path: root/src/kadmin/v5server/kadm5_defs.h

/*
 * kadmin/v5server/kadm5_defs.h
 *
 * Copyright 1995 by the Massachusetts Institute of Technology.
 * All Rights Reserved.
 *
 * Export of this software from the United States of America may
 *   require a specific license from the United States Government.
 *   It is the responsibility of any person or organization contemplating
 *   export to obtain such a license before exporting.
 *
 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
 * distribute this software and its documentation for any purpose and
 * without fee is hereby granted, provided that the above copyright
 * notice appear in all copies and that both that copyright notice and
 * this permission notice appear in supporting documentation, and that
 * the name of M.I.T. not be used in advertising or publicity pertaining
 * to distribution of the software without specific, written prior
 * permission.  M.I.T. makes no representations about the suitability of
 * this software for any purpose.  It is provided "as is" without express
 * or implied warranty.
 *
 */

/*
 * kadmind5
 * Version 5 administrative daemon.
 */
#ifndef	KADM5_DEFS_H__
#define	KADM5_DEFS_H__

#include "adm.h"

/*
 * Debug definitions.
 */
#define	DEBUG_SPROC	1
#define	DEBUG_OPERATION	2
#define	DEBUG_HOST	4
#define	DEBUG_REALM	8
#define	DEBUG_REQUESTS	16
#define	DEBUG_ACL	32
#define	DEBUG_PROTO	64
#define	DEBUG_CALLS	128
#define	DEBUG_NOSLAVES	256
#ifdef	DEBUG
#define	DPRINT(l1, cl, al)	if ((cl & l1) != 0) printf al
#else	/* DEBUG */
#define	DPRINT(l1, cl, al)
#endif	/* DEBUG */
#define	DLOG(l1, cl, msg)	if ((cl & l1) != 0)	\
					com_err(programname, 0, msg)

/*
 * Access control bits.
 */
#define	ACL_ADD_PRINCIPAL	1
#define	ACL_DELETE_PRINCIPAL	2
#define	ACL_MODIFY_PRINCIPAL	4
#define	ACL_CHANGEPW		8
#define	ACL_CHANGE_OWN_PW	16
#define	ACL_INQUIRE		32
#define	ACL_EXTRACT		64
#define	ACL_RENAME_PRINCIPAL	(ACL_ADD_PRINCIPAL+ACL_DELETE_PRINCIPAL)

#define	ACL_PRINCIPAL_MASK	(ACL_ADD_PRINCIPAL|ACL_DELETE_PRINCIPAL|\
				 ACL_MODIFY_PRINCIPAL)
#define	ACL_PASSWD_MASK		(ACL_CHANGEPW|ACL_CHANGE_OWN_PW)
#define	ACL_ALL_MASK		(ACL_ADD_PRINCIPAL	| \
				 ACL_DELETE_PRINCIPAL	| \
				 ACL_MODIFY_PRINCIPAL	| \
				 ACL_CHANGEPW		| \
				 ACL_CHANGE_OWN_PW	| \
				 ACL_INQUIRE		| \
				 ACL_EXTRACT)
/*
 * Subcodes.
 */
#define	KADM_BAD_ARGS		10
#define	KADM_BAD_CMD		11
#define	KADM_NO_CMD		12
#define	KADM_BAD_PRINC		20
#define	KADM_PWD_TOO_SHORT	21
#define	KADM_PWD_WEAK		22
#define	KADM_NOT_ALLOWED	100

/*
 * Inter-module function prototypes
 */

/* srv_key.c */
krb5_error_code key_init
	KRB5_PROTOTYPE((krb5_context,
			int,
			int,
			int,
			char *,
			int,
			char *,
			char *,
			char *,
			char *,
			krb5_int32,
			krb5_key_salt_tuple *));
void key_finish
	KRB5_PROTOTYPE((krb5_context,
			int));
krb5_error_code key_string_to_keys
	KRB5_PROTOTYPE((krb5_context,
			krb5_db_entry *,
			krb5_data *,
			krb5_int32,
			krb5_key_salt_tuple *,
			krb5_int32 *,
			krb5_key_data **));
krb5_error_code key_random_key
	KRB5_PROTOTYPE((krb5_context,
			krb5_db_entry *,
			krb5_int32 *,
			krb5_key_data **));
krb5_error_code key_encrypt_keys
	KRB5_PROTOTYPE((krb5_context,
			krb5_db_entry *,
			krb5_int32 *,
			krb5_key_data *,
			krb5_key_data **));
krb5_error_code key_decrypt_keys
	KRB5_PROTOTYPE((krb5_context,
			krb5_db_entry *,
			krb5_int32 *,
			krb5_key_data *,
			krb5_key_data **));
krb5_boolean key_pwd_is_weak
	KRB5_PROTOTYPE((krb5_context,
			krb5_db_entry *,
			krb5_data *));
krb5_db_entry *key_master_entry();
char *key_master_realm();
krb5_keytab key_keytab_id();
krb5_keyblock *key_admin_key();
krb5_encrypt_block *key_master_encblock();
void key_free_key_data KRB5_PROTOTYPE((krb5_key_data *,
				       krb5_int32));
krb5_error_code key_name_to_data KRB5_PROTOTYPE((krb5_db_entry *,
						 krb5_key_salt_tuple *,
						 krb5_int32,
						 krb5_key_data **));
krb5_error_code key_dbent_to_keysalts
	KRB5_PROTOTYPE((krb5_db_entry *,
			krb5_int32 *,
			krb5_key_salt_tuple **));

/* srv_acl.c */
krb5_error_code acl_init
	KRB5_PROTOTYPE((krb5_context,
		   int,
		   char *));
void acl_finish
	KRB5_PROTOTYPE((krb5_context,
		   int));
krb5_boolean acl_op_permitted
	KRB5_PROTOTYPE((krb5_context,
		   krb5_principal,
		   krb5_int32));

/* srv_output.c */
krb5_error_code output_init
	KRB5_PROTOTYPE((krb5_context,
		   int,
		   char *,
		   krb5_boolean));
void output_finish
	KRB5_PROTOTYPE((krb5_context,
		   int));
krb5_boolean output_lang_supported
	KRB5_PROTOTYPE((char *));
char *output_krb5_errmsg
	KRB5_PROTOTYPE((char *,
		   krb5_boolean,
		   krb5_int32));
char *output_adm_error
	KRB5_PROTOTYPE((char *,
		   krb5_boolean,
		   krb5_int32,
		   krb5_int32,
		   krb5_int32,
		   krb5_data *));

/* srv_net.c */
krb5_error_code net_init
	KRB5_PROTOTYPE((krb5_context,
		   int,
		   krb5_int32));
void net_finish
	KRB5_PROTOTYPE((krb5_context,
		   int));
krb5_error_code net_dispatch
	KRB5_PROTOTYPE((krb5_context));
krb5_principal net_server_princ();

/* proto_serv.c */
krb5_error_code proto_init
	KRB5_PROTOTYPE((krb5_context,
		   int,
		   int));
void proto_finish
	KRB5_PROTOTYPE((krb5_context,
		   int));
krb5_error_code proto_serv
	KRB5_PROTOTYPE((krb5_context,
		   krb5_int32,
		   int,
		   void *,
		   void *));

/* passwd.c */
krb5_int32 passwd_check
	KRB5_PROTOTYPE((krb5_context,
		   int,
		   krb5_auth_context,
		   krb5_ticket *,
		   krb5_data *,
		   krb5_int32 *));
krb5_int32 passwd_change
	KRB5_PROTOTYPE((krb5_context,
		   int,
		   krb5_auth_context,
		   krb5_ticket *,
		   krb5_data *,
		   krb5_data *,
		   krb5_int32 *));
krb5_boolean passwd_check_npass_ok
	KRB5_PROTOTYPE((krb5_context,
		   int,
		   krb5_principal,
		   krb5_db_entry *,
		   krb5_data *,
		   krb5_int32 *));
krb5_boolean passwd_check_opass_ok
	KRB5_PROTOTYPE((krb5_context,
		   int,
		   krb5_principal,
		   krb5_db_entry *,
		   krb5_data *));

/* admin.c */
krb5_error_code admin_add_principal
	KRB5_PROTOTYPE((krb5_context,
		   int,
		   krb5_ticket *,
		   krb5_int32,
		   krb5_data *));
krb5_error_code admin_delete_principal
	KRB5_PROTOTYPE((krb5_context,
		   int,
		   krb5_ticket *,
		   krb5_data *));
krb5_error_code admin_rename_principal
	KRB5_PROTOTYPE((krb5_context,
		   int,
		   krb5_ticket *,
		   krb5_data *,
		   krb5_data *));
krb5_error_code admin_modify_principal
	KRB5_PROTOTYPE((krb5_context,
		   int,
		   krb5_ticket *,
		   krb5_int32,
		   krb5_data *));
krb5_error_code admin_change_opw
	KRB5_PROTOTYPE((krb5_context,
		   int,
		   krb5_ticket *,
		   krb5_data *,
		   krb5_data *));
krb5_error_code admin_change_orandpw
	KRB5_PROTOTYPE((krb5_context,
		   int,
		   krb5_ticket *,
		   krb5_data *));
krb5_error_code admin_inquire
	KRB5_PROTOTYPE((krb5_context,
		   int,
		   krb5_ticket *,
		   krb5_data *,
		   krb5_int32 *,
		   krb5_data **));
krb5_error_code admin_extract_key
	KRB5_PROTOTYPE((krb5_context,
		   int,
		   krb5_ticket *,
		   krb5_data *,
		   krb5_data *,
		   krb5_int32 *,
		   krb5_data **));
krb5_error_code admin_add_key
	KRB5_PROTOTYPE((krb5_context,
			int,
			krb5_ticket *,
			krb5_int32,
			krb5_data *));
krb5_error_code admin_delete_key
	KRB5_PROTOTYPE((krb5_context,
			int,
			krb5_ticket *,
			krb5_int32,
			krb5_data *));
void admin_init KRB5_PROTOTYPE((krb5_deltat,
				krb5_deltat,
				krb5_boolean,
				krb5_timestamp,
				krb5_boolean,
				krb5_flags));
#endif	/* KADM5_DEFS_H__ */