6 #include <windc_plugin.h>
8 static krb5_error_code KRB5_CALLCONV
9 windc_init(krb5_context context
, void **ctx
)
11 krb5_warnx(context
, "windc init");
16 static void KRB5_CALLCONV
21 static krb5_error_code KRB5_CALLCONV
22 pac_generate(void *ctx
, krb5_context context
,
23 struct hdb_entry_ex
*client
,
24 struct hdb_entry_ex
*server
,
25 const krb5_keyblock
*pk_replykey
,
26 uint64_t pac_attributes
,
32 if ((pac_attributes
& (KRB5_PAC_WAS_REQUESTED
|
33 KRB5_PAC_WAS_GIVEN_IMPLICITLY
)) == 0) {
38 krb5_warnx(context
, "pac generate");
40 data
.data
= "\x00\x01";
43 ret
= krb5_pac_init(context
, pac
);
47 ret
= krb5_pac_add_buffer(context
, *pac
, 1, &data
);
54 static krb5_error_code KRB5_CALLCONV
55 pac_verify(void *ctx
, krb5_context context
,
56 const krb5_principal new_ticket_client
,
57 const krb5_principal delegation_proxy
,
58 struct hdb_entry_ex
* client
,
59 struct hdb_entry_ex
* server
,
60 struct hdb_entry_ex
* krbtgt
,
65 krb5_cksumtype cstype
;
70 krb5_warnx(context
, "pac_verify");
72 ret
= krb5_pac_get_buffer(context
, *pac
, 1, &data
);
75 krb5_data_free(&data
);
77 ret
= krb5_pac_get_kdc_checksum_info(context
, *pac
, &cstype
, &rodc_id
);
81 if (rodc_id
== 0 || rodc_id
!= krbtgt
->entry
.kvno
>> 16) {
82 krb5_warnx(context
, "Wrong RODCIdentifier");
86 ret
= krb5_cksumtype_to_enctype(context
, cstype
, &etype
);
90 ret
= hdb_enctype2key(context
, &krbtgt
->entry
, NULL
, etype
, &key
);
94 return krb5_pac_verify(context
, *pac
, 0, NULL
, NULL
, &key
->key
);
97 static krb5_error_code KRB5_CALLCONV
98 client_access(void *ctx
,
100 krb5_kdc_configuration
*config
,
101 hdb_entry_ex
*client
, const char *client_name
,
102 hdb_entry_ex
*server
, const char *server_name
,
106 krb5_warnx(context
, "client_access");
110 static krb5_error_code KRB5_CALLCONV
111 finalize_reply(void *ctx
, astgs_request_t r
)
113 krb5_warnx(r
->context
, "finalize_reply");
117 static krb5plugin_windc_ftable windc
= {
118 KRB5_WINDC_PLUGING_MINOR
,
127 static const krb5plugin_windc_ftable
*const windc_plugins
[] = {
131 krb5_error_code KRB5_CALLCONV
132 windc_plugin_load(krb5_context context
,
133 krb5_get_instance_func_t
*get_instance
,
135 const krb5plugin_windc_ftable
*const **plugins
);
137 static uintptr_t KRB5_CALLCONV
138 windc_get_instance(const char *libname
)
140 if (strcmp(libname
, "hdb") == 0)
141 return hdb_get_instance(libname
);
142 else if (strcmp(libname
, "krb5") == 0)
143 return krb5_get_instance(libname
);
148 krb5_error_code KRB5_CALLCONV
149 windc_plugin_load(krb5_context context
,
150 krb5_get_instance_func_t
*get_instance
,
152 const krb5plugin_windc_ftable
*const **plugins
)
154 *get_instance
= windc_get_instance
;
155 *num_plugins
= sizeof(windc_plugins
) / sizeof(windc_plugins
[0]);
156 *plugins
= windc_plugins
;