diff --git a/include/kadm5/adb_err.h b/include/kadm5/adb_err.h deleted file mode 100644 index e0180998b..000000000 --- a/include/kadm5/adb_err.h +++ /dev/null @@ -1,36 +0,0 @@ -/* - * ettmp27965.h: - * This file is automatically generated; please do not edit it. - */ - -#include - -#define OSA_ADB_NOERR (28810240L) -#define OSA_ADB_DUP (28810241L) -#define OSA_ADB_NOENT (28810242L) -#define OSA_ADB_DBINIT (28810243L) -#define OSA_ADB_BAD_POLICY (28810244L) -#define OSA_ADB_BAD_PRINC (28810245L) -#define OSA_ADB_BAD_DB (28810246L) -#define OSA_ADB_XDR_FAILURE (28810247L) -#define OSA_ADB_FAILURE (28810248L) -#define OSA_ADB_BADLOCKMODE (28810249L) -#define OSA_ADB_CANTLOCK_DB (28810250L) -#define OSA_ADB_NOTLOCKED (28810251L) -#define OSA_ADB_NOLOCKFILE (28810252L) -#define OSA_ADB_NOEXCL_PERM (28810253L) -#define ERROR_TABLE_BASE_adb (28810240L) - -extern const struct error_table et_adb_error_table; - -#if !defined(_WIN32) -/* for compatibility with older versions... */ -extern void initialize_adb_error_table (void) /*@modifies internalState@*/; -#else -#define initialize_adb_error_table() -#endif - -#if !defined(_WIN32) -#define init_adb_err_tbl initialize_adb_error_table -#define adb_err_base ERROR_TABLE_BASE_adb -#endif diff --git a/include/kadm5/admin.h b/include/kadm5/admin.h deleted file mode 100644 index bde7846a9..000000000 --- a/include/kadm5/admin.h +++ /dev/null @@ -1,733 +0,0 @@ -/* - * lib/kadm5/admin.h - * - * Copyright 2001 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - */ -/* - * Copyright 1993 OpenVision Technologies, Inc., All Rights Reserved - * - * $Header$ - */ - -#ifndef __KADM5_ADMIN_H__ -#define __KADM5_ADMIN_H__ - -#if !defined(USE_KADM5_API_VERSION) -#define USE_KADM5_API_VERSION 2 -#endif - -#include -#include -#include -#include -#include -#include -#include -#include - -#define KADM5_ADMIN_SERVICE "kadmin/admin" -#define KADM5_CHANGEPW_SERVICE "kadmin/changepw" -#define KADM5_HIST_PRINCIPAL "kadmin/history" - -typedef krb5_principal kadm5_princ_t; -typedef char *kadm5_policy_t; -typedef long kadm5_ret_t; - -#define KADM5_PW_FIRST_PROMPT \ - (error_message(CHPASS_UTIL_NEW_PASSWORD_PROMPT)) -#define KADM5_PW_SECOND_PROMPT \ - (error_message(CHPASS_UTIL_NEW_PASSWORD_AGAIN_PROMPT)) - -/* - * Successful return code - */ -#define KADM5_OK 0 - -/* - * Field masks - */ - -/* kadm5_principal_ent_t */ -#define KADM5_PRINCIPAL 0x000001 -#define KADM5_PRINC_EXPIRE_TIME 0x000002 -#define KADM5_PW_EXPIRATION 0x000004 -#define KADM5_LAST_PWD_CHANGE 0x000008 -#define KADM5_ATTRIBUTES 0x000010 -#define KADM5_MAX_LIFE 0x000020 -#define KADM5_MOD_TIME 0x000040 -#define KADM5_MOD_NAME 0x000080 -#define KADM5_KVNO 0x000100 -#define KADM5_MKVNO 0x000200 -#define KADM5_AUX_ATTRIBUTES 0x000400 -#define KADM5_POLICY 0x000800 -#define KADM5_POLICY_CLR 0x001000 -/* version 2 masks */ -#define KADM5_MAX_RLIFE 0x002000 -#define KADM5_LAST_SUCCESS 0x004000 -#define KADM5_LAST_FAILED 0x008000 -#define KADM5_FAIL_AUTH_COUNT 0x010000 -#define KADM5_KEY_DATA 0x020000 -#define KADM5_TL_DATA 0x040000 -/* all but KEY_DATA and TL_DATA */ -#define KADM5_PRINCIPAL_NORMAL_MASK 0x01ffff - -/* kadm5_policy_ent_t */ -#define KADM5_PW_MAX_LIFE 0x004000 -#define KADM5_PW_MIN_LIFE 0x008000 -#define KADM5_PW_MIN_LENGTH 0x010000 -#define KADM5_PW_MIN_CLASSES 0x020000 -#define KADM5_PW_HISTORY_NUM 0x040000 -#define KADM5_REF_COUNT 0x080000 - -/* kadm5_config_params */ -#define KADM5_CONFIG_REALM 0x000001 -#define KADM5_CONFIG_DBNAME 0x000002 -#define KADM5_CONFIG_MKEY_NAME 0x000004 -#define KADM5_CONFIG_MAX_LIFE 0x000008 -#define KADM5_CONFIG_MAX_RLIFE 0x000010 -#define KADM5_CONFIG_EXPIRATION 0x000020 -#define KADM5_CONFIG_FLAGS 0x000040 -#define KADM5_CONFIG_ADMIN_KEYTAB 0x000080 -#define KADM5_CONFIG_STASH_FILE 0x000100 -#define KADM5_CONFIG_ENCTYPE 0x000200 -#define KADM5_CONFIG_ADBNAME 0x000400 -#define KADM5_CONFIG_ADB_LOCKFILE 0x000800 -#define KADM5_CONFIG_PROFILE 0x001000 -#define KADM5_CONFIG_ACL_FILE 0x002000 -#define KADM5_CONFIG_KADMIND_PORT 0x004000 -#define KADM5_CONFIG_ENCTYPES 0x008000 -#define KADM5_CONFIG_ADMIN_SERVER 0x010000 -#define KADM5_CONFIG_DICT_FILE 0x020000 -#define KADM5_CONFIG_MKEY_FROM_KBD 0x040000 -#define KADM5_CONFIG_KPASSWD_PORT 0x080000 -#define KADM5_CONFIG_OLD_AUTH_GSSAPI 0x100000 -#define KADM5_CONFIG_NO_AUTH 0x200000 -#define KADM5_CONFIG_AUTH_NOFALLBACK 0x400000 - -/* - * permission bits - */ -#define KADM5_PRIV_GET 0x01 -#define KADM5_PRIV_ADD 0x02 -#define KADM5_PRIV_MODIFY 0x04 -#define KADM5_PRIV_DELETE 0x08 - -/* - * API versioning constants - */ -#define KADM5_MASK_BITS 0xffffff00 - -#define KADM5_STRUCT_VERSION_MASK 0x12345600 -#define KADM5_STRUCT_VERSION_1 (KADM5_STRUCT_VERSION_MASK|0x01) -#define KADM5_STRUCT_VERSION KADM5_STRUCT_VERSION_1 - -#define KADM5_API_VERSION_MASK 0x12345700 -#define KADM5_API_VERSION_1 (KADM5_API_VERSION_MASK|0x01) -#define KADM5_API_VERSION_2 (KADM5_API_VERSION_MASK|0x02) - -typedef struct _kadm5_principal_ent_t_v2 { - krb5_principal principal; - krb5_timestamp princ_expire_time; - krb5_timestamp last_pwd_change; - krb5_timestamp pw_expiration; - krb5_deltat max_life; - krb5_principal mod_name; - krb5_timestamp mod_date; - krb5_flags attributes; - krb5_kvno kvno; - krb5_kvno mkvno; - char *policy; - long aux_attributes; - - /* version 2 fields */ - krb5_deltat max_renewable_life; - krb5_timestamp last_success; - krb5_timestamp last_failed; - krb5_kvno fail_auth_count; - krb5_int16 n_key_data; - krb5_int16 n_tl_data; - krb5_tl_data *tl_data; - krb5_key_data *key_data; -} kadm5_principal_ent_rec_v2, *kadm5_principal_ent_t_v2; - -typedef struct _kadm5_principal_ent_t_v1 { - krb5_principal principal; - krb5_timestamp princ_expire_time; - krb5_timestamp last_pwd_change; - krb5_timestamp pw_expiration; - krb5_deltat max_life; - krb5_principal mod_name; - krb5_timestamp mod_date; - krb5_flags attributes; - krb5_kvno kvno; - krb5_kvno mkvno; - char *policy; - long aux_attributes; -} kadm5_principal_ent_rec_v1, *kadm5_principal_ent_t_v1; - -#if USE_KADM5_API_VERSION == 1 -typedef struct _kadm5_principal_ent_t_v1 - kadm5_principal_ent_rec, *kadm5_principal_ent_t; -#else -typedef struct _kadm5_principal_ent_t_v2 - kadm5_principal_ent_rec, *kadm5_principal_ent_t; -#endif - -typedef struct _kadm5_policy_ent_t { - char *policy; - long pw_min_life; - long pw_max_life; - long pw_min_length; - long pw_min_classes; - long pw_history_num; - long policy_refcnt; -} kadm5_policy_ent_rec, *kadm5_policy_ent_t; - -typedef struct __krb5_key_salt_tuple { - krb5_enctype ks_enctype; - krb5_int32 ks_salttype; -} krb5_key_salt_tuple; - -/* - * Data structure returned by kadm5_get_config_params() - */ -typedef struct _kadm5_config_params { - long mask; - char * realm; - char * profile; - int kadmind_port; - int kpasswd_port; - - char * admin_server; - - char * dbname; - char * admin_dbname; - char * admin_lockfile; - char * admin_keytab; - char * acl_file; - char * dict_file; - - int mkey_from_kbd; - char * stash_file; - char * mkey_name; - krb5_enctype enctype; - krb5_deltat max_life; - krb5_deltat max_rlife; - krb5_timestamp expiration; - krb5_flags flags; - krb5_key_salt_tuple *keysalts; - krb5_int32 num_keysalts; -} kadm5_config_params; - -/*********************************************************************** - * This is the old krb5_realm_read_params, which I mutated into - * kadm5_get_config_params but which old code (kdb5_* and krb5kdc) - * still uses. - ***********************************************************************/ - -/* - * Data structure returned by krb5_read_realm_params() - */ -typedef struct __krb5_realm_params { - char * realm_profile; - char * realm_dbname; - char * realm_mkey_name; - char * realm_stash_file; - char * realm_kdc_ports; - char * realm_kdc_tcp_ports; - char * realm_acl_file; - krb5_int32 realm_kadmind_port; - krb5_enctype realm_enctype; - krb5_deltat realm_max_life; - krb5_deltat realm_max_rlife; - krb5_timestamp realm_expiration; - krb5_flags realm_flags; - krb5_key_salt_tuple *realm_keysalts; - unsigned int realm_reject_bad_transit:1; - unsigned int realm_kadmind_port_valid:1; - unsigned int realm_enctype_valid:1; - unsigned int realm_max_life_valid:1; - unsigned int realm_max_rlife_valid:1; - unsigned int realm_expiration_valid:1; - unsigned int realm_flags_valid:1; - unsigned int realm_reject_bad_transit_valid:1; - krb5_int32 realm_num_keysalts; -} krb5_realm_params; - -/* - * functions - */ - -#if USE_KADM5_API_VERSION > 1 -krb5_error_code kadm5_get_config_params(krb5_context context, - char *kdcprofile, char *kdcenv, - kadm5_config_params *params_in, - kadm5_config_params *params_out); - -krb5_error_code kadm5_free_config_params(krb5_context context, - kadm5_config_params *params); - -krb5_error_code kadm5_free_realm_params(krb5_context kcontext, - kadm5_config_params *params); - -krb5_error_code kadm5_get_admin_service_name(krb5_context, char *, - char *, size_t); -#endif - -kadm5_ret_t kadm5_init(char *client_name, char *pass, - char *service_name, -#if USE_KADM5_API_VERSION == 1 - char *realm, -#else - kadm5_config_params *params, -#endif - krb5_ui_4 struct_version, - krb5_ui_4 api_version, - void **server_handle); -kadm5_ret_t kadm5_init_with_password(char *client_name, - char *pass, - char *service_name, -#if USE_KADM5_API_VERSION == 1 - char *realm, -#else - kadm5_config_params *params, -#endif - krb5_ui_4 struct_version, - krb5_ui_4 api_version, - void **server_handle); -kadm5_ret_t kadm5_init_with_skey(char *client_name, - char *keytab, - char *service_name, -#if USE_KADM5_API_VERSION == 1 - char *realm, -#else - kadm5_config_params *params, -#endif - krb5_ui_4 struct_version, - krb5_ui_4 api_version, - void **server_handle); -#if USE_KADM5_API_VERSION > 1 -kadm5_ret_t kadm5_init_with_creds(char *client_name, - krb5_ccache cc, - char *service_name, - kadm5_config_params *params, - krb5_ui_4 struct_version, - krb5_ui_4 api_version, - void **server_handle); -#endif -kadm5_ret_t kadm5_lock(void *server_handle); -kadm5_ret_t kadm5_unlock(void *server_handle); -kadm5_ret_t kadm5_flush(void *server_handle); -kadm5_ret_t kadm5_destroy(void *server_handle); -kadm5_ret_t kadm5_create_principal(void *server_handle, - kadm5_principal_ent_t ent, - long mask, char *pass); -kadm5_ret_t kadm5_create_principal_3(void *server_handle, - kadm5_principal_ent_t ent, - long mask, - int n_ks_tuple, - krb5_key_salt_tuple *ks_tuple, - char *pass); -kadm5_ret_t kadm5_delete_principal(void *server_handle, - krb5_principal principal); -kadm5_ret_t kadm5_modify_principal(void *server_handle, - kadm5_principal_ent_t ent, - long mask); -kadm5_ret_t kadm5_rename_principal(void *server_handle, - krb5_principal,krb5_principal); -#if USE_KADM5_API_VERSION == 1 -kadm5_ret_t kadm5_get_principal(void *server_handle, - krb5_principal principal, - kadm5_principal_ent_t *ent); -#else -kadm5_ret_t kadm5_get_principal(void *server_handle, - krb5_principal principal, - kadm5_principal_ent_t ent, - long mask); -#endif -kadm5_ret_t kadm5_chpass_principal(void *server_handle, - krb5_principal principal, - char *pass); -kadm5_ret_t kadm5_chpass_principal_3(void *server_handle, - krb5_principal principal, - krb5_boolean keepold, - int n_ks_tuple, - krb5_key_salt_tuple *ks_tuple, - char *pass); -#if USE_KADM5_API_VERSION == 1 -kadm5_ret_t kadm5_randkey_principal(void *server_handle, - krb5_principal principal, - krb5_keyblock **keyblock); -#else -kadm5_ret_t kadm5_randkey_principal(void *server_handle, - krb5_principal principal, - krb5_keyblock **keyblocks, - int *n_keys); -kadm5_ret_t kadm5_randkey_principal_3(void *server_handle, - krb5_principal principal, - krb5_boolean keepold, - int n_ks_tuple, - krb5_key_salt_tuple *ks_tuple, - krb5_keyblock **keyblocks, - int *n_keys); -#endif -kadm5_ret_t kadm5_setv4key_principal(void *server_handle, - krb5_principal principal, - krb5_keyblock *keyblock); - -kadm5_ret_t kadm5_setkey_principal(void *server_handle, - krb5_principal principal, - krb5_keyblock *keyblocks, - int n_keys); - -kadm5_ret_t kadm5_setkey_principal_3(void *server_handle, - krb5_principal principal, - krb5_boolean keepold, - int n_ks_tuple, - krb5_key_salt_tuple *ks_tuple, - krb5_keyblock *keyblocks, - int n_keys); - -kadm5_ret_t kadm5_decrypt_key(void *server_handle, - kadm5_principal_ent_t entry, krb5_int32 - ktype, krb5_int32 stype, krb5_int32 - kvno, krb5_keyblock *keyblock, - krb5_keysalt *keysalt, int *kvnop); - -kadm5_ret_t kadm5_create_policy(void *server_handle, - kadm5_policy_ent_t ent, - long mask); -/* - * kadm5_create_policy_internal is not part of the supported, - * exposed API. It is available only in the server library, and you - * shouldn't use it unless you know why it's there and how it's - * different from kadm5_create_policy. - */ -kadm5_ret_t kadm5_create_policy_internal(void *server_handle, - kadm5_policy_ent_t - entry, long mask); -kadm5_ret_t kadm5_delete_policy(void *server_handle, - kadm5_policy_t policy); -kadm5_ret_t kadm5_modify_policy(void *server_handle, - kadm5_policy_ent_t ent, - long mask); -/* - * kadm5_modify_policy_internal is not part of the supported, - * exposed API. It is available only in the server library, and you - * shouldn't use it unless you know why it's there and how it's - * different from kadm5_modify_policy. - */ -kadm5_ret_t kadm5_modify_policy_internal(void *server_handle, - kadm5_policy_ent_t - entry, long mask); -#if USE_KADM5_API_VERSION == 1 -kadm5_ret_t kadm5_get_policy(void *server_handle, - kadm5_policy_t policy, - kadm5_policy_ent_t *ent); -#else -kadm5_ret_t kadm5_get_policy(void *server_handle, - kadm5_policy_t policy, - kadm5_policy_ent_t ent); -#endif -kadm5_ret_t kadm5_get_privs(void *server_handle, - long *privs); - -kadm5_ret_t kadm5_chpass_principal_util(void *server_handle, - krb5_principal princ, - char *new_pw, - char **ret_pw, - char *msg_ret, - unsigned int msg_len); - -kadm5_ret_t kadm5_free_principal_ent(void *server_handle, - kadm5_principal_ent_t - ent); -kadm5_ret_t kadm5_free_policy_ent(void *server_handle, - kadm5_policy_ent_t ent); - -kadm5_ret_t kadm5_get_principals(void *server_handle, - char *exp, char ***princs, - int *count); - -kadm5_ret_t kadm5_get_policies(void *server_handle, - char *exp, char ***pols, - int *count); - -#if USE_KADM5_API_VERSION > 1 -kadm5_ret_t kadm5_free_key_data(void *server_handle, - krb5_int16 *n_key_data, - krb5_key_data *key_data); -#endif - -kadm5_ret_t kadm5_free_name_list(void *server_handle, char **names, - int count); - -#if USE_KADM5_API_VERSION == 1 -/* - * OVSEC_KADM_API_VERSION_1 should be, if possible, compile-time - * compatible with KADM5_API_VERSION_2. Basically, this means we have - * to continue to provide all the old ovsec_kadm function and symbol - * names. - */ - -#define OVSEC_KADM_ACLFILE "/krb5/ovsec_adm.acl" -#define OVSEC_KADM_WORDFILE "/krb5/ovsec_adm.dict" - -#define OVSEC_KADM_ADMIN_SERVICE "ovsec_adm/admin" -#define OVSEC_KADM_CHANGEPW_SERVICE "ovsec_adm/changepw" -#define OVSEC_KADM_HIST_PRINCIPAL "ovsec_adm/history" - -typedef krb5_principal ovsec_kadm_princ_t; -typedef krb5_keyblock ovsec_kadm_keyblock; -typedef char *ovsec_kadm_policy_t; -typedef long ovsec_kadm_ret_t; - -enum ovsec_kadm_salttype { OVSEC_KADM_SALT_V4, OVSEC_KADM_SALT_NORMAL }; -enum ovsec_kadm_saltmod { OVSEC_KADM_MOD_KEEP, OVSEC_KADM_MOD_V4, OVSEC_KADM_MOD_NORMAL }; - -#define OVSEC_KADM_PW_FIRST_PROMPT \ - ((char *) error_message(CHPASS_UTIL_NEW_PASSWORD_PROMPT)) -#define OVSEC_KADM_PW_SECOND_PROMPT \ - ((char *) error_message(CHPASS_UTIL_NEW_PASSWORD_AGAIN_PROMPT)) - -/* - * Successful return code - */ -#define OVSEC_KADM_OK 0 - -/* - * Create/Modify masks - */ -/* principal */ -#define OVSEC_KADM_PRINCIPAL 0x000001 -#define OVSEC_KADM_PRINC_EXPIRE_TIME 0x000002 -#define OVSEC_KADM_PW_EXPIRATION 0x000004 -#define OVSEC_KADM_LAST_PWD_CHANGE 0x000008 -#define OVSEC_KADM_ATTRIBUTES 0x000010 -#define OVSEC_KADM_MAX_LIFE 0x000020 -#define OVSEC_KADM_MOD_TIME 0x000040 -#define OVSEC_KADM_MOD_NAME 0x000080 -#define OVSEC_KADM_KVNO 0x000100 -#define OVSEC_KADM_MKVNO 0x000200 -#define OVSEC_KADM_AUX_ATTRIBUTES 0x000400 -#define OVSEC_KADM_POLICY 0x000800 -#define OVSEC_KADM_POLICY_CLR 0x001000 -/* policy */ -#define OVSEC_KADM_PW_MAX_LIFE 0x004000 -#define OVSEC_KADM_PW_MIN_LIFE 0x008000 -#define OVSEC_KADM_PW_MIN_LENGTH 0x010000 -#define OVSEC_KADM_PW_MIN_CLASSES 0x020000 -#define OVSEC_KADM_PW_HISTORY_NUM 0x040000 -#define OVSEC_KADM_REF_COUNT 0x080000 - -/* - * permission bits - */ -#define OVSEC_KADM_PRIV_GET 0x01 -#define OVSEC_KADM_PRIV_ADD 0x02 -#define OVSEC_KADM_PRIV_MODIFY 0x04 -#define OVSEC_KADM_PRIV_DELETE 0x08 - -/* - * API versioning constants - */ -#define OVSEC_KADM_MASK_BITS 0xffffff00 - -#define OVSEC_KADM_STRUCT_VERSION_MASK 0x12345600 -#define OVSEC_KADM_STRUCT_VERSION_1 (OVSEC_KADM_STRUCT_VERSION_MASK|0x01) -#define OVSEC_KADM_STRUCT_VERSION OVSEC_KADM_STRUCT_VERSION_1 - -#define OVSEC_KADM_API_VERSION_MASK 0x12345700 -#define OVSEC_KADM_API_VERSION_1 (OVSEC_KADM_API_VERSION_MASK|0x01) - - -typedef struct _ovsec_kadm_principal_ent_t { - krb5_principal principal; - krb5_timestamp princ_expire_time; - krb5_timestamp last_pwd_change; - krb5_timestamp pw_expiration; - krb5_deltat max_life; - krb5_principal mod_name; - krb5_timestamp mod_date; - krb5_flags attributes; - krb5_kvno kvno; - krb5_kvno mkvno; - char *policy; - long aux_attributes; -} ovsec_kadm_principal_ent_rec, *ovsec_kadm_principal_ent_t; - -typedef struct _ovsec_kadm_policy_ent_t { - char *policy; - long pw_min_life; - long pw_max_life; - long pw_min_length; - long pw_min_classes; - long pw_history_num; - long policy_refcnt; -} ovsec_kadm_policy_ent_rec, *ovsec_kadm_policy_ent_t; - -/* - * functions - */ -ovsec_kadm_ret_t ovsec_kadm_init(char *client_name, char *pass, - char *service_name, char *realm, - krb5_ui_4 struct_version, - krb5_ui_4 api_version, - void **server_handle); -ovsec_kadm_ret_t ovsec_kadm_init_with_password(char *client_name, - char *pass, - char *service_name, - char *realm, - krb5_ui_4 struct_version, - krb5_ui_4 api_version, - void **server_handle); -ovsec_kadm_ret_t ovsec_kadm_init_with_skey(char *client_name, - char *keytab, - char *service_name, - char *realm, - krb5_ui_4 struct_version, - krb5_ui_4 api_version, - void **server_handle); -ovsec_kadm_ret_t ovsec_kadm_flush(void *server_handle); -ovsec_kadm_ret_t ovsec_kadm_destroy(void *server_handle); -ovsec_kadm_ret_t ovsec_kadm_create_principal(void *server_handle, - ovsec_kadm_principal_ent_t ent, - long mask, char *pass); -ovsec_kadm_ret_t ovsec_kadm_delete_principal(void *server_handle, - krb5_principal principal); -ovsec_kadm_ret_t ovsec_kadm_modify_principal(void *server_handle, - ovsec_kadm_principal_ent_t ent, - long mask); -ovsec_kadm_ret_t ovsec_kadm_rename_principal(void *server_handle, - krb5_principal,krb5_principal); -ovsec_kadm_ret_t ovsec_kadm_get_principal(void *server_handle, - krb5_principal principal, - ovsec_kadm_principal_ent_t *ent); -ovsec_kadm_ret_t ovsec_kadm_chpass_principal(void *server_handle, - krb5_principal principal, - char *pass); -ovsec_kadm_ret_t ovsec_kadm_randkey_principal(void *server_handle, - krb5_principal principal, - krb5_keyblock **keyblock); -ovsec_kadm_ret_t ovsec_kadm_create_policy(void *server_handle, - ovsec_kadm_policy_ent_t ent, - long mask); -/* - * ovsec_kadm_create_policy_internal is not part of the supported, - * exposed API. It is available only in the server library, and you - * shouldn't use it unless you know why it's there and how it's - * different from ovsec_kadm_create_policy. - */ -ovsec_kadm_ret_t ovsec_kadm_create_policy_internal(void *server_handle, - ovsec_kadm_policy_ent_t - entry, long mask); -ovsec_kadm_ret_t ovsec_kadm_delete_policy(void *server_handle, - ovsec_kadm_policy_t policy); -ovsec_kadm_ret_t ovsec_kadm_modify_policy(void *server_handle, - ovsec_kadm_policy_ent_t ent, - long mask); -/* - * ovsec_kadm_modify_policy_internal is not part of the supported, - * exposed API. It is available only in the server library, and you - * shouldn't use it unless you know why it's there and how it's - * different from ovsec_kadm_modify_policy. - */ -ovsec_kadm_ret_t ovsec_kadm_modify_policy_internal(void *server_handle, - ovsec_kadm_policy_ent_t - entry, long mask); -ovsec_kadm_ret_t ovsec_kadm_get_policy(void *server_handle, - ovsec_kadm_policy_t policy, - ovsec_kadm_policy_ent_t *ent); -ovsec_kadm_ret_t ovsec_kadm_get_privs(void *server_handle, - long *privs); - -ovsec_kadm_ret_t ovsec_kadm_chpass_principal_util(void *server_handle, - krb5_principal princ, - char *new_pw, - char **ret_pw, - char *msg_ret); - -ovsec_kadm_ret_t ovsec_kadm_free_principal_ent(void *server_handle, - ovsec_kadm_principal_ent_t - ent); -ovsec_kadm_ret_t ovsec_kadm_free_policy_ent(void *server_handle, - ovsec_kadm_policy_ent_t ent); - -ovsec_kadm_ret_t ovsec_kadm_free_name_list(void *server_handle, - char **names, int count); - -ovsec_kadm_ret_t ovsec_kadm_get_principals(void *server_handle, - char *exp, char ***princs, - int *count); - -ovsec_kadm_ret_t ovsec_kadm_get_policies(void *server_handle, - char *exp, char ***pols, - int *count); - -#define OVSEC_KADM_FAILURE KADM5_FAILURE -#define OVSEC_KADM_AUTH_GET KADM5_AUTH_GET -#define OVSEC_KADM_AUTH_ADD KADM5_AUTH_ADD -#define OVSEC_KADM_AUTH_MODIFY KADM5_AUTH_MODIFY -#define OVSEC_KADM_AUTH_DELETE KADM5_AUTH_DELETE -#define OVSEC_KADM_AUTH_INSUFFICIENT KADM5_AUTH_INSUFFICIENT -#define OVSEC_KADM_BAD_DB KADM5_BAD_DB -#define OVSEC_KADM_DUP KADM5_DUP -#define OVSEC_KADM_RPC_ERROR KADM5_RPC_ERROR -#define OVSEC_KADM_NO_SRV KADM5_NO_SRV -#define OVSEC_KADM_BAD_HIST_KEY KADM5_BAD_HIST_KEY -#define OVSEC_KADM_NOT_INIT KADM5_NOT_INIT -#define OVSEC_KADM_UNK_PRINC KADM5_UNK_PRINC -#define OVSEC_KADM_UNK_POLICY KADM5_UNK_POLICY -#define OVSEC_KADM_BAD_MASK KADM5_BAD_MASK -#define OVSEC_KADM_BAD_CLASS KADM5_BAD_CLASS -#define OVSEC_KADM_BAD_LENGTH KADM5_BAD_LENGTH -#define OVSEC_KADM_BAD_POLICY KADM5_BAD_POLICY -#define OVSEC_KADM_BAD_PRINCIPAL KADM5_BAD_PRINCIPAL -#define OVSEC_KADM_BAD_AUX_ATTR KADM5_BAD_AUX_ATTR -#define OVSEC_KADM_BAD_HISTORY KADM5_BAD_HISTORY -#define OVSEC_KADM_BAD_MIN_PASS_LIFE KADM5_BAD_MIN_PASS_LIFE -#define OVSEC_KADM_PASS_Q_TOOSHORT KADM5_PASS_Q_TOOSHORT -#define OVSEC_KADM_PASS_Q_CLASS KADM5_PASS_Q_CLASS -#define OVSEC_KADM_PASS_Q_DICT KADM5_PASS_Q_DICT -#define OVSEC_KADM_PASS_REUSE KADM5_PASS_REUSE -#define OVSEC_KADM_PASS_TOOSOON KADM5_PASS_TOOSOON -#define OVSEC_KADM_POLICY_REF KADM5_POLICY_REF -#define OVSEC_KADM_INIT KADM5_INIT -#define OVSEC_KADM_BAD_PASSWORD KADM5_BAD_PASSWORD -#define OVSEC_KADM_PROTECT_PRINCIPAL KADM5_PROTECT_PRINCIPAL -#define OVSEC_KADM_BAD_SERVER_HANDLE KADM5_BAD_SERVER_HANDLE -#define OVSEC_KADM_BAD_STRUCT_VERSION KADM5_BAD_STRUCT_VERSION -#define OVSEC_KADM_OLD_STRUCT_VERSION KADM5_OLD_STRUCT_VERSION -#define OVSEC_KADM_NEW_STRUCT_VERSION KADM5_NEW_STRUCT_VERSION -#define OVSEC_KADM_BAD_API_VERSION KADM5_BAD_API_VERSION -#define OVSEC_KADM_OLD_LIB_API_VERSION KADM5_OLD_LIB_API_VERSION -#define OVSEC_KADM_OLD_SERVER_API_VERSION KADM5_OLD_SERVER_API_VERSION -#define OVSEC_KADM_NEW_LIB_API_VERSION KADM5_NEW_LIB_API_VERSION -#define OVSEC_KADM_NEW_SERVER_API_VERSION KADM5_NEW_SERVER_API_VERSION -#define OVSEC_KADM_SECURE_PRINC_MISSING KADM5_SECURE_PRINC_MISSING -#define OVSEC_KADM_NO_RENAME_SALT KADM5_NO_RENAME_SALT - -#endif /* USE_KADM5_API_VERSION == 1 */ - -#endif /* __KADM5_ADMIN_H__ */ diff --git a/include/kadm5/chpass_util_strings.h b/include/kadm5/chpass_util_strings.h deleted file mode 100644 index cddd28529..000000000 --- a/include/kadm5/chpass_util_strings.h +++ /dev/null @@ -1,38 +0,0 @@ -/* - * ettmp27966.h: - * This file is automatically generated; please do not edit it. - */ - -#include - -#define CHPASS_UTIL_GET_POLICY_INFO (-1492553984L) -#define CHPASS_UTIL_GET_PRINC_INFO (-1492553983L) -#define CHPASS_UTIL_NEW_PASSWORD_MISMATCH (-1492553982L) -#define CHPASS_UTIL_NEW_PASSWORD_PROMPT (-1492553981L) -#define CHPASS_UTIL_NEW_PASSWORD_AGAIN_PROMPT (-1492553980L) -#define CHPASS_UTIL_NO_PASSWORD_READ (-1492553979L) -#define CHPASS_UTIL_NO_POLICY_YET_Q_ERROR (-1492553978L) -#define CHPASS_UTIL_PASSWORD_CHANGED (-1492553977L) -#define CHPASS_UTIL_PASSWORD_IN_DICTIONARY (-1492553976L) -#define CHPASS_UTIL_PASSWORD_NOT_CHANGED (-1492553975L) -#define CHPASS_UTIL_PASSWORD_TOO_SHORT (-1492553974L) -#define CHPASS_UTIL_TOO_FEW_CLASSES (-1492553973L) -#define CHPASS_UTIL_PASSWORD_TOO_SOON (-1492553972L) -#define CHPASS_UTIL_PASSWORD_REUSE (-1492553971L) -#define CHPASS_UTIL_WHILE_TRYING_TO_CHANGE (-1492553970L) -#define CHPASS_UTIL_WHILE_READING_PASSWORD (-1492553969L) -#define ERROR_TABLE_BASE_ovku (-1492553984L) - -extern const struct error_table et_ovku_error_table; - -#if !defined(_WIN32) -/* for compatibility with older versions... */ -extern void initialize_ovku_error_table (void) /*@modifies internalState@*/; -#else -#define initialize_ovku_error_table() -#endif - -#if !defined(_WIN32) -#define init_ovku_err_tbl initialize_ovku_error_table -#define ovku_err_base ERROR_TABLE_BASE_ovku -#endif diff --git a/include/kadm5/kadm_err.h b/include/kadm5/kadm_err.h deleted file mode 100644 index 050ffca80..000000000 --- a/include/kadm5/kadm_err.h +++ /dev/null @@ -1,77 +0,0 @@ -/* - * ettmp27967.h: - * This file is automatically generated; please do not edit it. - */ - -#include - -#define KADM5_FAILURE (43787520L) -#define KADM5_AUTH_GET (43787521L) -#define KADM5_AUTH_ADD (43787522L) -#define KADM5_AUTH_MODIFY (43787523L) -#define KADM5_AUTH_DELETE (43787524L) -#define KADM5_AUTH_INSUFFICIENT (43787525L) -#define KADM5_BAD_DB (43787526L) -#define KADM5_DUP (43787527L) -#define KADM5_RPC_ERROR (43787528L) -#define KADM5_NO_SRV (43787529L) -#define KADM5_BAD_HIST_KEY (43787530L) -#define KADM5_NOT_INIT (43787531L) -#define KADM5_UNK_PRINC (43787532L) -#define KADM5_UNK_POLICY (43787533L) -#define KADM5_BAD_MASK (43787534L) -#define KADM5_BAD_CLASS (43787535L) -#define KADM5_BAD_LENGTH (43787536L) -#define KADM5_BAD_POLICY (43787537L) -#define KADM5_BAD_PRINCIPAL (43787538L) -#define KADM5_BAD_AUX_ATTR (43787539L) -#define KADM5_BAD_HISTORY (43787540L) -#define KADM5_BAD_MIN_PASS_LIFE (43787541L) -#define KADM5_PASS_Q_TOOSHORT (43787542L) -#define KADM5_PASS_Q_CLASS (43787543L) -#define KADM5_PASS_Q_DICT (43787544L) -#define KADM5_PASS_REUSE (43787545L) -#define KADM5_PASS_TOOSOON (43787546L) -#define KADM5_POLICY_REF (43787547L) -#define KADM5_INIT (43787548L) -#define KADM5_BAD_PASSWORD (43787549L) -#define KADM5_PROTECT_PRINCIPAL (43787550L) -#define KADM5_BAD_SERVER_HANDLE (43787551L) -#define KADM5_BAD_STRUCT_VERSION (43787552L) -#define KADM5_OLD_STRUCT_VERSION (43787553L) -#define KADM5_NEW_STRUCT_VERSION (43787554L) -#define KADM5_BAD_API_VERSION (43787555L) -#define KADM5_OLD_LIB_API_VERSION (43787556L) -#define KADM5_OLD_SERVER_API_VERSION (43787557L) -#define KADM5_NEW_LIB_API_VERSION (43787558L) -#define KADM5_NEW_SERVER_API_VERSION (43787559L) -#define KADM5_SECURE_PRINC_MISSING (43787560L) -#define KADM5_NO_RENAME_SALT (43787561L) -#define KADM5_BAD_CLIENT_PARAMS (43787562L) -#define KADM5_BAD_SERVER_PARAMS (43787563L) -#define KADM5_AUTH_LIST (43787564L) -#define KADM5_AUTH_CHANGEPW (43787565L) -#define KADM5_GSS_ERROR (43787566L) -#define KADM5_BAD_TL_TYPE (43787567L) -#define KADM5_MISSING_CONF_PARAMS (43787568L) -#define KADM5_BAD_SERVER_NAME (43787569L) -#define KADM5_AUTH_SETKEY (43787570L) -#define KADM5_SETKEY_DUP_ENCTYPES (43787571L) -#define KADM5_SETV4KEY_INVAL_ENCTYPE (43787572L) -#define KADM5_SETKEY3_ETYPE_MISMATCH (43787573L) -#define KADM5_MISSING_KRB5_CONF_PARAMS (43787574L) -#define ERROR_TABLE_BASE_ovk (43787520L) - -extern const struct error_table et_ovk_error_table; - -#if !defined(_WIN32) -/* for compatibility with older versions... */ -extern void initialize_ovk_error_table (void) /*@modifies internalState@*/; -#else -#define initialize_ovk_error_table() -#endif - -#if !defined(_WIN32) -#define init_ovk_err_tbl initialize_ovk_error_table -#define ovk_err_base ERROR_TABLE_BASE_ovk -#endif diff --git a/include/kadm5/kadm_rpc.h b/include/kadm5/kadm_rpc.h deleted file mode 100644 index 07ffb3af6..000000000 --- a/include/kadm5/kadm_rpc.h +++ /dev/null @@ -1,335 +0,0 @@ -#ifndef __KADM_RPC_H__ -#define __KADM_RPC_H__ - -#include - -#include -#include - -struct cprinc_arg { - krb5_ui_4 api_version; - kadm5_principal_ent_rec rec; - long mask; - char *passwd; -}; -typedef struct cprinc_arg cprinc_arg; -bool_t xdr_cprinc_arg(); - -struct cprinc3_arg { - krb5_ui_4 api_version; - kadm5_principal_ent_rec rec; - long mask; - int n_ks_tuple; - krb5_key_salt_tuple *ks_tuple; - char *passwd; -}; -typedef struct cprinc3_arg cprinc3_arg; -bool_t xdr_cprinc3_arg(); - -struct generic_ret { - krb5_ui_4 api_version; - kadm5_ret_t code; -}; -typedef struct generic_ret generic_ret; -bool_t xdr_generic_ret(); - -struct dprinc_arg { - krb5_ui_4 api_version; - krb5_principal princ; -}; -typedef struct dprinc_arg dprinc_arg; -bool_t xdr_dprinc_arg(); - -struct mprinc_arg { - krb5_ui_4 api_version; - kadm5_principal_ent_rec rec; - long mask; -}; -typedef struct mprinc_arg mprinc_arg; -bool_t xdr_mprinc_arg(); - -struct rprinc_arg { - krb5_ui_4 api_version; - krb5_principal src; - krb5_principal dest; -}; -typedef struct rprinc_arg rprinc_arg; -bool_t xdr_rprinc_arg(); - -struct gprincs_arg { - krb5_ui_4 api_version; - char *exp; -}; -typedef struct gprincs_arg gprincs_arg; -bool_t xdr_gprincs_arg(); - -struct gprincs_ret { - krb5_ui_4 api_version; - kadm5_ret_t code; - char **princs; - int count; -}; -typedef struct gprincs_ret gprincs_ret; -bool_t xdr_gprincs_ret(); - -struct chpass_arg { - krb5_ui_4 api_version; - krb5_principal princ; - char *pass; -}; -typedef struct chpass_arg chpass_arg; -bool_t xdr_chpass_arg(); - -struct chpass3_arg { - krb5_ui_4 api_version; - krb5_principal princ; - krb5_boolean keepold; - int n_ks_tuple; - krb5_key_salt_tuple *ks_tuple; - char *pass; -}; -typedef struct chpass3_arg chpass3_arg; -bool_t xdr_chpass3_arg(); - -struct setv4key_arg { - krb5_ui_4 api_version; - krb5_principal princ; - krb5_keyblock *keyblock; -}; -typedef struct setv4key_arg setv4key_arg; -bool_t xdr_setv4key_arg(); - -struct setkey_arg { - krb5_ui_4 api_version; - krb5_principal princ; - krb5_keyblock *keyblocks; - int n_keys; -}; -typedef struct setkey_arg setkey_arg; -bool_t xdr_setkey_arg(); - -struct setkey3_arg { - krb5_ui_4 api_version; - krb5_principal princ; - krb5_boolean keepold; - int n_ks_tuple; - krb5_key_salt_tuple *ks_tuple; - krb5_keyblock *keyblocks; - int n_keys; -}; -typedef struct setkey3_arg setkey3_arg; -bool_t xdr_setkey3_arg(); - -struct chrand_arg { - krb5_ui_4 api_version; - krb5_principal princ; -}; -typedef struct chrand_arg chrand_arg; -bool_t xdr_chrand_arg(); - -struct chrand3_arg { - krb5_ui_4 api_version; - krb5_principal princ; - krb5_boolean keepold; - int n_ks_tuple; - krb5_key_salt_tuple *ks_tuple; -}; -typedef struct chrand3_arg chrand3_arg; -bool_t xdr_chrand3_arg(); - -struct chrand_ret { - krb5_ui_4 api_version; - kadm5_ret_t code; - krb5_keyblock key; - krb5_keyblock *keys; - int n_keys; -}; -typedef struct chrand_ret chrand_ret; -bool_t xdr_chrand_ret(); - -struct gprinc_arg { - krb5_ui_4 api_version; - krb5_principal princ; - long mask; -}; -typedef struct gprinc_arg gprinc_arg; -bool_t xdr_gprinc_arg(); - -struct gprinc_ret { - krb5_ui_4 api_version; - kadm5_ret_t code; - kadm5_principal_ent_rec rec; -}; -typedef struct gprinc_ret gprinc_ret; -bool_t xdr_gprinc_ret(); -bool_t xdr_kadm5_ret_t(); -bool_t xdr_kadm5_principal_ent_rec(); -bool_t xdr_kadm5_policy_ent_rec(); -bool_t xdr_krb5_keyblock(); -bool_t xdr_krb5_principal(); -bool_t xdr_krb5_enctype(); -bool_t xdr_krb5_octet(); -bool_t xdr_krb5_int32(); -bool_t xdr_u_int32(); - -struct cpol_arg { - krb5_ui_4 api_version; - kadm5_policy_ent_rec rec; - long mask; -}; -typedef struct cpol_arg cpol_arg; -bool_t xdr_cpol_arg(); - -struct dpol_arg { - krb5_ui_4 api_version; - char *name; -}; -typedef struct dpol_arg dpol_arg; -bool_t xdr_dpol_arg(); - -struct mpol_arg { - krb5_ui_4 api_version; - kadm5_policy_ent_rec rec; - long mask; -}; -typedef struct mpol_arg mpol_arg; -bool_t xdr_mpol_arg(); - -struct gpol_arg { - krb5_ui_4 api_version; - char *name; -}; -typedef struct gpol_arg gpol_arg; -bool_t xdr_gpol_arg(); - -struct gpol_ret { - krb5_ui_4 api_version; - kadm5_ret_t code; - kadm5_policy_ent_rec rec; -}; -typedef struct gpol_ret gpol_ret; -bool_t xdr_gpol_ret(); - -struct gpols_arg { - krb5_ui_4 api_version; - char *exp; -}; -typedef struct gpols_arg gpols_arg; -bool_t xdr_gpols_arg(); - -struct gpols_ret { - krb5_ui_4 api_version; - kadm5_ret_t code; - char **pols; - int count; -}; -typedef struct gpols_ret gpols_ret; -bool_t xdr_gpols_ret(); - -struct getprivs_ret { - krb5_ui_4 api_version; - kadm5_ret_t code; - long privs; -}; -typedef struct getprivs_ret getprivs_ret; -bool_t xdr_getprivs_ret(); - -#define KADM ((krb5_ui_4)2112) -#define KADMVERS ((krb5_ui_4)2) -#define CREATE_PRINCIPAL ((krb5_ui_4)1) -extern generic_ret *create_principal_1_svc(cprinc_arg *arg, - struct svc_req *rqstp); -extern generic_ret *create_principal_1(cprinc_arg *argp, CLIENT *clnt); - -#define DELETE_PRINCIPAL ((krb5_ui_4)2) -extern generic_ret *delete_principal_1_svc(dprinc_arg *arg, - struct svc_req *rqstp); -extern generic_ret *delete_principal_1(dprinc_arg *argp, CLIENT *clnt); - -#define MODIFY_PRINCIPAL ((krb5_ui_4)3) -extern generic_ret *modify_principal_1_svc(mprinc_arg *arg, - struct svc_req *rqstp); -extern generic_ret *modify_principal_1(mprinc_arg *argp, CLIENT *clnt); - -#define RENAME_PRINCIPAL ((krb5_ui_4)4) -extern generic_ret *rename_principal_1_svc(rprinc_arg *arg, - struct svc_req *rqstp); -extern generic_ret *rename_principal_1(rprinc_arg *argp, CLIENT *clnt); - -#define GET_PRINCIPAL ((krb5_ui_4)5) -extern gprinc_ret *get_principal_1_svc(gprinc_arg *arg, struct svc_req *rqstp); -extern gprinc_ret *get_principal_1(gprinc_arg *argp, CLIENT *clnt); - -#define CHPASS_PRINCIPAL ((krb5_ui_4)6) -extern generic_ret *chpass_principal_1_svc(chpass_arg *arg, - struct svc_req *rqstp); -extern generic_ret *chpass_principal_1(chpass_arg *argp, CLIENT *clnt); - -#define CHRAND_PRINCIPAL ((krb5_ui_4)7) -extern chrand_ret *chrand_principal_1_svc(chrand_arg *arg, - struct svc_req *rqstp); -extern chrand_ret *chrand_principal_1(chrand_arg *argp, CLIENT *clnt); - -#define CREATE_POLICY ((krb5_ui_4)8) -extern generic_ret *create_policy_1_svc(cpol_arg *arg, struct svc_req *rqstp); -extern generic_ret *create_policy_1(cpol_arg *argp, CLIENT *clnt); - -#define DELETE_POLICY ((krb5_ui_4)9) -extern generic_ret *delete_policy_1_svc(dpol_arg *arg, struct svc_req *rqstp); -extern generic_ret *delete_policy_1(dpol_arg *argp, CLIENT *clnt); - -#define MODIFY_POLICY ((krb5_ui_4)10) -extern generic_ret *modify_policy_1_svc(mpol_arg *arg, struct svc_req *rqstp); -extern generic_ret *modify_policy_1(mpol_arg *argp, CLIENT *clnt); - -#define GET_POLICY ((krb5_ui_4)11) -extern gpol_ret *get_policy_1_svc(gpol_arg *arg, struct svc_req *rqstp); -extern gpol_ret *get_policy_1(gpol_arg *argp, CLIENT *clnt); - -#define GET_PRIVS ((krb5_ui_4)12) -extern getprivs_ret *get_privs_1_svc(krb5_ui_4 *arg, struct svc_req *rqstp); -extern getprivs_ret *get_privs_1(void *argp, CLIENT *clnt); - -#define INIT ((krb5_ui_4)13) -extern generic_ret *init_1_svc(krb5_ui_4 *arg, struct svc_req *rqstp); -extern generic_ret *init_1(void *argp, CLIENT *clnt); - -#define GET_PRINCS ((krb5_ui_4) 14) -extern gprincs_ret *get_princs_1_svc(gprincs_arg *arg, struct svc_req *rqstp); -extern gprincs_ret *get_princs_1(gprincs_arg *argp, CLIENT *clnt); - -#define GET_POLS ((krb5_ui_4) 15) -extern gpols_ret *get_pols_1_svc(gpols_arg *arg, struct svc_req *rqstp); -extern gpols_ret *get_pols_1(gpols_arg *argp, CLIENT *clnt); - -#define SETKEY_PRINCIPAL ((krb5_ui_4) 16) -extern generic_ret *setkey_principal_1_svc(setkey_arg *arg, - struct svc_req *rqstp); -extern generic_ret *setkey_principal_1(setkey_arg *argp, CLIENT *clnt); - -#define SETV4KEY_PRINCIPAL ((krb5_ui_4) 17) -extern generic_ret *setv4key_principal_1_svc(setv4key_arg *arg, - struct svc_req *rqstp); -extern generic_ret *setv4key_principal_1(setv4key_arg *argp, CLIENT *clnt); - -#define CREATE_PRINCIPAL3 ((krb5_ui_4) 18) -extern generic_ret *create_principal3_1_svc(cprinc3_arg *arg, - struct svc_req *rqstp); -extern generic_ret *create_principal3_1(cprinc3_arg *argp, CLIENT *clnt); - -#define CHPASS_PRINCIPAL3 ((krb5_ui_4) 19) -extern generic_ret *chpass_principal3_1_svc(chpass3_arg *arg, - struct svc_req *rqstp); -extern generic_ret *chpass_principal3_1(chpass3_arg *argp, CLIENT *clnt); - -#define CHRAND_PRINCIPAL3 ((krb5_ui_4) 20) -extern chrand_ret *chrand_principal3_1_svc(chrand3_arg *arg, - struct svc_req *rqstp); -extern chrand_ret *chrand_principal3_1(chrand3_arg *argp, CLIENT *clnt); - -#define SETKEY_PRINCIPAL3 ((krb5_ui_4) 21) -extern generic_ret *setkey_principal3_1_svc(setkey3_arg *arg, - struct svc_req *rqstp); -extern generic_ret *setkey_principal3_1(setkey3_arg *argp, CLIENT *clnt); - -#endif /* __KADM_RPC_H__ */ diff --git a/include/kdb.h b/include/kdb.h deleted file mode 100644 index e7049084f..000000000 --- a/include/kdb.h +++ /dev/null @@ -1,334 +0,0 @@ -/* - * include/krb5/kdb.h - * - * Copyright 1990,1991 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * KDC Database interface definitions. - */ - -/* - * Copyright (C) 1998 by the FundsXpress, INC. - * - * All rights reserved. - * - * Export of this software from the United States of America may require - * a specific license from the United States Government. It is the - * responsibility of any person or organization contemplating export to - * obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of FundsXpress. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. FundsXpress makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - -#ifndef KRB5_KDB5__ -#define KRB5_KDB5__ - -/* Salt types */ -#define KRB5_KDB_SALTTYPE_NORMAL 0 -#define KRB5_KDB_SALTTYPE_V4 1 -#define KRB5_KDB_SALTTYPE_NOREALM 2 -#define KRB5_KDB_SALTTYPE_ONLYREALM 3 -#define KRB5_KDB_SALTTYPE_SPECIAL 4 -#define KRB5_KDB_SALTTYPE_AFS3 5 - -/* Attributes */ -#define KRB5_KDB_DISALLOW_POSTDATED 0x00000001 -#define KRB5_KDB_DISALLOW_FORWARDABLE 0x00000002 -#define KRB5_KDB_DISALLOW_TGT_BASED 0x00000004 -#define KRB5_KDB_DISALLOW_RENEWABLE 0x00000008 -#define KRB5_KDB_DISALLOW_PROXIABLE 0x00000010 -#define KRB5_KDB_DISALLOW_DUP_SKEY 0x00000020 -#define KRB5_KDB_DISALLOW_ALL_TIX 0x00000040 -#define KRB5_KDB_REQUIRES_PRE_AUTH 0x00000080 -#define KRB5_KDB_REQUIRES_HW_AUTH 0x00000100 -#define KRB5_KDB_REQUIRES_PWCHANGE 0x00000200 -#define KRB5_KDB_DISALLOW_SVR 0x00001000 -#define KRB5_KDB_PWCHANGE_SERVICE 0x00002000 -#define KRB5_KDB_SUPPORT_DESMD5 0x00004000 -#define KRB5_KDB_NEW_PRINC 0x00008000 - -/* Creation flags */ -#define KRB5_KDB_CREATE_BTREE 0x00000001 -#define KRB5_KDB_CREATE_HASH 0x00000002 - -#if !defined(_WIN32) - -/* - * Note --- these structures cannot be modified without changing the - * database version number in libkdb.a, but should be expandable by - * adding new tl_data types. - */ -typedef struct _krb5_tl_data { - struct _krb5_tl_data* tl_data_next; /* NOT saved */ - krb5_int16 tl_data_type; - krb5_ui_2 tl_data_length; - krb5_octet * tl_data_contents; -} krb5_tl_data; - -/* - * If this ever changes up the version number and make the arrays be as - * big as necessary. - * - * Currently the first type is the enctype and the second is the salt type. - */ -typedef struct _krb5_key_data { - krb5_int16 key_data_ver; /* Version */ - krb5_int16 key_data_kvno; /* Key Version */ - krb5_int16 key_data_type[2]; /* Array of types */ - krb5_ui_2 key_data_length[2]; /* Array of lengths */ - krb5_octet * key_data_contents[2]; /* Array of pointers */ -} krb5_key_data; - -#define KRB5_KDB_V1_KEY_DATA_ARRAY 2 /* # of array elements */ - -typedef struct _krb5_keysalt { - krb5_int16 type; - krb5_data data; /* Length, data */ -} krb5_keysalt; - -typedef struct _krb5_db_entry_new { - krb5_magic magic; /* NOT saved */ - krb5_ui_2 len; - krb5_flags attributes; - krb5_deltat max_life; - krb5_deltat max_renewable_life; - krb5_timestamp expiration; /* When the client expires */ - krb5_timestamp pw_expiration; /* When its passwd expires */ - krb5_timestamp last_success; /* Last successful passwd */ - krb5_timestamp last_failed; /* Last failed passwd attempt */ - krb5_kvno fail_auth_count; /* # of failed passwd attempt */ - krb5_int16 n_tl_data; - krb5_int16 n_key_data; - krb5_ui_2 e_length; /* Length of extra data */ - krb5_octet * e_data; /* Extra data to be saved */ - - krb5_principal princ; /* Length, data */ - krb5_tl_data * tl_data; /* Linked list */ - krb5_key_data * key_data; /* Array */ -} krb5_db_entry; - -#define KRB5_KDB_MAGIC_NUMBER 0xdbdbdbdb -#define KRB5_KDB_V1_BASE_LENGTH 38 - -#define KRB5_TL_LAST_PWD_CHANGE 0x0001 -#define KRB5_TL_MOD_PRINC 0x0002 -#define KRB5_TL_KADM_DATA 0x0003 -#define KRB5_TL_KADM5_E_DATA 0x0004 -#define KRB5_TL_RB1_CHALLENGE 0x0005 -#ifdef SECURID -#define KRB5_TL_SECURID_STATE 0x0006 -#endif /* SECURID */ - -/* - * Determines the number of failed KDC requests before DISALLOW_ALL_TIX is set - * on the principal. - */ -#define KRB5_MAX_FAIL_COUNT 5 - -/* XXX depends on knowledge of krb5_parse_name() formats */ -#define KRB5_KDB_M_NAME "K/M" /* Kerberos/Master */ - -/* prompts used by default when reading the KDC password from the keyboard. */ -#define KRB5_KDC_MKEY_1 "Enter KDC database master key" -#define KRB5_KDC_MKEY_2 "Re-enter KDC database master key to verify" - -extern char *krb5_mkey_pwd_prompt1; -extern char *krb5_mkey_pwd_prompt2; - -/* - * These macros specify the encoding of data within the database. - * - * Data encoding is little-endian. - */ -#define krb5_kdb_decode_int16(cp, i16) \ - *((krb5_int16 *) &(i16)) = (((krb5_int16) ((unsigned char) (cp)[0]))| \ - ((krb5_int16) ((unsigned char) (cp)[1]) << 8)) -#define krb5_kdb_decode_int32(cp, i32) \ - *((krb5_int32 *) &(i32)) = (((krb5_int32) ((unsigned char) (cp)[0]))| \ - ((krb5_int32) ((unsigned char) (cp)[1]) << 8) | \ - ((krb5_int32) ((unsigned char) (cp)[2]) << 16)| \ - ((krb5_int32) ((unsigned char) (cp)[3]) << 24)) -#define krb5_kdb_encode_int16(i16, cp) \ - { \ - (cp)[0] = (unsigned char) ((i16) & 0xff); \ - (cp)[1] = (unsigned char) (((i16) >> 8) & 0xff); \ - } -#define krb5_kdb_encode_int32(i32, cp) \ - { \ - (cp)[0] = (unsigned char) ((i32) & 0xff); \ - (cp)[1] = (unsigned char) (((i32) >> 8) & 0xff); \ - (cp)[2] = (unsigned char) (((i32) >> 16) & 0xff); \ - (cp)[3] = (unsigned char) (((i32) >> 24) & 0xff); \ - } - -/* libkdb.spec */ -krb5_error_code krb5_db_set_name (krb5_context, char * ); -krb5_error_code krb5_db_init (krb5_context); -krb5_error_code krb5_db_fini (krb5_context); -krb5_error_code krb5_db_get_age (krb5_context, char *, time_t * ); -krb5_error_code krb5_db_create (krb5_context, char *, krb5_int32 ); -krb5_error_code krb5_db_rename (krb5_context, char *, char * ); -krb5_error_code krb5_db_get_principal (krb5_context, krb5_const_principal , - krb5_db_entry *, int *, - krb5_boolean * ); -void krb5_db_free_principal (krb5_context, krb5_db_entry *, int ); -krb5_error_code krb5_db_put_principal (krb5_context, krb5_db_entry *, int * ); -krb5_error_code krb5_db_delete_principal (krb5_context, krb5_const_principal, - int * ); -krb5_error_code krb5_db_iterate (krb5_context, - krb5_error_code (* ) (krb5_pointer, - krb5_db_entry *), - krb5_pointer); -krb5_error_code krb5_db_iterate_ext (krb5_context, - krb5_error_code (* ) (krb5_pointer, - krb5_db_entry *), - krb5_pointer, int, int); -krb5_error_code krb5_db_verify_master_key (krb5_context, krb5_principal, - krb5_keyblock *); -krb5_error_code krb5_db_store_mkey (krb5_context, char *, krb5_principal, - krb5_keyblock *); - -krb5_error_code krb5_db_setup_mkey_name (krb5_context, const char *, - const char *, char **, - krb5_principal *); - -krb5_error_code krb5_db_set_mkey (krb5_context, krb5_keyblock *); - -krb5_error_code krb5_db_get_mkey (krb5_context, krb5_keyblock **); -krb5_error_code krb5_db_destroy (krb5_context, char * ); -krb5_error_code krb5_db_lock (krb5_context, int ); -krb5_error_code krb5_db_unlock (krb5_context); -krb5_error_code krb5_db_set_nonblocking (krb5_context, krb5_boolean, - krb5_boolean * ); -krb5_boolean krb5_db_set_lockmode (krb5_context, krb5_boolean); -krb5_error_code krb5_db_fetch_mkey (krb5_context, krb5_principal, krb5_enctype, - krb5_boolean, krb5_boolean, char *, - krb5_data *, - krb5_keyblock * ); - -krb5_error_code krb5_db_open_database (krb5_context); -krb5_error_code krb5_db_close_database (krb5_context); - -krb5_error_code krb5_dbekd_encrypt_key_data (krb5_context, - const krb5_keyblock *, - const krb5_keyblock *, - const krb5_keysalt *, - int, - krb5_key_data *); -krb5_error_code krb5_dbekd_decrypt_key_data (krb5_context, - const krb5_keyblock *, - const krb5_key_data *, - krb5_keyblock *, - krb5_keysalt *); -krb5_error_code krb5_dbe_create_key_data (krb5_context, - krb5_db_entry *); -krb5_error_code krb5_dbe_update_tl_data (krb5_context, - krb5_db_entry *, - krb5_tl_data *); -krb5_error_code krb5_dbe_lookup_tl_data (krb5_context, - krb5_db_entry *, - krb5_tl_data *); -krb5_error_code krb5_dbe_update_last_pwd_change (krb5_context, - krb5_db_entry *, - krb5_timestamp); -krb5_error_code krb5_dbe_lookup_last_pwd_change (krb5_context, - krb5_db_entry *, - krb5_timestamp *); -krb5_error_code krb5_dbe_update_mod_princ_data (krb5_context, - krb5_db_entry *, - krb5_timestamp, - krb5_const_principal); -krb5_error_code krb5_dbe_lookup_mod_princ_data (krb5_context, - krb5_db_entry *, - krb5_timestamp *, - krb5_principal *); -int krb5_encode_princ_dbkey (krb5_context, krb5_data *, krb5_const_principal); -void krb5_free_princ_dbkey (krb5_context, krb5_data *); -krb5_error_code krb5_encode_princ_contents (krb5_context, krb5_data *, - krb5_db_entry *); -void krb5_free_princ_contents (krb5_context, krb5_data *); -krb5_error_code krb5_decode_princ_contents (krb5_context, krb5_data *, - krb5_db_entry *); -void krb5_dbe_free_contents (krb5_context, krb5_db_entry *); - -krb5_error_code krb5_dbe_find_enctype (krb5_context, krb5_db_entry *, - krb5_int32, - krb5_int32, - krb5_int32, - krb5_key_data **); - -krb5_error_code krb5_dbe_search_enctype (krb5_context, - krb5_db_entry *, - krb5_int32 *, - krb5_int32, - krb5_int32, - krb5_int32, - krb5_key_data **); - -struct __krb5_key_salt_tuple; - -krb5_error_code krb5_dbe_cpw (krb5_context, - krb5_keyblock *, - struct __krb5_key_salt_tuple *, - int, - char *, - int, - krb5_boolean, - krb5_db_entry *); -krb5_error_code krb5_dbe_apw (krb5_context, - krb5_keyblock *, - struct __krb5_key_salt_tuple *, - int, - char *, - krb5_db_entry *); -krb5_error_code krb5_dbe_crk (krb5_context, - krb5_keyblock *, - struct __krb5_key_salt_tuple *, - int, - krb5_boolean, - krb5_db_entry *); -krb5_error_code krb5_dbe_ark (krb5_context, - krb5_keyblock *, - struct __krb5_key_salt_tuple *, - int, - krb5_db_entry *); - -krb5_error_code krb5_ser_db_context_init (krb5_context); - -#define KRB5_KDB_DEF_FLAGS 0 - -#endif /* !defined(_WIN32) */ -#endif /* KRB5_KDB5__ */ diff --git a/src/Makefile b/src/Makefile index 5dff35fab..5fa0187a0 100644 --- a/src/Makefile +++ b/src/Makefile @@ -1,6 +1,6 @@ CFLAGS := -g3 -O2 -Wall -Werror -DDEBUG LDFLAGS := -L/opt/csw/lib -Wl,-R/opt/csw/lib -L/usr/local/lib -Wl,-R/usr/local/lib -INCLUDES := -I../include $(shell krb5-config --cflags) +INCLUDES := $(shell krb5-config --cflags) override LDFLAGS += -std=gnu99 $(INCLUDES) override CFLAGS += -std=gnu99 $(INCLUDES)