src/rxkad/rxkad.p.h

   1 /*
   2  * Copyright 2000, International Business Machines Corporation and others.
   3  * All Rights Reserved.
   4  *
   5  * This software has been released under the terms of the IBM Public
   6  * License.  For details, see the LICENSE file in the top-level source
   7  * directory or online at http://www.openafs.org/dl/license10.html
   8  */
   9
  10 /* The Kerberos Authenticated DES security object. */
  11
  12
  13 #ifndef OPENAFS_RXKAD_RXKAD_H
  14 #define OPENAFS_RXKAD_RXKAD_H
  15
  16                 /* no ticket good for longer than 30 days */
  17 #define MAXKTCTICKETLIFETIME (30*24*3600)
  18 #define MINKTCTICKETLEN       32
  19 #define MAXKTCTICKETLEN       12000     /* was 344 */
  20
  21 #define MAXKTCNAMELEN         64        /* name & inst should be 256 */
  22 #define MAXKTCREALMLEN        64        /* should be 256 */
  23 #define KTC_TIME_UNCERTAINTY (15*60)    /* max skew bet. machines' clocks */
  24
  25 #define MAXRANDOMNAMELEN 16     /* length of random generated
  26                                  * usernames used by afslog for high
  27                                  * security must be < MAXKTCNAMELEN && < MAXSMBNAMELEN */
  28 #define MAXSMBNAMELEN    256    /* max length of an SMB name */
  29
  30 #define LOGON_OPTION_INTEGRATED 1
  31
  32 /*
  33  * Define ticket types. For Kerberos V4 tickets, this is overloaded as
  34  * the server key version number, so class numbers 0 through 255 are reserved
  35  * for V4 tickets. For Kerberos V5, tickets have an in-the-clear portion
  36  * containing the server key version, so we only use a single type number to
  37  * identify those tickets. The ticket type is carried in the kvno field
  38  * passed to/from ktc_[SG]etToken.
  39  */
  40 #define RXKAD_TKT_TYPE_KERBEROS_V5              256
  41 #define RXKAD_TKT_TYPE_KERBEROS_V5_ENCPART_ONLY 213
  42
  43 #define MAXKRB5TICKETLEN                   MAXKTCTICKETLEN
  44
  45 /*
  46  * The AFS/DFS translator may also make use of additional ticket types in
  47  * the range 257 through 511. DO NOT USE THESE FOR ANY OTHER PURPOSE.
  48  */
  49 #define RXKAD_TKT_TYPE_ADAPT_RESERVED_MIN       257
  50 #define RXKAD_TKT_TYPE_ADAPT_RESERVED_MAX       511
  51
  52 struct ktc_encryptionKey {
  53     char data[8];
  54 };
  55
  56 struct ktc_principal {
  57     char name[MAXKTCNAMELEN];
  58     char instance[MAXKTCNAMELEN];
  59     char cell[MAXKTCREALMLEN];
  60 #ifdef AFS_NT40_ENV
  61     char smbname[MAXSMBNAMELEN];
  62 #endif
  63 };
  64
  65 #ifndef NEVERDATE
  66 #define NEVERDATE 0xffffffff
  67 #endif
  68
  69 /* this function round a length to the correct encryption block size */
  70 #define round_up_to_ebs(v) (((v) + 7) & (~7))
  71
  72 typedef char rxkad_type;
  73 #define rxkad_client 1          /* bits definitions */
  74 #define rxkad_server 2
  75
  76 typedef signed char rxkad_level;
  77 #define rxkad_clear 0           /* send packets in the clear */
  78 #define rxkad_auth 1            /* send encrypted sequence numbers */
  79 #define rxkad_crypt 2           /* encrypt packet data */
  80
  81 /* many stats are kept per type and per level.  These are encoded into an index
  82  * from 0 to 5 by the StatIndex macro. */
  83
  84 #define rxkad_StatIndex(type,level) \
  85     (((((type) == 1) || ((type) == 2)) && ((level) >= 0) && ((level) <= 2)) \
  86      ? (((level)<<1)+(type)-1) : 0)
  87 #define rxkad_LevelIndex(level) \
  88     ((((level) >= 0) && ((level) <= 2)) ? (level) : 0)
  89 #define rxkad_TypeIndex(type) \
  90     ((((type) == 1) || ((type) == 2)) ? ((type)-1) : 0)
  91
  92
  93 /* Get key by enctype.  Takes a rock (path to conf dir), kvno and enctype as
  94  * input and returns the key and key length.  On input, the keylength parameter
  95  * must be set to the length of storage allocated by the caller. */
  96 typedef int (*rxkad_get_key_enctype_func) (void *, int, int, void *, size_t *);
  97
  98 #include <rx/rxkad_prototypes.h>
  99
 100 #endif /* OPENAFS_RXKAD_RXKAD_H */