summaryrefslogtreecommitdiffstats
path: root/src/include
diff options
context:
space:
mode:
Diffstat (limited to 'src/include')
-rw-r--r--src/include/krb5/ChangeLog8
-rw-r--r--src/include/krb5/Makefile.in5
-rw-r--r--src/include/krb5/adm.h5
-rw-r--r--src/include/krb5/adm_proto.h4
-rw-r--r--src/include/krb5/kdb.h428
-rw-r--r--src/include/krb5/stock/ChangeLog5
-rw-r--r--src/include/krb5/stock/osconf.h1
7 files changed, 317 insertions, 139 deletions
diff --git a/src/include/krb5/ChangeLog b/src/include/krb5/ChangeLog
index 8983c767a..c53c92bbf 100644
--- a/src/include/krb5/ChangeLog
+++ b/src/include/krb5/ChangeLog
@@ -1,3 +1,11 @@
+2005-06-20 Ken Raeburn <raeburn@mit.edu>
+
+ Novell merge.
+ * Makefile.in:
+ * adm.h:
+ * adm_proto.h:
+ * kdb.h:
+
2005-05-13 Ken Raeburn <raeburn@mit.edu>
* Makefile.in (thisconfigdir, mydir): Updated for configure
diff --git a/src/include/krb5/Makefile.in b/src/include/krb5/Makefile.in
index d45d9bfbc..1b8490091 100644
--- a/src/include/krb5/Makefile.in
+++ b/src/include/krb5/Makefile.in
@@ -41,10 +41,13 @@ SYSCONFDIR = @sysconfdir@
LOCALSTATEDIR = @localstatedir@
BINDIR = @bindir@
SBINDIR = @sbindir@
+LIBDIR = @libdir@
+
PROCESS_REPLACE = -e "s+@KRB5RCTMPDIR+$(KRB5RCTMPDIR)+" \
-e "s+@PREFIX+$(INSTALL_PREFIX)+" \
-e "s+@EXEC_PREFIX+$(INSTALL_EXEC_PREFIX)+" \
-e "s+@BINDIR+$(BINDIR)+" \
+ -e "s+@LIBDIR+$(LIBDIR)+" \
-e "s+@SBINDIR+$(SBINDIR)+" \
-e 's+@LOCALSTATEDIR+$(LOCALSTATEDIR)+' \
-e 's+@SYSCONFDIR+$(SYSCONFDIR)+'
@@ -66,6 +69,6 @@ clean::
$(RM) osconf.new $(BUILT_HEADERS)
clean-unix::
- $(RM) $(ET_HEADERS) autoconf.h autoconf.stamp
+ $(RM) $(ET_HEADERS) autoconf.stamp
clean-windows::
$(RM) osconf.h autoconf.h autoconf.stamp
diff --git a/src/include/krb5/adm.h b/src/include/krb5/adm.h
index d7238ace5..86798a830 100644
--- a/src/include/krb5/adm.h
+++ b/src/include/krb5/adm.h
@@ -186,11 +186,6 @@
#define KRB5_ADM_KT_KEY_KEY 4
#define KRB5_ADM_KT_NCOMPS 5
-typedef struct __krb5_key_salt_tuple {
- krb5_enctype ks_enctype;
- krb5_int32 ks_salttype;
-} krb5_key_salt_tuple;
-
/*
* Data structure returned by krb5_read_realm_params()
*/
diff --git a/src/include/krb5/adm_proto.h b/src/include/krb5/adm_proto.h
index 76e5effaf..511547903 100644
--- a/src/include/krb5/adm_proto.h
+++ b/src/include/krb5/adm_proto.h
@@ -44,10 +44,12 @@ typedef struct _krb5_db_entry krb5_db_entry;
#if !defined(KRB5_ADM_H__) && !defined(__KADM5_ADMIN_H__)
struct ___krb5_realm_params;
typedef struct ___krb5_realm_params krb5_realm_params;
+#endif /* KRB5_ADM_H__ */
+#ifndef KRB5_KDB5__
struct ___krb5_key_salt_tuple;
typedef struct ___krb5_key_salt_tuple krb5_key_salt_tuple;
-#endif /* KRB5_ADM_H__ */
+#endif /* KRB5_KDB5__ */
/*
* Function prototypes.
diff --git a/src/include/krb5/kdb.h b/src/include/krb5/kdb.h
index fbe2d21ba..c93ac96c4 100644
--- a/src/include/krb5/kdb.h
+++ b/src/include/krb5/kdb.h
@@ -140,6 +140,25 @@ typedef struct _krb5_db_entry_new {
krb5_key_data * key_data; /* Array */
} krb5_db_entry;
+typedef struct _osa_policy_ent_t {
+ int version;
+ char *name;
+ krb5_ui_4 pw_min_life;
+ krb5_ui_4 pw_max_life;
+ krb5_ui_4 pw_min_length;
+ krb5_ui_4 pw_min_classes;
+ krb5_ui_4 pw_history_num;
+ krb5_ui_4 policy_refcnt;
+} osa_policy_ent_rec, *osa_policy_ent_t;
+
+typedef void (*osa_adb_iter_policy_func) (void *, osa_policy_ent_t);
+
+typedef struct __krb5_key_salt_tuple {
+ krb5_enctype ks_enctype;
+ krb5_int32 ks_salttype;
+} krb5_key_salt_tuple;
+
+
#define KRB5_KDB_MAGIC_NUMBER 0xdbdbdbdb
#define KRB5_KDB_V1_BASE_LENGTH 38
@@ -150,6 +169,7 @@ typedef struct _krb5_db_entry_new {
#define KRB5_TL_RB1_CHALLENGE 0x0005
#ifdef SECURID
#define KRB5_TL_SECURID_STATE 0x0006
+#define KRB5_TL_DB_ARGS 0x7fff
#endif /* SECURID */
/*
@@ -165,6 +185,7 @@ typedef struct _krb5_db_entry_new {
#define KRB5_KDC_MKEY_1 "Enter KDC database master key"
#define KRB5_KDC_MKEY_2 "Re-enter KDC database master key to verify"
+
extern char *krb5_mkey_pwd_prompt1;
extern char *krb5_mkey_pwd_prompt2;
@@ -194,140 +215,283 @@ extern char *krb5_mkey_pwd_prompt2;
(cp)[3] = (unsigned char) (((i32) >> 24) & 0xff); \
}
+#define KRB5_KDB_OPEN_RW 0
+#define KRB5_KDB_OPEN_RO 1
+
+#define KRB5_KDB_OPT_SET_DB_NAME 0
+#define KRB5_KDB_OPT_SET_LOCK_MODE 1
+
+#define KRB5_DB_LOCKMODE_SHARED 0x0001
+#define KRB5_DB_LOCKMODE_EXCLUSIVE 0x0002
+#define KRB5_DB_LOCKMODE_DONTBLOCK 0x0004
+#define KRB5_DB_LOCKMODE_PERMANENT 0x0008
+
/* libkdb.spec */
-krb5_error_code krb5_db_set_name (krb5_context, char * );
-krb5_error_code krb5_db_init (krb5_context);
-krb5_error_code krb5_db_fini (krb5_context);
-krb5_error_code krb5_db_get_age (krb5_context, char *, time_t * );
-krb5_error_code krb5_db_create (krb5_context, char *, krb5_int32 );
-krb5_error_code krb5_db_rename (krb5_context, char *, char * );
-krb5_error_code krb5_db_get_principal (krb5_context, krb5_const_principal ,
- krb5_db_entry *, int *,
- krb5_boolean * );
-void krb5_db_free_principal (krb5_context, krb5_db_entry *, int );
-krb5_error_code krb5_db_put_principal (krb5_context, krb5_db_entry *, int * );
-krb5_error_code krb5_db_delete_principal (krb5_context, krb5_const_principal,
- int * );
-krb5_error_code krb5_db_iterate (krb5_context,
- krb5_error_code (* ) (krb5_pointer,
- krb5_db_entry *),
- krb5_pointer);
-krb5_error_code krb5_db_iterate_ext (krb5_context,
- krb5_error_code (* ) (krb5_pointer,
- krb5_db_entry *),
- krb5_pointer, int, int);
-krb5_error_code krb5_db_verify_master_key (krb5_context, krb5_principal,
- krb5_keyblock *);
-krb5_error_code krb5_db_store_mkey (krb5_context, char *, krb5_principal,
- krb5_keyblock *);
-
-krb5_error_code krb5_db_setup_mkey_name (krb5_context, const char *,
- const char *, char **,
- krb5_principal *);
-
-krb5_error_code krb5_db_set_mkey (krb5_context, krb5_keyblock *);
-
-krb5_error_code krb5_db_get_mkey (krb5_context, krb5_keyblock **);
-krb5_error_code krb5_db_destroy (krb5_context, char * );
-krb5_error_code krb5_db_lock (krb5_context, int );
-krb5_error_code krb5_db_unlock (krb5_context);
-krb5_error_code krb5_db_set_nonblocking (krb5_context, krb5_boolean,
- krb5_boolean * );
-krb5_boolean krb5_db_set_lockmode (krb5_context, krb5_boolean);
-krb5_error_code krb5_db_fetch_mkey (krb5_context, krb5_principal, krb5_enctype,
- krb5_boolean, krb5_boolean, char *,
- krb5_data *,
- krb5_keyblock * );
-
-krb5_error_code krb5_db_open_database (krb5_context);
-krb5_error_code krb5_db_close_database (krb5_context);
-
-krb5_error_code krb5_dbekd_encrypt_key_data (krb5_context,
- const krb5_keyblock *,
- const krb5_keyblock *,
- const krb5_keysalt *,
- int,
- krb5_key_data *);
-krb5_error_code krb5_dbekd_decrypt_key_data (krb5_context,
- const krb5_keyblock *,
- const krb5_key_data *,
- krb5_keyblock *,
- krb5_keysalt *);
-krb5_error_code krb5_dbe_create_key_data (krb5_context,
- krb5_db_entry *);
-krb5_error_code krb5_dbe_update_tl_data (krb5_context,
- krb5_db_entry *,
- krb5_tl_data *);
-krb5_error_code krb5_dbe_lookup_tl_data (krb5_context,
- krb5_db_entry *,
- krb5_tl_data *);
-krb5_error_code krb5_dbe_update_last_pwd_change (krb5_context,
- krb5_db_entry *,
- krb5_timestamp);
-krb5_error_code krb5_dbe_lookup_last_pwd_change (krb5_context,
- krb5_db_entry *,
- krb5_timestamp *);
-krb5_error_code krb5_dbe_update_mod_princ_data (krb5_context,
- krb5_db_entry *,
- krb5_timestamp,
- krb5_const_principal);
-krb5_error_code krb5_dbe_lookup_mod_princ_data (krb5_context,
- krb5_db_entry *,
- krb5_timestamp *,
- krb5_principal *);
-int krb5_encode_princ_dbkey (krb5_context, krb5_data *, krb5_const_principal);
-void krb5_free_princ_dbkey (krb5_context, krb5_data *);
-krb5_error_code krb5_encode_princ_contents (krb5_context, krb5_data *,
- krb5_db_entry *);
-void krb5_free_princ_contents (krb5_context, krb5_data *);
-krb5_error_code krb5_decode_princ_contents (krb5_context, krb5_data *,
- krb5_db_entry *);
-void krb5_dbe_free_contents (krb5_context, krb5_db_entry *);
-
-krb5_error_code krb5_dbe_find_enctype (krb5_context, krb5_db_entry *,
- krb5_int32,
- krb5_int32,
- krb5_int32,
- krb5_key_data **);
-
-krb5_error_code krb5_dbe_search_enctype (krb5_context,
- krb5_db_entry *,
- krb5_int32 *,
- krb5_int32,
- krb5_int32,
- krb5_int32,
- krb5_key_data **);
-
-struct __krb5_key_salt_tuple;
-
-krb5_error_code krb5_dbe_cpw (krb5_context,
- krb5_keyblock *,
- struct __krb5_key_salt_tuple *,
- int,
- char *,
- int,
- krb5_boolean,
- krb5_db_entry *);
-krb5_error_code krb5_dbe_apw (krb5_context,
- krb5_keyblock *,
- struct __krb5_key_salt_tuple *,
- int,
- char *,
- krb5_db_entry *);
-krb5_error_code krb5_dbe_crk (krb5_context,
- krb5_keyblock *,
- struct __krb5_key_salt_tuple *,
- int,
- krb5_boolean,
- krb5_db_entry *);
-krb5_error_code krb5_dbe_ark (krb5_context,
- krb5_keyblock *,
- struct __krb5_key_salt_tuple *,
- int,
- krb5_db_entry *);
-
-krb5_error_code krb5_ser_db_context_init (krb5_context);
+krb5_error_code krb5_db_open( krb5_context kcontext, char **db_args, int mode );
+krb5_error_code krb5_db_init ( krb5_context kcontext );
+krb5_error_code krb5_db_create ( krb5_context kcontext, char **db_args );
+krb5_error_code krb5_db_inited ( krb5_context kcontext );
+krb5_error_code kdb5_db_create ( krb5_context kcontext, char **db_args );
+krb5_error_code krb5_db_fini ( krb5_context kcontext );
+const char * krb5_db_errcode2string ( krb5_context kcontext, long err_code );
+krb5_error_code krb5_db_destroy ( krb5_context kcontext, char **db_args );
+krb5_error_code krb5_db_get_age ( krb5_context kcontext, char *db_name, time_t *t );
+krb5_error_code krb5_db_set_option ( krb5_context kcontext, int option, void *value );
+krb5_error_code krb5_db_lock ( krb5_context kcontext, int lock_mode );
+krb5_error_code krb5_db_unlock ( krb5_context kcontext );
+krb5_error_code krb5_db_get_principal ( krb5_context kcontext,
+ krb5_const_principal search_for,
+ krb5_db_entry *entries,
+ int *nentries,
+ krb5_boolean *more );
+krb5_error_code krb5_db_free_principal ( krb5_context kcontext,
+ krb5_db_entry *entry,
+ int count );
+krb5_error_code krb5_db_put_principal ( krb5_context kcontext,
+ krb5_db_entry *entries,
+ int *nentries);
+krb5_error_code krb5_db_delete_principal ( krb5_context kcontext,
+ krb5_principal search_for,
+ int *nentries );
+krb5_error_code krb5_db_iterate ( krb5_context kcontext,
+ char *match_entry,
+ int (*func) (krb5_pointer, krb5_db_entry *),
+ krb5_pointer func_arg );
+krb5_error_code krb5_supported_realms ( krb5_context kcontext,
+ char **realms );
+krb5_error_code krb5_free_supported_realms ( krb5_context kcontext,
+ char **realms );
+krb5_error_code krb5_db_set_master_key_ext ( krb5_context kcontext,
+ char *pwd,
+ krb5_keyblock *key );
+krb5_error_code krb5_db_set_mkey ( krb5_context context,
+ krb5_keyblock *key);
+krb5_error_code krb5_db_get_mkey ( krb5_context kcontext,
+ krb5_keyblock **key );
+krb5_error_code krb5_db_free_master_key ( krb5_context kcontext,
+ krb5_keyblock *key );
+krb5_error_code krb5_db_store_master_key ( krb5_context kcontext,
+ char *db_arg,
+ krb5_principal mname,
+ krb5_keyblock *key,
+ char *master_pwd);
+krb5_error_code krb5_db_fetch_mkey ( krb5_context context,
+ krb5_principal mname,
+ krb5_enctype etype,
+ krb5_boolean fromkeyboard,
+ krb5_boolean twice,
+ char *db_args,
+ krb5_data *salt,
+ krb5_keyblock *key);
+krb5_error_code krb5_db_verify_master_key ( krb5_context kcontext,
+ krb5_principal mprinc,
+ krb5_keyblock *mkey );
+krb5_error_code
+krb5_dbe_find_enctype( krb5_context kcontext,
+ krb5_db_entry *dbentp,
+ krb5_int32 ktype,
+ krb5_int32 stype,
+ krb5_int32 kvno,
+ krb5_key_data **kdatap);
+
+
+krb5_error_code krb5_dbe_search_enctype ( krb5_context kcontext,
+ krb5_db_entry *dbentp,
+ krb5_int32 *start,
+ krb5_int32 ktype,
+ krb5_int32 stype,
+ krb5_int32 kvno,
+ krb5_key_data **kdatap);
+
+krb5_error_code
+krb5_db_setup_mkey_name ( krb5_context context,
+ const char *keyname,
+ const char *realm,
+ char **fullname,
+ krb5_principal *principal);
+
+krb5_error_code
+krb5_dbekd_decrypt_key_data( krb5_context context,
+ const krb5_keyblock * mkey,
+ const krb5_key_data * key_data,
+ krb5_keyblock * dbkey,
+ krb5_keysalt * keysalt);
+
+krb5_error_code
+krb5_dbekd_encrypt_key_data( krb5_context context,
+ const krb5_keyblock * mkey,
+ const krb5_keyblock * dbkey,
+ const krb5_keysalt * keysalt,
+ int keyver,
+ krb5_key_data * key_data);
+
+krb5_error_code
+krb5_dbe_lookup_mod_princ_data( krb5_context context,
+ krb5_db_entry * entry,
+ krb5_timestamp * mod_time,
+ krb5_principal * mod_princ);
+
+krb5_error_code
+krb5_dbe_update_last_pwd_change( krb5_context context,
+ krb5_db_entry * entry,
+ krb5_timestamp stamp);
+
+krb5_error_code
+krb5_dbe_lookup_tl_data( krb5_context context,
+ krb5_db_entry * entry,
+ krb5_tl_data * ret_tl_data);
+
+krb5_error_code
+krb5_dbe_create_key_data( krb5_context context,
+ krb5_db_entry * entry);
+
+
+krb5_error_code
+krb5_dbe_update_mod_princ_data( krb5_context context,
+ krb5_db_entry * entry,
+ krb5_timestamp mod_date,
+ krb5_const_principal mod_princ);
+
+krb5_error_code
+krb5_dbe_update_last_pwd_change( krb5_context context,
+ krb5_db_entry * entry,
+ krb5_timestamp stamp);
+
+void *krb5_db_alloc( krb5_context kcontext,
+ void *ptr,
+ size_t size );
+
+void krb5_db_free( krb5_context kcontext,
+ void *ptr);
+
+
+krb5_error_code
+krb5_dbe_lookup_last_pwd_change( krb5_context context,
+ krb5_db_entry * entry,
+ krb5_timestamp * stamp);
+
+krb5_error_code
+krb5_dbe_update_tl_data( krb5_context context,
+ krb5_db_entry * entry,
+ krb5_tl_data * new_tl_data);
+
+krb5_error_code
+krb5_dbe_cpw( krb5_context kcontext,
+ krb5_keyblock * master_key,
+ krb5_key_salt_tuple * ks_tuple,
+ int ks_tuple_count,
+ char * passwd,
+ int new_kvno,
+ krb5_boolean keepold,
+ krb5_db_entry * db_entry);
+
+krb5_error_code
+krb5_dbe_ark( krb5_context context,
+ krb5_keyblock * master_key,
+ krb5_key_salt_tuple * ks_tuple,
+ int ks_tuple_count,
+ krb5_db_entry * db_entry);
+
+krb5_error_code
+krb5_dbe_crk( krb5_context context,
+ krb5_keyblock * master_key,
+ krb5_key_salt_tuple * ks_tuple,
+ int ks_tuple_count,
+ krb5_boolean keepold,
+ krb5_db_entry * db_entry);
+
+krb5_error_code
+krb5_dbe_apw( krb5_context context,
+ krb5_keyblock * master_key,
+ krb5_key_salt_tuple * ks_tuple,
+ int ks_tuple_count,
+ char * passwd,
+ krb5_db_entry * db_entry);
+
+
+/* default functions. Should not be directly called */
+/*
+ * Default functions prototype
+ */
+
+krb5_error_code
+krb5_dbe_def_search_enctype( krb5_context kcontext,
+ krb5_db_entry *dbentp,
+ krb5_int32 *start,
+ krb5_int32 ktype,
+ krb5_int32 stype,
+ krb5_int32 kvno,
+ krb5_key_data **kdatap);
+
+krb5_error_code
+krb5_def_store_mkey( krb5_context context,
+ char *keyfile,
+ krb5_principal mname,
+ krb5_keyblock *key,
+ char *master_pwd);
+
+
+krb5_error_code
+krb5_db_def_fetch_mkey( krb5_context context,
+ krb5_principal mname,
+ krb5_keyblock *key,
+ int *kvno,
+ char *db_args);
+
+krb5_error_code
+krb5_def_verify_master_key( krb5_context context,
+ krb5_principal mprinc,
+ krb5_keyblock *mkey);
+
+krb5_error_code kdb_def_set_mkey ( krb5_context kcontext,
+ char *pwd,
+ krb5_keyblock *key );
+
+krb5_error_code kdb_def_get_mkey ( krb5_context kcontext,
+ krb5_keyblock **key );
+
+krb5_error_code
+krb5_dbe_def_cpw( krb5_context context,
+ krb5_keyblock * master_key,
+ krb5_key_salt_tuple * ks_tuple,
+ int ks_tuple_count,
+ char * passwd,
+ int new_kvno,
+ krb5_boolean keepold,
+ krb5_db_entry * db_entry);
+
+
+krb5_error_code
+krb5_db_create_policy( krb5_context kcontext,
+ osa_policy_ent_t policy);
+
+krb5_error_code
+krb5_db_get_policy ( krb5_context kcontext,
+ char *name,
+ osa_policy_ent_t *policy,
+ int *nentries);
+
+krb5_error_code
+krb5_db_put_policy( krb5_context kcontext,
+ osa_policy_ent_t policy);
+
+krb5_error_code
+krb5_db_iter_policy( krb5_context kcontext,
+ char *match_entry,
+ osa_adb_iter_policy_func func,
+ void *data);
+
+krb5_error_code
+krb5_db_delete_policy( krb5_context kcontext,
+ char *policy);
+
+void
+krb5_db_free_policy( krb5_context kcontext,
+ osa_policy_ent_t policy);
+
+void krb5_db_clr_error(void);
+
#define KRB5_KDB_DEF_FLAGS 0
#endif /* !defined(_WIN32) */
diff --git a/src/include/krb5/stock/ChangeLog b/src/include/krb5/stock/ChangeLog
index b4fb69db6..34c37656d 100644
--- a/src/include/krb5/stock/ChangeLog
+++ b/src/include/krb5/stock/ChangeLog
@@ -1,3 +1,8 @@
+2005-06-20 Ken Raeburn <raeburn@mit.edu>
+
+ Novell merge.
+ * osconf.h:
+
2004-07-09 Jeffrey Altman <jaltman@mit.edu>
* osconf.h: !!define -> !define
diff --git a/src/include/krb5/stock/osconf.h b/src/include/krb5/stock/osconf.h
index 6c6c6cd3a..7fff64b96 100644
--- a/src/include/krb5/stock/osconf.h
+++ b/src/include/krb5/stock/osconf.h
@@ -63,6 +63,7 @@
/* Location of KDC profile */
#define DEFAULT_KDC_PROFILE "@LOCALSTATEDIR/krb5kdc/kdc.conf"
#define KDC_PROFILE_ENV "KRB5_KDC_PROFILE"
+#define DEFAULT_KDB_LIB_PATH { "/usr/lib/kerbdb", "@LIBDIR/kerbdb", NULL }
#define DEFAULT_KDC_ENCTYPE ENCTYPE_DES3_CBC_SHA1
#define KDCRCACHE "dfl:krb5kdc_rcache"
generated by cgit (git 2.34.1) at 2024-11-11 07:34:53 +0000