/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 OpenVision Technologies, Inc., All Rights Reserved * * $Header$ */ /* * This header file is used internally by the Admin API server * libraries and Admin server. IF YOU THINK YOU NEED TO USE THIS FILE * FOR ANYTHING, YOU'RE ALMOST CERTAINLY WRONG. */ #ifndef __KADM5_SERVER_INTERNAL_H__ #define __KADM5_SERVER_INTERNAL_H__ #include "autoconf.h" #ifdef HAVE_MEMORY_H #include #endif #include #include #include #include #include "admin_internal.h" typedef struct _kadm5_server_handle_t { krb5_ui_4 magic_number; krb5_ui_4 struct_version; krb5_ui_4 api_version; krb5_context context; krb5_principal current_caller; kadm5_config_params params; struct _kadm5_server_handle_t *lhandle; char **db_args; } kadm5_server_handle_rec, *kadm5_server_handle_t; #define OSA_ADB_PRINC_VERSION_1 0x12345C01 typedef struct _osa_pw_hist_t { int n_key_data; krb5_key_data *key_data; } osa_pw_hist_ent, *osa_pw_hist_t; typedef struct _osa_princ_ent_t { int version; char *policy; long aux_attributes; unsigned int old_key_len; unsigned int old_key_next; krb5_kvno admin_history_kvno; osa_pw_hist_ent *old_keys; } osa_princ_ent_rec, *osa_princ_ent_t; kadm5_ret_t adb_policy_init(kadm5_server_handle_t handle); kadm5_ret_t adb_policy_close(kadm5_server_handle_t handle); kadm5_ret_t passwd_check(kadm5_server_handle_t handle, char *pass, int use_policy, kadm5_policy_ent_t policy, krb5_principal principal); kadm5_ret_t principal_exists(krb5_principal principal); krb5_error_code kdb_init_master(kadm5_server_handle_t handle, char *r, int from_keyboard); krb5_error_code kdb_init_hist(kadm5_server_handle_t handle, char *r); krb5_error_code kdb_get_entry(kadm5_server_handle_t handle, krb5_principal principal, krb5_db_entry *kdb, osa_princ_ent_rec *adb); krb5_error_code kdb_free_entry(kadm5_server_handle_t handle, krb5_db_entry *kdb, osa_princ_ent_rec *adb); krb5_error_code kdb_put_entry(kadm5_server_handle_t handle, krb5_db_entry *kdb, osa_princ_ent_rec *adb); krb5_error_code kdb_delete_entry(kadm5_server_handle_t handle, krb5_principal name); krb5_error_code kdb_iter_entry(kadm5_server_handle_t handle, char *match_entry, void (*iter_fct)(void *, krb5_principal), void *data); int init_dict(kadm5_config_params *); int find_word(const char *word); void destroy_dict(void); /* XXX this ought to be in libkrb5.a, but isn't */ kadm5_ret_t krb5_copy_key_data_contents(krb5_context context, krb5_key_data *from, krb5_key_data *to); kadm5_ret_t krb5_free_key_data_contents(krb5_context context, krb5_key_data *key); /* * *Warning* * *Warning* This is going to break if we * *Warning* ever go multi-threaded * *Warning* */ extern krb5_principal current_caller; /* * Why is this (or something similar) not defined *anywhere* in krb5? */ #define KSUCCESS 0 #define WORD_NOT_FOUND 1 /* * all the various mask bits or'd together */ #define ALL_PRINC_MASK \ (KADM5_PRINCIPAL | KADM5_PRINC_EXPIRE_TIME | KADM5_PW_EXPIRATION | \ KADM5_LAST_PWD_CHANGE | KADM5_ATTRIBUTES | KADM5_MAX_LIFE | \ KADM5_MOD_TIME | KADM5_MOD_NAME | KADM5_KVNO | KADM5_MKVNO | \ KADM5_AUX_ATTRIBUTES | KADM5_POLICY_CLR | KADM5_POLICY | \ KADM5_MAX_RLIFE | KADM5_TL_DATA | KADM5_KEY_DATA | KADM5_FAIL_AUTH_COUNT ) #define ALL_POLICY_MASK \ (KADM5_POLICY | KADM5_PW_MAX_LIFE | KADM5_PW_MIN_LIFE | \ KADM5_PW_MIN_LENGTH | KADM5_PW_MIN_CLASSES | KADM5_PW_HISTORY_NUM | \ KADM5_REF_COUNT | KADM5_PW_MAX_FAILURE | KADM5_PW_FAILURE_COUNT_INTERVAL | \ KADM5_PW_LOCKOUT_DURATION ) #define SERVER_CHECK_HANDLE(handle) \ { \ kadm5_server_handle_t srvr = \ (kadm5_server_handle_t) handle; \ \ if (! srvr->current_caller) \ return KADM5_BAD_SERVER_HANDLE; \ if (! srvr->lhandle) \ return KADM5_BAD_SERVER_HANDLE; \ } #define CHECK_HANDLE(handle) \ GENERIC_CHECK_HANDLE(handle, KADM5_OLD_SERVER_API_VERSION, \ KADM5_NEW_SERVER_API_VERSION) \ SERVER_CHECK_HANDLE(handle) bool_t xdr_osa_princ_ent_rec(XDR *xdrs, osa_princ_ent_t objp); void osa_free_princ_ent(osa_princ_ent_t val); #endif /* __KADM5_SERVER_INTERNAL_H__ */