9 All rights reserved. See the C-Kermit COPYING.TXT file or the
10 copyright text in the ckcmai.c module for disclaimer and permissions.
14 * Based on a concatenation of all necessary include files distributed with
15 * the Kerberos 5 NT Alpha 2 Telnet package from MIT.
25 /* Header file for encrypted-stream library.
26 * Written by Ken Raeburn (Raeburn@Cygnus.COM).
27 * Copyright (C) 1991, 1992, 1994 by Cygnus Support.
29 * Permission to use, copy, modify, and
30 * distribute this software and its documentation for any purpose and
31 * without fee is hereby granted, provided that the above copyright
32 * notice appear in all copies and that both that copyright notice and
33 * this permission notice appear in supporting documentation.
34 * Cygnus Support makes no representations about the suitability of
35 * this software for any purpose. It is provided "as is" without express
36 * or implied warranty.
42 typedef void *kstream_ptr; /* Data send on the kstream */
43 struct kstream_data_block {
48 typedef struct kstream_int { /* Object we pass around */
49 int fd; /* Open socket descriptor */
50 int (*encrypt)(struct kstream_data_block *, /* output */
51 struct kstream_data_block *); /* input */
53 int (*decrypt)(struct kstream_data_block *, /* output */
54 struct kstream_data_block *); /* input */
60 int kstream_destroy();
61 void kstream_set_buffer_mode(int);
62 int kstream_create_from_fd(int fd, kstream_ptr);
63 int kstream_write(void *, size_t);
64 int kstream_read(void *, size_t);
66 #endif /* K5STREAM_H */
69 * Implements Telnet authentication and encryption
75 int auth_parse(unsigned char *, int);
77 int auth_init(kstream);
79 void auth_destroy(void);
81 int auth_encrypt(struct kstream_data_block *, struct kstream_data_block *);
83 int auth_decrypt(struct kstream_data_block *, struct kstream_data_block *);
85 extern BOOL forward_flag;
86 extern BOOL forwardable_flag;
87 extern BOOL forwarded_tickets;
88 #endif /* TEL_AUTH_H */
91 /* C-Kermit specific functions */
92 _PROTOTYP(void auth_finished,(int));
93 _PROTOTYP(int ck_auth_init, (char *, char *, char *, int));
94 _PROTOTYP(int ck_tn_auth_valid, (VOID));
95 _PROTOTYP(int ck_tn_auth_in_progress,(VOID));
96 _PROTOTYP(int ck_tn_sb_auth, (char *, int));
97 _PROTOTYP(int ck_tn_sb_encrypt, (char *, int));
98 _PROTOTYP(int ck_tn_auth_request, (VOID));
99 _PROTOTYP(void ck_tn_encrypt, (char *, int));
100 _PROTOTYP(void ck_tn_decrypt, (char *, int));
101 _PROTOTYP(void ck_tn_encrypt_start, (VOID));
102 _PROTOTYP(void ck_tn_encrypt_stop, (VOID));
103 _PROTOTYP(int ck_tn_authenticated, (VOID));
105 _PROTOTYP(int ck_tn_encrypting, (VOID));
106 _PROTOTYP(int ck_tn_decrypting, (VOID));
107 #endif /* CK_ENCRYPTION */
109 _PROTOTYP(int ck_tn_tls_negotiate, (VOID));
110 _PROTOTYP(int SendSSLAuthSB, (int, void *, int));
114 /* Define MIT_CURRENT to compile the code for use with versions of */
115 /* Kerberos later than KRB5 1.0.5. Note. This will not compile */
116 /* successfully in Kermit 95 due to the segmentation of crypto */
117 /* into a separate DLL. */
119 #ifndef KRB5_INIT_ETS
120 /* krb5_init_ets() is a no-op in Kerberos 1.4.x and later */
121 /* and in some installations it can't be found so now by default */
122 /* we don't use it. */
123 #define NO_KRB5_INIT_ETS
124 #endif /* KRB5_INIT_ETS */
126 #define KRB_DEFTIM 600 /* Default lifetime (minutes) */
128 /* Kerberos structure definitions */
130 struct krb_op_data { /* Operational data for all actions */
131 int version; /* Kerberos version */
132 char * cache; /* Kerberos cache file */
135 struct krb4_init_data { /* INITIALIZE data structure */
137 char * principal; /* Principal string */
139 char * realm; /* Realm string */
140 char * password; /* Kerberos password */
141 int preauth; /* Use preauth mode? */
142 int verbose; /* Verbose output? */
145 #define KRB5_NUM_OF_ADDRS 16
146 struct krb5_init_data { /* INITIALIZE data structure */
147 int forwardable; /* Switch values */
148 int proxiable; /* Correspond to switch names... */
155 char * principal; /* Principal string */
157 char * realm; /* Realm string */
158 char * password; /* Kerberos password */
159 int preauth; /* Use preauth mode? */
160 int verbose; /* Verbose output? */
161 int getk4; /* Get K4 TGT? */
162 char * addrs[KRB5_NUM_OF_ADDRS+1]; /* List of IP Addresses */
163 int no_addresses; /* Do not include IP Addresses */
166 struct krb5_list_cred_data { /* List Credentials data */
172 _PROTOTYP(int ck_krb5_autoget_TGT, (char *));
173 _PROTOTYP(int ck_krb5_initTGT, (struct krb_op_data *,struct krb5_init_data *,
174 struct krb4_init_data *));
175 _PROTOTYP(int ck_krb5_destroy, (struct krb_op_data *));
176 _PROTOTYP(int ck_krb5_list_creds, (struct krb_op_data *,
177 struct krb5_list_cred_data *));
178 _PROTOTYP(char * ck_krb5_getrealm, (char *));
179 _PROTOTYP(char * ck_krb5_getprincipal, (char *));
180 _PROTOTYP(char * ck_krb5_get_cc_name, (VOID));
182 _PROTOTYP(int ck_krb4_autoget_TGT, (char *));
183 _PROTOTYP(int ck_krb4_initTGT, (struct krb_op_data *,struct krb4_init_data *));
184 _PROTOTYP(int ck_krb4_destroy, (struct krb_op_data *));
185 _PROTOTYP(int ck_krb4_list_creds, (struct krb_op_data *));
186 _PROTOTYP(char * ck_krb4_getrealm, (VOID));
187 _PROTOTYP(char * ck_krb4_getprincipal, (VOID));
189 _PROTOTYP(int ck_krb4_get_tkts, (VOID));
190 _PROTOTYP(char * ck_krb4_get_next_tkt, (VOID));
191 _PROTOTYP(int ck_krb4_tkt_isvalid,(char *));
192 _PROTOTYP(int ck_krb4_is_tgt_valid,(VOID));
193 _PROTOTYP(int ck_krb4_tkt_time,(char *));
195 _PROTOTYP(int ck_krb5_get_tkts, (char *));
196 _PROTOTYP(char * ck_krb5_get_next_tkt, (VOID));
197 _PROTOTYP(int ck_krb5_tkt_isvalid,(char *,char *));
198 _PROTOTYP(char * ck_krb5_tkt_flags,(char *,char *));
199 _PROTOTYP(int ck_krb5_is_tgt_valid,(VOID));
200 _PROTOTYP(int ck_krb5_tkt_time,(char *,char *));
202 _PROTOTYP(int krb4_des_avail,(int));
203 _PROTOTYP(int krb4_des_write,(int,char *,int));
204 _PROTOTYP(int krb4_des_read, (int,char *,int));
205 _PROTOTYP(int krb5_des_avail,(int));
206 _PROTOTYP(int krb5_des_write,(int,char *,int,int));
207 _PROTOTYP(int krb5_des_read, (int,char *,int,int));
208 _PROTOTYP(int krb5_u2u_avail,(int));
209 _PROTOTYP(int krb5_u2u_write,(int,char *,int));
210 _PROTOTYP(int krb5_u2u_read, (int,char *,int));
211 _PROTOTYP(int k5_user_to_user_server_auth,(VOID));
212 _PROTOTYP(int k5_user_to_user_client_auth,(VOID));
213 #endif /* CK_KERBEROS */
215 _PROTOTYP(int ck_krb5_is_installed,(void));
216 _PROTOTYP(int ck_krb4_is_installed,(void));
217 _PROTOTYP(int ck_srp_is_installed,(void));
218 _PROTOTYP(int ck_ntlm_is_installed,(void));
219 _PROTOTYP(int ck_crypt_is_installed,(void));
220 _PROTOTYP(int ck_ssleay_is_installed,(void));
221 _PROTOTYP(int ck_gssapi_is_installed,(void));
222 _PROTOTYP(int ck_krypto_is_installed,(void));
224 _PROTOTYP(VOID ck_encrypt_send_support,(VOID));
225 _PROTOTYP(int ck_get_crypt_table,(struct keytab **, int *));
226 _PROTOTYP(char * ck_krb4_realmofhost,(char *));
227 _PROTOTYP(char * ck_krb5_realmofhost,(char *));
229 #define FORWARD /* allow forwarding of credential */
231 _PROTOTYP(int kerberos5_forward,(VOID));
234 #define AUTHTYPLSTSZ 8
235 #endif /*KRB5_KERMIT_H*/