1 files changed, 376 insertions, 0 deletions

diff --git a/eBones/include/krb.h b/eBones/include/krb.h
new file mode 100644
index 0000000..15e831b
--- /dev/null
+++ b/eBones/include/krb.h
@@ -0,0 +1,376 @@
+/*
+ * Copyright 1987, 1988 by the Massachusetts Institute of Technology. 
+ * For copying and distribution information, please see the file
+ * <Copyright.MIT>. 
+ *
+ * Include file for the Kerberos library. 
+ *
+ *	from: krb.h,v 4.26 89/08/08 17:55:25 jtkohl Exp $ 
+ *	$Id: krb.h,v 1.4 1994/09/24 14:15:41 g89r4222 Exp $
+ */
+
+/* Only one time, please */
+#ifndef	KRB_DEFS
+#define KRB_DEFS
+
+/* Need some defs from des.h	 */
+#include <kerberosIV/des.h>
+
+/* Text describing error codes */
+#define		MAX_KRB_ERRORS	256
+extern char *krb_err_txt[MAX_KRB_ERRORS];
+
+/* These are not defined for at least SunOS 3.3 and Ultrix 2.2 */
+#if defined(ULTRIX022) || (defined(SunOS) && SunOS < 40)
+#define FD_ZERO(p)  ((p)->fds_bits[0] = 0)
+#define FD_SET(n, p)   ((p)->fds_bits[0] |= (1 << (n)))
+#define FD_ISSET(n, p)   ((p)->fds_bits[0] & (1 << (n)))
+#endif /* ULTRIX022 || SunOS */
+
+/* General definitions */
+#define		KSUCCESS	0
+#define		KFAILURE	255
+
+#ifdef NO_UIDGID_T
+typedef unsigned short uid_t;
+typedef unsigned short gid_t;
+#endif /* NO_UIDGID_T */
+
+/*
+ * Kerberos specific definitions 
+ *
+ * KRBLOG is the log file for the kerberos master server. KRB_CONF is
+ * the configuration file where different host machines running master
+ * and slave servers can be found. KRB_MASTER is the name of the
+ * machine with the master database.  The admin_server runs on this
+ * machine, and all changes to the db (as opposed to read-only
+ * requests, which can go to slaves) must go to it. KRB_HOST is the
+ * default machine * when looking for a kerberos slave server.  Other
+ * possibilities are * in the KRB_CONF file. KRB_REALM is the name of
+ * the realm. 
+ */
+
+#ifdef notdef
+this is server - only, does not belong here;
+#define 	KRBLOG 		"/etc/kerberosIV/kerberos.log"
+are these used anyplace '?';
+#define		VX_KRB_HSTFILE	"/etc/krbhst"
+#define		PC_KRB_HSTFILE	"\\kerberos\\krbhst"
+#endif
+
+#define		KRB_CONF	"/etc/kerberosIV/krb.conf"
+#define		KRB_RLM_TRANS	"/etc/kerberosIV/krb.realms"
+#define		KRB_MASTER	"kerberos"
+#define		KRB_HOST	KRB_MASTER
+#define		KRB_REALM	"ATHENA.MIT.EDU"
+
+/* The maximum sizes for aname, realm, sname, and instance +1 */
+#define 	ANAME_SZ	40
+#define		REALM_SZ	40
+#define		SNAME_SZ	40
+#define		INST_SZ		40
+/* include space for '.' and '@' */
+#define		MAX_K_NAME_SZ	(ANAME_SZ + INST_SZ + REALM_SZ + 2)
+#define		KKEY_SZ		100
+#define		VERSION_SZ	1
+#define		MSG_TYPE_SZ	1
+#define		DATE_SZ		26	/* RTI date output */
+
+#define		MAX_HSTNM	100
+
+#ifndef DEFAULT_TKT_LIFE		/* allow compile-time override */
+#define		DEFAULT_TKT_LIFE	96 /* default lifetime for krb_mk_req
+					      & co., 8 hrs */
+#endif
+
+/* Definition of text structure used to pass text around */
+#define		MAX_KTXT_LEN	1250
+
+struct ktext {
+    int     length;		/* Length of the text */
+    unsigned char dat[MAX_KTXT_LEN];	/* The data itself */
+    unsigned long mbz;		/* zero to catch runaway strings */
+};
+
+typedef struct ktext *KTEXT;
+typedef struct ktext KTEXT_ST;
+
+
+/* Definitions for send_to_kdc */
+#define	CLIENT_KRB_TIMEOUT	4	/* time between retries */
+#define CLIENT_KRB_RETRY	5	/* retry this many times */
+#define	CLIENT_KRB_BUFLEN	512	/* max unfragmented packet */
+
+/* Definitions for ticket file utilities */
+#define	R_TKT_FIL	0
+#define	W_TKT_FIL	1
+
+/* Definitions for cl_get_tgt */
+#ifdef PC
+#define CL_GTGT_INIT_FILE		"\\kerberos\\k_in_tkts"
+#else
+#define CL_GTGT_INIT_FILE		"/etc/k_in_tkts"
+#endif PC
+
+/* Parameters for rd_ap_req */
+/* Maximum alloable clock skew in seconds */
+#define 	CLOCK_SKEW	5*60
+/* Filename for readservkey */
+#define		KEYFILE		"/etc/kerberosIV/srvtab"
+
+/* Structure definition for rd_ap_req */
+
+struct auth_dat {
+    unsigned char k_flags;	/* Flags from ticket */
+    char    pname[ANAME_SZ];	/* Principal's name */
+    char    pinst[INST_SZ];	/* His Instance */
+    char    prealm[REALM_SZ];	/* His Realm */
+    unsigned long checksum;	/* Data checksum (opt) */
+    C_Block session;		/* Session Key */
+    int     life;		/* Life of ticket */
+    unsigned long time_sec;	/* Time ticket issued */
+    unsigned long address;	/* Address in ticket */
+    KTEXT_ST reply;		/* Auth reply (opt) */
+};
+
+typedef struct auth_dat AUTH_DAT;
+
+/* Structure definition for credentials returned by get_cred */
+
+struct credentials {
+    char    service[ANAME_SZ];	/* Service name */
+    char    instance[INST_SZ];	/* Instance */
+    char    realm[REALM_SZ];	/* Auth domain */
+    C_Block session;		/* Session key */
+    int     lifetime;		/* Lifetime */
+    int     kvno;		/* Key version number */
+    KTEXT_ST ticket_st;		/* The ticket itself */
+    long    issue_date;		/* The issue time */
+    char    pname[ANAME_SZ];	/* Principal's name */
+    char    pinst[INST_SZ];	/* Principal's instance */
+};
+
+typedef struct credentials CREDENTIALS;
+
+/* Structure definition for rd_private_msg and rd_safe_msg */
+
+struct msg_dat {
+    unsigned char *app_data;	/* pointer to appl data */
+    unsigned long app_length;	/* length of appl data */
+    unsigned long hash;		/* hash to lookup replay */
+    int     swap;		/* swap bytes? */
+    long    time_sec;		/* msg timestamp seconds */
+    unsigned char time_5ms;	/* msg timestamp 5ms units */
+};
+
+typedef struct msg_dat MSG_DAT;
+
+
+/* Location of ticket file for save_cred and get_cred */
+#ifdef PC
+#define TKT_FILE        "\\kerberos\\ticket.ses"
+#else
+#define TKT_FILE        tkt_string()
+#define TKT_ROOT        "/tmp/tkt"
+#endif PC
+
+/* Error codes returned from the KDC */
+#define		KDC_OK		0	/* Request OK */
+#define		KDC_NAME_EXP	1	/* Principal expired */
+#define		KDC_SERVICE_EXP	2	/* Service expired */
+#define		KDC_AUTH_EXP	3	/* Auth expired */
+#define		KDC_PKT_VER	4	/* Protocol version unknown */
+#define		KDC_P_MKEY_VER	5	/* Wrong master key version */
+#define		KDC_S_MKEY_VER 	6	/* Wrong master key version */
+#define		KDC_BYTE_ORDER	7	/* Byte order unknown */
+#define		KDC_PR_UNKNOWN	8	/* Principal unknown */
+#define		KDC_PR_N_UNIQUE 9	/* Principal not unique */
+#define		KDC_NULL_KEY   10	/* Principal has null key */
+#define		KDC_GEN_ERR    20	/* Generic error from KDC */
+
+
+/* Values returned by get_credentials */
+#define		GC_OK		0	/* Retrieve OK */
+#define		RET_OK		0	/* Retrieve OK */
+#define		GC_TKFIL       21	/* Can't read ticket file */
+#define		RET_TKFIL      21	/* Can't read ticket file */
+#define		GC_NOTKT       22	/* Can't find ticket or TGT */
+#define		RET_NOTKT      22	/* Can't find ticket or TGT */
+
+
+/* Values returned by mk_ap_req	 */
+#define		MK_AP_OK	0	/* Success */
+#define		MK_AP_TGTEXP   26	/* TGT Expired */
+
+/* Values returned by rd_ap_req */
+#define		RD_AP_OK	0	/* Request authentic */
+#define		RD_AP_UNDEC    31	/* Can't decode authenticator */
+#define		RD_AP_EXP      32	/* Ticket expired */
+#define		RD_AP_NYV      33	/* Ticket not yet valid */
+#define		RD_AP_REPEAT   34	/* Repeated request */
+#define		RD_AP_NOT_US   35	/* The ticket isn't for us */
+#define		RD_AP_INCON    36	/* Request is inconsistent */
+#define		RD_AP_TIME     37	/* delta_t too big */
+#define		RD_AP_BADD     38	/* Incorrect net address */
+#define		RD_AP_VERSION  39	/* protocol version mismatch */
+#define		RD_AP_MSG_TYPE 40	/* invalid msg type */
+#define		RD_AP_MODIFIED 41	/* message stream modified */
+#define		RD_AP_ORDER    42	/* message out of order */
+#define		RD_AP_UNAUTHOR 43	/* unauthorized request */
+
+/* Values returned by get_pw_tkt */
+#define		GT_PW_OK	0	/* Got password changing tkt */
+#define		GT_PW_NULL     51	/* Current PW is null */
+#define		GT_PW_BADPW    52	/* Incorrect current password */
+#define		GT_PW_PROT     53	/* Protocol Error */
+#define		GT_PW_KDCERR   54	/* Error returned by KDC */
+#define		GT_PW_NULLTKT  55	/* Null tkt returned by KDC */
+
+
+/* Values returned by send_to_kdc */
+#define		SKDC_OK		0	/* Response received */
+#define		SKDC_RETRY     56	/* Retry count exceeded */
+#define		SKDC_CANT      57	/* Can't send request */
+
+/*
+ * Values returned by get_intkt
+ * (can also return SKDC_* and KDC errors)
+ */
+
+#define		INTK_OK		0	/* Ticket obtained */
+#define		INTK_W_NOTALL  61	/* Not ALL tickets returned */
+#define		INTK_BADPW     62	/* Incorrect password */
+#define		INTK_PROT      63	/* Protocol Error */
+#define		INTK_ERR       70	/* Other error */
+
+/* Values returned by get_adtkt */
+#define         AD_OK           0	/* Ticket Obtained */
+#define         AD_NOTGT       71	/* Don't have tgt */
+
+/* Error codes returned by ticket file utilities */
+#define		NO_TKT_FIL	76	/* No ticket file found */
+#define		TKT_FIL_ACC	77	/* Couldn't access tkt file */
+#define		TKT_FIL_LCK	78	/* Couldn't lock ticket file */
+#define		TKT_FIL_FMT	79	/* Bad ticket file format */
+#define		TKT_FIL_INI	80	/* tf_init not called first */
+
+/* Error code returned by kparse_name */
+#define		KNAME_FMT	81	/* Bad Kerberos name format */
+
+/* Error code returned by krb_mk_safe */
+#define		SAFE_PRIV_ERROR	-1	/* syscall error */
+
+/*
+ * macros for byte swapping; also scratch space
+ * u_quad  0-->7, 1-->6, 2-->5, 3-->4, 4-->3, 5-->2, 6-->1, 7-->0
+ * u_long  0-->3, 1-->2, 2-->1, 3-->0
+ * u_short 0-->1, 1-->0
+ */
+
+#define     swap_u_16(x) {\
+ unsigned long   _krb_swap_tmp[4];\
+ swab(((char *) x) +0, ((char *)  _krb_swap_tmp) +14 ,2); \
+ swab(((char *) x) +2, ((char *)  _krb_swap_tmp) +12 ,2); \
+ swab(((char *) x) +4, ((char *)  _krb_swap_tmp) +10 ,2); \
+ swab(((char *) x) +6, ((char *)  _krb_swap_tmp) +8  ,2); \
+ swab(((char *) x) +8, ((char *)  _krb_swap_tmp) +6 ,2); \
+ swab(((char *) x) +10,((char *)  _krb_swap_tmp) +4 ,2); \
+ swab(((char *) x) +12,((char *)  _krb_swap_tmp) +2 ,2); \
+ swab(((char *) x) +14,((char *)  _krb_swap_tmp) +0 ,2); \
+ bcopy((char *)_krb_swap_tmp,(char *)x,16);\
+                            }
+
+#define     swap_u_12(x) {\
+ unsigned long   _krb_swap_tmp[4];\
+ swab(( char *) x,     ((char *)  _krb_swap_tmp) +10 ,2); \
+ swab(((char *) x) +2, ((char *)  _krb_swap_tmp) +8 ,2); \
+ swab(((char *) x) +4, ((char *)  _krb_swap_tmp) +6 ,2); \
+ swab(((char *) x) +6, ((char *)  _krb_swap_tmp) +4 ,2); \
+ swab(((char *) x) +8, ((char *)  _krb_swap_tmp) +2 ,2); \
+ swab(((char *) x) +10,((char *)  _krb_swap_tmp) +0 ,2); \
+ bcopy((char *)_krb_swap_tmp,(char *)x,12);\
+                            }
+
+#define     swap_C_Block(x) {\
+ unsigned long   _krb_swap_tmp[4];\
+ swab(( char *) x,    ((char *)  _krb_swap_tmp) +6 ,2); \
+ swab(((char *) x) +2,((char *)  _krb_swap_tmp) +4 ,2); \
+ swab(((char *) x) +4,((char *)  _krb_swap_tmp) +2 ,2); \
+ swab(((char *) x) +6,((char *)  _krb_swap_tmp)    ,2); \
+ bcopy((char *)_krb_swap_tmp,(char *)x,8);\
+                            }
+#define     swap_u_quad(x) {\
+ unsigned long   _krb_swap_tmp[4];\
+ swab(( char *) &x,    ((char *)  _krb_swap_tmp) +6 ,2); \
+ swab(((char *) &x) +2,((char *)  _krb_swap_tmp) +4 ,2); \
+ swab(((char *) &x) +4,((char *)  _krb_swap_tmp) +2 ,2); \
+ swab(((char *) &x) +6,((char *)  _krb_swap_tmp)    ,2); \
+ bcopy((char *)_krb_swap_tmp,(char *)&x,8);\
+                            }
+
+#define     swap_u_long(x) {\
+ unsigned long   _krb_swap_tmp[4];\
+ swab((char *)  &x,    ((char *)  _krb_swap_tmp) +2 ,2); \
+ swab(((char *) &x) +2,((char *)  _krb_swap_tmp),2); \
+ x = _krb_swap_tmp[0];   \
+                           }
+
+#define     swap_u_short(x) {\
+ unsigned short	_krb_swap_sh_tmp; \
+ swab((char *)  &x,    ( &_krb_swap_sh_tmp) ,2); \
+ x = (unsigned short) _krb_swap_sh_tmp; \
+                            }
+
+/* Kerberos ticket flag field bit definitions */
+#define K_FLAG_ORDER    0       /* bit 0 --> lsb */
+#define K_FLAG_1                /* reserved */
+#define K_FLAG_2                /* reserved */
+#define K_FLAG_3                /* reserved */
+#define K_FLAG_4                /* reserved */
+#define K_FLAG_5                /* reserved */
+#define K_FLAG_6                /* reserved */
+#define K_FLAG_7                /* reserved, bit 7 --> msb */
+
+#ifndef PC
+char *tkt_string();
+#endif	PC
+
+#ifdef	OLDNAMES
+#define krb_mk_req	mk_ap_req
+#define krb_rd_req	rd_ap_req
+#define krb_kntoln	an_to_ln
+#define krb_set_key	set_serv_key
+#define krb_get_cred	get_credentials
+#define krb_mk_priv	mk_private_msg
+#define krb_rd_priv	rd_private_msg
+#define krb_mk_safe	mk_safe_msg
+#define krb_rd_safe	rd_safe_msg
+#define krb_mk_err	mk_appl_err_msg
+#define krb_rd_err	rd_appl_err_msg
+#define krb_ck_repl	check_replay
+#define	krb_get_pw_in_tkt	get_in_tkt
+#define krb_get_svc_in_tkt	get_svc_in_tkt
+#define krb_get_pw_tkt		get_pw_tkt
+#define krb_realmofhost		krb_getrealm
+#define krb_get_phost		get_phost
+#define krb_get_krbhst		get_krbhst
+#define krb_get_lrealm		get_krbrlm
+#endif	OLDNAMES
+
+/* Defines for krb_sendauth and krb_recvauth */
+
+#define	KOPT_DONT_MK_REQ 0x00000001 /* don't call krb_mk_req */
+#define	KOPT_DO_MUTUAL   0x00000002 /* do mutual auth */
+
+#define	KOPT_DONT_CANON  0x00000004 /*
+				     * don't canonicalize inst as
+				     * a hostname
+				     */
+
+#define	KRB_SENDAUTH_VLEN 8	    /* length for version strings */
+
+#ifdef ATHENA_COMPAT
+#define	KOPT_DO_OLDSTYLE 0x00000008 /* use the old-style protocol */
+#endif ATHENA_COMPAT
+
+#endif	KRB_DEFS