|
Packit Service |
99d1c0 |
/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
|
|
Packit Service |
99d1c0 |
/* lib/kadm5/admin.h */
|
|
Packit Service |
99d1c0 |
/*
|
|
Packit Service |
99d1c0 |
* Copyright 2001, 2008 by the Massachusetts Institute of Technology.
|
|
Packit Service |
99d1c0 |
* All Rights Reserved.
|
|
Packit Service |
99d1c0 |
*
|
|
Packit Service |
99d1c0 |
* Export of this software from the United States of America may
|
|
Packit Service |
99d1c0 |
* require a specific license from the United States Government.
|
|
Packit Service |
99d1c0 |
* It is the responsibility of any person or organization contemplating
|
|
Packit Service |
99d1c0 |
* export to obtain such a license before exporting.
|
|
Packit Service |
99d1c0 |
*
|
|
Packit Service |
99d1c0 |
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
|
|
Packit Service |
99d1c0 |
* distribute this software and its documentation for any purpose and
|
|
Packit Service |
99d1c0 |
* without fee is hereby granted, provided that the above copyright
|
|
Packit Service |
99d1c0 |
* notice appear in all copies and that both that copyright notice and
|
|
Packit Service |
99d1c0 |
* this permission notice appear in supporting documentation, and that
|
|
Packit Service |
99d1c0 |
* the name of M.I.T. not be used in advertising or publicity pertaining
|
|
Packit Service |
99d1c0 |
* to distribution of the software without specific, written prior
|
|
Packit Service |
99d1c0 |
* permission. Furthermore if you modify this software you must label
|
|
Packit Service |
99d1c0 |
* your software as modified software and not distribute it in such a
|
|
Packit Service |
99d1c0 |
* fashion that it might be confused with the original M.I.T. software.
|
|
Packit Service |
99d1c0 |
* M.I.T. makes no representations about the suitability of
|
|
Packit Service |
99d1c0 |
* this software for any purpose. It is provided "as is" without express
|
|
Packit Service |
99d1c0 |
* or implied warranty.
|
|
Packit Service |
99d1c0 |
*/
|
|
Packit Service |
99d1c0 |
/*
|
|
Packit Service |
99d1c0 |
* Copyright 1993 OpenVision Technologies, Inc., All Rights Reserved
|
|
Packit Service |
99d1c0 |
*
|
|
Packit Service |
99d1c0 |
* $Header$
|
|
Packit Service |
99d1c0 |
*/
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
/*
|
|
Packit Service |
99d1c0 |
* This API is not considered as stable as the main krb5 API.
|
|
Packit Service |
99d1c0 |
*
|
|
Packit Service |
99d1c0 |
* - We may make arbitrary incompatible changes between feature
|
|
Packit Service |
99d1c0 |
* releases (e.g. from 1.7 to 1.8).
|
|
Packit Service |
99d1c0 |
* - We will make some effort to avoid making incompatible changes for
|
|
Packit Service |
99d1c0 |
* bugfix releases, but will make them if necessary.
|
|
Packit Service |
99d1c0 |
*/
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
#ifndef __KADM5_ADMIN_H__
|
|
Packit Service |
99d1c0 |
#define __KADM5_ADMIN_H__
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
#include <sys/types.h>
|
|
Packit Service |
99d1c0 |
#include <gssrpc/rpc.h>
|
|
Packit Service |
99d1c0 |
#include <krb5.h>
|
|
Packit Service |
99d1c0 |
#include <kdb.h>
|
|
Packit Service |
99d1c0 |
#include <com_err.h>
|
|
Packit Service |
99d1c0 |
#include <kadm5/kadm_err.h>
|
|
Packit Service |
99d1c0 |
#include <kadm5/chpass_util_strings.h>
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
#ifndef KADM5INT_BEGIN_DECLS
|
|
Packit Service |
99d1c0 |
#if defined(__cplusplus)
|
|
Packit Service |
99d1c0 |
#define KADM5INT_BEGIN_DECLS extern "C" {
|
|
Packit Service |
99d1c0 |
#define KADM5INT_END_DECLS }
|
|
Packit Service |
99d1c0 |
#else
|
|
Packit Service |
99d1c0 |
#define KADM5INT_BEGIN_DECLS
|
|
Packit Service |
99d1c0 |
#define KADM5INT_END_DECLS
|
|
Packit Service |
99d1c0 |
#endif
|
|
Packit Service |
99d1c0 |
#endif
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
KADM5INT_BEGIN_DECLS
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
#define KADM5_ADMIN_SERVICE "kadmin/admin"
|
|
Packit Service |
99d1c0 |
#define KADM5_CHANGEPW_SERVICE "kadmin/changepw"
|
|
Packit Service |
99d1c0 |
#define KADM5_HIST_PRINCIPAL "kadmin/history"
|
|
Packit Service |
99d1c0 |
#define KADM5_KIPROP_HOST_SERVICE "kiprop"
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
typedef krb5_principal kadm5_princ_t;
|
|
Packit Service |
99d1c0 |
typedef char *kadm5_policy_t;
|
|
Packit Service |
99d1c0 |
typedef long kadm5_ret_t;
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
#define KADM5_PW_FIRST_PROMPT \
|
|
Packit Service |
99d1c0 |
(error_message(CHPASS_UTIL_NEW_PASSWORD_PROMPT))
|
|
Packit Service |
99d1c0 |
#define KADM5_PW_SECOND_PROMPT \
|
|
Packit Service |
99d1c0 |
(error_message(CHPASS_UTIL_NEW_PASSWORD_AGAIN_PROMPT))
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
/*
|
|
Packit Service |
99d1c0 |
* Successful return code
|
|
Packit Service |
99d1c0 |
*/
|
|
Packit Service |
99d1c0 |
#define KADM5_OK 0
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
/*
|
|
Packit Service |
99d1c0 |
* Field masks
|
|
Packit Service |
99d1c0 |
*/
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
/* kadm5_principal_ent_t */
|
|
Packit Service |
99d1c0 |
#define KADM5_PRINCIPAL 0x000001
|
|
Packit Service |
99d1c0 |
#define KADM5_PRINC_EXPIRE_TIME 0x000002
|
|
Packit Service |
99d1c0 |
#define KADM5_PW_EXPIRATION 0x000004
|
|
Packit Service |
99d1c0 |
#define KADM5_LAST_PWD_CHANGE 0x000008
|
|
Packit Service |
99d1c0 |
#define KADM5_ATTRIBUTES 0x000010
|
|
Packit Service |
99d1c0 |
#define KADM5_MAX_LIFE 0x000020
|
|
Packit Service |
99d1c0 |
#define KADM5_MOD_TIME 0x000040
|
|
Packit Service |
99d1c0 |
#define KADM5_MOD_NAME 0x000080
|
|
Packit Service |
99d1c0 |
#define KADM5_KVNO 0x000100
|
|
Packit Service |
99d1c0 |
#define KADM5_MKVNO 0x000200
|
|
Packit Service |
99d1c0 |
#define KADM5_AUX_ATTRIBUTES 0x000400
|
|
Packit Service |
99d1c0 |
#define KADM5_POLICY 0x000800
|
|
Packit Service |
99d1c0 |
#define KADM5_POLICY_CLR 0x001000
|
|
Packit Service |
99d1c0 |
/* version 2 masks */
|
|
Packit Service |
99d1c0 |
#define KADM5_MAX_RLIFE 0x002000
|
|
Packit Service |
99d1c0 |
#define KADM5_LAST_SUCCESS 0x004000
|
|
Packit Service |
99d1c0 |
#define KADM5_LAST_FAILED 0x008000
|
|
Packit Service |
99d1c0 |
#define KADM5_FAIL_AUTH_COUNT 0x010000
|
|
Packit Service |
99d1c0 |
#define KADM5_KEY_DATA 0x020000
|
|
Packit Service |
99d1c0 |
#define KADM5_TL_DATA 0x040000
|
|
Packit Service |
99d1c0 |
#ifdef notyet /* Novell */
|
|
Packit Service |
99d1c0 |
#define KADM5_CPW_FUNCTION 0x080000
|
|
Packit Service |
99d1c0 |
#define KADM5_RANDKEY_USED 0x100000
|
|
Packit Service |
99d1c0 |
#endif
|
|
Packit Service |
99d1c0 |
#define KADM5_LOAD 0x200000
|
|
Packit Service |
99d1c0 |
#define KADM5_KEY_HIST 0x400000
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
/* all but KEY_DATA, TL_DATA, LOAD */
|
|
Packit Service |
99d1c0 |
#define KADM5_PRINCIPAL_NORMAL_MASK 0x41ffff
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
/* kadm5_policy_ent_t */
|
|
Packit Service |
99d1c0 |
#define KADM5_PW_MAX_LIFE 0x00004000
|
|
Packit Service |
99d1c0 |
#define KADM5_PW_MIN_LIFE 0x00008000
|
|
Packit Service |
99d1c0 |
#define KADM5_PW_MIN_LENGTH 0x00010000
|
|
Packit Service |
99d1c0 |
#define KADM5_PW_MIN_CLASSES 0x00020000
|
|
Packit Service |
99d1c0 |
#define KADM5_PW_HISTORY_NUM 0x00040000
|
|
Packit Service |
99d1c0 |
#define KADM5_REF_COUNT 0x00080000
|
|
Packit Service |
99d1c0 |
#define KADM5_PW_MAX_FAILURE 0x00100000
|
|
Packit Service |
99d1c0 |
#define KADM5_PW_FAILURE_COUNT_INTERVAL 0x00200000
|
|
Packit Service |
99d1c0 |
#define KADM5_PW_LOCKOUT_DURATION 0x00400000
|
|
Packit Service |
99d1c0 |
#define KADM5_POLICY_ATTRIBUTES 0x00800000
|
|
Packit Service |
99d1c0 |
#define KADM5_POLICY_MAX_LIFE 0x01000000
|
|
Packit Service |
99d1c0 |
#define KADM5_POLICY_MAX_RLIFE 0x02000000
|
|
Packit Service |
99d1c0 |
#define KADM5_POLICY_ALLOWED_KEYSALTS 0x04000000
|
|
Packit Service |
99d1c0 |
#define KADM5_POLICY_TL_DATA 0x08000000
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
/* kadm5_config_params */
|
|
Packit Service |
99d1c0 |
#define KADM5_CONFIG_REALM 0x00000001
|
|
Packit Service |
99d1c0 |
#define KADM5_CONFIG_DBNAME 0x00000002
|
|
Packit Service |
99d1c0 |
#define KADM5_CONFIG_MKEY_NAME 0x00000004
|
|
Packit Service |
99d1c0 |
#define KADM5_CONFIG_MAX_LIFE 0x00000008
|
|
Packit Service |
99d1c0 |
#define KADM5_CONFIG_MAX_RLIFE 0x00000010
|
|
Packit Service |
99d1c0 |
#define KADM5_CONFIG_EXPIRATION 0x00000020
|
|
Packit Service |
99d1c0 |
#define KADM5_CONFIG_FLAGS 0x00000040
|
|
Packit Service |
99d1c0 |
/*#define KADM5_CONFIG_ADMIN_KEYTAB 0x00000080*/
|
|
Packit Service |
99d1c0 |
#define KADM5_CONFIG_STASH_FILE 0x00000100
|
|
Packit Service |
99d1c0 |
#define KADM5_CONFIG_ENCTYPE 0x00000200
|
|
Packit Service |
99d1c0 |
#define KADM5_CONFIG_ADBNAME 0x00000400
|
|
Packit Service |
99d1c0 |
#define KADM5_CONFIG_ADB_LOCKFILE 0x00000800
|
|
Packit Service |
99d1c0 |
#define KADM5_CONFIG_KADMIND_LISTEN 0x00001000
|
|
Packit Service |
99d1c0 |
#define KADM5_CONFIG_ACL_FILE 0x00002000
|
|
Packit Service |
99d1c0 |
#define KADM5_CONFIG_KADMIND_PORT 0x00004000
|
|
Packit Service |
99d1c0 |
#define KADM5_CONFIG_ENCTYPES 0x00008000
|
|
Packit Service |
99d1c0 |
#define KADM5_CONFIG_ADMIN_SERVER 0x00010000
|
|
Packit Service |
99d1c0 |
#define KADM5_CONFIG_DICT_FILE 0x00020000
|
|
Packit Service |
99d1c0 |
#define KADM5_CONFIG_MKEY_FROM_KBD 0x00040000
|
|
Packit Service |
99d1c0 |
#define KADM5_CONFIG_KPASSWD_PORT 0x00080000
|
|
Packit Service |
99d1c0 |
#define KADM5_CONFIG_OLD_AUTH_GSSAPI 0x00100000
|
|
Packit Service |
99d1c0 |
#define KADM5_CONFIG_NO_AUTH 0x00200000
|
|
Packit Service |
99d1c0 |
#define KADM5_CONFIG_AUTH_NOFALLBACK 0x00400000
|
|
Packit Service |
99d1c0 |
#define KADM5_CONFIG_KPASSWD_LISTEN 0x00800000
|
|
Packit Service |
99d1c0 |
#define KADM5_CONFIG_IPROP_ENABLED 0x01000000
|
|
Packit Service |
99d1c0 |
#define KADM5_CONFIG_ULOG_SIZE 0x02000000
|
|
Packit Service |
99d1c0 |
#define KADM5_CONFIG_POLL_TIME 0x04000000
|
|
Packit Service |
99d1c0 |
#define KADM5_CONFIG_IPROP_LOGFILE 0x08000000
|
|
Packit Service |
99d1c0 |
#define KADM5_CONFIG_IPROP_PORT 0x10000000
|
|
Packit Service |
99d1c0 |
#define KADM5_CONFIG_KVNO 0x20000000
|
|
Packit Service |
99d1c0 |
#define KADM5_CONFIG_IPROP_RESYNC_TIMEOUT 0x40000000
|
|
Packit Service |
99d1c0 |
#define KADM5_CONFIG_IPROP_LISTEN 0x80000000
|
|
Packit Service |
99d1c0 |
/*
|
|
Packit Service |
99d1c0 |
* permission bits
|
|
Packit Service |
99d1c0 |
*/
|
|
Packit Service |
99d1c0 |
#define KADM5_PRIV_GET 0x01
|
|
Packit Service |
99d1c0 |
#define KADM5_PRIV_ADD 0x02
|
|
Packit Service |
99d1c0 |
#define KADM5_PRIV_MODIFY 0x04
|
|
Packit Service |
99d1c0 |
#define KADM5_PRIV_DELETE 0x08
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
/*
|
|
Packit Service |
99d1c0 |
* API versioning constants
|
|
Packit Service |
99d1c0 |
*/
|
|
Packit Service |
99d1c0 |
#define KADM5_MASK_BITS 0xffffff00
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
#define KADM5_STRUCT_VERSION_MASK 0x12345600
|
|
Packit Service |
99d1c0 |
#define KADM5_STRUCT_VERSION_1 (KADM5_STRUCT_VERSION_MASK|0x01)
|
|
Packit Service |
99d1c0 |
#define KADM5_STRUCT_VERSION KADM5_STRUCT_VERSION_1
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
#define KADM5_API_VERSION_MASK 0x12345700
|
|
Packit Service |
99d1c0 |
#define KADM5_API_VERSION_2 (KADM5_API_VERSION_MASK|0x02)
|
|
Packit Service |
99d1c0 |
#define KADM5_API_VERSION_3 (KADM5_API_VERSION_MASK|0x03)
|
|
Packit Service |
99d1c0 |
#define KADM5_API_VERSION_4 (KADM5_API_VERSION_MASK|0x04)
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
typedef struct _kadm5_principal_ent_t {
|
|
Packit Service |
99d1c0 |
krb5_principal principal;
|
|
Packit Service |
99d1c0 |
krb5_timestamp princ_expire_time;
|
|
Packit Service |
99d1c0 |
krb5_timestamp last_pwd_change;
|
|
Packit Service |
99d1c0 |
krb5_timestamp pw_expiration;
|
|
Packit Service |
99d1c0 |
krb5_deltat max_life;
|
|
Packit Service |
99d1c0 |
krb5_principal mod_name;
|
|
Packit Service |
99d1c0 |
krb5_timestamp mod_date;
|
|
Packit Service |
99d1c0 |
krb5_flags attributes;
|
|
Packit Service |
99d1c0 |
krb5_kvno kvno;
|
|
Packit Service |
99d1c0 |
krb5_kvno mkvno;
|
|
Packit Service |
99d1c0 |
char *policy;
|
|
Packit Service |
99d1c0 |
long aux_attributes;
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
/* version 2 fields */
|
|
Packit Service |
99d1c0 |
krb5_deltat max_renewable_life;
|
|
Packit Service |
99d1c0 |
krb5_timestamp last_success;
|
|
Packit Service |
99d1c0 |
krb5_timestamp last_failed;
|
|
Packit Service |
99d1c0 |
krb5_kvno fail_auth_count;
|
|
Packit Service |
99d1c0 |
krb5_int16 n_key_data;
|
|
Packit Service |
99d1c0 |
krb5_int16 n_tl_data;
|
|
Packit Service |
99d1c0 |
krb5_tl_data *tl_data;
|
|
Packit Service |
99d1c0 |
krb5_key_data *key_data;
|
|
Packit Service |
99d1c0 |
} kadm5_principal_ent_rec, *kadm5_principal_ent_t;
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
typedef struct _kadm5_policy_ent_t {
|
|
Packit Service |
99d1c0 |
char *policy;
|
|
Packit Service |
99d1c0 |
long pw_min_life;
|
|
Packit Service |
99d1c0 |
long pw_max_life;
|
|
Packit Service |
99d1c0 |
long pw_min_length;
|
|
Packit Service |
99d1c0 |
long pw_min_classes;
|
|
Packit Service |
99d1c0 |
long pw_history_num;
|
|
Packit Service |
99d1c0 |
long policy_refcnt; /* no longer used */
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
/* version 3 fields */
|
|
Packit Service |
99d1c0 |
krb5_kvno pw_max_fail;
|
|
Packit Service |
99d1c0 |
krb5_deltat pw_failcnt_interval;
|
|
Packit Service |
99d1c0 |
krb5_deltat pw_lockout_duration;
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
/* version 4 fields */
|
|
Packit Service |
99d1c0 |
krb5_flags attributes;
|
|
Packit Service |
99d1c0 |
krb5_deltat max_life;
|
|
Packit Service |
99d1c0 |
krb5_deltat max_renewable_life;
|
|
Packit Service |
99d1c0 |
char *allowed_keysalts;
|
|
Packit Service |
99d1c0 |
krb5_int16 n_tl_data;
|
|
Packit Service |
99d1c0 |
krb5_tl_data *tl_data;
|
|
Packit Service |
99d1c0 |
} kadm5_policy_ent_rec, *kadm5_policy_ent_t;
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
/*
|
|
Packit Service |
99d1c0 |
* Data structure returned by kadm5_get_config_params()
|
|
Packit Service |
99d1c0 |
*/
|
|
Packit Service |
99d1c0 |
typedef struct _kadm5_config_params {
|
|
Packit Service |
99d1c0 |
long mask;
|
|
Packit Service |
99d1c0 |
char * realm;
|
|
Packit Service |
99d1c0 |
int kadmind_port;
|
|
Packit Service |
99d1c0 |
int kpasswd_port;
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
char * admin_server;
|
|
Packit Service |
99d1c0 |
#ifdef notyet /* Novell */ /* ABI change? */
|
|
Packit Service |
99d1c0 |
char * kpasswd_server;
|
|
Packit Service |
99d1c0 |
#endif
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
/* Deprecated except for db2 backwards compatibility. Don't add
|
|
Packit Service |
99d1c0 |
new uses except as fallbacks for parameters that should be
|
|
Packit Service |
99d1c0 |
specified in the database module section of the config
|
|
Packit Service |
99d1c0 |
file. */
|
|
Packit Service |
99d1c0 |
char * dbname;
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
char * acl_file;
|
|
Packit Service |
99d1c0 |
char * dict_file;
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
int mkey_from_kbd;
|
|
Packit Service |
99d1c0 |
char * stash_file;
|
|
Packit Service |
99d1c0 |
char * mkey_name;
|
|
Packit Service |
99d1c0 |
krb5_enctype enctype;
|
|
Packit Service |
99d1c0 |
krb5_deltat max_life;
|
|
Packit Service |
99d1c0 |
krb5_deltat max_rlife;
|
|
Packit Service |
99d1c0 |
krb5_timestamp expiration;
|
|
Packit Service |
99d1c0 |
krb5_flags flags;
|
|
Packit Service |
99d1c0 |
krb5_key_salt_tuple *keysalts;
|
|
Packit Service |
99d1c0 |
krb5_int32 num_keysalts;
|
|
Packit Service |
99d1c0 |
krb5_kvno kvno;
|
|
Packit Service |
99d1c0 |
bool_t iprop_enabled;
|
|
Packit Service |
99d1c0 |
uint32_t iprop_ulogsize;
|
|
Packit Service |
99d1c0 |
krb5_deltat iprop_poll_time;
|
|
Packit Service |
99d1c0 |
char * iprop_logfile;
|
|
Packit Service |
99d1c0 |
/* char * iprop_server;*/
|
|
Packit Service |
99d1c0 |
int iprop_port;
|
|
Packit Service |
99d1c0 |
int iprop_resync_timeout;
|
|
Packit Service |
99d1c0 |
char * kadmind_listen;
|
|
Packit Service |
99d1c0 |
char * kpasswd_listen;
|
|
Packit Service |
99d1c0 |
char * iprop_listen;
|
|
Packit Service |
99d1c0 |
} kadm5_config_params;
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
typedef struct _kadm5_key_data {
|
|
Packit Service |
99d1c0 |
krb5_kvno kvno;
|
|
Packit Service |
99d1c0 |
krb5_keyblock key;
|
|
Packit Service |
99d1c0 |
krb5_keysalt salt;
|
|
Packit Service |
99d1c0 |
} kadm5_key_data;
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
/*
|
|
Packit Service |
99d1c0 |
* functions
|
|
Packit Service |
99d1c0 |
*/
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
krb5_error_code kadm5_get_config_params(krb5_context context,
|
|
Packit Service |
99d1c0 |
int use_kdc_config,
|
|
Packit Service |
99d1c0 |
kadm5_config_params *params_in,
|
|
Packit Service |
99d1c0 |
kadm5_config_params *params_out);
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
krb5_error_code kadm5_free_config_params(krb5_context context,
|
|
Packit Service |
99d1c0 |
kadm5_config_params *params);
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
krb5_error_code kadm5_get_admin_service_name(krb5_context, char *,
|
|
Packit Service |
99d1c0 |
char *, size_t);
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
/*
|
|
Packit Service |
99d1c0 |
* For all initialization functions, the caller must first initialize
|
|
Packit Service |
99d1c0 |
* a context with kadm5_init_krb5_context which will survive as long
|
|
Packit Service |
99d1c0 |
* as the resulting handle. The caller should free the context with
|
|
Packit Service |
99d1c0 |
* krb5_free_context.
|
|
Packit Service |
99d1c0 |
*/
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_init(krb5_context context, char *client_name,
|
|
Packit Service |
99d1c0 |
char *pass, char *service_name,
|
|
Packit Service |
99d1c0 |
kadm5_config_params *params,
|
|
Packit Service |
99d1c0 |
krb5_ui_4 struct_version,
|
|
Packit Service |
99d1c0 |
krb5_ui_4 api_version,
|
|
Packit Service |
99d1c0 |
char **db_args,
|
|
Packit Service |
99d1c0 |
void **server_handle);
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_init_anonymous(krb5_context context, char *client_name,
|
|
Packit Service |
99d1c0 |
char *service_name,
|
|
Packit Service |
99d1c0 |
kadm5_config_params *params,
|
|
Packit Service |
99d1c0 |
krb5_ui_4 struct_version,
|
|
Packit Service |
99d1c0 |
krb5_ui_4 api_version,
|
|
Packit Service |
99d1c0 |
char **db_args,
|
|
Packit Service |
99d1c0 |
void **server_handle);
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_init_with_password(krb5_context context,
|
|
Packit Service |
99d1c0 |
char *client_name,
|
|
Packit Service |
99d1c0 |
char *pass,
|
|
Packit Service |
99d1c0 |
char *service_name,
|
|
Packit Service |
99d1c0 |
kadm5_config_params *params,
|
|
Packit Service |
99d1c0 |
krb5_ui_4 struct_version,
|
|
Packit Service |
99d1c0 |
krb5_ui_4 api_version,
|
|
Packit Service |
99d1c0 |
char **db_args,
|
|
Packit Service |
99d1c0 |
void **server_handle);
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_init_with_skey(krb5_context context,
|
|
Packit Service |
99d1c0 |
char *client_name,
|
|
Packit Service |
99d1c0 |
char *keytab,
|
|
Packit Service |
99d1c0 |
char *service_name,
|
|
Packit Service |
99d1c0 |
kadm5_config_params *params,
|
|
Packit Service |
99d1c0 |
krb5_ui_4 struct_version,
|
|
Packit Service |
99d1c0 |
krb5_ui_4 api_version,
|
|
Packit Service |
99d1c0 |
char **db_args,
|
|
Packit Service |
99d1c0 |
void **server_handle);
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_init_with_creds(krb5_context context,
|
|
Packit Service |
99d1c0 |
char *client_name,
|
|
Packit Service |
99d1c0 |
krb5_ccache cc,
|
|
Packit Service |
99d1c0 |
char *service_name,
|
|
Packit Service |
99d1c0 |
kadm5_config_params *params,
|
|
Packit Service |
99d1c0 |
krb5_ui_4 struct_version,
|
|
Packit Service |
99d1c0 |
krb5_ui_4 api_version,
|
|
Packit Service |
99d1c0 |
char **db_args,
|
|
Packit Service |
99d1c0 |
void **server_handle);
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_lock(void *server_handle);
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_unlock(void *server_handle);
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_flush(void *server_handle);
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_destroy(void *server_handle);
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_create_principal(void *server_handle,
|
|
Packit Service |
99d1c0 |
kadm5_principal_ent_t ent,
|
|
Packit Service |
99d1c0 |
long mask, char *pass);
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_create_principal_3(void *server_handle,
|
|
Packit Service |
99d1c0 |
kadm5_principal_ent_t ent,
|
|
Packit Service |
99d1c0 |
long mask,
|
|
Packit Service |
99d1c0 |
int n_ks_tuple,
|
|
Packit Service |
99d1c0 |
krb5_key_salt_tuple *ks_tuple,
|
|
Packit Service |
99d1c0 |
char *pass);
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_delete_principal(void *server_handle,
|
|
Packit Service |
99d1c0 |
krb5_principal principal);
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_modify_principal(void *server_handle,
|
|
Packit Service |
99d1c0 |
kadm5_principal_ent_t ent,
|
|
Packit Service |
99d1c0 |
long mask);
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_rename_principal(void *server_handle,
|
|
Packit Service |
99d1c0 |
krb5_principal,krb5_principal);
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_get_principal(void *server_handle,
|
|
Packit Service |
99d1c0 |
krb5_principal principal,
|
|
Packit Service |
99d1c0 |
kadm5_principal_ent_t ent,
|
|
Packit Service |
99d1c0 |
long mask);
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_chpass_principal(void *server_handle,
|
|
Packit Service |
99d1c0 |
krb5_principal principal,
|
|
Packit Service |
99d1c0 |
char *pass);
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_chpass_principal_3(void *server_handle,
|
|
Packit Service |
99d1c0 |
krb5_principal principal,
|
|
Packit Service |
99d1c0 |
krb5_boolean keepold,
|
|
Packit Service |
99d1c0 |
int n_ks_tuple,
|
|
Packit Service |
99d1c0 |
krb5_key_salt_tuple *ks_tuple,
|
|
Packit Service |
99d1c0 |
char *pass);
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_randkey_principal(void *server_handle,
|
|
Packit Service |
99d1c0 |
krb5_principal principal,
|
|
Packit Service |
99d1c0 |
krb5_keyblock **keyblocks,
|
|
Packit Service |
99d1c0 |
int *n_keys);
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_randkey_principal_3(void *server_handle,
|
|
Packit Service |
99d1c0 |
krb5_principal principal,
|
|
Packit Service |
99d1c0 |
krb5_boolean keepold,
|
|
Packit Service |
99d1c0 |
int n_ks_tuple,
|
|
Packit Service |
99d1c0 |
krb5_key_salt_tuple *ks_tuple,
|
|
Packit Service |
99d1c0 |
krb5_keyblock **keyblocks,
|
|
Packit Service |
99d1c0 |
int *n_keys);
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_setkey_principal(void *server_handle,
|
|
Packit Service |
99d1c0 |
krb5_principal principal,
|
|
Packit Service |
99d1c0 |
krb5_keyblock *keyblocks,
|
|
Packit Service |
99d1c0 |
int n_keys);
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_setkey_principal_3(void *server_handle,
|
|
Packit Service |
99d1c0 |
krb5_principal principal,
|
|
Packit Service |
99d1c0 |
krb5_boolean keepold,
|
|
Packit Service |
99d1c0 |
int n_ks_tuple,
|
|
Packit Service |
99d1c0 |
krb5_key_salt_tuple *ks_tuple,
|
|
Packit Service |
99d1c0 |
krb5_keyblock *keyblocks,
|
|
Packit Service |
99d1c0 |
int n_keys);
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_setkey_principal_4(void *server_handle,
|
|
Packit Service |
99d1c0 |
krb5_principal principal,
|
|
Packit Service |
99d1c0 |
krb5_boolean keepold,
|
|
Packit Service |
99d1c0 |
kadm5_key_data *key_data,
|
|
Packit Service |
99d1c0 |
int n_key_data);
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_decrypt_key(void *server_handle,
|
|
Packit Service |
99d1c0 |
kadm5_principal_ent_t entry, krb5_int32
|
|
Packit Service |
99d1c0 |
ktype, krb5_int32 stype, krb5_int32
|
|
Packit Service |
99d1c0 |
kvno, krb5_keyblock *keyblock,
|
|
Packit Service |
99d1c0 |
krb5_keysalt *keysalt, int *kvnop);
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_create_policy(void *server_handle,
|
|
Packit Service |
99d1c0 |
kadm5_policy_ent_t ent,
|
|
Packit Service |
99d1c0 |
long mask);
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_delete_policy(void *server_handle,
|
|
Packit Service |
99d1c0 |
kadm5_policy_t policy);
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_modify_policy(void *server_handle,
|
|
Packit Service |
99d1c0 |
kadm5_policy_ent_t ent,
|
|
Packit Service |
99d1c0 |
long mask);
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_get_policy(void *server_handle,
|
|
Packit Service |
99d1c0 |
kadm5_policy_t policy,
|
|
Packit Service |
99d1c0 |
kadm5_policy_ent_t ent);
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_get_privs(void *server_handle,
|
|
Packit Service |
99d1c0 |
long *privs);
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_chpass_principal_util(void *server_handle,
|
|
Packit Service |
99d1c0 |
krb5_principal princ,
|
|
Packit Service |
99d1c0 |
char *new_pw,
|
|
Packit Service |
99d1c0 |
char **ret_pw,
|
|
Packit Service |
99d1c0 |
char *msg_ret,
|
|
Packit Service |
99d1c0 |
unsigned int msg_len);
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_free_principal_ent(void *server_handle,
|
|
Packit Service |
99d1c0 |
kadm5_principal_ent_t
|
|
Packit Service |
99d1c0 |
ent);
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_free_policy_ent(void *server_handle,
|
|
Packit Service |
99d1c0 |
kadm5_policy_ent_t ent);
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_get_principals(void *server_handle,
|
|
Packit Service |
99d1c0 |
char *exp, char ***princs,
|
|
Packit Service |
99d1c0 |
int *count);
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_get_policies(void *server_handle,
|
|
Packit Service |
99d1c0 |
char *exp, char ***pols,
|
|
Packit Service |
99d1c0 |
int *count);
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_free_key_data(void *server_handle,
|
|
Packit Service |
99d1c0 |
krb5_int16 *n_key_data,
|
|
Packit Service |
99d1c0 |
krb5_key_data *key_data);
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_free_name_list(void *server_handle, char **names,
|
|
Packit Service |
99d1c0 |
int count);
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
krb5_error_code kadm5_init_krb5_context (krb5_context *);
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
krb5_error_code kadm5_init_iprop(void *server_handle, char **db_args);
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_get_principal_keys(void *server_handle,
|
|
Packit Service |
99d1c0 |
krb5_principal principal,
|
|
Packit Service |
99d1c0 |
krb5_kvno kvno,
|
|
Packit Service |
99d1c0 |
kadm5_key_data **key_data,
|
|
Packit Service |
99d1c0 |
int *n_key_data);
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_purgekeys(void *server_handle,
|
|
Packit Service |
99d1c0 |
krb5_principal principal,
|
|
Packit Service |
99d1c0 |
int keepkvno);
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_get_strings(void *server_handle,
|
|
Packit Service |
99d1c0 |
krb5_principal principal,
|
|
Packit Service |
99d1c0 |
krb5_string_attr **strings_out,
|
|
Packit Service |
99d1c0 |
int *count_out);
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_set_string(void *server_handle,
|
|
Packit Service |
99d1c0 |
krb5_principal principal,
|
|
Packit Service |
99d1c0 |
const char *key,
|
|
Packit Service |
99d1c0 |
const char *value);
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_free_strings(void *server_handle,
|
|
Packit Service |
99d1c0 |
krb5_string_attr *strings,
|
|
Packit Service |
99d1c0 |
int count);
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
kadm5_ret_t kadm5_free_kadm5_key_data(krb5_context context, int n_key_data,
|
|
Packit Service |
99d1c0 |
kadm5_key_data *key_data);
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
KADM5INT_END_DECLS
|
|
Packit Service |
99d1c0 |
|
|
Packit Service |
99d1c0 |
#endif /* __KADM5_ADMIN_H__ */
|