From f28f5db15a4bcf4c838ee6e4c6ef82c6b9dbd938 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Wed, 20 Apr 2011 12:05:27 +1000
Subject: libcli/auth Move PAC parsing and verification in common.

This uses the source3 PAC code (originally from Samba4) with some
small changes to restore functionality needed by the torture tests,
and to have a common API.

Andrew Bartlett
---
 libcli/auth/krb5_wrap.h | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

(limited to 'libcli/auth/krb5_wrap.h')

diff --git a/libcli/auth/krb5_wrap.h b/libcli/auth/krb5_wrap.h
index 3cdcedc971..4f333cc4b0 100644
--- a/libcli/auth/krb5_wrap.h
+++ b/libcli/auth/krb5_wrap.h
@@ -54,3 +54,18 @@ krb5_error_code smb_krb5_unparse_name(TALLOC_CTX *mem_ctx,
 					 krb5_checksum *cksum,
 					 uint8_t *data,
 					  size_t length);
+
+krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx,
+				   DATA_BLOB pac_data,
+				   struct PAC_SIGNATURE_DATA *sig,
+				   krb5_context context,
+				   const krb5_keyblock *keyblock);
+
+NTSTATUS kerberos_decode_pac(TALLOC_CTX *mem_ctx,
+			     DATA_BLOB pac_data_blob,
+			     krb5_context context,
+			     const krb5_keyblock *krbtgt_keyblock,
+			     const krb5_keyblock *service_keyblock,
+			     krb5_const_principal client_principal,
+			     time_t tgs_authtime,
+			     struct PAC_DATA **pac_data_out);
-- 
cgit