xref: /onnv-gate/usr/src/lib/krb5/kadm5/server_internal.h (revision 0:68f95e015346) 
1*0Sstevel@tonic-gate /*
2*0Sstevel@tonic-gate  * Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
3*0Sstevel@tonic-gate  * Use is subject to license terms.
4*0Sstevel@tonic-gate  */
5*0Sstevel@tonic-gate #pragma ident	"%Z%%M%	%I%	%E% SMI"
6*0Sstevel@tonic-gate 
7*0Sstevel@tonic-gate /*
8*0Sstevel@tonic-gate  * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
9*0Sstevel@tonic-gate  *
10*0Sstevel@tonic-gate  *	Openvision retains the copyright to derivative works of
11*0Sstevel@tonic-gate  *	this source code.  Do *NOT* create a derivative of this
12*0Sstevel@tonic-gate  *	source code before consulting with your legal department.
13*0Sstevel@tonic-gate  *	Do *NOT* integrate *ANY* of this source code into another
14*0Sstevel@tonic-gate  *	product before consulting with your legal department.
15*0Sstevel@tonic-gate  *
16*0Sstevel@tonic-gate  *	For further information, read the top-level Openvision
17*0Sstevel@tonic-gate  *	copyright which is contained in the top-level MIT Kerberos
18*0Sstevel@tonic-gate  *	copyright.
19*0Sstevel@tonic-gate  *
20*0Sstevel@tonic-gate  * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
21*0Sstevel@tonic-gate  *
22*0Sstevel@tonic-gate  */
23*0Sstevel@tonic-gate 
24*0Sstevel@tonic-gate 
25*0Sstevel@tonic-gate /*
26*0Sstevel@tonic-gate  * Copyright 1993 OpenVision Technologies, Inc., All Rights Reserved
27*0Sstevel@tonic-gate  *
28*0Sstevel@tonic-gate  * $Header: /cvs/krbdev/krb5/src/lib/kadm5/server_internal.h,v 1.27 1996/10/21 20:29:58 bjaspan Exp $
29*0Sstevel@tonic-gate  */
30*0Sstevel@tonic-gate 
31*0Sstevel@tonic-gate /*
32*0Sstevel@tonic-gate  * This header file is used internally by the Admin API server
33*0Sstevel@tonic-gate  * libraries and Admin server.  IF YOU THINK YOU NEED TO USE THIS FILE
34*0Sstevel@tonic-gate  * FOR ANYTHING, YOU'RE ALMOST CERTAINLY WRONG.
35*0Sstevel@tonic-gate  */
36*0Sstevel@tonic-gate 
37*0Sstevel@tonic-gate #ifndef __KADM5_SERVER_INTERNAL_H__
38*0Sstevel@tonic-gate #define __KADM5_SERVER_INTERNAL_H__
39*0Sstevel@tonic-gate 
40*0Sstevel@tonic-gate #include    <memory.h>
41*0Sstevel@tonic-gate #include    <stdlib.h>
42*0Sstevel@tonic-gate #include    "k5-int.h"
43*0Sstevel@tonic-gate #include    <krb5/kdb.h>
44*0Sstevel@tonic-gate #include    <kadm5/admin.h>
45*0Sstevel@tonic-gate #include    "admin_internal.h"
46*0Sstevel@tonic-gate #include    "adb.h"
47*0Sstevel@tonic-gate 
48*0Sstevel@tonic-gate typedef struct _kadm5_server_handle_t {
49*0Sstevel@tonic-gate 	krb5_ui_4	magic_number;
50*0Sstevel@tonic-gate 	krb5_ui_4	struct_version;
51*0Sstevel@tonic-gate 	krb5_ui_4	api_version;
52*0Sstevel@tonic-gate 	krb5_context	context;
53*0Sstevel@tonic-gate 	krb5_principal	current_caller;
54*0Sstevel@tonic-gate 	kadm5_config_params  params;
55*0Sstevel@tonic-gate 	struct _kadm5_server_handle_t *lhandle;
56*0Sstevel@tonic-gate 	osa_adb_policy_t policy_db;
57*0Sstevel@tonic-gate 	krb5_keyblock	master_keyblock;
58*0Sstevel@tonic-gate } kadm5_server_handle_rec, *kadm5_server_handle_t;
59*0Sstevel@tonic-gate 
60*0Sstevel@tonic-gate kadm5_ret_t    adb_policy_init(kadm5_server_handle_t handle);
61*0Sstevel@tonic-gate kadm5_ret_t    adb_policy_close(kadm5_server_handle_t handle);
62*0Sstevel@tonic-gate kadm5_ret_t    passwd_check(kadm5_server_handle_t handle,
63*0Sstevel@tonic-gate 			    char *pass, int use_policy,
64*0Sstevel@tonic-gate 			    kadm5_policy_ent_t policy,
65*0Sstevel@tonic-gate 			    krb5_principal principal);
66*0Sstevel@tonic-gate kadm5_ret_t    principal_exists(krb5_principal principal);
67*0Sstevel@tonic-gate krb5_error_code	    kdb_init_master(kadm5_server_handle_t handle,
68*0Sstevel@tonic-gate 				    char *r, int from_keyboard);
69*0Sstevel@tonic-gate krb5_error_code	    kdb_init_hist(kadm5_server_handle_t handle,
70*0Sstevel@tonic-gate 				  char *r);
71*0Sstevel@tonic-gate krb5_error_code     kdb_get_entry(kadm5_server_handle_t handle,
72*0Sstevel@tonic-gate 				  krb5_principal principal, krb5_db_entry *kdb,
73*0Sstevel@tonic-gate 				  osa_princ_ent_rec *adb);
74*0Sstevel@tonic-gate krb5_error_code     kdb_free_entry(kadm5_server_handle_t handle,
75*0Sstevel@tonic-gate 				   krb5_db_entry *kdb, osa_princ_ent_rec *adb);
76*0Sstevel@tonic-gate krb5_error_code     kdb_put_entry(kadm5_server_handle_t handle,
77*0Sstevel@tonic-gate 				  krb5_db_entry *kdb, osa_princ_ent_rec *adb);
78*0Sstevel@tonic-gate krb5_error_code     kdb_delete_entry(kadm5_server_handle_t handle,
79*0Sstevel@tonic-gate 				     krb5_principal name);
80*0Sstevel@tonic-gate 
81*0Sstevel@tonic-gate int		    init_dict(kadm5_config_params *);
82*0Sstevel@tonic-gate int		    find_word(const char *word);
83*0Sstevel@tonic-gate void		    destroy_dict(void);
84*0Sstevel@tonic-gate 
85*0Sstevel@tonic-gate /*
86*0Sstevel@tonic-gate  * *Warning*
87*0Sstevel@tonic-gate  * *Warning*	    This is going to break if we
88*0Sstevel@tonic-gate  * *Warning*	    ever go multi-threaded
89*0Sstevel@tonic-gate  * *Warning*
90*0Sstevel@tonic-gate  */
91*0Sstevel@tonic-gate extern	krb5_principal	current_caller;
92*0Sstevel@tonic-gate 
93*0Sstevel@tonic-gate /*
94*0Sstevel@tonic-gate  * Why is this (or something similar) not defined *anywhere* in krb5?
95*0Sstevel@tonic-gate  */
96*0Sstevel@tonic-gate #define KSUCCESS	0
97*0Sstevel@tonic-gate #define WORD_NOT_FOUND	1
98*0Sstevel@tonic-gate 
99*0Sstevel@tonic-gate /*
100*0Sstevel@tonic-gate  * all the various mask bits or'd together
101*0Sstevel@tonic-gate  */
102*0Sstevel@tonic-gate 
103*0Sstevel@tonic-gate #define	ALL_PRINC_MASK \
104*0Sstevel@tonic-gate  (KADM5_PRINCIPAL | KADM5_PRINC_EXPIRE_TIME | KADM5_PW_EXPIRATION | \
105*0Sstevel@tonic-gate   KADM5_LAST_PWD_CHANGE | KADM5_ATTRIBUTES | KADM5_MAX_LIFE | \
106*0Sstevel@tonic-gate   KADM5_MOD_TIME | KADM5_MOD_NAME | KADM5_KVNO | KADM5_MKVNO | \
107*0Sstevel@tonic-gate   KADM5_AUX_ATTRIBUTES | KADM5_POLICY_CLR | KADM5_POLICY | \
108*0Sstevel@tonic-gate   KADM5_MAX_RLIFE | KADM5_TL_DATA | KADM5_KEY_DATA)
109*0Sstevel@tonic-gate 
110*0Sstevel@tonic-gate #define ALL_POLICY_MASK \
111*0Sstevel@tonic-gate  (KADM5_POLICY | KADM5_PW_MAX_LIFE | KADM5_PW_MIN_LIFE | \
112*0Sstevel@tonic-gate   KADM5_PW_MIN_LENGTH | KADM5_PW_MIN_CLASSES | KADM5_PW_HISTORY_NUM | \
113*0Sstevel@tonic-gate   KADM5_REF_COUNT)
114*0Sstevel@tonic-gate 
115*0Sstevel@tonic-gate #define SERVER_CHECK_HANDLE(handle) \
116*0Sstevel@tonic-gate { \
117*0Sstevel@tonic-gate 	kadm5_server_handle_t srvr = \
118*0Sstevel@tonic-gate 	     (kadm5_server_handle_t) handle; \
119*0Sstevel@tonic-gate  \
120*0Sstevel@tonic-gate 	if (! srvr->current_caller) \
121*0Sstevel@tonic-gate 		return KADM5_BAD_SERVER_HANDLE; \
122*0Sstevel@tonic-gate 	if (! srvr->lhandle) \
123*0Sstevel@tonic-gate 	        return KADM5_BAD_SERVER_HANDLE; \
124*0Sstevel@tonic-gate }
125*0Sstevel@tonic-gate 
126*0Sstevel@tonic-gate #define CHECK_HANDLE(handle) \
127*0Sstevel@tonic-gate      GENERIC_CHECK_HANDLE(handle, KADM5_OLD_SERVER_API_VERSION, \
128*0Sstevel@tonic-gate 			  KADM5_NEW_SERVER_API_VERSION) \
129*0Sstevel@tonic-gate      SERVER_CHECK_HANDLE(handle)
130*0Sstevel@tonic-gate 
131*0Sstevel@tonic-gate #endif /* __KADM5_SERVER_INTERNAL_H__ */
132