diff options
| author | Simo Sorce <ssorce@redhat.com> | 2011-06-01 17:58:21 -0400 |
|---|---|---|
| committer | Simo Sorce <ssorce@redhat.com> | 2011-08-26 08:24:49 -0400 |
| commit | e9e426354f28ca01586b1b5ef7130b19b392232b (patch) | |
| tree | ed72384563ab5b83d862a0e8b57d01bee4432486 /daemons/ipa-kdb/ipa_kdb.h | |
| parent | d25370a57961cebaa75983bedca37b3fdf5094a2 (diff) | |
| download | freeipa-e9e426354f28ca01586b1b5ef7130b19b392232b.tar.gz freeipa-e9e426354f28ca01586b1b5ef7130b19b392232b.tar.xz freeipa-e9e426354f28ca01586b1b5ef7130b19b392232b.zip | |
ipa-kdb: add functions to change principals
Diffstat (limited to 'daemons/ipa-kdb/ipa_kdb.h')
| -rw-r--r-- | daemons/ipa-kdb/ipa_kdb.h | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/daemons/ipa-kdb/ipa_kdb.h b/daemons/ipa-kdb/ipa_kdb.h index 7e20f98ab..26c6a3df6 100644 --- a/daemons/ipa-kdb/ipa_kdb.h +++ b/daemons/ipa-kdb/ipa_kdb.h @@ -24,6 +24,12 @@ #define _GNU_SOURCE 1 #endif +/* although we have nothing to do with SECURID yet, there are a + * couple of TL_DATA Ids that need it to be available. + * We need them to be avilable even if SECURID is not used for + * filtering purposes */ +#define SECURID 1 + #include <errno.h> #include <kdb.h> #include <ldap.h> @@ -34,6 +40,36 @@ #include <arpa/inet.h> #include <endian.h> +#include "ipa_krb5.h" + +/* easier to copy the defines here than to mess with kadm5/admin.h + * for now */ +#define KMASK_PRINCIPAL 0x000001 +#define KMASK_PRINC_EXPIRE_TIME 0x000002 +#define KMASK_PW_EXPIRATION 0x000004 +#define KMASK_LAST_PWD_CHANGE 0x000008 +#define KMASK_ATTRIBUTES 0x000010 +#define KMASK_MAX_LIFE 0x000020 +#define KMASK_MOD_TIME 0x000040 +#define KMASK_MOD_NAME 0x000080 +#define KMASK_KVNO 0x000100 +#define KMASK_MKVNO 0x000200 +#define KMASK_AUX_ATTRIBUTES 0x000400 +#define KMASK_POLICY 0x000800 +#define KMASK_POLICY_CLR 0x001000 +/* version 2 masks */ +#define KMASK_MAX_RLIFE 0x002000 +#define KMASK_LAST_SUCCESS 0x004000 +#define KMASK_LAST_FAILED 0x008000 +#define KMASK_FAIL_AUTH_COUNT 0x010000 +#define KMASK_KEY_DATA 0x020000 +#define KMASK_TL_DATA 0x040000 +#define KMASK_LOAD 0x200000 + +/* MIT Kerberos sanctioned hack to carry private data around. + * In krb5 1.10 this should be superceeded by a better mechanism */ +#define KDB_TL_USER_INFO 0x7ffe + struct ipadb_context { char *uri; char *base; |