Wireshark 4.7.0
The Wireshark network protocol analyzer
Loading...
Searching...
No Matches
read_keytab_file.h
1/* read_keytab_file.h
2 * Routines for reading Kerberos keytab files
3 * Copyright 2007, Anders Broman <anders.broman@ericsson.com>
4 *
5 * Wireshark - Network traffic analyzer
6 * By Gerald Combs <gerald@wireshark.org>
7 * Copyright 1998 Gerald Combs
8 *
9 * SPDX-License-Identifier: GPL-2.0-or-later
10 */
11#pragma once
12#include "ws_symbol_export.h"
13
14#ifdef __cplusplus
15extern "C" {
16#endif /* __cplusplus */
17
23WS_DLL_PUBLIC
24void keytab_file_read(const char *filename);
25
26#ifdef HAVE_KERBEROS
27#define KRB_MAX_KEY_LENGTH 32
28
29#if defined(HAVE_HEIMDAL_KERBEROS) || defined(HAVE_MIT_KERBEROS)
30
31/* Try to avoid having to include krb5.h especially when other files
32 * include this or packet-kerberos.h */
33struct _krb5_context;
34
35typedef struct _krb5_context *krb5_context;
36
37extern krb5_context keytab_krb5_ctx;
38
39typedef struct _enc_key_t {
40 struct _enc_key_t* next;
41 int keytype;
42 int keylength;
43 uint8_t keyvalue[KRB_MAX_KEY_LENGTH];
44 char* key_origin;
45 int fd_num; /* remember where we learned a key */
46 unsigned id; /* a unique id of the key, relative to fd_num */
47 char* id_str;
48 /* EncTicketPart_key */
49 bool is_ticket_key;
50 /* EncAPRepPart_subkey */
51 bool is_ap_rep_key;
52 /*
53 * for now taken from dissect_krb5_PAC_UPN_DNS_INFO,
54 * we could also use dissect_krb5_PAC_LOGON_INFO if needed
55 *
56 * we get device_sid from dissect_krb5_PAC_DEVICE_INFO if available.
57 *
58 * We remember these from the PAC and
59 * attach it to EncTicketPart_key so it
60 * might be valid if is_ticket_key is true.
61 *
62 * When learning a EncAPRepPart_subkey
63 * we copy the details from the EncTicketPart_key,
64 * so when is_ap_rep_key is true we may also have it.
65 *
66 * So application protocols like SMB2 could use the
67 * is_ap_rep_key=true key details in order to identify
68 * the authenticated user.
69 */
70 struct {
71 const char* account_name;
72 const char* account_domain;
73 const char* account_sid;
74 const char* device_sid;
75 } pac_names;
76 struct _enc_key_t* same_list;
77 unsigned num_same;
78 struct _enc_key_t* src1;
79 struct _enc_key_t* src2;
80} enc_key_t;
81
82WS_DLL_PUBLIC const enc_key_t* keytab_get_enc_key_list(void);
83WS_DLL_PUBLIC void keytab_set_enc_key_list(enc_key_t* list);
84WS_DLL_PUBLIC const wmem_map_t* keytab_get_file_longterm_keys(void);
85WS_DLL_PUBLIC wmem_map_t* keytab_get_file_all_keys(void);
86WS_DLL_PUBLIC wmem_map_t* keytab_get_file_session_keys(void);
87
88WS_DLL_PUBLIC void keytab_file_key_map_insert(wmem_map_t* key_map, enc_key_t* new_key);
89
90#endif /* defined(HAVE_HEIMDAL_KERBEROS) || defined(HAVE_MIT_KERBEROS) */
91
92#endif /* HAVE_KERBEROS */
93
100WS_DLL_LOCAL
101void keytab_file_data_init(void);
102
103#ifdef __cplusplus
104}
105#endif /* __cplusplus */
_wmem_map_t
Definition wmem_map.c:60
Generated by doxygen 1.9.8