1/* 2 * Copyright (c) 1997-2000 Kungliga Tekniska Högskolan 3 * (Royal Institute of Technology, Stockholm, Sweden). 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * 3. Neither the name of the Institute nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34/* $Id$ */ 35 36#ifndef __kadm5_privatex_h__ 37#define __kadm5_privatex_h__ 38 39#include <gssapi.h> 40 41struct kadm_func { 42 kadm5_ret_t (*chpass_principal) (void *, krb5_principal, int, const char*, int, krb5_key_salt_tuple *); 43 kadm5_ret_t (*create_principal) (void*, kadm5_principal_ent_t, 44 uint32_t, const char*, int, krb5_key_salt_tuple *); 45 kadm5_ret_t (*delete_principal) (void*, krb5_principal); 46 kadm5_ret_t (*destroy) (void*); 47 kadm5_ret_t (*flush) (void*); 48 kadm5_ret_t (*get_principal) (void*, krb5_principal, 49 kadm5_principal_ent_t, uint32_t); 50 kadm5_ret_t (*get_principals) (void*, const char*, char***, int*); 51 kadm5_ret_t (*get_privs) (void*, uint32_t*); 52 kadm5_ret_t (*modify_principal) (void*, kadm5_principal_ent_t, uint32_t); 53 kadm5_ret_t (*randkey_principal) (void*, krb5_principal, krb5_boolean, int, 54 krb5_key_salt_tuple*, krb5_keyblock**, 55 int*); 56 kadm5_ret_t (*rename_principal) (void*, krb5_principal, krb5_principal); 57 kadm5_ret_t (*chpass_principal_with_key) (void *, krb5_principal, int, 58 int, krb5_key_data *); 59 kadm5_ret_t (*lock) (void *); 60 kadm5_ret_t (*unlock) (void *); 61}; 62 63/* XXX should be integrated */ 64typedef struct kadm5_common_context { 65 krb5_context context; 66 krb5_boolean my_context; 67 struct kadm_func funcs; 68 void *data; 69}kadm5_common_context; 70 71typedef struct kadm5_log_peer { 72 int fd; 73 char *name; 74 krb5_auth_context ac; 75 struct kadm5_log_peer *next; 76} kadm5_log_peer; 77 78typedef struct kadm5_log_context { 79 char *log_file; 80 int log_fd; 81 uint32_t version; 82#ifndef NO_UNIX_SOCKETS 83 struct sockaddr_un socket_name; 84#else 85 struct addrinfo *socket_info; 86#endif 87 krb5_socket_t socket_fd; 88} kadm5_log_context; 89 90typedef struct kadm5_server_context { 91 krb5_context context; 92 krb5_boolean my_context; 93 struct kadm_func funcs; 94 /* */ 95 kadm5_config_params config; 96 HDB *db; 97 int keep_open; 98 krb5_principal caller; 99 unsigned acl_flags; 100 kadm5_log_context log_context; 101} kadm5_server_context; 102 103typedef struct kadm5_client_context { 104 krb5_context context; 105 krb5_boolean my_context; 106 struct kadm_func funcs; 107 /* */ 108 krb5_auth_context ac; 109 char *realm; 110 char *admin_server; 111 int kadmind_port; 112 int sock; 113 char *client_name; 114 char *service_name; 115 krb5_prompter_fct prompter; 116 const char *keytab; 117 krb5_ccache ccache; 118 kadm5_config_params *realm_params; 119}kadm5_client_context; 120 121typedef struct kadm5_ad_context { 122 krb5_context context; 123 krb5_boolean my_context; 124 struct kadm_func funcs; 125 /* */ 126 kadm5_config_params config; 127 krb5_principal caller; 128 krb5_ccache ccache; 129 char *client_name; 130 char *realm; 131 void *ldap_conn; 132 char *base_dn; 133} kadm5_ad_context; 134 135typedef struct kadm5_mit_context { 136 krb5_context context; 137 krb5_boolean my_context; 138 struct kadm_func funcs; 139 /* */ 140 char *admin_server; 141 char *realm; 142 int kadmind_port; 143 kadm5_config_params config; 144 krb5_principal caller; 145 void *gsscontext; 146} kadm5_mit_context; 147 148enum kadm_ops { 149 kadm_get, 150 kadm_delete, 151 kadm_create, 152 kadm_rename, 153 kadm_chpass, 154 kadm_modify, 155 kadm_randkey, 156 kadm_get_privs, 157 kadm_get_princs, 158 kadm_chpass_with_key, 159 kadm_nop 160}; 161 162#define KADMIN_APPL_VERSION "KADM0.1" 163#define KADMIN_OLD_APPL_VERSION "KADM0.0" 164 165struct _kadm5_xdr_opaque_auth { 166 uint32_t flavor; 167 krb5_data data; 168}; 169 170struct _kadm5_xdr_call_header { 171 uint32_t xid; 172 uint32_t rpcvers; 173 uint32_t prog; 174 uint32_t vers; 175 uint32_t proc; 176 struct _kadm5_xdr_opaque_auth cred; 177 krb5_data headercopy; 178 struct _kadm5_xdr_opaque_auth verf; 179}; 180 181struct _kadm5_xdr_gcred { 182 uint32_t version; 183 uint32_t proc; 184 uint32_t seq_num; 185 uint32_t service; 186 krb5_data handle; 187}; 188 189struct _kadm5_xdr_gacred { 190 uint32_t version; 191 uint32_t auth_msg; 192 krb5_data handle; 193}; 194 195#include "kadm5-private.h" 196 197#endif /* __kadm5_privatex_h__ */ 198