admin.h revision 55682
155682Smarkm/* 255682Smarkm * Copyright (c) 1997-1999 Kungliga Tekniska H�gskolan 355682Smarkm * (Royal Institute of Technology, Stockholm, Sweden). 455682Smarkm * All rights reserved. 555682Smarkm * 655682Smarkm * Redistribution and use in source and binary forms, with or without 755682Smarkm * modification, are permitted provided that the following conditions 855682Smarkm * are met: 955682Smarkm * 1055682Smarkm * 1. Redistributions of source code must retain the above copyright 1155682Smarkm * notice, this list of conditions and the following disclaimer. 1255682Smarkm * 1355682Smarkm * 2. Redistributions in binary form must reproduce the above copyright 1455682Smarkm * notice, this list of conditions and the following disclaimer in the 1555682Smarkm * documentation and/or other materials provided with the distribution. 1655682Smarkm * 1755682Smarkm * 3. Neither the name of the Institute nor the names of its contributors 1855682Smarkm * may be used to endorse or promote products derived from this software 1955682Smarkm * without specific prior written permission. 2055682Smarkm * 2155682Smarkm * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 2255682Smarkm * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 2355682Smarkm * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 2455682Smarkm * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 2555682Smarkm * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 2655682Smarkm * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 2755682Smarkm * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 2855682Smarkm * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 2955682Smarkm * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 3055682Smarkm * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 3155682Smarkm * SUCH DAMAGE. 3255682Smarkm */ 3355682Smarkm/* $Id: admin.h,v 1.15 1999/12/02 17:05:05 joda Exp $ */ 3455682Smarkm 3555682Smarkm#ifndef __KADM5_ADMIN_H__ 3655682Smarkm#define __KADM5_ADMIN_H__ 3755682Smarkm 3855682Smarkm#define KADM5_API_VERSION_1 1 3955682Smarkm#define KADM5_API_VERSION_2 2 4055682Smarkm 4155682Smarkm#ifndef USE_KADM5_API_VERSION 4255682Smarkm#define USE_KADM5_API_VERSION KADM5_API_VERSION_2 4355682Smarkm#endif 4455682Smarkm 4555682Smarkm#if USE_KADM5_API_VERSION != KADM5_API_VERSION_2 4655682Smarkm#error No support for API versions other than 2 4755682Smarkm#endif 4855682Smarkm 4955682Smarkm#define KADM5_STRUCT_VERSION 0 5055682Smarkm 5155682Smarkm#include <krb5.h> 5255682Smarkm 5355682Smarkm#define KRB5_KDB_DISALLOW_POSTDATED 0x00000001 5455682Smarkm#define KRB5_KDB_DISALLOW_FORWARDABLE 0x00000002 5555682Smarkm#define KRB5_KDB_DISALLOW_TGT_BASED 0x00000004 5655682Smarkm#define KRB5_KDB_DISALLOW_RENEWABLE 0x00000008 5755682Smarkm#define KRB5_KDB_DISALLOW_PROXIABLE 0x00000010 5855682Smarkm#define KRB5_KDB_DISALLOW_DUP_SKEY 0x00000020 5955682Smarkm#define KRB5_KDB_DISALLOW_ALL_TIX 0x00000040 6055682Smarkm#define KRB5_KDB_REQUIRES_PRE_AUTH 0x00000080 6155682Smarkm#define KRB5_KDB_REQUIRES_HW_AUTH 0x00000100 6255682Smarkm#define KRB5_KDB_REQUIRES_PWCHANGE 0x00000200 6355682Smarkm#define KRB5_KDB_DISALLOW_SVR 0x00001000 6455682Smarkm#define KRB5_KDB_PWCHANGE_SERVICE 0x00002000 6555682Smarkm#define KRB5_KDB_SUPPORT_DESMD5 0x00004000 6655682Smarkm#define KRB5_KDB_NEW_PRINC 0x00008000 6755682Smarkm 6855682Smarkm#define KADM5_PRINCIPAL 0x000001 6955682Smarkm#define KADM5_PRINC_EXPIRE_TIME 0x000002 7055682Smarkm#define KADM5_PW_EXPIRATION 0x000004 7155682Smarkm#define KADM5_LAST_PWD_CHANGE 0x000008 7255682Smarkm#define KADM5_ATTRIBUTES 0x000010 7355682Smarkm#define KADM5_MAX_LIFE 0x000020 7455682Smarkm#define KADM5_MOD_TIME 0x000040 7555682Smarkm#define KADM5_MOD_NAME 0x000080 7655682Smarkm#define KADM5_KVNO 0x000100 7755682Smarkm#define KADM5_MKVNO 0x000200 7855682Smarkm#define KADM5_AUX_ATTRIBUTES 0x000400 7955682Smarkm#define KADM5_POLICY 0x000800 8055682Smarkm#define KADM5_POLICY_CLR 0x001000 8155682Smarkm#define KADM5_MAX_RLIFE 0x002000 8255682Smarkm#define KADM5_LAST_SUCCESS 0x004000 8355682Smarkm#define KADM5_LAST_FAILED 0x008000 8455682Smarkm#define KADM5_FAIL_AUTH_COUNT 0x010000 8555682Smarkm#define KADM5_KEY_DATA 0x020000 8655682Smarkm#define KADM5_TL_DATA 0x040000 8755682Smarkm 8855682Smarkm#define KADM5_PRINCIPAL_NORMAL_MASK (~(KADM5_KEY_DATA | KADM5_TL_DATA)) 8955682Smarkm 9055682Smarkm#define KADM5_PW_MAX_LIFE 0x004000 9155682Smarkm#define KADM5_PW_MIN_LIFE 0x008000 9255682Smarkm#define KADM5_PW_MIN_LENGTH 0x010000 9355682Smarkm#define KADM5_PW_MIN_CLASSES 0x020000 9455682Smarkm#define KADM5_PW_HISTORY_NUM 0x040000 9555682Smarkm#define KADM5_REF_COUNT 0x080000 9655682Smarkm 9755682Smarkm#define KADM5_POLICY_NORMAL_MASK (~0) 9855682Smarkm 9955682Smarkm#define KADM5_ADMIN_SERVICE "kadmin/admin" 10055682Smarkm#define KADM5_HIST_PRINCIPAL "kadmin/history" 10155682Smarkm#define KADM5_CHANGEPW_SERVICE "kadmin/changepw" 10255682Smarkm 10355682Smarkmtypedef struct _krb5_key_data { 10455682Smarkm int16_t key_data_ver; /* Version */ 10555682Smarkm int16_t key_data_kvno; /* Key Version */ 10655682Smarkm int16_t key_data_type[2]; /* Array of types */ 10755682Smarkm int16_t key_data_length[2]; /* Array of lengths */ 10855682Smarkm void** key_data_contents[2];/* Array of pointers */ 10955682Smarkm} krb5_key_data; 11055682Smarkm 11155682Smarkmtypedef struct _krb5_tl_data { 11255682Smarkm struct _krb5_tl_data* tl_data_next; 11355682Smarkm int16_t tl_data_type; 11455682Smarkm int16_t tl_data_length; 11555682Smarkm void **tl_data_contents; 11655682Smarkm} krb5_tl_data; 11755682Smarkm 11855682Smarkmtypedef struct _kadm5_principal_ent_t { 11955682Smarkm krb5_principal principal; 12055682Smarkm 12155682Smarkm krb5_timestamp princ_expire_time; 12255682Smarkm krb5_timestamp last_pwd_change; 12355682Smarkm krb5_timestamp pw_expiration; 12455682Smarkm krb5_deltat max_life; 12555682Smarkm krb5_principal mod_name; 12655682Smarkm krb5_timestamp mod_date; 12755682Smarkm krb5_flags attributes; 12855682Smarkm krb5_kvno kvno; 12955682Smarkm krb5_kvno mkvno; 13055682Smarkm 13155682Smarkm char * policy; 13255682Smarkm u_int32_t aux_attributes; 13355682Smarkm 13455682Smarkm krb5_deltat max_renewable_life; 13555682Smarkm krb5_timestamp last_success; 13655682Smarkm krb5_timestamp last_failed; 13755682Smarkm krb5_kvno fail_auth_count; 13855682Smarkm int16_t n_key_data; 13955682Smarkm int16_t n_tl_data; 14055682Smarkm krb5_tl_data *tl_data; 14155682Smarkm krb5_key_data *key_data; 14255682Smarkm} kadm5_principal_ent_rec, *kadm5_principal_ent_t; 14355682Smarkm 14455682Smarkmtypedef struct _kadm5_policy_ent_t { 14555682Smarkm char *policy; 14655682Smarkm 14755682Smarkm u_int32_t pw_min_life; 14855682Smarkm u_int32_t pw_max_life; 14955682Smarkm u_int32_t pw_min_length; 15055682Smarkm u_int32_t pw_min_classes; 15155682Smarkm u_int32_t pw_history_num; 15255682Smarkm u_int32_t policy_refcnt; 15355682Smarkm} kadm5_policy_ent_rec, *kadm5_policy_ent_t; 15455682Smarkm 15555682Smarkm#define KADM5_CONFIG_REALM (1 << 0) 15655682Smarkm#define KADM5_CONFIG_PROFILE (1 << 1) 15755682Smarkm#define KADM5_CONFIG_KADMIND_PORT (1 << 2) 15855682Smarkm#define KADM5_CONFIG_ADMIN_SERVER (1 << 3) 15955682Smarkm#define KADM5_CONFIG_DBNAME (1 << 4) 16055682Smarkm#define KADM5_CONFIG_ADBNAME (1 << 5) 16155682Smarkm#define KADM5_CONFIG_ADB_LOCKFILE (1 << 6) 16255682Smarkm#define KADM5_CONFIG_ACL_FILE (1 << 7) 16355682Smarkm#define KADM5_CONFIG_DICT_FILE (1 << 8) 16455682Smarkm#define KADM5_CONFIG_ADMIN_KEYTAB (1 << 9) 16555682Smarkm#define KADM5_CONFIG_MKEY_FROM_KEYBOARD (1 << 10) 16655682Smarkm#define KADM5_CONFIG_STASH_FILE (1 << 11) 16755682Smarkm#define KADM5_CONFIG_MKEY_NAME (1 << 12) 16855682Smarkm#define KADM5_CONFIG_ENCTYPE (1 << 13) 16955682Smarkm#define KADM5_CONFIG_MAX_LIFE (1 << 14) 17055682Smarkm#define KADM5_CONFIG_MAX_RLIFE (1 << 15) 17155682Smarkm#define KADM5_CONFIG_EXPIRATION (1 << 16) 17255682Smarkm#define KADM5_CONFIG_FLAGS (1 << 17) 17355682Smarkm#define KADM5_CONFIG_ENCTYPES (1 << 18) 17455682Smarkm 17555682Smarkm#define KADM5_PRIV_GET (1 << 0) 17655682Smarkm#define KADM5_PRIV_ADD (1 << 1) 17755682Smarkm#define KADM5_PRIV_MODIFY (1 << 2) 17855682Smarkm#define KADM5_PRIV_DELETE (1 << 3) 17955682Smarkm#define KADM5_PRIV_LIST (1 << 4) 18055682Smarkm#define KADM5_PRIV_CPW (1 << 5) 18155682Smarkm#define KADM5_PRIV_ALL (KADM5_PRIV_GET | KADM5_PRIV_ADD | KADM5_PRIV_MODIFY | KADM5_PRIV_DELETE | KADM5_PRIV_LIST | KADM5_PRIV_CPW) 18255682Smarkm 18355682Smarkmtypedef struct { 18455682Smarkm int XXX; 18555682Smarkm}krb5_key_salt_tuple; 18655682Smarkm 18755682Smarkmtypedef struct _kadm5_config_params { 18855682Smarkm u_int32_t mask; 18955682Smarkm 19055682Smarkm /* Client and server fields */ 19155682Smarkm char *realm; 19255682Smarkm int kadmind_port; 19355682Smarkm 19455682Smarkm /* client fields */ 19555682Smarkm char *admin_server; 19655682Smarkm 19755682Smarkm /* server fields */ 19855682Smarkm char *dbname; 19955682Smarkm char *acl_file; 20055682Smarkm 20155682Smarkm /* server library (database) fields */ 20255682Smarkm char *stash_file; 20355682Smarkm} kadm5_config_params; 20455682Smarkm 20555682Smarkmtypedef krb5_error_code kadm5_ret_t; 20655682Smarkm 20755682Smarkmkadm5_ret_t 20855682Smarkmkadm5_c_chpass_principal __P(( 20955682Smarkm void *server_handle, 21055682Smarkm krb5_principal princ, 21155682Smarkm char *password)); 21255682Smarkm 21355682Smarkmkadm5_ret_t 21455682Smarkmkadm5_c_create_principal __P(( 21555682Smarkm void *server_handle, 21655682Smarkm kadm5_principal_ent_t princ, 21755682Smarkm u_int32_t mask, 21855682Smarkm char *password)); 21955682Smarkm 22055682Smarkmkadm5_ret_t 22155682Smarkmkadm5_c_delete_principal __P(( 22255682Smarkm void *server_handle, 22355682Smarkm krb5_principal princ)); 22455682Smarkm 22555682Smarkmkadm5_ret_t 22655682Smarkmkadm5_c_destroy __P((void *server_handle)); 22755682Smarkm 22855682Smarkmkadm5_ret_t 22955682Smarkmkadm5_c_flush __P((void *server_handle)); 23055682Smarkm 23155682Smarkmkadm5_ret_t 23255682Smarkmkadm5_c_get_principal __P(( 23355682Smarkm void *server_handle, 23455682Smarkm krb5_principal princ, 23555682Smarkm kadm5_principal_ent_t out, 23655682Smarkm u_int32_t mask)); 23755682Smarkm 23855682Smarkmkadm5_ret_t 23955682Smarkmkadm5_c_get_principals __P(( 24055682Smarkm void *server_handle, 24155682Smarkm const char *exp, 24255682Smarkm char ***princs, 24355682Smarkm int *count)); 24455682Smarkm 24555682Smarkmkadm5_ret_t 24655682Smarkmkadm5_c_get_privs __P(( 24755682Smarkm void *server_handle, 24855682Smarkm u_int32_t *privs)); 24955682Smarkm 25055682Smarkmkadm5_ret_t 25155682Smarkmkadm5_c_init_with_creds __P(( 25255682Smarkm const char *client_name, 25355682Smarkm krb5_ccache ccache, 25455682Smarkm const char *service_name, 25555682Smarkm kadm5_config_params *realm_params, 25655682Smarkm unsigned long struct_version, 25755682Smarkm unsigned long api_version, 25855682Smarkm void **server_handle)); 25955682Smarkm 26055682Smarkmkadm5_ret_t 26155682Smarkmkadm5_c_init_with_creds_ctx __P(( 26255682Smarkm krb5_context context, 26355682Smarkm const char *client_name, 26455682Smarkm krb5_ccache ccache, 26555682Smarkm const char *service_name, 26655682Smarkm kadm5_config_params *realm_params, 26755682Smarkm unsigned long struct_version, 26855682Smarkm unsigned long api_version, 26955682Smarkm void **server_handle)); 27055682Smarkm 27155682Smarkmkadm5_ret_t 27255682Smarkmkadm5_c_init_with_password __P(( 27355682Smarkm const char *client_name, 27455682Smarkm const char *password, 27555682Smarkm const char *service_name, 27655682Smarkm kadm5_config_params *realm_params, 27755682Smarkm unsigned long struct_version, 27855682Smarkm unsigned long api_version, 27955682Smarkm void **server_handle)); 28055682Smarkm 28155682Smarkmkadm5_ret_t 28255682Smarkmkadm5_c_init_with_password_ctx __P(( 28355682Smarkm krb5_context context, 28455682Smarkm const char *client_name, 28555682Smarkm const char *password, 28655682Smarkm const char *service_name, 28755682Smarkm kadm5_config_params *realm_params, 28855682Smarkm unsigned long struct_version, 28955682Smarkm unsigned long api_version, 29055682Smarkm void **server_handle)); 29155682Smarkm 29255682Smarkmkadm5_ret_t 29355682Smarkmkadm5_c_init_with_skey __P(( 29455682Smarkm const char *client_name, 29555682Smarkm const char *keytab, 29655682Smarkm const char *service_name, 29755682Smarkm kadm5_config_params *realm_params, 29855682Smarkm unsigned long struct_version, 29955682Smarkm unsigned long api_version, 30055682Smarkm void **server_handle)); 30155682Smarkm 30255682Smarkmkadm5_ret_t 30355682Smarkmkadm5_c_init_with_skey_ctx __P(( 30455682Smarkm krb5_context context, 30555682Smarkm const char *client_name, 30655682Smarkm const char *keytab, 30755682Smarkm const char *service_name, 30855682Smarkm kadm5_config_params *realm_params, 30955682Smarkm unsigned long struct_version, 31055682Smarkm unsigned long api_version, 31155682Smarkm void **server_handle)); 31255682Smarkm 31355682Smarkmkadm5_ret_t 31455682Smarkmkadm5_c_modify_principal __P(( 31555682Smarkm void *server_handle, 31655682Smarkm kadm5_principal_ent_t princ, 31755682Smarkm u_int32_t mask)); 31855682Smarkm 31955682Smarkmkadm5_ret_t 32055682Smarkmkadm5_c_randkey_principal __P(( 32155682Smarkm void *server_handle, 32255682Smarkm krb5_principal princ, 32355682Smarkm krb5_keyblock **new_keys, 32455682Smarkm int *n_keys)); 32555682Smarkm 32655682Smarkmkadm5_ret_t 32755682Smarkmkadm5_c_rename_principal __P(( 32855682Smarkm void *server_handle, 32955682Smarkm krb5_principal source, 33055682Smarkm krb5_principal target)); 33155682Smarkm 33255682Smarkmkadm5_ret_t 33355682Smarkmkadm5_chpass_principal __P(( 33455682Smarkm void *server_handle, 33555682Smarkm krb5_principal princ, 33655682Smarkm char *password)); 33755682Smarkm 33855682Smarkmkadm5_ret_t 33955682Smarkmkadm5_create_principal __P(( 34055682Smarkm void *server_handle, 34155682Smarkm kadm5_principal_ent_t princ, 34255682Smarkm u_int32_t mask, 34355682Smarkm char *password)); 34455682Smarkm 34555682Smarkmkadm5_ret_t 34655682Smarkmkadm5_delete_principal __P(( 34755682Smarkm void *server_handle, 34855682Smarkm krb5_principal princ)); 34955682Smarkm 35055682Smarkmkadm5_ret_t 35155682Smarkmkadm5_destroy __P((void *server_handle)); 35255682Smarkm 35355682Smarkmkadm5_ret_t 35455682Smarkmkadm5_flush __P((void *server_handle)); 35555682Smarkm 35655682Smarkmvoid 35755682Smarkmkadm5_free_key_data __P(( 35855682Smarkm void *server_handle, 35955682Smarkm int16_t *n_key_data, 36055682Smarkm krb5_key_data *key_data)); 36155682Smarkm 36255682Smarkmvoid 36355682Smarkmkadm5_free_name_list __P(( 36455682Smarkm void *server_handle, 36555682Smarkm char **names, 36655682Smarkm int *count)); 36755682Smarkm 36855682Smarkmvoid 36955682Smarkmkadm5_free_principal_ent __P(( 37055682Smarkm void *server_handle, 37155682Smarkm kadm5_principal_ent_t princ)); 37255682Smarkm 37355682Smarkmkadm5_ret_t 37455682Smarkmkadm5_get_principal __P(( 37555682Smarkm void *server_handle, 37655682Smarkm krb5_principal princ, 37755682Smarkm kadm5_principal_ent_t out, 37855682Smarkm u_int32_t mask)); 37955682Smarkm 38055682Smarkmkadm5_ret_t 38155682Smarkmkadm5_get_principals __P(( 38255682Smarkm void *server_handle, 38355682Smarkm const char *exp, 38455682Smarkm char ***princs, 38555682Smarkm int *count)); 38655682Smarkm 38755682Smarkmkadm5_ret_t 38855682Smarkmkadm5_get_privs __P(( 38955682Smarkm void *server_handle, 39055682Smarkm u_int32_t *privs)); 39155682Smarkm 39255682Smarkmkadm5_ret_t 39355682Smarkmkadm5_init_with_creds __P(( 39455682Smarkm const char *client_name, 39555682Smarkm krb5_ccache ccache, 39655682Smarkm const char *service_name, 39755682Smarkm kadm5_config_params *realm_params, 39855682Smarkm unsigned long struct_version, 39955682Smarkm unsigned long api_version, 40055682Smarkm void **server_handle)); 40155682Smarkm 40255682Smarkmkadm5_ret_t 40355682Smarkmkadm5_init_with_creds_ctx __P(( 40455682Smarkm krb5_context context, 40555682Smarkm const char *client_name, 40655682Smarkm krb5_ccache ccache, 40755682Smarkm const char *service_name, 40855682Smarkm kadm5_config_params *realm_params, 40955682Smarkm unsigned long struct_version, 41055682Smarkm unsigned long api_version, 41155682Smarkm void **server_handle)); 41255682Smarkm 41355682Smarkmkadm5_ret_t 41455682Smarkmkadm5_init_with_password __P(( 41555682Smarkm const char *client_name, 41655682Smarkm const char *password, 41755682Smarkm const char *service_name, 41855682Smarkm kadm5_config_params *realm_params, 41955682Smarkm unsigned long struct_version, 42055682Smarkm unsigned long api_version, 42155682Smarkm void **server_handle)); 42255682Smarkm 42355682Smarkmkadm5_ret_t 42455682Smarkmkadm5_init_with_password_ctx __P(( 42555682Smarkm krb5_context context, 42655682Smarkm const char *client_name, 42755682Smarkm const char *password, 42855682Smarkm const char *service_name, 42955682Smarkm kadm5_config_params *realm_params, 43055682Smarkm unsigned long struct_version, 43155682Smarkm unsigned long api_version, 43255682Smarkm void **server_handle)); 43355682Smarkm 43455682Smarkmkadm5_ret_t 43555682Smarkmkadm5_init_with_skey __P(( 43655682Smarkm const char *client_name, 43755682Smarkm const char *keytab, 43855682Smarkm const char *service_name, 43955682Smarkm kadm5_config_params *realm_params, 44055682Smarkm unsigned long struct_version, 44155682Smarkm unsigned long api_version, 44255682Smarkm void **server_handle)); 44355682Smarkm 44455682Smarkmkadm5_ret_t 44555682Smarkmkadm5_init_with_skey_ctx __P(( 44655682Smarkm krb5_context context, 44755682Smarkm const char *client_name, 44855682Smarkm const char *keytab, 44955682Smarkm const char *service_name, 45055682Smarkm kadm5_config_params *realm_params, 45155682Smarkm unsigned long struct_version, 45255682Smarkm unsigned long api_version, 45355682Smarkm void **server_handle)); 45455682Smarkm 45555682Smarkmkadm5_ret_t 45655682Smarkmkadm5_modify_principal __P(( 45755682Smarkm void *server_handle, 45855682Smarkm kadm5_principal_ent_t princ, 45955682Smarkm u_int32_t mask)); 46055682Smarkm 46155682Smarkmkadm5_ret_t 46255682Smarkmkadm5_randkey_principal __P(( 46355682Smarkm void *server_handle, 46455682Smarkm krb5_principal princ, 46555682Smarkm krb5_keyblock **new_keys, 46655682Smarkm int *n_keys)); 46755682Smarkm 46855682Smarkmkadm5_ret_t 46955682Smarkmkadm5_rename_principal __P(( 47055682Smarkm void *server_handle, 47155682Smarkm krb5_principal source, 47255682Smarkm krb5_principal target)); 47355682Smarkm 47455682Smarkmkadm5_ret_t 47555682Smarkmkadm5_ret_key_data __P(( 47655682Smarkm krb5_storage *sp, 47755682Smarkm krb5_key_data *key)); 47855682Smarkm 47955682Smarkmkadm5_ret_t 48055682Smarkmkadm5_ret_principal_ent __P(( 48155682Smarkm krb5_storage *sp, 48255682Smarkm kadm5_principal_ent_t princ)); 48355682Smarkm 48455682Smarkmkadm5_ret_t 48555682Smarkmkadm5_ret_principal_ent_mask __P(( 48655682Smarkm krb5_storage *sp, 48755682Smarkm kadm5_principal_ent_t princ, 48855682Smarkm u_int32_t *mask)); 48955682Smarkm 49055682Smarkmkadm5_ret_t 49155682Smarkmkadm5_ret_tl_data __P(( 49255682Smarkm krb5_storage *sp, 49355682Smarkm krb5_tl_data *tl)); 49455682Smarkm 49555682Smarkmkadm5_ret_t 49655682Smarkmkadm5_s_chpass_principal __P(( 49755682Smarkm void *server_handle, 49855682Smarkm krb5_principal princ, 49955682Smarkm char *password)); 50055682Smarkm 50155682Smarkmkadm5_ret_t 50255682Smarkmkadm5_s_chpass_principal_with_key __P(( 50355682Smarkm void *server_handle, 50455682Smarkm krb5_principal princ, 50555682Smarkm int n_key_data, 50655682Smarkm krb5_key_data *key_data)); 50755682Smarkm 50855682Smarkmkadm5_ret_t 50955682Smarkmkadm5_s_create_principal __P(( 51055682Smarkm void *server_handle, 51155682Smarkm kadm5_principal_ent_t princ, 51255682Smarkm u_int32_t mask, 51355682Smarkm char *password)); 51455682Smarkm 51555682Smarkmkadm5_ret_t 51655682Smarkmkadm5_s_create_principal_with_key __P(( 51755682Smarkm void *server_handle, 51855682Smarkm kadm5_principal_ent_t princ, 51955682Smarkm u_int32_t mask)); 52055682Smarkm 52155682Smarkmkadm5_ret_t 52255682Smarkmkadm5_s_delete_principal __P(( 52355682Smarkm void *server_handle, 52455682Smarkm krb5_principal princ)); 52555682Smarkm 52655682Smarkmkadm5_ret_t 52755682Smarkmkadm5_s_destroy __P((void *server_handle)); 52855682Smarkm 52955682Smarkmkadm5_ret_t 53055682Smarkmkadm5_s_flush __P((void *server_handle)); 53155682Smarkm 53255682Smarkmkadm5_ret_t 53355682Smarkmkadm5_s_get_principal __P(( 53455682Smarkm void *server_handle, 53555682Smarkm krb5_principal princ, 53655682Smarkm kadm5_principal_ent_t out, 53755682Smarkm u_int32_t mask)); 53855682Smarkm 53955682Smarkmkadm5_ret_t 54055682Smarkmkadm5_s_get_principals __P(( 54155682Smarkm void *server_handle, 54255682Smarkm const char *exp, 54355682Smarkm char ***princs, 54455682Smarkm int *count)); 54555682Smarkm 54655682Smarkmkadm5_ret_t 54755682Smarkmkadm5_s_get_privs __P(( 54855682Smarkm void *server_handle, 54955682Smarkm u_int32_t *privs)); 55055682Smarkm 55155682Smarkmkadm5_ret_t 55255682Smarkmkadm5_s_init_with_creds __P(( 55355682Smarkm const char *client_name, 55455682Smarkm krb5_ccache ccache, 55555682Smarkm const char *service_name, 55655682Smarkm kadm5_config_params *realm_params, 55755682Smarkm unsigned long struct_version, 55855682Smarkm unsigned long api_version, 55955682Smarkm void **server_handle)); 56055682Smarkm 56155682Smarkmkadm5_ret_t 56255682Smarkmkadm5_s_init_with_creds_ctx __P(( 56355682Smarkm krb5_context context, 56455682Smarkm const char *client_name, 56555682Smarkm krb5_ccache ccache, 56655682Smarkm const char *service_name, 56755682Smarkm kadm5_config_params *realm_params, 56855682Smarkm unsigned long struct_version, 56955682Smarkm unsigned long api_version, 57055682Smarkm void **server_handle)); 57155682Smarkm 57255682Smarkmkadm5_ret_t 57355682Smarkmkadm5_s_init_with_password __P(( 57455682Smarkm const char *client_name, 57555682Smarkm const char *password, 57655682Smarkm const char *service_name, 57755682Smarkm kadm5_config_params *realm_params, 57855682Smarkm unsigned long struct_version, 57955682Smarkm unsigned long api_version, 58055682Smarkm void **server_handle)); 58155682Smarkm 58255682Smarkmkadm5_ret_t 58355682Smarkmkadm5_s_init_with_password_ctx __P(( 58455682Smarkm krb5_context context, 58555682Smarkm const char *client_name, 58655682Smarkm const char *password, 58755682Smarkm const char *service_name, 58855682Smarkm kadm5_config_params *realm_params, 58955682Smarkm unsigned long struct_version, 59055682Smarkm unsigned long api_version, 59155682Smarkm void **server_handle)); 59255682Smarkm 59355682Smarkmkadm5_ret_t 59455682Smarkmkadm5_s_init_with_skey __P(( 59555682Smarkm const char *client_name, 59655682Smarkm const char *keytab, 59755682Smarkm const char *service_name, 59855682Smarkm kadm5_config_params *realm_params, 59955682Smarkm unsigned long struct_version, 60055682Smarkm unsigned long api_version, 60155682Smarkm void **server_handle)); 60255682Smarkm 60355682Smarkmkadm5_ret_t 60455682Smarkmkadm5_s_init_with_skey_ctx __P(( 60555682Smarkm krb5_context context, 60655682Smarkm const char *client_name, 60755682Smarkm const char *keytab, 60855682Smarkm const char *service_name, 60955682Smarkm kadm5_config_params *realm_params, 61055682Smarkm unsigned long struct_version, 61155682Smarkm unsigned long api_version, 61255682Smarkm void **server_handle)); 61355682Smarkm 61455682Smarkmkadm5_ret_t 61555682Smarkmkadm5_s_modify_principal __P(( 61655682Smarkm void *server_handle, 61755682Smarkm kadm5_principal_ent_t princ, 61855682Smarkm u_int32_t mask)); 61955682Smarkm 62055682Smarkmkadm5_ret_t 62155682Smarkmkadm5_s_randkey_principal __P(( 62255682Smarkm void *server_handle, 62355682Smarkm krb5_principal princ, 62455682Smarkm krb5_keyblock **new_keys, 62555682Smarkm int *n_keys)); 62655682Smarkm 62755682Smarkmkadm5_ret_t 62855682Smarkmkadm5_s_rename_principal __P(( 62955682Smarkm void *server_handle, 63055682Smarkm krb5_principal source, 63155682Smarkm krb5_principal target)); 63255682Smarkm 63355682Smarkmkadm5_ret_t 63455682Smarkmkadm5_store_key_data __P(( 63555682Smarkm krb5_storage *sp, 63655682Smarkm krb5_key_data *key)); 63755682Smarkm 63855682Smarkmkadm5_ret_t 63955682Smarkmkadm5_store_principal_ent __P(( 64055682Smarkm krb5_storage *sp, 64155682Smarkm kadm5_principal_ent_t princ)); 64255682Smarkm 64355682Smarkmkadm5_ret_t 64455682Smarkmkadm5_store_principal_ent_mask __P(( 64555682Smarkm krb5_storage *sp, 64655682Smarkm kadm5_principal_ent_t princ, 64755682Smarkm u_int32_t mask)); 64855682Smarkm 64955682Smarkmkadm5_ret_t 65055682Smarkmkadm5_store_tl_data __P(( 65155682Smarkm krb5_storage *sp, 65255682Smarkm krb5_tl_data *tl)); 65355682Smarkm 65455682Smarkmvoid 65555682Smarkmkadm5_setup_passwd_quality_check(krb5_context context, 65655682Smarkm const char *check_library, 65755682Smarkm const char *check_function); 65855682Smarkm 65955682Smarkmconst char * 66055682Smarkmkadm5_check_password_quality (krb5_context context, 66155682Smarkm krb5_principal principal, 66255682Smarkm krb5_data *pwd_data); 66355682Smarkm 66455682Smarkm#if 0 66555682Smarkm/* unimplemented functions */ 66655682Smarkmkadm5_ret_t 66755682Smarkmkadm5_decrypt_key(void *server_handle, 66855682Smarkm kadm5_principal_ent_t entry, int32_t 66955682Smarkm ktype, int32_t stype, int32_t 67055682Smarkm kvno, krb5_keyblock *keyblock, 67155682Smarkm krb5_keysalt *keysalt, int *kvnop); 67255682Smarkm 67355682Smarkmkadm5_ret_t 67455682Smarkmkadm5_create_policy(void *server_handle, 67555682Smarkm kadm5_policy_ent_t policy, u_int32_t mask); 67655682Smarkm 67755682Smarkmkadm5_ret_t 67855682Smarkmkadm5_delete_policy(void *server_handle, char *policy); 67955682Smarkm 68055682Smarkm 68155682Smarkmkadm5_ret_t 68255682Smarkmkadm5_modify_policy(void *server_handle, 68355682Smarkm kadm5_policy_ent_t policy, 68455682Smarkm u_int32_t mask); 68555682Smarkm 68655682Smarkmkadm5_ret_t 68755682Smarkmkadm5_get_policy(void *server_handle, char *policy, kadm5_policy_ent_t ent); 68855682Smarkm 68955682Smarkmkadm5_ret_t 69055682Smarkmkadm5_get_policies(void *server_handle, char *exp, 69155682Smarkm char ***pols, int *count); 69255682Smarkm 69355682Smarkmvoid 69455682Smarkmkadm5_free_policy_ent(kadm5_policy_ent_t policy); 69555682Smarkm 69655682Smarkm#endif 69755682Smarkm 69855682Smarkm#endif /* __KADM5_ADMIN_H__ */ 699