1 files changed, 8 insertions, 93 deletions

diff --git a/auth/credentials/credentials.h b/auth/credentials/credentials.h
index 1377bfa879..cb09dc326c 100644
--- a/auth/credentials/credentials.h
+++ b/auth/credentials/credentials.h
@@ -25,9 +25,17 @@
 #include "../lib/util/data_blob.h"
 #include "librpc/gen_ndr/misc.h"
 
+struct cli_credentials;
 struct ccache_container;
 struct tevent_context;
 struct netlogon_creds_CredentialState;
+struct ldb_context;
+struct ldb_message;
+struct loadparm_context;
+struct ccache_container;
+struct gssapi_creds_container;
+struct smb_krb5_context;
+struct keytab_container;
 
 /* In order of priority */
 enum credentials_obtained { 
@@ -57,99 +65,6 @@ enum credentials_krb_forwardable {
 #define CLI_CRED_NTLM_AUTH   0x08
 #define CLI_CRED_CLEAR_AUTH  0x10   /* TODO:  Push cleartext auth with this flag */
 
-struct cli_credentials {
-	enum credentials_obtained workstation_obtained;
-	enum credentials_obtained username_obtained;
-	enum credentials_obtained password_obtained;
-	enum credentials_obtained domain_obtained;
-	enum credentials_obtained realm_obtained;
-	enum credentials_obtained ccache_obtained;
-	enum credentials_obtained client_gss_creds_obtained;
-	enum credentials_obtained principal_obtained;
-	enum credentials_obtained keytab_obtained;
-	enum credentials_obtained server_gss_creds_obtained;
-
-	/* Threshold values (essentially a MAX() over a number of the
-	 * above) for the ccache and GSS credentials, to ensure we
-	 * regenerate/pick correctly */
-
-	enum credentials_obtained ccache_threshold;
-	enum credentials_obtained client_gss_creds_threshold;
-
-	const char *workstation;
-	const char *username;
-	const char *password;
-	const char *old_password;
-	const char *domain;
-	const char *realm;
-	const char *principal;
-	char *salt_principal;
-	char *impersonate_principal;
-	char *self_service;
-	char *target_service;
-
-	const char *bind_dn;
-
-	/* Allows authentication from a keytab or similar */
-	struct samr_Password *nt_hash;
-
-	/* Allows NTLM pass-though authentication */
-	DATA_BLOB lm_response;
-	DATA_BLOB nt_response;
-
-	struct ccache_container *ccache;
-	struct gssapi_creds_container *client_gss_creds;
-	struct keytab_container *keytab;
-	struct gssapi_creds_container *server_gss_creds;
-
-	const char *(*workstation_cb) (struct cli_credentials *);
-	const char *(*password_cb) (struct cli_credentials *);
-	const char *(*username_cb) (struct cli_credentials *);
-	const char *(*domain_cb) (struct cli_credentials *);
-	const char *(*realm_cb) (struct cli_credentials *);
-	const char *(*principal_cb) (struct cli_credentials *);
-
-	/* Private handle for the callback routines to use */
-	void *priv_data;
-
-	struct netlogon_creds_CredentialState *netlogon_creds;
-	enum netr_SchannelType secure_channel_type;
-	int kvno;
-	time_t password_last_changed_time;
-
-	struct smb_krb5_context *smb_krb5_context;
-
-	/* We are flagged to get machine account details from the
-	 * secrets.ldb when we are asked for a username or password */
-	bool machine_account_pending;
-	struct loadparm_context *machine_account_pending_lp_ctx;
-	
-	/* Is this a machine account? */
-	bool machine_account;
-
-	/* Should we be trying to use kerberos? */
-	enum credentials_use_kerberos use_kerberos;
-
-	/* Should we get a forwardable ticket? */
-	enum credentials_krb_forwardable krb_forwardable;
-
-	/* gensec features which should be used for connections */
-	uint32_t gensec_features;
-
-	/* Number of retries left before bailing out */
-	int tries;
-
-	/* Whether any callback is currently running */
-	bool callback_running;
-};
-
-struct ldb_context;
-struct ldb_message;
-struct loadparm_context;
-struct ccache_container;
-
-struct gssapi_creds_container;
-
 const char *cli_credentials_get_workstation(struct cli_credentials *cred);
 bool cli_credentials_set_workstation(struct cli_credentials *cred, 
 				     const char *val,