114 lines
3.5 KiB
C
114 lines
3.5 KiB
C
//+-----------------------------------------------------------------------
|
|
//
|
|
// File: KERBCON.H
|
|
//
|
|
// Contents: Microsoft Kerberos constants
|
|
//
|
|
//
|
|
// History: 25 Feb 92 RichardW Compiled from other files
|
|
//
|
|
//------------------------------------------------------------------------
|
|
|
|
#ifndef __KERBCON_H__
|
|
#define __KERBCON_H__
|
|
|
|
|
|
// Revision of the Kerberos Protocol. MS uses Version 5, Revision 4
|
|
|
|
#define KERBEROS_VERSION 5
|
|
#define KERBEROS_REVISION 4
|
|
|
|
|
|
|
|
// Encryption Types:
|
|
// These encryption types are supported by the default MS KERBSUPP DLL
|
|
// as crypto systems. Values over 127 are local values, and may be changed
|
|
// without notice.
|
|
|
|
#define KERB_ETYPE_NULL 0
|
|
#define KERB_ETYPE_DES_CBC_CRC 1
|
|
#define KERB_ETYPE_DES_CBC_MD4 2
|
|
#define KERB_ETYPE_DES_CBC_MD5 3
|
|
|
|
#define KERB_ETYPE_RC4_MD4 128
|
|
#define KERB_ETYPE_RC4_MD5 129
|
|
#define KERB_ETYPE_RC2_MD4 130
|
|
#define KERB_ETYPE_RC2_MD5 131
|
|
|
|
|
|
// Checksum algorithms.
|
|
// These algorithms are keyed internally for our use.
|
|
|
|
#define KERB_CHECKSUM_NONE 0
|
|
#define KERB_CHECKSUM_CRC32 1
|
|
#define KERB_CHECKSUM_MD4 2
|
|
#define KERB_CHECKSUM_MD5 3
|
|
|
|
|
|
// Ticket Flags:
|
|
// Ticket flags are used within a ticket and in the reply to indicate
|
|
// what options are enabled for the ticket.
|
|
|
|
#define KERBFLAG_FORWARDABLE 0x40000000
|
|
#define KERBFLAG_FORWARDED 0x20000000
|
|
#define KERBFLAG_PROXIABLE 0x10000000
|
|
#define KERBFLAG_PROXY 0x08000000
|
|
#define KERBFLAG_MAY_POSTDATE 0x04000000
|
|
#define KERBFLAG_POSTDATED 0x02000000
|
|
#define KERBFLAG_INVALID 0x01000000
|
|
#define KERBFLAG_RENEWABLE 0x00800000
|
|
#define KERBFLAG_INITIAL 0x00400000
|
|
#define KERBFLAG_PRE_AUTHENT 0x00200000
|
|
#define KERBFLAG_HW_AUTHENT 0x00100000
|
|
#define KERBFLAG_REFERRAL 0x00000001
|
|
#define KERBFLAG_RESERVED 0x800FFFFE
|
|
|
|
|
|
// Options:
|
|
// Option bits can be set and passed to the KDC in a TGS request.
|
|
|
|
#define KERBOPT_FORWARDABLE 0x40000000
|
|
#define KERBOPT_FORWARDED 0x20000000
|
|
#define KERBOPT_PROXIABLE 0x10000000
|
|
#define KERBOPT_PROXY 0x08000000
|
|
#define KERBOPT_ALLOW_POSTDATE 0x04000000
|
|
#define KERBOPT_POSTDATED 0x02000000
|
|
#define KERBOPT_UNUSED 0x01000000
|
|
#define KERBOPT_RENEWABLE 0x00800000
|
|
#define KERBOPT_RENEWABLE_OK 0x00000010
|
|
#define KERBOPT_ENC_TKT_IN_SKEY 0x00000008
|
|
#define KERBOPT_RENEW 0x00000002
|
|
#define KERBOPT_VALIDATE 0x00000001
|
|
#define KERBOPT_RESERVED 0x807FFFE4
|
|
|
|
//
|
|
// Sizes
|
|
//
|
|
|
|
|
|
#define KERBSIZE_AP_REPLY (2*sizeof(ULONG) + \
|
|
(((sizeof(TimeStamp) + \
|
|
(2 * sizeof(unsigned long) + \
|
|
16 * sizeof(unsigned char)) + \
|
|
2 * sizeof(ULONG)) +7) & ~7) + \
|
|
2 * sizeof(ULONG) + \
|
|
16 * sizeof(UCHAR) + \
|
|
24 )
|
|
|
|
|
|
// Authentication options. These values can be set in either of
|
|
//
|
|
// PSDomainPolicy::AuthOptions
|
|
// PSLoginParameters::AuthOptions
|
|
|
|
#define AUTH_REQ_ALLOW_FORWARDABLE 0x40000000
|
|
#define AUTH_REQ_ALLOW_PROXIABLE 0x10000000
|
|
#define AUTH_REQ_ALLOW_POSTDATE 0x04000000
|
|
#define AUTH_REQ_ALLOW_RENEWABLE 0x00800000
|
|
#define AUTH_REQ_ALLOW_NOADDRESS 0x00100000
|
|
#define AUTH_REQ_ALLOW_ENC_TKT_IN_SKEY 0x00000008
|
|
#define AUTH_REQ_ALLOW_VALIDATE 0x00000001
|
|
|
|
#endif // __KERBCON_H__
|
|
|