Update kadmin headers

This commit is contained in:
David Bartley 2009-02-24 16:02:06 -05:00
parent 19dd9bd764
commit 1b04da2d15
8 changed files with 371 additions and 601 deletions

1
include/k5-platform.h Normal file
View File

@ -0,0 +1 @@
/* This file left intentionally blank. */

View File

@ -1,36 +0,0 @@
/*
* ettmp27965.h:
* This file is automatically generated; please do not edit it.
*/
#include <com_err.h>
#define OSA_ADB_NOERR (28810240L)
#define OSA_ADB_DUP (28810241L)
#define OSA_ADB_NOENT (28810242L)
#define OSA_ADB_DBINIT (28810243L)
#define OSA_ADB_BAD_POLICY (28810244L)
#define OSA_ADB_BAD_PRINC (28810245L)
#define OSA_ADB_BAD_DB (28810246L)
#define OSA_ADB_XDR_FAILURE (28810247L)
#define OSA_ADB_FAILURE (28810248L)
#define OSA_ADB_BADLOCKMODE (28810249L)
#define OSA_ADB_CANTLOCK_DB (28810250L)
#define OSA_ADB_NOTLOCKED (28810251L)
#define OSA_ADB_NOLOCKFILE (28810252L)
#define OSA_ADB_NOEXCL_PERM (28810253L)
#define ERROR_TABLE_BASE_adb (28810240L)
extern const struct error_table et_adb_error_table;
#if !defined(_WIN32)
/* for compatibility with older versions... */
extern void initialize_adb_error_table (void) /*@modifies internalState@*/;
#else
#define initialize_adb_error_table()
#endif
#if !defined(_WIN32)
#define init_adb_err_tbl initialize_adb_error_table
#define adb_err_base ERROR_TABLE_BASE_adb
#endif

View File

@ -8,7 +8,7 @@
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
*
*
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
@ -22,7 +22,7 @@
* M.I.T. makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
*
*
*/
/*
* Copyright 1993 OpenVision Technologies, Inc., All Rights Reserved
@ -36,14 +36,13 @@
#if !defined(USE_KADM5_API_VERSION)
#define USE_KADM5_API_VERSION 2
#endif
#include <sys/types.h>
#include <gssrpc/rpc.h>
#include <krb5.h>
#include <kdb.h>
#include <com_err.h>
#include <kadm5/kadm_err.h>
#include <kadm5/adb_err.h>
#include <kadm5/chpass_util_strings.h>
#define KADM5_ADMIN_SERVICE "kadmin/admin"
@ -89,9 +88,16 @@ typedef long kadm5_ret_t;
#define KADM5_FAIL_AUTH_COUNT 0x010000
#define KADM5_KEY_DATA 0x020000
#define KADM5_TL_DATA 0x040000
#ifdef notyet /* Novell */
#define KADM5_CPW_FUNCTION 0x080000
#define KADM5_RANDKEY_USED 0x100000
#endif
#define KADM5_LOAD 0x200000
/* all but KEY_DATA and TL_DATA */
#define KADM5_PRINCIPAL_NORMAL_MASK 0x01ffff
/* kadm5_policy_ent_t */
#define KADM5_PW_MAX_LIFE 0x004000
#define KADM5_PW_MIN_LIFE 0x008000
@ -113,7 +119,7 @@ typedef long kadm5_ret_t;
#define KADM5_CONFIG_ENCTYPE 0x000200
#define KADM5_CONFIG_ADBNAME 0x000400
#define KADM5_CONFIG_ADB_LOCKFILE 0x000800
#define KADM5_CONFIG_PROFILE 0x001000
/*#define KADM5_CONFIG_PROFILE 0x001000*/
#define KADM5_CONFIG_ACL_FILE 0x002000
#define KADM5_CONFIG_KADMIND_PORT 0x004000
#define KADM5_CONFIG_ENCTYPES 0x008000
@ -124,7 +130,9 @@ typedef long kadm5_ret_t;
#define KADM5_CONFIG_OLD_AUTH_GSSAPI 0x100000
#define KADM5_CONFIG_NO_AUTH 0x200000
#define KADM5_CONFIG_AUTH_NOFALLBACK 0x400000
#ifdef notyet /* Novell */
#define KADM5_CONFIG_KPASSWD_SERVER 0x800000
#endif
/*
* permission bits
*/
@ -204,22 +212,19 @@ typedef struct _kadm5_policy_ent_t {
long policy_refcnt;
} kadm5_policy_ent_rec, *kadm5_policy_ent_t;
typedef struct __krb5_key_salt_tuple {
krb5_enctype ks_enctype;
krb5_int32 ks_salttype;
} krb5_key_salt_tuple;
/*
* Data structure returned by kadm5_get_config_params()
*/
typedef struct _kadm5_config_params {
long mask;
char * realm;
char * profile;
int kadmind_port;
int kpasswd_port;
char * admin_server;
#ifdef notyet /* Novell */ /* ABI change? */
char * kpasswd_server;
#endif
char * dbname;
char * admin_dbname;
@ -281,11 +286,11 @@ typedef struct __krb5_realm_params {
#if USE_KADM5_API_VERSION > 1
krb5_error_code kadm5_get_config_params(krb5_context context,
char *kdcprofile, char *kdcenv,
int use_kdc_config,
kadm5_config_params *params_in,
kadm5_config_params *params_out);
krb5_error_code kadm5_free_config_params(krb5_context context,
krb5_error_code kadm5_free_config_params(krb5_context context,
kadm5_config_params *params);
krb5_error_code kadm5_free_realm_params(krb5_context kcontext,
@ -304,9 +309,10 @@ kadm5_ret_t kadm5_init(char *client_name, char *pass,
#endif
krb5_ui_4 struct_version,
krb5_ui_4 api_version,
char **db_args,
void **server_handle);
kadm5_ret_t kadm5_init_with_password(char *client_name,
char *pass,
char *pass,
char *service_name,
#if USE_KADM5_API_VERSION == 1
char *realm,
@ -315,6 +321,7 @@ kadm5_ret_t kadm5_init_with_password(char *client_name,
#endif
krb5_ui_4 struct_version,
krb5_ui_4 api_version,
char **db_args,
void **server_handle);
kadm5_ret_t kadm5_init_with_skey(char *client_name,
char *keytab,
@ -326,6 +333,7 @@ kadm5_ret_t kadm5_init_with_skey(char *client_name,
#endif
krb5_ui_4 struct_version,
krb5_ui_4 api_version,
char **db_args,
void **server_handle);
#if USE_KADM5_API_VERSION > 1
kadm5_ret_t kadm5_init_with_creds(char *client_name,
@ -334,6 +342,7 @@ kadm5_ret_t kadm5_init_with_creds(char *client_name,
kadm5_config_params *params,
krb5_ui_4 struct_version,
krb5_ui_4 api_version,
char **db_args,
void **server_handle);
#endif
kadm5_ret_t kadm5_lock(void *server_handle);
@ -455,7 +464,7 @@ kadm5_ret_t kadm5_get_privs(void *server_handle,
kadm5_ret_t kadm5_chpass_principal_util(void *server_handle,
krb5_principal princ,
char *new_pw,
char *new_pw,
char **ret_pw,
char *msg_ret,
unsigned int msg_len);
@ -480,9 +489,11 @@ kadm5_ret_t kadm5_free_key_data(void *server_handle,
krb5_key_data *key_data);
#endif
kadm5_ret_t kadm5_free_name_list(void *server_handle, char **names,
kadm5_ret_t kadm5_free_name_list(void *server_handle, char **names,
int count);
krb5_error_code kadm5_init_krb5_context (krb5_context *);
#if USE_KADM5_API_VERSION == 1
/*
* OVSEC_KADM_API_VERSION_1 should be, if possible, compile-time
@ -515,7 +526,7 @@ enum ovsec_kadm_saltmod { OVSEC_KADM_MOD_KEEP, OVSEC_KADM_MOD_V4, OVSEC_KADM_MO
* Successful return code
*/
#define OVSEC_KADM_OK 0
/*
* Create/Modify masks
*/
@ -594,13 +605,15 @@ ovsec_kadm_ret_t ovsec_kadm_init(char *client_name, char *pass,
char *service_name, char *realm,
krb5_ui_4 struct_version,
krb5_ui_4 api_version,
char **db_args,
void **server_handle);
ovsec_kadm_ret_t ovsec_kadm_init_with_password(char *client_name,
char *pass,
char *pass,
char *service_name,
char *realm,
char *realm,
krb5_ui_4 struct_version,
krb5_ui_4 api_version,
char ** db_args,
void **server_handle);
ovsec_kadm_ret_t ovsec_kadm_init_with_skey(char *client_name,
char *keytab,
@ -608,6 +621,7 @@ ovsec_kadm_ret_t ovsec_kadm_init_with_skey(char *client_name,
char *realm,
krb5_ui_4 struct_version,
krb5_ui_4 api_version,
char **db_args,
void **server_handle);
ovsec_kadm_ret_t ovsec_kadm_flush(void *server_handle);
ovsec_kadm_ret_t ovsec_kadm_destroy(void *server_handle);
@ -664,7 +678,7 @@ ovsec_kadm_ret_t ovsec_kadm_get_privs(void *server_handle,
ovsec_kadm_ret_t ovsec_kadm_chpass_principal_util(void *server_handle,
krb5_principal princ,
char *new_pw,
char *new_pw,
char **ret_pw,
char *msg_ret);

View File

@ -1,38 +1 @@
/*
* ettmp27966.h:
* This file is automatically generated; please do not edit it.
*/
#include <com_err.h>
#define CHPASS_UTIL_GET_POLICY_INFO (-1492553984L)
#define CHPASS_UTIL_GET_PRINC_INFO (-1492553983L)
#define CHPASS_UTIL_NEW_PASSWORD_MISMATCH (-1492553982L)
#define CHPASS_UTIL_NEW_PASSWORD_PROMPT (-1492553981L)
#define CHPASS_UTIL_NEW_PASSWORD_AGAIN_PROMPT (-1492553980L)
#define CHPASS_UTIL_NO_PASSWORD_READ (-1492553979L)
#define CHPASS_UTIL_NO_POLICY_YET_Q_ERROR (-1492553978L)
#define CHPASS_UTIL_PASSWORD_CHANGED (-1492553977L)
#define CHPASS_UTIL_PASSWORD_IN_DICTIONARY (-1492553976L)
#define CHPASS_UTIL_PASSWORD_NOT_CHANGED (-1492553975L)
#define CHPASS_UTIL_PASSWORD_TOO_SHORT (-1492553974L)
#define CHPASS_UTIL_TOO_FEW_CLASSES (-1492553973L)
#define CHPASS_UTIL_PASSWORD_TOO_SOON (-1492553972L)
#define CHPASS_UTIL_PASSWORD_REUSE (-1492553971L)
#define CHPASS_UTIL_WHILE_TRYING_TO_CHANGE (-1492553970L)
#define CHPASS_UTIL_WHILE_READING_PASSWORD (-1492553969L)
#define ERROR_TABLE_BASE_ovku (-1492553984L)
extern const struct error_table et_ovku_error_table;
#if !defined(_WIN32)
/* for compatibility with older versions... */
extern void initialize_ovku_error_table (void) /*@modifies internalState@*/;
#else
#define initialize_ovku_error_table()
#endif
#if !defined(_WIN32)
#define init_ovku_err_tbl initialize_ovku_error_table
#define ovku_err_base ERROR_TABLE_BASE_ovku
#endif
/* This file left intentionally blank. */

View File

@ -1,9 +1,9 @@
/*
* ettmp27967.h:
* ettmp11037.h:
* This file is automatically generated; please do not edit it.
*/
#include <com_err.h>
#include <et/com_err.h>
#define KADM5_FAILURE (43787520L)
#define KADM5_AUTH_GET (43787521L)
@ -60,18 +60,15 @@
#define KADM5_SETV4KEY_INVAL_ENCTYPE (43787572L)
#define KADM5_SETKEY3_ETYPE_MISMATCH (43787573L)
#define KADM5_MISSING_KRB5_CONF_PARAMS (43787574L)
#define KADM5_XDR_FAILURE (43787575L)
extern const struct error_table et_ovk_error_table;
extern void initialize_ovk_error_table(void);
/* For compatibility with Heimdal */
extern void initialize_ovk_error_table_r(struct et_list **list);
#define ERROR_TABLE_BASE_ovk (43787520L)
extern const struct error_table et_ovk_error_table;
#if !defined(_WIN32)
/* for compatibility with older versions... */
extern void initialize_ovk_error_table (void) /*@modifies internalState@*/;
#else
#define initialize_ovk_error_table()
#endif
#if !defined(_WIN32)
#define init_ovk_err_tbl initialize_ovk_error_table
#define ovk_err_base ERROR_TABLE_BASE_ovk
#endif

View File

@ -1,335 +0,0 @@
#ifndef __KADM_RPC_H__
#define __KADM_RPC_H__
#include <gssrpc/types.h>
#include <krb5.h>
#include <kadm5/admin.h>
struct cprinc_arg {
krb5_ui_4 api_version;
kadm5_principal_ent_rec rec;
long mask;
char *passwd;
};
typedef struct cprinc_arg cprinc_arg;
bool_t xdr_cprinc_arg();
struct cprinc3_arg {
krb5_ui_4 api_version;
kadm5_principal_ent_rec rec;
long mask;
int n_ks_tuple;
krb5_key_salt_tuple *ks_tuple;
char *passwd;
};
typedef struct cprinc3_arg cprinc3_arg;
bool_t xdr_cprinc3_arg();
struct generic_ret {
krb5_ui_4 api_version;
kadm5_ret_t code;
};
typedef struct generic_ret generic_ret;
bool_t xdr_generic_ret();
struct dprinc_arg {
krb5_ui_4 api_version;
krb5_principal princ;
};
typedef struct dprinc_arg dprinc_arg;
bool_t xdr_dprinc_arg();
struct mprinc_arg {
krb5_ui_4 api_version;
kadm5_principal_ent_rec rec;
long mask;
};
typedef struct mprinc_arg mprinc_arg;
bool_t xdr_mprinc_arg();
struct rprinc_arg {
krb5_ui_4 api_version;
krb5_principal src;
krb5_principal dest;
};
typedef struct rprinc_arg rprinc_arg;
bool_t xdr_rprinc_arg();
struct gprincs_arg {
krb5_ui_4 api_version;
char *exp;
};
typedef struct gprincs_arg gprincs_arg;
bool_t xdr_gprincs_arg();
struct gprincs_ret {
krb5_ui_4 api_version;
kadm5_ret_t code;
char **princs;
int count;
};
typedef struct gprincs_ret gprincs_ret;
bool_t xdr_gprincs_ret();
struct chpass_arg {
krb5_ui_4 api_version;
krb5_principal princ;
char *pass;
};
typedef struct chpass_arg chpass_arg;
bool_t xdr_chpass_arg();
struct chpass3_arg {
krb5_ui_4 api_version;
krb5_principal princ;
krb5_boolean keepold;
int n_ks_tuple;
krb5_key_salt_tuple *ks_tuple;
char *pass;
};
typedef struct chpass3_arg chpass3_arg;
bool_t xdr_chpass3_arg();
struct setv4key_arg {
krb5_ui_4 api_version;
krb5_principal princ;
krb5_keyblock *keyblock;
};
typedef struct setv4key_arg setv4key_arg;
bool_t xdr_setv4key_arg();
struct setkey_arg {
krb5_ui_4 api_version;
krb5_principal princ;
krb5_keyblock *keyblocks;
int n_keys;
};
typedef struct setkey_arg setkey_arg;
bool_t xdr_setkey_arg();
struct setkey3_arg {
krb5_ui_4 api_version;
krb5_principal princ;
krb5_boolean keepold;
int n_ks_tuple;
krb5_key_salt_tuple *ks_tuple;
krb5_keyblock *keyblocks;
int n_keys;
};
typedef struct setkey3_arg setkey3_arg;
bool_t xdr_setkey3_arg();
struct chrand_arg {
krb5_ui_4 api_version;
krb5_principal princ;
};
typedef struct chrand_arg chrand_arg;
bool_t xdr_chrand_arg();
struct chrand3_arg {
krb5_ui_4 api_version;
krb5_principal princ;
krb5_boolean keepold;
int n_ks_tuple;
krb5_key_salt_tuple *ks_tuple;
};
typedef struct chrand3_arg chrand3_arg;
bool_t xdr_chrand3_arg();
struct chrand_ret {
krb5_ui_4 api_version;
kadm5_ret_t code;
krb5_keyblock key;
krb5_keyblock *keys;
int n_keys;
};
typedef struct chrand_ret chrand_ret;
bool_t xdr_chrand_ret();
struct gprinc_arg {
krb5_ui_4 api_version;
krb5_principal princ;
long mask;
};
typedef struct gprinc_arg gprinc_arg;
bool_t xdr_gprinc_arg();
struct gprinc_ret {
krb5_ui_4 api_version;
kadm5_ret_t code;
kadm5_principal_ent_rec rec;
};
typedef struct gprinc_ret gprinc_ret;
bool_t xdr_gprinc_ret();
bool_t xdr_kadm5_ret_t();
bool_t xdr_kadm5_principal_ent_rec();
bool_t xdr_kadm5_policy_ent_rec();
bool_t xdr_krb5_keyblock();
bool_t xdr_krb5_principal();
bool_t xdr_krb5_enctype();
bool_t xdr_krb5_octet();
bool_t xdr_krb5_int32();
bool_t xdr_u_int32();
struct cpol_arg {
krb5_ui_4 api_version;
kadm5_policy_ent_rec rec;
long mask;
};
typedef struct cpol_arg cpol_arg;
bool_t xdr_cpol_arg();
struct dpol_arg {
krb5_ui_4 api_version;
char *name;
};
typedef struct dpol_arg dpol_arg;
bool_t xdr_dpol_arg();
struct mpol_arg {
krb5_ui_4 api_version;
kadm5_policy_ent_rec rec;
long mask;
};
typedef struct mpol_arg mpol_arg;
bool_t xdr_mpol_arg();
struct gpol_arg {
krb5_ui_4 api_version;
char *name;
};
typedef struct gpol_arg gpol_arg;
bool_t xdr_gpol_arg();
struct gpol_ret {
krb5_ui_4 api_version;
kadm5_ret_t code;
kadm5_policy_ent_rec rec;
};
typedef struct gpol_ret gpol_ret;
bool_t xdr_gpol_ret();
struct gpols_arg {
krb5_ui_4 api_version;
char *exp;
};
typedef struct gpols_arg gpols_arg;
bool_t xdr_gpols_arg();
struct gpols_ret {
krb5_ui_4 api_version;
kadm5_ret_t code;
char **pols;
int count;
};
typedef struct gpols_ret gpols_ret;
bool_t xdr_gpols_ret();
struct getprivs_ret {
krb5_ui_4 api_version;
kadm5_ret_t code;
long privs;
};
typedef struct getprivs_ret getprivs_ret;
bool_t xdr_getprivs_ret();
#define KADM ((krb5_ui_4)2112)
#define KADMVERS ((krb5_ui_4)2)
#define CREATE_PRINCIPAL ((krb5_ui_4)1)
extern generic_ret *create_principal_1_svc(cprinc_arg *arg,
struct svc_req *rqstp);
extern generic_ret *create_principal_1(cprinc_arg *argp, CLIENT *clnt);
#define DELETE_PRINCIPAL ((krb5_ui_4)2)
extern generic_ret *delete_principal_1_svc(dprinc_arg *arg,
struct svc_req *rqstp);
extern generic_ret *delete_principal_1(dprinc_arg *argp, CLIENT *clnt);
#define MODIFY_PRINCIPAL ((krb5_ui_4)3)
extern generic_ret *modify_principal_1_svc(mprinc_arg *arg,
struct svc_req *rqstp);
extern generic_ret *modify_principal_1(mprinc_arg *argp, CLIENT *clnt);
#define RENAME_PRINCIPAL ((krb5_ui_4)4)
extern generic_ret *rename_principal_1_svc(rprinc_arg *arg,
struct svc_req *rqstp);
extern generic_ret *rename_principal_1(rprinc_arg *argp, CLIENT *clnt);
#define GET_PRINCIPAL ((krb5_ui_4)5)
extern gprinc_ret *get_principal_1_svc(gprinc_arg *arg, struct svc_req *rqstp);
extern gprinc_ret *get_principal_1(gprinc_arg *argp, CLIENT *clnt);
#define CHPASS_PRINCIPAL ((krb5_ui_4)6)
extern generic_ret *chpass_principal_1_svc(chpass_arg *arg,
struct svc_req *rqstp);
extern generic_ret *chpass_principal_1(chpass_arg *argp, CLIENT *clnt);
#define CHRAND_PRINCIPAL ((krb5_ui_4)7)
extern chrand_ret *chrand_principal_1_svc(chrand_arg *arg,
struct svc_req *rqstp);
extern chrand_ret *chrand_principal_1(chrand_arg *argp, CLIENT *clnt);
#define CREATE_POLICY ((krb5_ui_4)8)
extern generic_ret *create_policy_1_svc(cpol_arg *arg, struct svc_req *rqstp);
extern generic_ret *create_policy_1(cpol_arg *argp, CLIENT *clnt);
#define DELETE_POLICY ((krb5_ui_4)9)
extern generic_ret *delete_policy_1_svc(dpol_arg *arg, struct svc_req *rqstp);
extern generic_ret *delete_policy_1(dpol_arg *argp, CLIENT *clnt);
#define MODIFY_POLICY ((krb5_ui_4)10)
extern generic_ret *modify_policy_1_svc(mpol_arg *arg, struct svc_req *rqstp);
extern generic_ret *modify_policy_1(mpol_arg *argp, CLIENT *clnt);
#define GET_POLICY ((krb5_ui_4)11)
extern gpol_ret *get_policy_1_svc(gpol_arg *arg, struct svc_req *rqstp);
extern gpol_ret *get_policy_1(gpol_arg *argp, CLIENT *clnt);
#define GET_PRIVS ((krb5_ui_4)12)
extern getprivs_ret *get_privs_1_svc(krb5_ui_4 *arg, struct svc_req *rqstp);
extern getprivs_ret *get_privs_1(void *argp, CLIENT *clnt);
#define INIT ((krb5_ui_4)13)
extern generic_ret *init_1_svc(krb5_ui_4 *arg, struct svc_req *rqstp);
extern generic_ret *init_1(void *argp, CLIENT *clnt);
#define GET_PRINCS ((krb5_ui_4) 14)
extern gprincs_ret *get_princs_1_svc(gprincs_arg *arg, struct svc_req *rqstp);
extern gprincs_ret *get_princs_1(gprincs_arg *argp, CLIENT *clnt);
#define GET_POLS ((krb5_ui_4) 15)
extern gpols_ret *get_pols_1_svc(gpols_arg *arg, struct svc_req *rqstp);
extern gpols_ret *get_pols_1(gpols_arg *argp, CLIENT *clnt);
#define SETKEY_PRINCIPAL ((krb5_ui_4) 16)
extern generic_ret *setkey_principal_1_svc(setkey_arg *arg,
struct svc_req *rqstp);
extern generic_ret *setkey_principal_1(setkey_arg *argp, CLIENT *clnt);
#define SETV4KEY_PRINCIPAL ((krb5_ui_4) 17)
extern generic_ret *setv4key_principal_1_svc(setv4key_arg *arg,
struct svc_req *rqstp);
extern generic_ret *setv4key_principal_1(setv4key_arg *argp, CLIENT *clnt);
#define CREATE_PRINCIPAL3 ((krb5_ui_4) 18)
extern generic_ret *create_principal3_1_svc(cprinc3_arg *arg,
struct svc_req *rqstp);
extern generic_ret *create_principal3_1(cprinc3_arg *argp, CLIENT *clnt);
#define CHPASS_PRINCIPAL3 ((krb5_ui_4) 19)
extern generic_ret *chpass_principal3_1_svc(chpass3_arg *arg,
struct svc_req *rqstp);
extern generic_ret *chpass_principal3_1(chpass3_arg *argp, CLIENT *clnt);
#define CHRAND_PRINCIPAL3 ((krb5_ui_4) 20)
extern chrand_ret *chrand_principal3_1_svc(chrand3_arg *arg,
struct svc_req *rqstp);
extern chrand_ret *chrand_principal3_1(chrand3_arg *argp, CLIENT *clnt);
#define SETKEY_PRINCIPAL3 ((krb5_ui_4) 21)
extern generic_ret *setkey_principal3_1_svc(setkey3_arg *arg,
struct svc_req *rqstp);
extern generic_ret *setkey_principal3_1(setkey3_arg *argp, CLIENT *clnt);
#endif /* __KADM_RPC_H__ */

View File

@ -8,7 +8,7 @@
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
*
*
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
@ -22,21 +22,21 @@
* M.I.T. makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
*
*
*
* KDC Database interface definitions.
*/
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
*
* All rights reserved.
*
*
* Export of this software from the United States of America may require
* a specific license from the United States Government. It is the
* responsibility of any person or organization contemplating export to
* obtain such a license before exporting.
*
*
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
@ -47,7 +47,7 @@
* permission. FundsXpress makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
*
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
@ -84,8 +84,6 @@
#define KRB5_KDB_CREATE_BTREE 0x00000001
#define KRB5_KDB_CREATE_HASH 0x00000002
#if !defined(_WIN32)
/*
* Note --- these structures cannot be modified without changing the
* database version number in libkdb.a, but should be expandable by
@ -93,12 +91,12 @@
*/
typedef struct _krb5_tl_data {
struct _krb5_tl_data* tl_data_next; /* NOT saved */
krb5_int16 tl_data_type;
krb5_ui_2 tl_data_length;
krb5_octet * tl_data_contents;
krb5_int16 tl_data_type;
krb5_ui_2 tl_data_length;
krb5_octet * tl_data_contents;
} krb5_tl_data;
/*
/*
* If this ever changes up the version number and make the arrays be as
* big as necessary.
*
@ -115,13 +113,14 @@ typedef struct _krb5_key_data {
#define KRB5_KDB_V1_KEY_DATA_ARRAY 2 /* # of array elements */
typedef struct _krb5_keysalt {
krb5_int16 type;
krb5_int16 type;
krb5_data data; /* Length, data */
} krb5_keysalt;
typedef struct _krb5_db_entry_new {
krb5_magic magic; /* NOT saved */
krb5_ui_2 len;
krb5_ui_2 len;
krb5_ui_4 mask; /* members currently changed/set */
krb5_flags attributes;
krb5_deltat max_life;
krb5_deltat max_renewable_life;
@ -135,14 +134,32 @@ typedef struct _krb5_db_entry_new {
krb5_ui_2 e_length; /* Length of extra data */
krb5_octet * e_data; /* Extra data to be saved */
krb5_principal princ; /* Length, data */
krb5_principal princ; /* Length, data */
krb5_tl_data * tl_data; /* Linked list */
krb5_key_data * key_data; /* Array */
} krb5_db_entry;
typedef struct _osa_policy_ent_t {
int version;
char *name;
krb5_ui_4 pw_min_life;
krb5_ui_4 pw_max_life;
krb5_ui_4 pw_min_length;
krb5_ui_4 pw_min_classes;
krb5_ui_4 pw_history_num;
krb5_ui_4 policy_refcnt;
} osa_policy_ent_rec, *osa_policy_ent_t;
typedef void (*osa_adb_iter_policy_func) (void *, osa_policy_ent_t);
typedef struct __krb5_key_salt_tuple {
krb5_enctype ks_enctype;
krb5_int32 ks_salttype;
} krb5_key_salt_tuple;
#define KRB5_KDB_MAGIC_NUMBER 0xdbdbdbdb
#define KRB5_KDB_V1_BASE_LENGTH 38
#define KRB5_TL_LAST_PWD_CHANGE 0x0001
#define KRB5_TL_MOD_PRINC 0x0002
#define KRB5_TL_KADM_DATA 0x0003
@ -150,8 +167,10 @@ typedef struct _krb5_db_entry_new {
#define KRB5_TL_RB1_CHALLENGE 0x0005
#ifdef SECURID
#define KRB5_TL_SECURID_STATE 0x0006
#define KRB5_TL_DB_ARGS 0x7fff
#endif /* SECURID */
#define KRB5_TL_USER_CERTIFICATE 0x0007
/*
* Determines the number of failed KDC requests before DISALLOW_ALL_TIX is set
* on the principal.
@ -165,6 +184,7 @@ typedef struct _krb5_db_entry_new {
#define KRB5_KDC_MKEY_1 "Enter KDC database master key"
#define KRB5_KDC_MKEY_2 "Re-enter KDC database master key to verify"
extern char *krb5_mkey_pwd_prompt1;
extern char *krb5_mkey_pwd_prompt2;
@ -173,162 +193,308 @@ extern char *krb5_mkey_pwd_prompt2;
*
* Data encoding is little-endian.
*/
#include "k5-platform.h"
#define krb5_kdb_decode_int16(cp, i16) \
*((krb5_int16 *) &(i16)) = (((krb5_int16) ((unsigned char) (cp)[0]))| \
((krb5_int16) ((unsigned char) (cp)[1]) << 8))
*((krb5_int16 *) &(i16)) = load_16_le(cp)
#define krb5_kdb_decode_int32(cp, i32) \
*((krb5_int32 *) &(i32)) = (((krb5_int32) ((unsigned char) (cp)[0]))| \
((krb5_int32) ((unsigned char) (cp)[1]) << 8) | \
((krb5_int32) ((unsigned char) (cp)[2]) << 16)| \
((krb5_int32) ((unsigned char) (cp)[3]) << 24))
#define krb5_kdb_encode_int16(i16, cp) \
{ \
(cp)[0] = (unsigned char) ((i16) & 0xff); \
(cp)[1] = (unsigned char) (((i16) >> 8) & 0xff); \
}
#define krb5_kdb_encode_int32(i32, cp) \
{ \
(cp)[0] = (unsigned char) ((i32) & 0xff); \
(cp)[1] = (unsigned char) (((i32) >> 8) & 0xff); \
(cp)[2] = (unsigned char) (((i32) >> 16) & 0xff); \
(cp)[3] = (unsigned char) (((i32) >> 24) & 0xff); \
}
*((krb5_int32 *) &(i32)) = load_32_le(cp)
#define krb5_kdb_encode_int16(i16, cp) store_16_le(i16, cp)
#define krb5_kdb_encode_int32(i32, cp) store_32_le(i32, cp)
#define KRB5_KDB_OPEN_RW 0
#define KRB5_KDB_OPEN_RO 1
#ifndef KRB5_KDB_SRV_TYPE_KDC
#define KRB5_KDB_SRV_TYPE_KDC 0x0100
#endif
#ifndef KRB5_KDB_SRV_TYPE_ADMIN
#define KRB5_KDB_SRV_TYPE_ADMIN 0x0200
#endif
#ifndef KRB5_KDB_SRV_TYPE_PASSWD
#define KRB5_KDB_SRV_TYPE_PASSWD 0x0300
#endif
#ifndef KRB5_KDB_SRV_TYPE_OTHER
#define KRB5_KDB_SRV_TYPE_OTHER 0x0400
#endif
#define KRB5_KDB_OPT_SET_DB_NAME 0
#define KRB5_KDB_OPT_SET_LOCK_MODE 1
#define KRB5_DB_LOCKMODE_SHARED 0x0001
#define KRB5_DB_LOCKMODE_EXCLUSIVE 0x0002
#define KRB5_DB_LOCKMODE_DONTBLOCK 0x0004
#define KRB5_DB_LOCKMODE_PERMANENT 0x0008
/* libkdb.spec */
krb5_error_code krb5_db_set_name (krb5_context, char * );
krb5_error_code krb5_db_init (krb5_context);
krb5_error_code krb5_db_fini (krb5_context);
krb5_error_code krb5_db_get_age (krb5_context, char *, time_t * );
krb5_error_code krb5_db_create (krb5_context, char *, krb5_int32 );
krb5_error_code krb5_db_rename (krb5_context, char *, char * );
krb5_error_code krb5_db_get_principal (krb5_context, krb5_const_principal ,
krb5_db_entry *, int *,
krb5_boolean * );
void krb5_db_free_principal (krb5_context, krb5_db_entry *, int );
krb5_error_code krb5_db_put_principal (krb5_context, krb5_db_entry *, int * );
krb5_error_code krb5_db_delete_principal (krb5_context, krb5_const_principal,
int * );
krb5_error_code krb5_db_iterate (krb5_context,
krb5_error_code (* ) (krb5_pointer,
krb5_db_entry *),
krb5_pointer);
krb5_error_code krb5_db_iterate_ext (krb5_context,
krb5_error_code (* ) (krb5_pointer,
krb5_db_entry *),
krb5_pointer, int, int);
krb5_error_code krb5_db_verify_master_key (krb5_context, krb5_principal,
krb5_keyblock *);
krb5_error_code krb5_db_store_mkey (krb5_context, char *, krb5_principal,
krb5_keyblock *);
krb5_error_code krb5_db_open( krb5_context kcontext, char **db_args, int mode );
krb5_error_code krb5_db_init ( krb5_context kcontext );
krb5_error_code krb5_db_create ( krb5_context kcontext, char **db_args );
krb5_error_code krb5_db_inited ( krb5_context kcontext );
krb5_error_code kdb5_db_create ( krb5_context kcontext, char **db_args );
krb5_error_code krb5_db_fini ( krb5_context kcontext );
const char * krb5_db_errcode2string ( krb5_context kcontext, long err_code );
krb5_error_code krb5_db_destroy ( krb5_context kcontext, char **db_args );
krb5_error_code krb5_db_promote ( krb5_context kcontext, char **db_args );
krb5_error_code krb5_db_get_age ( krb5_context kcontext, char *db_name, time_t *t );
krb5_error_code krb5_db_set_option ( krb5_context kcontext, int option, void *value );
krb5_error_code krb5_db_lock ( krb5_context kcontext, int lock_mode );
krb5_error_code krb5_db_unlock ( krb5_context kcontext );
krb5_error_code krb5_db_get_principal ( krb5_context kcontext,
krb5_const_principal search_for,
krb5_db_entry *entries,
int *nentries,
krb5_boolean *more );
krb5_error_code krb5_db_free_principal ( krb5_context kcontext,
krb5_db_entry *entry,
int count );
krb5_error_code krb5_db_put_principal ( krb5_context kcontext,
krb5_db_entry *entries,
int *nentries);
krb5_error_code krb5_db_delete_principal ( krb5_context kcontext,
krb5_principal search_for,
int *nentries );
krb5_error_code krb5_db_iterate ( krb5_context kcontext,
char *match_entry,
int (*func) (krb5_pointer, krb5_db_entry *),
krb5_pointer func_arg );
krb5_error_code krb5_supported_realms ( krb5_context kcontext,
char **realms );
krb5_error_code krb5_free_supported_realms ( krb5_context kcontext,
char **realms );
krb5_error_code krb5_db_set_master_key_ext ( krb5_context kcontext,
char *pwd,
krb5_keyblock *key );
krb5_error_code krb5_db_set_mkey ( krb5_context context,
krb5_keyblock *key);
krb5_error_code krb5_db_get_mkey ( krb5_context kcontext,
krb5_keyblock **key );
krb5_error_code krb5_db_free_master_key ( krb5_context kcontext,
krb5_keyblock *key );
krb5_error_code krb5_db_store_master_key ( krb5_context kcontext,
char *db_arg,
krb5_principal mname,
krb5_keyblock *key,
char *master_pwd);
krb5_error_code krb5_db_fetch_mkey ( krb5_context context,
krb5_principal mname,
krb5_enctype etype,
krb5_boolean fromkeyboard,
krb5_boolean twice,
char *db_args,
krb5_data *salt,
krb5_keyblock *key);
krb5_error_code krb5_db_verify_master_key ( krb5_context kcontext,
krb5_principal mprinc,
krb5_keyblock *mkey );
krb5_error_code
krb5_dbe_find_enctype( krb5_context kcontext,
krb5_db_entry *dbentp,
krb5_int32 ktype,
krb5_int32 stype,
krb5_int32 kvno,
krb5_key_data **kdatap);
krb5_error_code krb5_db_setup_mkey_name (krb5_context, const char *,
const char *, char **,
krb5_principal *);
krb5_error_code krb5_db_set_mkey (krb5_context, krb5_keyblock *);
krb5_error_code krb5_dbe_search_enctype ( krb5_context kcontext,
krb5_db_entry *dbentp,
krb5_int32 *start,
krb5_int32 ktype,
krb5_int32 stype,
krb5_int32 kvno,
krb5_key_data **kdatap);
krb5_error_code krb5_db_get_mkey (krb5_context, krb5_keyblock **);
krb5_error_code krb5_db_destroy (krb5_context, char * );
krb5_error_code krb5_db_lock (krb5_context, int );
krb5_error_code krb5_db_unlock (krb5_context);
krb5_error_code krb5_db_set_nonblocking (krb5_context, krb5_boolean,
krb5_boolean * );
krb5_boolean krb5_db_set_lockmode (krb5_context, krb5_boolean);
krb5_error_code krb5_db_fetch_mkey (krb5_context, krb5_principal, krb5_enctype,
krb5_boolean, krb5_boolean, char *,
krb5_data *,
krb5_keyblock * );
krb5_error_code
krb5_db_setup_mkey_name ( krb5_context context,
const char *keyname,
const char *realm,
char **fullname,
krb5_principal *principal);
krb5_error_code krb5_db_open_database (krb5_context);
krb5_error_code krb5_db_close_database (krb5_context);
krb5_error_code
krb5_dbekd_decrypt_key_data( krb5_context context,
const krb5_keyblock * mkey,
const krb5_key_data * key_data,
krb5_keyblock * dbkey,
krb5_keysalt * keysalt);
krb5_error_code krb5_dbekd_encrypt_key_data (krb5_context,
const krb5_keyblock *,
const krb5_keyblock *,
const krb5_keysalt *,
int,
krb5_key_data *);
krb5_error_code krb5_dbekd_decrypt_key_data (krb5_context,
const krb5_keyblock *,
const krb5_key_data *,
krb5_keyblock *,
krb5_keysalt *);
krb5_error_code krb5_dbe_create_key_data (krb5_context,
krb5_db_entry *);
krb5_error_code krb5_dbe_update_tl_data (krb5_context,
krb5_db_entry *,
krb5_tl_data *);
krb5_error_code krb5_dbe_lookup_tl_data (krb5_context,
krb5_db_entry *,
krb5_tl_data *);
krb5_error_code krb5_dbe_update_last_pwd_change (krb5_context,
krb5_db_entry *,
krb5_timestamp);
krb5_error_code krb5_dbe_lookup_last_pwd_change (krb5_context,
krb5_db_entry *,
krb5_timestamp *);
krb5_error_code krb5_dbe_update_mod_princ_data (krb5_context,
krb5_db_entry *,
krb5_timestamp,
krb5_const_principal);
krb5_error_code krb5_dbe_lookup_mod_princ_data (krb5_context,
krb5_db_entry *,
krb5_timestamp *,
krb5_principal *);
int krb5_encode_princ_dbkey (krb5_context, krb5_data *, krb5_const_principal);
void krb5_free_princ_dbkey (krb5_context, krb5_data *);
krb5_error_code krb5_encode_princ_contents (krb5_context, krb5_data *,
krb5_db_entry *);
void krb5_free_princ_contents (krb5_context, krb5_data *);
krb5_error_code krb5_decode_princ_contents (krb5_context, krb5_data *,
krb5_db_entry *);
void krb5_dbe_free_contents (krb5_context, krb5_db_entry *);
krb5_error_code
krb5_dbekd_encrypt_key_data( krb5_context context,
const krb5_keyblock * mkey,
const krb5_keyblock * dbkey,
const krb5_keysalt * keysalt,
int keyver,
krb5_key_data * key_data);
krb5_error_code krb5_dbe_find_enctype (krb5_context, krb5_db_entry *,
krb5_int32,
krb5_int32,
krb5_int32,
krb5_key_data **);
krb5_error_code
krb5_dbe_lookup_mod_princ_data( krb5_context context,
krb5_db_entry * entry,
krb5_timestamp * mod_time,
krb5_principal * mod_princ);
krb5_error_code krb5_dbe_search_enctype (krb5_context,
krb5_db_entry *,
krb5_int32 *,
krb5_int32,
krb5_int32,
krb5_int32,
krb5_key_data **);
krb5_error_code
krb5_dbe_update_last_pwd_change( krb5_context context,
krb5_db_entry * entry,
krb5_timestamp stamp);
struct __krb5_key_salt_tuple;
krb5_error_code
krb5_dbe_lookup_tl_data( krb5_context context,
krb5_db_entry * entry,
krb5_tl_data * ret_tl_data);
krb5_error_code krb5_dbe_cpw (krb5_context,
krb5_keyblock *,
struct __krb5_key_salt_tuple *,
int,
char *,
int,
krb5_boolean,
krb5_db_entry *);
krb5_error_code krb5_dbe_apw (krb5_context,
krb5_keyblock *,
struct __krb5_key_salt_tuple *,
int,
char *,
krb5_db_entry *);
krb5_error_code krb5_dbe_crk (krb5_context,
krb5_keyblock *,
struct __krb5_key_salt_tuple *,
int,
krb5_boolean,
krb5_db_entry *);
krb5_error_code krb5_dbe_ark (krb5_context,
krb5_keyblock *,
struct __krb5_key_salt_tuple *,
int,
krb5_db_entry *);
krb5_error_code
krb5_dbe_create_key_data( krb5_context context,
krb5_db_entry * entry);
krb5_error_code krb5_ser_db_context_init (krb5_context);
krb5_error_code
krb5_dbe_update_mod_princ_data( krb5_context context,
krb5_db_entry * entry,
krb5_timestamp mod_date,
krb5_const_principal mod_princ);
krb5_error_code
krb5_dbe_update_last_pwd_change( krb5_context context,
krb5_db_entry * entry,
krb5_timestamp stamp);
void *krb5_db_alloc( krb5_context kcontext,
void *ptr,
size_t size );
void krb5_db_free( krb5_context kcontext,
void *ptr);
krb5_error_code
krb5_dbe_lookup_last_pwd_change( krb5_context context,
krb5_db_entry * entry,
krb5_timestamp * stamp);
krb5_error_code
krb5_dbe_update_tl_data( krb5_context context,
krb5_db_entry * entry,
krb5_tl_data * new_tl_data);
krb5_error_code
krb5_dbe_cpw( krb5_context kcontext,
krb5_keyblock * master_key,
krb5_key_salt_tuple * ks_tuple,
int ks_tuple_count,
char * passwd,
int new_kvno,
krb5_boolean keepold,
krb5_db_entry * db_entry);
krb5_error_code
krb5_dbe_ark( krb5_context context,
krb5_keyblock * master_key,
krb5_key_salt_tuple * ks_tuple,
int ks_tuple_count,
krb5_db_entry * db_entry);
krb5_error_code
krb5_dbe_crk( krb5_context context,
krb5_keyblock * master_key,
krb5_key_salt_tuple * ks_tuple,
int ks_tuple_count,
krb5_boolean keepold,
krb5_db_entry * db_entry);
krb5_error_code
krb5_dbe_apw( krb5_context context,
krb5_keyblock * master_key,
krb5_key_salt_tuple * ks_tuple,
int ks_tuple_count,
char * passwd,
krb5_db_entry * db_entry);
/* default functions. Should not be directly called */
/*
* Default functions prototype
*/
krb5_error_code
krb5_dbe_def_search_enctype( krb5_context kcontext,
krb5_db_entry *dbentp,
krb5_int32 *start,
krb5_int32 ktype,
krb5_int32 stype,
krb5_int32 kvno,
krb5_key_data **kdatap);
krb5_error_code
krb5_def_store_mkey( krb5_context context,
char *keyfile,
krb5_principal mname,
krb5_keyblock *key,
char *master_pwd);
krb5_error_code
krb5_db_def_fetch_mkey( krb5_context context,
krb5_principal mname,
krb5_keyblock *key,
int *kvno,
char *db_args);
krb5_error_code
krb5_def_verify_master_key( krb5_context context,
krb5_principal mprinc,
krb5_keyblock *mkey);
krb5_error_code kdb_def_set_mkey ( krb5_context kcontext,
char *pwd,
krb5_keyblock *key );
krb5_error_code kdb_def_get_mkey ( krb5_context kcontext,
krb5_keyblock **key );
krb5_error_code
krb5_dbe_def_cpw( krb5_context context,
krb5_keyblock * master_key,
krb5_key_salt_tuple * ks_tuple,
int ks_tuple_count,
char * passwd,
int new_kvno,
krb5_boolean keepold,
krb5_db_entry * db_entry);
krb5_error_code
krb5_def_promote_db(krb5_context, char *, char **);
krb5_error_code
krb5_db_create_policy( krb5_context kcontext,
osa_policy_ent_t policy);
krb5_error_code
krb5_db_get_policy ( krb5_context kcontext,
char *name,
osa_policy_ent_t *policy,
int *nentries);
krb5_error_code
krb5_db_put_policy( krb5_context kcontext,
osa_policy_ent_t policy);
krb5_error_code
krb5_db_iter_policy( krb5_context kcontext,
char *match_entry,
osa_adb_iter_policy_func func,
void *data);
krb5_error_code
krb5_db_delete_policy( krb5_context kcontext,
char *policy);
void
krb5_db_free_policy( krb5_context kcontext,
osa_policy_ent_t policy);
#define KRB5_KDB_DEF_FLAGS 0
#endif /* !defined(_WIN32) */
#endif /* KRB5_KDB5__ */

View File

@ -16,7 +16,7 @@ void ceo_kadm_init() {
retval = kadm5_init_with_skey(admin_principal, admin_keytab,
KADM5_ADMIN_SERVICE, &params, KADM5_STRUCT_VERSION,
KADM5_API_VERSION_2, &handle);
KADM5_API_VERSION_2, NULL, &handle);
if (retval) {
com_err(prog, retval, "while initializing kadm5");
exit(1);