summaryrefslogtreecommitdiffstats
path: root/src/lib/kadm5/srv/server_acl.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/kadm5/srv/server_acl.h')
-rw-r--r--src/lib/kadm5/srv/server_acl.h21
1 files changed, 19 insertions, 2 deletions
diff --git a/src/lib/kadm5/srv/server_acl.h b/src/lib/kadm5/srv/server_acl.h
index e2aa8bddc..226a4d925 100644
--- a/src/lib/kadm5/srv/server_acl.h
+++ b/src/lib/kadm5/srv/server_acl.h
@@ -70,6 +70,18 @@
ACL_LIST | \
ACL_SETKEY)
+typedef struct _restriction {
+ long mask;
+ krb5_flags require_attrs;
+ krb5_flags forbid_attrs;
+ krb5_deltat princ_lifetime;
+ krb5_deltat pw_lifetime;
+ krb5_deltat max_life;
+ krb5_deltat max_renewable_life;
+ long aux_attributes;
+ char *policy;
+} restriction_t;
+
krb5_error_code acl_init
KRB5_PROTOTYPE((krb5_context,
int,
@@ -81,6 +93,11 @@ krb5_boolean acl_check
KRB5_PROTOTYPE((krb5_context,
gss_name_t,
krb5_int32,
- krb5_principal));
-
+ krb5_principal,
+ restriction_t **));
+krb5_error_code acl_impose_restrictions
+ KRB5_PROTOTYPE((krb5_context,
+ kadm5_principal_ent_rec *,
+ long *,
+ restriction_t *));
#endif /* SERVER_ACL_H__ */
generated by cgit (git 2.34.1) at 2025-02-25 05:29:49 +0000