/* * include/kerberosIV/kadm.h * * Copyright 1988, 1994, 2002 by the Massachusetts Institute of * Technology. All Rights Reserved. * * Export of this software from the United States of America may * require a specific license from the United States Government. * It is the responsibility of any person or organization contemplating * export to obtain such a license before exporting. * * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and * distribute this software and its documentation for any purpose and * without fee is hereby granted, provided that the above copyright * notice appear in all copies and that both that copyright notice and * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior * permission. Furthermore if you modify this software you must label * your software as modified software and not distribute it in such a * fashion that it might be confused with the original M.I.T. software. * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * * Definitions for Kerberos administration server & client. These * should be considered private; among other reasons, it leaks all * over the namespace. */ #ifndef KADM_DEFS #define KADM_DEFS /* * kadm.h * Header file for the fourth attempt at an admin server * Doug Church, December 28, 1989, MIT Project Athena */ #include #include "port-sockets.h" #include #include /* for those broken Unixes without this defined... should be in sys/param.h */ #ifndef MAXHOSTNAMELEN #define MAXHOSTNAMELEN 64 #endif /* The global structures for the client and server */ typedef struct { struct sockaddr_in admin_addr; struct sockaddr_in my_addr; int my_addr_len; int admin_fd; /* file descriptor for link to admin server */ char sname[ANAME_SZ]; /* the service name */ char sinst[INST_SZ]; /* the services instance */ char krbrlm[REALM_SZ]; /* KfM additions... */ int default_port; CREDENTIALS creds; /* The client's credentials (from krb_get_pw_in_tkt_creds)*/ } Kadm_Client; typedef struct { /* status of the server, i.e the parameters */ int inter; /* Space for command line flags */ char *sysfile; /* filename of server */ } admin_params; /* Well... it's the admin's parameters */ /* Largest password length to be supported */ #define MAX_KPW_LEN 128 /* Largest packet the admin server will ever allow itself to return */ #define KADM_RET_MAX 2048 /* That's right, versions are 8 byte strings */ #define KADM_VERSTR "KADM0.0A" #define KADM_ULOSE "KYOULOSE" /* sent back when server can't decrypt client's msg */ #define KADM_VERSIZE strlen(KADM_VERSTR) /* the lookups for the server instances */ #define PWSERV_NAME "changepw" #define KADM_SNAME "kerberos_master" #define KADM_SINST "kerberos" /* Attributes fields constants and macros */ #define ALLOC 2 #define RESERVED 3 #define DEALLOC 4 #define DEACTIVATED 5 #define ACTIVE 6 /* Kadm_vals structure for passing db fields into the server routines */ #define FLDSZ 4 typedef struct { u_char fields[FLDSZ]; /* The active fields in this struct */ char name[ANAME_SZ]; char instance[INST_SZ]; KRB_UINT32 key_low; KRB_UINT32 key_high; KRB_UINT32 exp_date; unsigned short attributes; unsigned char max_life; } Kadm_vals; /* The basic values structure in Kadm */ /* Kadm_vals structure for passing db fields into the server routines */ #define FLDSZ 4 /* Need to define fields types here */ #define KADM_NAME 31 #define KADM_INST 30 #define KADM_EXPDATE 29 #define KADM_ATTR 28 #define KADM_MAXLIFE 27 #define KADM_DESKEY 26 /* To set a field entry f in a fields structure d */ #define SET_FIELD(f,d) (d[3-(f/8)]|=(1<<(f%8))) /* To set a field entry f in a fields structure d */ #define CLEAR_FIELD(f,d) (d[3-(f/8)]&=(~(1<<(f%8)))) /* Is field f in fields structure d */ #define IS_FIELD(f,d) (d[3-(f/8)]&(1<<(f%8))) /* Various return codes */ #define KADM_SUCCESS 0 #define WILDCARD_STR "*" enum acl_types { ADDACL, GETACL, MODACL, STABACL, DELACL }; /* Various opcodes for the admin server's functions */ #define CHANGE_PW 2 #define ADD_ENT 3 #define MOD_ENT 4 #define GET_ENT 5 #define CHECK_PW 6 #define CHG_STAB 7 /* Cygnus principal-deletion support */ #define KADM_CYGNUS_EXT_BASE 64 #define DEL_ENT (KADM_CYGNUS_EXT_BASE+1) #ifdef POSIX typedef void sigtype; #else typedef int sigtype; #endif /* Avoid stomping on namespace... */ #define vals_to_stream kadm_vals_to_stream #define build_field_header kadm_build_field_header #define vts_string kadm_vts_string #define vts_short kadm_vts_short #define vts_long kadm_vts_long #define vts_char kadm_vts_char #define stream_to_vals kadm_stream_to_vals #define check_field_header kadm_check_field_header #define stv_string kadm_stv_string #define stv_short kadm_stv_short #define stv_long kadm_stv_long #define stv_char kadm_stv_char int vals_to_stream(Kadm_vals *, u_char **); int build_field_header(u_char *, u_char **); int vts_string(char *, u_char **, int); int vts_short(KRB_UINT32, u_char **, int); int vts_long(KRB_UINT32, u_char **, int); int vts_char(KRB_UINT32, u_char **, int); int stream_to_vals(u_char *, Kadm_vals *, int); int check_field_header(u_char *, u_char *, int); int stv_string(u_char *, char *, int, int, int); int stv_short(u_char *, u_short *, int, int); int stv_long(u_char *, KRB_UINT32 *, int, int); int stv_char(u_char *, u_char *, int, int); int kadm_init_link(char *, char *, char *, Kadm_Client *, int); int kadm_cli_send(Kadm_Client *, u_char *, size_t, u_char **, size_t *); int kadm_cli_conn(Kadm_Client *); void kadm_cli_disconn(Kadm_Client *); int kadm_cli_out(Kadm_Client *, u_char *, int, u_char **, size_t *); int kadm_cli_keyd(Kadm_Client *, des_cblock, des_key_schedule); #endif /* KADM_DEFS */