10Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI" 20Sstevel@tonic-gate 30Sstevel@tonic-gate /* 40Sstevel@tonic-gate * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING 50Sstevel@tonic-gate * 60Sstevel@tonic-gate * Openvision retains the copyright to derivative works of 70Sstevel@tonic-gate * this source code. Do *NOT* create a derivative of this 80Sstevel@tonic-gate * source code before consulting with your legal department. 90Sstevel@tonic-gate * Do *NOT* integrate *ANY* of this source code into another 100Sstevel@tonic-gate * product before consulting with your legal department. 110Sstevel@tonic-gate * 120Sstevel@tonic-gate * For further information, read the top-level Openvision 130Sstevel@tonic-gate * copyright which is contained in the top-level MIT Kerberos 140Sstevel@tonic-gate * copyright. 150Sstevel@tonic-gate * 160Sstevel@tonic-gate * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING 170Sstevel@tonic-gate * 180Sstevel@tonic-gate */ 190Sstevel@tonic-gate 200Sstevel@tonic-gate 210Sstevel@tonic-gate /* 220Sstevel@tonic-gate * Copyright 1993 OpenVision Technologies, Inc., All Rights Reserved 230Sstevel@tonic-gate * 240Sstevel@tonic-gate */ 250Sstevel@tonic-gate 260Sstevel@tonic-gate #ifndef __KADM5_ADMIN_INTERNAL_H__ 270Sstevel@tonic-gate #define __KADM5_ADMIN_INTERNAL_H__ 280Sstevel@tonic-gate 290Sstevel@tonic-gate #include <kadm5/admin.h> 300Sstevel@tonic-gate 310Sstevel@tonic-gate #ifdef DEBUG 320Sstevel@tonic-gate #define ADMIN_LOG(a, b, c) syslog(a, b, c); 330Sstevel@tonic-gate #define ADMIN_LOGO(a, b) syslog(a, b); 340Sstevel@tonic-gate #else 350Sstevel@tonic-gate #define ADMIN_LOG(a, b, c) 360Sstevel@tonic-gate #define ADMIN_LOGO(a, b) 370Sstevel@tonic-gate #endif 380Sstevel@tonic-gate 390Sstevel@tonic-gate #define KADM5_SERVER_HANDLE_MAGIC 0x12345800 400Sstevel@tonic-gate 410Sstevel@tonic-gate #define GENERIC_CHECK_HANDLE(handle, old_api_version, new_api_version) \ 420Sstevel@tonic-gate { \ 430Sstevel@tonic-gate kadm5_server_handle_t srvr = \ 440Sstevel@tonic-gate (kadm5_server_handle_t) handle; \ 450Sstevel@tonic-gate \ 460Sstevel@tonic-gate if (! srvr) \ 470Sstevel@tonic-gate return KADM5_BAD_SERVER_HANDLE; \ 480Sstevel@tonic-gate if (srvr->magic_number != KADM5_SERVER_HANDLE_MAGIC) \ 490Sstevel@tonic-gate return KADM5_BAD_SERVER_HANDLE; \ 500Sstevel@tonic-gate if ((srvr->struct_version & KADM5_MASK_BITS) != \ 510Sstevel@tonic-gate KADM5_STRUCT_VERSION_MASK) \ 520Sstevel@tonic-gate return KADM5_BAD_STRUCT_VERSION; \ 530Sstevel@tonic-gate if (srvr->struct_version < KADM5_STRUCT_VERSION_1) \ 540Sstevel@tonic-gate return KADM5_OLD_STRUCT_VERSION; \ 550Sstevel@tonic-gate if (srvr->struct_version > KADM5_STRUCT_VERSION_1) \ 560Sstevel@tonic-gate return KADM5_NEW_STRUCT_VERSION; \ 570Sstevel@tonic-gate if ((srvr->api_version & KADM5_MASK_BITS) != \ 580Sstevel@tonic-gate KADM5_API_VERSION_MASK) \ 590Sstevel@tonic-gate return KADM5_BAD_API_VERSION; \ 600Sstevel@tonic-gate if (srvr->api_version < KADM5_API_VERSION_1) \ 610Sstevel@tonic-gate return old_api_version; \ 620Sstevel@tonic-gate if (srvr->api_version > KADM5_API_VERSION_2) \ 630Sstevel@tonic-gate return new_api_version; \ 640Sstevel@tonic-gate } 650Sstevel@tonic-gate 660Sstevel@tonic-gate /* 670Sstevel@tonic-gate * _KADM5_CHECK_HANDLE calls the function _kadm5_check_handle and 680Sstevel@tonic-gate * returns any non-zero error code that function returns. 690Sstevel@tonic-gate * _kadm5_check_handle, in client_handle.c and server_handle.c, exists 700Sstevel@tonic-gate * in both the server- and client- side libraries. In each library, 710Sstevel@tonic-gate * it calls CHECK_HANDLE, which is defined by the appropriate 720Sstevel@tonic-gate * _internal.h header file to call GENERIC_CHECK_HANDLE as well as 730Sstevel@tonic-gate * CLIENT_CHECK_HANDLE and SERVER_CHECK_HANDLE. 740Sstevel@tonic-gate * 750Sstevel@tonic-gate * _KADM5_CHECK_HANDLE should be used by a function that needs to 760Sstevel@tonic-gate * check the handle but wants to be the same code in both the client 770Sstevel@tonic-gate * and server library; it makes a function call to the right handle 780Sstevel@tonic-gate * checker. Code that only exists in one library can call the 790Sstevel@tonic-gate * CHECK_HANDLE macro, which inlines the test instead of making 800Sstevel@tonic-gate * another function call. 810Sstevel@tonic-gate * 820Sstevel@tonic-gate * Got that? 830Sstevel@tonic-gate */ 84*2881Smp153739 #define _KADM5_CHECK_HANDLE(handle) \ 85*2881Smp153739 { int ecode; if ((ecode = _kadm5_check_handle((void *)handle))) return ecode;} 860Sstevel@tonic-gate 87*2881Smp153739 int _kadm5_check_handle(void *handle); 880Sstevel@tonic-gate kadm5_ret_t _kadm5_chpass_principal_util(void *server_handle, 890Sstevel@tonic-gate void *lhandle, 900Sstevel@tonic-gate krb5_principal princ, 910Sstevel@tonic-gate char *new_pw, 920Sstevel@tonic-gate char **ret_pw, 930Sstevel@tonic-gate char *msg_ret, 94*2881Smp153739 unsigned int msg_len); 950Sstevel@tonic-gate 960Sstevel@tonic-gate /* this is needed by the alt_prof code I stole. The functions 970Sstevel@tonic-gate maybe shouldn't be named krb5_*, but they are. */ 980Sstevel@tonic-gate 990Sstevel@tonic-gate krb5_error_code 1000Sstevel@tonic-gate krb5_string_to_keysalts(char *string, const char *tupleseps, 1010Sstevel@tonic-gate const char *ksaltseps, krb5_boolean dups, 1020Sstevel@tonic-gate krb5_key_salt_tuple **ksaltp, krb5_int32 *nksaltp); 1030Sstevel@tonic-gate 1040Sstevel@tonic-gate krb5_error_code 1050Sstevel@tonic-gate krb5_string_to_flags(char* string, const char* positive, const char* negative, 1060Sstevel@tonic-gate krb5_flags *flagsp); 1070Sstevel@tonic-gate 1080Sstevel@tonic-gate #endif /* __KADM5_ADMIN_INTERNAL_H__ */ 109