HCoop / hcoop / debian / openafs.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Import Upstream version 1.8.5
[hcoop/debian/openafs.git] / src / kauth / kautils.p.h
1 /*
2 * Copyright 2000, International Business Machines Corporation and others.
3 * All Rights Reserved.
4 *
5 * This software has been released under the terms of the IBM Public
6 * License. For details, see the LICENSE file in the top-level source
7 * directory or online at http://www.openafs.org/dl/license10.html
8 */
9
10 /*
11 * Revision 2.2 1990/09/27 13:51:37
12 * Declare (char *) returning function ka_timestr().
13 * Cleanups.
14 *
15 * Revision 2.1 90/08/07 19:11:51
16 * Start with clean version to sync test and dev trees.
17 * */
18
19 #ifndef __KAUTILS__
20 #define __KAUTILS__
21
22 #include <afs/auth.h>
23
24 #ifndef KAMAJORVERSION
25 /* just to be on the safe side, get these two first */
26 #include <sys/types.h>
27 #include <rx/xdr.h>
28
29 /* get installed .h file only if not included already from local dir */
30 #ifndef _RXGEN_KAUTH_
31 #include <afs/kauth.h>
32 #endif
33
34 #endif
35
36 #include <ubik.h>
37 #include <afs/cellconfig.h>
38 #include <afs/afsutil.h>
39
40
41 #define KA_TIMESTR_LEN 30
42 #define Date afs_uint32
43
44 /*
45 * Public function prototypes
46 */
47
48 extern afs_int32 ka_GetAuthToken(char *name, char *instance, char *cell,
49 struct ktc_encryptionKey *key,
50 afs_int32 lifetime, afs_int32 * pwexpires);
51
52 extern afs_int32 ka_GetServerToken(char *name, char *instance, char *cell,
53 Date lifetime, struct ktc_token *token,
54 int newer, int dosetpag);
55
56 extern afs_int32 ka_GetAdminToken(char *name, char *instance, char *cell,
57 struct ktc_encryptionKey *key,
58 afs_int32 lifetime, struct ktc_token *token,
59 int newer);
60
61 extern afs_int32 ka_VerifyUserToken(char *name, char *instance, char *cell,
62 struct ktc_encryptionKey *key);
63
64 extern void ka_ExplicitCell(char *cell, afs_uint32 serverList[]
65 );
66
67 extern afs_int32 ka_GetServers(char *cell, struct afsconf_cell *cellinfo);
68
69 extern afs_int32 ka_GetSecurity(int service, struct ktc_token *token,
70 struct rx_securityClass **scP, int *siP);
71
72 extern afs_int32 ka_SingleServerConn(char *cell, char *server, int service,
73 struct ktc_token *token,
74 struct ubik_client **conn);
75
76 extern afs_int32 ka_AuthSpecificServersConn(int service,
77 struct ktc_token *token,
78 struct afsconf_cell *cellinfo,
79 struct ubik_client **conn);
80
81 extern afs_int32 ka_AuthServerConn(char *cell, int service,
82 struct ktc_token *token,
83 struct ubik_client **conn);
84
85 extern afs_int32 ka_Authenticate(char *name, char *instance, char *cell,
86 struct ubik_client *conn, int service,
87 struct ktc_encryptionKey *key, Date start,
88 Date end, struct ktc_token *token,
89 afs_int32 * pwexpires);
90
91 extern afs_int32 ka_GetToken(char *name, char *instance, char *cell,
92 char *cname, char *cinst,
93 struct ubik_client *conn, Date start, Date end,
94 struct ktc_token *auth_token, char *auth_domain,
95 struct ktc_token *token);
96
97 extern afs_int32 ka_ChangePassword(char *name, char *instance,
98 struct ubik_client *conn,
99 struct ktc_encryptionKey *oldkey,
100 struct ktc_encryptionKey *newkey);
101
102 extern void ka_StringToKey(char *str, char *cell,
103 struct ktc_encryptionKey *key);
104
105 extern afs_int32 ka_ReadPassword(char *prompt, int verify, char *cell,
106 struct ktc_encryptionKey *key);
107
108 extern afs_int32 ka_ParseLoginName(char *login, char name[MAXKTCNAMELEN],
109 char inst[MAXKTCNAMELEN],
110 char cell[MAXKTCREALMLEN]
111 );
112
113 #ifdef _MFC_VER
114 extern "C" {
115 #endif /* _MFC_VER */
116 extern afs_int32 ka_Init(int flags);
117 #ifdef _MFC_VER
118 }
119 #endif /* _MFC_VER */
120 extern int ka_CellConfig(const char *dir);
121
122 extern char *ka_LocalCell(void
123 );
124
125 extern int ka_ExpandCell(char *cell, char *fullCell, int *alocal);
126
127 extern int ka_CellToRealm(char *cell, char *realm, int *local) AFS_NONNULL((2));
128
129 extern void ka_PrintUserID(char *prefix, char *name, char *instance,
130 char *postfix);
131
132 extern void ka_PrintBytes(char bs[], int bl);
133
134 extern int ka_ConvertBytes(char *ascii, int alen, char bs[], int bl);
135
136 extern int ka_ReadBytes(char *ascii, char *binary, int blen);
137
138 extern int umin(afs_uint32 a, afs_uint32 b);
139
140 extern afs_int32 ka_KeyCheckSum(char *key, afs_uint32 * cksumP);
141
142 extern int ka_KeyIsZero(char *akey, int alen);
143
144 extern void ka_timestr(afs_int32 time, char *tstr, afs_int32 tlen);
145
146 extern void ka_debugKeyCache(struct ka_debugInfo *info);
147
148 extern void save_principal(char *p, char *n, char *i, char *c);
149
150 extern afs_int32 ka_GetAFSTicket(char *name, char *instance, char *realm,
151 Date lifetime, afs_int32 flags);
152
153 extern afs_int32 ka_UserAuthenticateGeneral(afs_int32 flags, char *name,
154 char *instance, char *realm,
155 char *password, Date lifetime,
156 afs_int32 * password_expires,
157 afs_int32 spare2, char **reasonP);
158
159 extern afs_int32 ka_UserAuthenticateGeneral2(afs_int32 flags, char *name,
160 char *instance, char *realm,
161 char *password, char *smbname,
162 Date lifetime,
163 afs_int32 * password_expires,
164 afs_int32 spare2,
165 char **reasonP);
166 extern afs_int32 ka_UserAuthenticate(char *name, char *instance, char *realm,
167 char *password, int doSetPAG,
168 char **reasonP);
169
170 extern afs_int32 ka_UserReadPassword(char *prompt, char *password, int plen,
171 char **reasonP);
172
173 extern afs_int32 ka_VerifyUserPassword(afs_int32 version, char *name,
174 char *instance, char *realm,
175 char *password, int spare,
176 char **reasonP);
177 #define KA_USERAUTH_VERSION 1
178 #define KA_USERAUTH_VERSION_MASK 0x00ffff
179 #define KA_USERAUTH_DOSETPAG 0x010000
180 #define KA_USERAUTH_DOSETPAG2 0x020000
181 #define KA_USERAUTH_ONLY_VERIFY 0x040000
182 #define KA_USERAUTH_AUTHENT_LOGON 0x100000
183 #define ka_UserAuthenticate(n,i,r,p,d,rP) \
184 ka_UserAuthenticateGeneral \
185 (KA_USERAUTH_VERSION + ((d) ? KA_USERAUTH_DOSETPAG : 0), \
186 n,i,r,p, /*lifetime*/0, /*spare1,2*/0,0, rP)
187 #define ka_UserAuthenticateLife(f,n,i,r,p,l,rP) \
188 ka_UserAuthenticateGeneral \
189 (KA_USERAUTH_VERSION + (f), n,i,r,p,l, /*spare1,2*/0,0, rP)
190
191 #define KA_REUSEPW 1
192 #define KA_NOREUSEPW 2
193 #define KA_ISLOCKED 4
194
195 #define KA_AUTHENTICATION_SERVICE 731
196 #define KA_TICKET_GRANTING_SERVICE 732
197 #define KA_MAINTENANCE_SERVICE 733
198
199 #define KA_TGS_NAME "krbtgt"
200 /* realm is TGS instance */
201 #define KA_ADMIN_NAME "AuthServer"
202 #define KA_ADMIN_INST "Admin"
203
204 #define KA_LABELSIZE 4
205 #define KA_GETTGT_REQ_LABEL "gTGS"
206 #define KA_GETTGT_ANS_LABEL "tgsT"
207 #define KA_GETADM_REQ_LABEL "gADM"
208 #define KA_GETADM_ANS_LABEL "admT"
209 #define KA_CPW_REQ_LABEL "CPWl"
210 #define KA_CPW_ANS_LABEL "Pass"
211 #define KA_GETTICKET_ANS_LABEL "gtkt"
212
213 struct ka_gettgtRequest { /* format of request */
214 Date time; /* time of request */
215 char label[KA_LABELSIZE]; /* label to verify correct decrypt */
216 };
217
218 /* old interface: see ka_ticketAnswer instead */
219 struct ka_gettgtAnswer { /* format of response */
220 Date time; /* the time of the request plus one */
221 struct ktc_encryptionKey
222 sessionkey; /* the session key in the ticket */
223 afs_int32 kvno; /* version # of tkt encrypting key */
224 afs_int32 ticket_len; /* the ticket's length */
225 char ticket[MAXKTCTICKETLEN]; /* the ticket itself (no padding) */
226 char label[KA_LABELSIZE]; /* label to verify correct decrypt */
227 };
228
229 struct ka_ticketAnswer { /* format of response */
230 afs_int32 cksum; /* function to be defined */
231 Date challenge; /* the time of the request plus one */
232 struct ktc_encryptionKey
233 sessionKey; /* the session key in the ticket */
234 Date startTime;
235 Date endTime;
236 afs_int32 kvno; /* version of ticket encrypting key */
237 afs_int32 ticketLen; /* the ticket's length */
238 char name[MAXKTCNAMELEN];
239 char instance[MAXKTCNAMELEN];
240 char cell[MAXKTCNAMELEN];
241 char sname[MAXKTCNAMELEN];
242 char sinstance[MAXKTCNAMELEN];
243 char ticket[MAXKTCTICKETLEN]; /* the ticket (no extra chars) */
244 char label[KA_LABELSIZE]; /* for detecting decryption errors */
245 };
246
247 struct ka_cpwRequest { /* format of request */
248 Date time; /* time of request */
249 struct ktc_encryptionKey
250 newpw; /* new key */
251 afs_int32 kvno; /* version number of key */
252 afs_int32 spare; /* must be zero */
253 char label[KA_LABELSIZE]; /* label to verify correct decrypt */
254 };
255
256 struct ka_cpwAnswer { /* format of response */
257 Date time; /* the time of the request plus one */
258 char label[KA_LABELSIZE]; /* label to verify correct decrypt */
259 };
260
261 struct ka_getTicketTimes {
262 Date start;
263 Date end;
264 };
265
266 /* old interface: see ka_ticketAnswer instead */
267 struct ka_getTicketAnswer {
268 struct ktc_encryptionKey sessionKey;
269 Date startTime;
270 Date endTime;
271 afs_int32 kvno;
272 afs_int32 ticketLen;
273 char name[MAXKTCNAMELEN];
274 char instance[MAXKTCNAMELEN];
275 char cell[MAXKTCNAMELEN];
276 char sname[MAXKTCNAMELEN];
277 char sinstance[MAXKTCNAMELEN];
278 char ticket[MAXKTCTICKETLEN];
279 };
280
281 #ifndef ERROR_TABLE_BASE_KA
282 #define ka_ErrorString afs_error_message
283 #undef KAMINERROR
284 #define KAMINERROR ERROR_TABLE_BASE_KA
285 #define KAMAXERROR (KAMINERROR+255)
286 #endif
287
288 #endif
openafs packaging