2 * Copyright 2000, International Business Machines Corporation and others.
5 * This software has been released under the terms of the IBM Public
6 * License. For details, see the LICENSE file in the top-level source
7 * directory or online at http://www.openafs.org/dl/license10.html
9 #ifndef AFS_SRC_KAUTH_INTERNAL_H
10 #define AFS_SRC_KAUTH_INTERNAL_H
12 #include <hcrypto/des.h>
15 extern afs_int32
ka_AdminInteractive(int cmd_argc
, char *cmd_argv
[]);
18 extern void init_kadatabase(int initFlags
);
20 extern afs_int32
ka_LookupKey(struct ubik_trans
*tt
,
21 char *name
, char *inst
,
23 struct ktc_encryptionKey
*key
);
26 extern afs_int32
FindBlock(struct ubik_trans
*at
, char *aname
,
27 char *ainstance
, afs_int32
*toP
,
28 struct kaentry
*tentry
);
30 extern afs_int32
ThreadBlock(struct ubik_trans
*at
, afs_int32 index
,
31 struct kaentry
*tentry
);
33 extern afs_int32
ka_FillKeyCache(struct ubik_trans
*tt
);
35 extern afs_int32
CheckInit(struct ubik_trans
*at
,
36 int (*db_init
) (struct ubik_trans
*));
38 extern afs_int32
AllocBlock(struct ubik_trans
*at
, struct kaentry
*tentry
);
40 extern afs_int32
ka_NewKey(struct ubik_trans
*tt
, afs_int32 tentryaddr
,
41 struct kaentry
*tentry
,
42 struct ktc_encryptionKey
*key
);
44 extern int name_instance_legal(char *name
, char *instance
);
47 extern void kalog_Init(void);
51 extern afs_int32
InitAuthServ(struct ubik_trans
**, int, int *);
54 extern afs_int32
krb_write_ticket_file(char *realm
);
57 extern afs_int32
init_krb_udp(void);
59 static_inline DES_cblock
*
60 EncryptionKey_to_cblock(EncryptionKey
*key
) {
61 return (DES_cblock
*)key
;
64 static_inline
struct ktc_encryptionKey
*
65 EncryptionKey_to_ktc(EncryptionKey
*key
) {
66 return (struct ktc_encryptionKey
*)key
;
69 static_inline EncryptionKey
*
70 ktc_to_EncryptionKey(struct ktc_encryptionKey
*key
) {
71 return (EncryptionKey
*)key
;
75 * Some of the RPCs need to verify that two times are within a given
76 * skew window (usually KTC_TIME_UNCERTAINTY, 15 minutes). However,
77 * there are multiple sources of timestamps. The "AFS-native" type,
78 * Date, is afs_uint32; timestamps fetched from the system will
79 * generally be the output of time(NULL), i.e., time_t. However, the
80 * base type of time_t is platform-dependent -- on some systems, it
81 * is int32_t, and on others it is int64_t. Arithmetic operations
82 * and comparisons between integers of different type are subject to
83 * the usual arithmetic promotions in C -- comparing a uint32_t and
84 * an int32_t results in the int32_t being "promoted" to uint32_t, which
85 * has disasterous consequences when the value being promoted is
86 * negative. If, on the other hand, time_t is int64_t, then the promotions
87 * work the other way, with everything evaluated at int64_t precision,
88 * since int64_t has a higher conversion rank than int32_t (which has
89 * the same conversion rank as uint32_t). In order to properly and
90 * portably check the time skew, it is simplest to cast everything to
91 * afs_int64 before evaluating any expressions.
93 * The expression evaluates to true if the absolute value of the difference
94 * between the two time inputs is larger than the skew.
96 #define check_ka_skew(__t1, __t2, __skew) \
97 ((afs_int64)(__t1) - (afs_int64)(__skew) > (afs_int64)(__t2) || \
98 (afs_int64)(__t2) - (afs_int64)(__skew) > (afs_int64)(__t1))