private.h revision 55682
155682Smarkm/* 255682Smarkm * Copyright (c) 1997-1999 Kungliga Tekniska H�gskolan 355682Smarkm * (Royal Institute of Technology, Stockholm, Sweden). 455682Smarkm * All rights reserved. 555682Smarkm * 655682Smarkm * Redistribution and use in source and binary forms, with or without 755682Smarkm * modification, are permitted provided that the following conditions 855682Smarkm * are met: 955682Smarkm * 1055682Smarkm * 1. Redistributions of source code must retain the above copyright 1155682Smarkm * notice, this list of conditions and the following disclaimer. 1255682Smarkm * 1355682Smarkm * 2. Redistributions in binary form must reproduce the above copyright 1455682Smarkm * notice, this list of conditions and the following disclaimer in the 1555682Smarkm * documentation and/or other materials provided with the distribution. 1655682Smarkm * 1755682Smarkm * 3. Neither the name of the Institute nor the names of its contributors 1855682Smarkm * may be used to endorse or promote products derived from this software 1955682Smarkm * without specific prior written permission. 2055682Smarkm * 2155682Smarkm * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 2255682Smarkm * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 2355682Smarkm * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 2455682Smarkm * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 2555682Smarkm * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 2655682Smarkm * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 2755682Smarkm * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 2855682Smarkm * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 2955682Smarkm * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 3055682Smarkm * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 3155682Smarkm * SUCH DAMAGE. 3255682Smarkm */ 3355682Smarkm 3455682Smarkm/* $Id: private.h,v 1.10 1999/12/04 23:09:34 assar Exp $ */ 3555682Smarkm 3655682Smarkm#ifndef __kadm5_private_h__ 3755682Smarkm#define __kadm5_private_h__ 3855682Smarkm 3955682Smarkmstruct kadm_func { 4055682Smarkm kadm5_ret_t (*chpass_principal) (void *, krb5_principal, char*); 4155682Smarkm kadm5_ret_t (*create_principal) (void*, kadm5_principal_ent_t, 4255682Smarkm u_int32_t, char*); 4355682Smarkm kadm5_ret_t (*delete_principal) (void*, krb5_principal); 4455682Smarkm kadm5_ret_t (*destroy) (void*); 4555682Smarkm kadm5_ret_t (*flush) (void*); 4655682Smarkm kadm5_ret_t (*get_principal) (void*, krb5_principal, 4755682Smarkm kadm5_principal_ent_t, u_int32_t); 4855682Smarkm kadm5_ret_t (*get_principals) (void*, const char*, char***, int*); 4955682Smarkm kadm5_ret_t (*get_privs) (void*, u_int32_t*); 5055682Smarkm kadm5_ret_t (*modify_principal) (void*, kadm5_principal_ent_t, u_int32_t); 5155682Smarkm kadm5_ret_t (*randkey_principal) (void*, krb5_principal, 5255682Smarkm krb5_keyblock**, int*); 5355682Smarkm kadm5_ret_t (*rename_principal) (void*, krb5_principal, krb5_principal); 5455682Smarkm}; 5555682Smarkm 5655682Smarkm/* XXX should be integrated */ 5755682Smarkmtypedef struct kadm5_common_context { 5855682Smarkm krb5_context context; 5955682Smarkm krb5_boolean my_context; 6055682Smarkm struct kadm_func funcs; 6155682Smarkm void *data; 6255682Smarkm}kadm5_common_context; 6355682Smarkm 6455682Smarkmtypedef struct kadm5_log_peer { 6555682Smarkm int fd; 6655682Smarkm char *name; 6755682Smarkm krb5_auth_context ac; 6855682Smarkm struct kadm5_log_peer *next; 6955682Smarkm} kadm5_log_peer; 7055682Smarkm 7155682Smarkmtypedef struct kadm5_log_context { 7255682Smarkm char *log_file; 7355682Smarkm int log_fd; 7455682Smarkm u_int32_t version; 7555682Smarkm struct sockaddr_un socket_name; 7655682Smarkm int socket_fd; 7755682Smarkm} kadm5_log_context; 7855682Smarkm 7955682Smarkmtypedef struct kadm5_server_context { 8055682Smarkm krb5_context context; 8155682Smarkm krb5_boolean my_context; 8255682Smarkm struct kadm_func funcs; 8355682Smarkm /* */ 8455682Smarkm kadm5_config_params config; 8555682Smarkm HDB *db; 8655682Smarkm krb5_principal caller; 8755682Smarkm unsigned acl_flags; 8855682Smarkm kadm5_log_context log_context; 8955682Smarkm}kadm5_server_context; 9055682Smarkm 9155682Smarkmtypedef struct kadm5_client_context { 9255682Smarkm krb5_context context; 9355682Smarkm krb5_boolean my_context; 9455682Smarkm struct kadm_func funcs; 9555682Smarkm /* */ 9655682Smarkm krb5_auth_context ac; 9755682Smarkm char *realm; 9855682Smarkm char *admin_server; 9955682Smarkm int kadmind_port; 10055682Smarkm int sock; 10155682Smarkm}kadm5_client_context; 10255682Smarkm 10355682Smarkmenum kadm_ops { 10455682Smarkm kadm_get, 10555682Smarkm kadm_delete, 10655682Smarkm kadm_create, 10755682Smarkm kadm_rename, 10855682Smarkm kadm_chpass, 10955682Smarkm kadm_modify, 11055682Smarkm kadm_randkey, 11155682Smarkm kadm_get_privs, 11255682Smarkm kadm_get_princs 11355682Smarkm}; 11455682Smarkm 11555682Smarkm#define KADMIN_APPL_VERSION "KADM0.1" 11655682Smarkm#define KADMIN_OLD_APPL_VERSION "KADM0.0" 11755682Smarkm 11855682Smarkm#define KADM5_LOG_SIGNAL HDB_DB_DIR "/signal" 11955682Smarkm 12055682Smarkmkadm5_ret_t _kadm5_privs_to_string (u_int32_t, char*, size_t); 12155682Smarkm 12255682Smarkmkadm5_ret_t _kadm5_string_to_privs (const char*, u_int32_t*); 12355682Smarkm 12455682SmarkmHDB *_kadm5_s_get_db (void *); 12555682Smarkm 12655682Smarkmkadm5_ret_t 12755682Smarkm_kadm5_acl_check_permission __P(( 12855682Smarkm kadm5_server_context *context, 12955682Smarkm unsigned op)); 13055682Smarkm 13155682Smarkmkadm5_ret_t 13255682Smarkm_kadm5_acl_init __P((kadm5_server_context *context)); 13355682Smarkm 13455682Smarkmkadm5_ret_t 13555682Smarkm_kadm5_c_init_context __P(( 13655682Smarkm kadm5_client_context **ctx, 13755682Smarkm kadm5_config_params *params, 13855682Smarkm krb5_context context)); 13955682Smarkm 14055682Smarkmkadm5_ret_t 14155682Smarkm_kadm5_client_recv __P(( 14255682Smarkm kadm5_client_context *context, 14355682Smarkm krb5_data *reply)); 14455682Smarkm 14555682Smarkmkadm5_ret_t 14655682Smarkm_kadm5_client_send __P(( 14755682Smarkm kadm5_client_context *context, 14855682Smarkm krb5_storage *sp)); 14955682Smarkm 15055682Smarkmkadm5_ret_t 15155682Smarkm_kadm5_error_code __P((kadm5_ret_t code)); 15255682Smarkm 15355682Smarkmkadm5_ret_t 15455682Smarkm_kadm5_s_init_context __P(( 15555682Smarkm kadm5_server_context **ctx, 15655682Smarkm kadm5_config_params *params, 15755682Smarkm krb5_context context)); 15855682Smarkm 15955682Smarkmkadm5_ret_t 16055682Smarkm_kadm5_set_keys __P(( 16155682Smarkm kadm5_server_context *context, 16255682Smarkm hdb_entry *ent, 16355682Smarkm const char *password)); 16455682Smarkm 16555682Smarkmkadm5_ret_t 16655682Smarkm_kadm5_set_keys2 __P(( 16755682Smarkm hdb_entry *ent, 16855682Smarkm int16_t n_key_data, 16955682Smarkm krb5_key_data *key_data)); 17055682Smarkm 17155682Smarkmkadm5_ret_t 17255682Smarkm_kadm5_set_keys_randomly __P((kadm5_server_context *context, 17355682Smarkm hdb_entry *ent, 17455682Smarkm krb5_keyblock **new_keys, 17555682Smarkm int *n_keys)); 17655682Smarkm 17755682Smarkmkadm5_ret_t 17855682Smarkm_kadm5_set_modifier __P(( 17955682Smarkm kadm5_server_context *context, 18055682Smarkm hdb_entry *ent)); 18155682Smarkm 18255682Smarkmkadm5_ret_t 18355682Smarkm_kadm5_setup_entry __P(( 18455682Smarkm hdb_entry *ent, 18555682Smarkm u_int32_t mask, 18655682Smarkm kadm5_principal_ent_t princ, 18755682Smarkm u_int32_t princ_mask, 18855682Smarkm kadm5_principal_ent_t def, 18955682Smarkm u_int32_t def_mask)); 19055682Smarkm 19155682Smarkmkadm5_ret_t 19255682Smarkmkadm5_log_get_version (int fd, 19355682Smarkm u_int32_t *ver); 19455682Smarkm 19555682Smarkmkadm5_ret_t 19655682Smarkmkadm5_log_init (kadm5_server_context *context); 19755682Smarkm 19855682Smarkmkadm5_ret_t 19955682Smarkmkadm5_log_create (kadm5_server_context *context, 20055682Smarkm hdb_entry *ent); 20155682Smarkm 20255682Smarkmkadm5_ret_t 20355682Smarkmkadm5_log_delete (kadm5_server_context *context, 20455682Smarkm krb5_principal princ); 20555682Smarkm 20655682Smarkmkadm5_ret_t 20755682Smarkmkadm5_log_rename (kadm5_server_context *context, 20855682Smarkm krb5_principal source, 20955682Smarkm hdb_entry *ent); 21055682Smarkm 21155682Smarkmkadm5_ret_t 21255682Smarkmkadm5_log_modify (kadm5_server_context *context, 21355682Smarkm hdb_entry *ent, 21455682Smarkm u_int32_t mask); 21555682Smarkm 21655682Smarkmkadm5_ret_t 21755682Smarkmkadm5_log_end (kadm5_server_context *context); 21855682Smarkm 21955682Smarkmkadm5_ret_t 22055682Smarkmkadm5_log_foreach (kadm5_server_context *context, 22155682Smarkm void (*func)(kadm5_server_context *server_context, 22255682Smarkm u_int32_t ver, 22355682Smarkm time_t timestamp, 22455682Smarkm enum kadm_ops op, 22555682Smarkm u_int32_t len, 22655682Smarkm krb5_storage *sp)); 22755682Smarkm 22855682Smarkmkadm5_ret_t 22955682Smarkmkadm5_log_replay_create (kadm5_server_context *context, 23055682Smarkm u_int32_t ver, 23155682Smarkm u_int32_t len, 23255682Smarkm krb5_storage *sp); 23355682Smarkm 23455682Smarkmkadm5_ret_t 23555682Smarkmkadm5_log_replay_delete (kadm5_server_context *context, 23655682Smarkm u_int32_t ver, 23755682Smarkm u_int32_t len, 23855682Smarkm krb5_storage *sp); 23955682Smarkm 24055682Smarkmkadm5_ret_t 24155682Smarkmkadm5_log_replay_rename (kadm5_server_context *context, 24255682Smarkm u_int32_t ver, 24355682Smarkm u_int32_t len, 24455682Smarkm krb5_storage *sp); 24555682Smarkm 24655682Smarkmkadm5_ret_t 24755682Smarkmkadm5_log_replay_modify (kadm5_server_context *context, 24855682Smarkm u_int32_t ver, 24955682Smarkm u_int32_t len, 25055682Smarkm krb5_storage *sp); 25155682Smarkm 25255682Smarkmkadm5_ret_t 25355682Smarkmkadm5_log_replay (kadm5_server_context *context, 25455682Smarkm enum kadm_ops op, 25555682Smarkm u_int32_t ver, 25655682Smarkm u_int32_t len, 25755682Smarkm krb5_storage *sp); 25855682Smarkm 25955682Smarkmkrb5_storage * 26055682Smarkmkadm5_log_goto_end (int fd); 26155682Smarkm 26255682Smarkmkadm5_ret_t 26355682Smarkmkadm5_log_previous (krb5_storage *sp, 26455682Smarkm u_int32_t *ver, 26555682Smarkm time_t *timestamp, 26655682Smarkm enum kadm_ops *op, 26755682Smarkm u_int32_t *len); 26855682Smarkm 26955682Smarkmkadm5_ret_t 27055682Smarkm_kadm5_marshal_params __P((krb5_context context, 27155682Smarkm kadm5_config_params *params, 27255682Smarkm krb5_data *out)); 27355682Smarkm 27455682Smarkmkadm5_ret_t 27555682Smarkm_kadm5_unmarshal_params __P((krb5_context context, 27655682Smarkm krb5_data *in, 27755682Smarkm kadm5_config_params *params)); 27855682Smarkm 27955682Smarkm 28055682Smarkm 28155682Smarkm#endif /* __kadm5_private_h__ */ 282