1 /*
2 * Copyright 2004 Sun Microsystems, Inc. All rights reserved.
3 * Use is subject to license terms.
4 */
5
6 #ifndef __KADM5_ADMIN_H__
7 #define __KADM5_ADMIN_H__
8
9 #pragma ident "@(#)admin.h 1.11 04/09/08 SMI"
10
11 #ifdef __cplusplus
12 extern "C" {
13 #endif
14
15 /*
16 * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
17 *
18 * Openvision retains the copyright to derivative works of
19 * this source code. Do *NOT* create a derivative of this
20 * source code before consulting with your legal department.
21 * Do *NOT* integrate *ANY* of this source code into another
22 * product before consulting with your legal department.
23 *
24 * For further information, read the top-level Openvision
25 * copyright which is contained in the top-level MIT Kerberos
26 * copyright.
27 *
28 * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
29 *
36 * $Header: /cvs/krbdev/krb5/src/lib/kadm5/admin.h,v 1.43.2.1 2000/05/19 22:24:14 raeburn Exp $
37 */
38
39 #include <sys/types.h>
40 #include <rpc/types.h>
41 #include <rpc/rpc.h>
42 #include <krb5.h>
43 #include <k5-int.h>
44 #include <com_err.h>
45 #include <kadm5/kadm_err.h>
46 #include <kadm5/adb_err.h>
47 #include <kadm5/chpass_util_strings.h>
48
49 #define KADM5_ADMIN_SERVICE_P "kadmin@admin"
50 #define KADM5_ADMIN_SERVICE "kadmin/admin"
51 #define KADM5_CHANGEPW_SERVICE_P "kadmin@changepw"
52 #define KADM5_CHANGEPW_SERVICE "kadmin/changepw"
53 #define KADM5_HIST_PRINCIPAL "kadmin/history"
54 #define KADM5_ADMIN_HOST_SERVICE "kadmin"
55 #define KADM5_CHANGEPW_HOST_SERVICE "changepw"
56
57 typedef krb5_principal kadm5_princ_t;
58 typedef char *kadm5_policy_t;
59 typedef long kadm5_ret_t;
60 typedef int rpc_int32;
61 typedef unsigned int rpc_u_int32;
62
63 #define KADM5_PW_FIRST_PROMPT \
64 ((char *)error_message(CHPASS_UTIL_NEW_PASSWORD_PROMPT))
65 #define KADM5_PW_SECOND_PROMPT \
66 ((char *)error_message(CHPASS_UTIL_NEW_PASSWORD_AGAIN_PROMPT))
67
68 /*
69 * Succsessfull return code
70 */
71 #define KADM5_OK 0
72
73 /*
74 * Field masks
75 */
112 #define KADM5_CONFIG_MKEY_NAME 0x0000004
113 #define KADM5_CONFIG_MAX_LIFE 0x0000008
114 #define KADM5_CONFIG_MAX_RLIFE 0x0000010
115 #define KADM5_CONFIG_EXPIRATION 0x0000020
116 #define KADM5_CONFIG_FLAGS 0x0000040
117 #define KADM5_CONFIG_ADMIN_KEYTAB 0x0000080
118 #define KADM5_CONFIG_STASH_FILE 0x0000100
119 #define KADM5_CONFIG_ENCTYPE 0x0000200
120 #define KADM5_CONFIG_ADBNAME 0x0000400
121 #define KADM5_CONFIG_ADB_LOCKFILE 0x0000800
122 #define KADM5_CONFIG_PROFILE 0x0001000
123 #define KADM5_CONFIG_ACL_FILE 0x0002000
124 #define KADM5_CONFIG_KADMIND_PORT 0x0004000
125 #define KADM5_CONFIG_ENCTYPES 0x0008000
126 #define KADM5_CONFIG_ADMIN_SERVER 0x0010000
127 #define KADM5_CONFIG_DICT_FILE 0x0020000
128 #define KADM5_CONFIG_MKEY_FROM_KBD 0x0040000
129 #define KADM5_CONFIG_KPASSWD_PORT 0x0080000
130 #define KADM5_CONFIG_KPASSWD_SERVER 0x0100000
131 #define KADM5_CONFIG_KPASSWD_PROTOCOL 0x0200000
132
133 /* password change constants */
134 #define KRB5_KPASSWD_SUCCESS 0
135 #define KRB5_KPASSWD_MALFORMED 1
136 #define KRB5_KPASSWD_HARDERROR 2
137 #define KRB5_KPASSWD_AUTHERROR 3
138 #define KRB5_KPASSWD_SOFTERROR 4
139 #define KRB5_KPASSWD_ACCESSDENIED 5
140 #define KRB5_KPASSWD_BAD_VERSION 6
141 #define KRB5_KPASSWD_INITIAL_FLAG_NEEDED 7
142 #define KRB5_KPASSWD_POLICY_REJECT 8
143 #define KRB5_KPASSWD_BAD_PRINCIPAL 9
144 #define KRB5_KPASSWD_ETYPE_NOSUPP 10
145
146 /*
147 * permission bits
148 */
149 #define KADM5_PRIV_GET 0x01
150 #define KADM5_PRIV_ADD 0x02
151 #define KADM5_PRIV_MODIFY 0x04
251 char *admin_server;
252 char *dbname;
253 char *admin_dbname;
254 char *admin_lockfile;
255 char *admin_keytab;
256 char *acl_file;
257 char *dict_file;
258 int mkey_from_kbd;
259 char *stash_file;
260 char *mkey_name;
261 krb5_enctype enctype;
262 krb5_deltat max_life;
263 krb5_deltat max_rlife;
264 krb5_timestamp expiration;
265 krb5_flags flags;
266 krb5_key_salt_tuple *keysalts;
267 krb5_int32 num_keysalts;
268 char *kpasswd_server;
269 int kpasswd_port;
270 krb5_chgpwd_prot kpasswd_protocol;
271 } kadm5_config_params;
272
273 /***********************************************************************
274 * This is the old krb5_realm_read_params, which I mutated into
275 * kadm5_get_config_params but which old code (kdb5_* and krb5kdc)
276 * still uses.
277 ***********************************************************************/
278
279 /*
280 * Data structure returned by krb5_read_realm_params()
281 */
282 typedef struct __krb5_realm_params {
283 char *realm_profile;
284 char *realm_dbname;
285 char *realm_mkey_name;
286 char *realm_stash_file;
287 char *realm_kdc_ports;
288 char *realm_kdc_tcp_ports;
289 char *realm_acl_file;
290 krb5_int32 realm_kadmind_port;
|
1 /*
2 * Copyright 2004 Sun Microsystems, Inc. All rights reserved.
3 * Use is subject to license terms.
4 */
5
6 #ifndef __KADM5_ADMIN_H__
7 #define __KADM5_ADMIN_H__
8
9 #pragma ident "@(#)admin.h 1.10 04/06/15 SMI"
10
11 #ifdef __cplusplus
12 extern "C" {
13 #endif
14
15 /*
16 * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
17 *
18 * Openvision retains the copyright to derivative works of
19 * this source code. Do *NOT* create a derivative of this
20 * source code before consulting with your legal department.
21 * Do *NOT* integrate *ANY* of this source code into another
22 * product before consulting with your legal department.
23 *
24 * For further information, read the top-level Openvision
25 * copyright which is contained in the top-level MIT Kerberos
26 * copyright.
27 *
28 * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
29 *
36 * $Header: /cvs/krbdev/krb5/src/lib/kadm5/admin.h,v 1.43.2.1 2000/05/19 22:24:14 raeburn Exp $
37 */
38
39 #include <sys/types.h>
40 #include <rpc/types.h>
41 #include <rpc/rpc.h>
42 #include <krb5.h>
43 #include <k5-int.h>
44 #include <com_err.h>
45 #include <kadm5/kadm_err.h>
46 #include <kadm5/adb_err.h>
47 #include <kadm5/chpass_util_strings.h>
48
49 #define KADM5_ADMIN_SERVICE_P "kadmin@admin"
50 #define KADM5_ADMIN_SERVICE "kadmin/admin"
51 #define KADM5_CHANGEPW_SERVICE_P "kadmin@changepw"
52 #define KADM5_CHANGEPW_SERVICE "kadmin/changepw"
53 #define KADM5_HIST_PRINCIPAL "kadmin/history"
54 #define KADM5_ADMIN_HOST_SERVICE "kadmin"
55 #define KADM5_CHANGEPW_HOST_SERVICE "changepw"
56 #define KADM5_KIPROP_HOST_SERVICE "kiprop"
57
58 typedef krb5_principal kadm5_princ_t;
59 typedef char *kadm5_policy_t;
60 typedef long kadm5_ret_t;
61 typedef int rpc_int32;
62 typedef unsigned int rpc_u_int32;
63
64 #define KADM5_PW_FIRST_PROMPT \
65 ((char *)error_message(CHPASS_UTIL_NEW_PASSWORD_PROMPT))
66 #define KADM5_PW_SECOND_PROMPT \
67 ((char *)error_message(CHPASS_UTIL_NEW_PASSWORD_AGAIN_PROMPT))
68
69 /*
70 * Succsessfull return code
71 */
72 #define KADM5_OK 0
73
74 /*
75 * Field masks
76 */
113 #define KADM5_CONFIG_MKEY_NAME 0x0000004
114 #define KADM5_CONFIG_MAX_LIFE 0x0000008
115 #define KADM5_CONFIG_MAX_RLIFE 0x0000010
116 #define KADM5_CONFIG_EXPIRATION 0x0000020
117 #define KADM5_CONFIG_FLAGS 0x0000040
118 #define KADM5_CONFIG_ADMIN_KEYTAB 0x0000080
119 #define KADM5_CONFIG_STASH_FILE 0x0000100
120 #define KADM5_CONFIG_ENCTYPE 0x0000200
121 #define KADM5_CONFIG_ADBNAME 0x0000400
122 #define KADM5_CONFIG_ADB_LOCKFILE 0x0000800
123 #define KADM5_CONFIG_PROFILE 0x0001000
124 #define KADM5_CONFIG_ACL_FILE 0x0002000
125 #define KADM5_CONFIG_KADMIND_PORT 0x0004000
126 #define KADM5_CONFIG_ENCTYPES 0x0008000
127 #define KADM5_CONFIG_ADMIN_SERVER 0x0010000
128 #define KADM5_CONFIG_DICT_FILE 0x0020000
129 #define KADM5_CONFIG_MKEY_FROM_KBD 0x0040000
130 #define KADM5_CONFIG_KPASSWD_PORT 0x0080000
131 #define KADM5_CONFIG_KPASSWD_SERVER 0x0100000
132 #define KADM5_CONFIG_KPASSWD_PROTOCOL 0x0200000
133 #define KADM5_CONFIG_IPROP_ENABLED 0x0400000
134 #define KADM5_CONFIG_ULOG_SIZE 0x0800000
135 #define KADM5_CONFIG_POLL_TIME 0x1000000
136
137 /* password change constants */
138 #define KRB5_KPASSWD_SUCCESS 0
139 #define KRB5_KPASSWD_MALFORMED 1
140 #define KRB5_KPASSWD_HARDERROR 2
141 #define KRB5_KPASSWD_AUTHERROR 3
142 #define KRB5_KPASSWD_SOFTERROR 4
143 #define KRB5_KPASSWD_ACCESSDENIED 5
144 #define KRB5_KPASSWD_BAD_VERSION 6
145 #define KRB5_KPASSWD_INITIAL_FLAG_NEEDED 7
146 #define KRB5_KPASSWD_POLICY_REJECT 8
147 #define KRB5_KPASSWD_BAD_PRINCIPAL 9
148 #define KRB5_KPASSWD_ETYPE_NOSUPP 10
149
150 /*
151 * permission bits
152 */
153 #define KADM5_PRIV_GET 0x01
154 #define KADM5_PRIV_ADD 0x02
155 #define KADM5_PRIV_MODIFY 0x04
255 char *admin_server;
256 char *dbname;
257 char *admin_dbname;
258 char *admin_lockfile;
259 char *admin_keytab;
260 char *acl_file;
261 char *dict_file;
262 int mkey_from_kbd;
263 char *stash_file;
264 char *mkey_name;
265 krb5_enctype enctype;
266 krb5_deltat max_life;
267 krb5_deltat max_rlife;
268 krb5_timestamp expiration;
269 krb5_flags flags;
270 krb5_key_salt_tuple *keysalts;
271 krb5_int32 num_keysalts;
272 char *kpasswd_server;
273 int kpasswd_port;
274 krb5_chgpwd_prot kpasswd_protocol;
275 bool_t iprop_enabled;
276 int iprop_ulogsize;
277 char *iprop_polltime;
278 } kadm5_config_params;
279
280 /***********************************************************************
281 * This is the old krb5_realm_read_params, which I mutated into
282 * kadm5_get_config_params but which old code (kdb5_* and krb5kdc)
283 * still uses.
284 ***********************************************************************/
285
286 /*
287 * Data structure returned by krb5_read_realm_params()
288 */
289 typedef struct __krb5_realm_params {
290 char *realm_profile;
291 char *realm_dbname;
292 char *realm_mkey_name;
293 char *realm_stash_file;
294 char *realm_kdc_ports;
295 char *realm_kdc_tcp_ports;
296 char *realm_acl_file;
297 krb5_int32 realm_kadmind_port;
|