2 * Copyright 2000, International Business Machines Corporation and others.
5 * This software has been released under the terms of the IBM Public
6 * License. For details, see the LICENSE file in the top-level source
7 * directory or online at http://www.openafs.org/dl/license10.html
10 #ifndef OPENAFS_KAS_ADMIN_H
11 #define OPENAFS_KAS_ADMIN_H
13 #include <afs/param.h>
14 #include <afs/afs_Admin.h>
22 #define KAS_MAX_NAME_LEN 64
23 #define KAS_ENCRYPTION_KEY_LEN 8
24 extern const int KAS_PRINCIPAL_FLAG_NORMAL
;
25 extern const int KAS_PRINCIPAL_FLAG_FREE
;
26 extern const int KAS_PRINCIPAL_FLAG_OLDKEYS
;
27 extern const int KAS_PRINCIPAL_FLAG_SPECIAL
;
28 extern const int KAS_PRINCIPAL_FLAG_ASSOC_ROOT
;
29 extern const int KAS_PRINCIPAL_FLAG_ASSOC
;
30 extern const int KAS_PRINCIPAL_FLAG_ADMIN
;
31 extern const int KAS_PRINCIPAL_FLAG_NO_TGS
;
32 extern const int KAS_PRINCIPAL_FLAG_NO_SEAL
;
33 extern const int KAS_PRINCIPAL_FLAG_NO_CPW
;
34 extern const int KAS_PRINCIPAL_FLAG_NEW_ASSOC
;
35 #define KAS_MAX_SERVER_OPERATION_LEN 16
36 #define KAS_MAX_PRINCIPAL_LEN 256
37 #define KAS_KEYCACHE_DEBUG_INFO_SIZE 25
39 typedef struct kas_identity
{
40 char principal
[KAS_MAX_NAME_LEN
];
41 char instance
[KAS_MAX_NAME_LEN
];
42 } kas_identity_t
, *kas_identity_p
;
44 typedef struct kas_encryptionKey
{
45 unsigned char key
[KAS_ENCRYPTION_KEY_LEN
];
46 } kas_encryptionKey_t
, *kas_encryptionKey_p
;
48 typedef enum { KAS_ADMIN
, NO_KAS_ADMIN
} kas_admin_t
, *kas_admin_p
;
49 typedef enum { TGS
, NO_TGS
} kas_tgs_t
, *kas_tgs_p
;
50 typedef enum { ENCRYPT
, NO_ENCRYPT
} kas_enc_t
, *kas_enc_p
;
51 typedef enum { CHANGE_PASSWORD
, NO_CHANGE_PASSWORD
} kas_cpw_t
, *kas_cpw_p
;
52 typedef enum { REUSE_PASSWORD
, NO_REUSE_PASSWORD
} kas_rpw_t
, *kas_rpw_p
;
55 typedef struct kas_principalEntry
{
56 kas_admin_t adminSetting
;
61 unsigned int userExpiration
;
62 unsigned int lastModTime
;
63 kas_identity_t lastModPrincipal
;
64 unsigned int lastChangePasswordTime
;
65 int maxTicketLifetime
;
67 kas_encryptionKey_t key
;
68 unsigned int keyCheckSum
;
69 int daysToPasswordExpire
;
72 } kas_principalEntry_t
, *kas_principalEntry_p
;
74 typedef struct kas_serverProcStats
{
77 } kas_serverProcStats_t
, *kas_serverProcStats_p
;
79 typedef struct kas_serverStats
{
82 int changePasswordRequests
;
85 unsigned int serverStartTime
;
86 struct timeval userTime
;
87 struct timeval systemTime
;
91 int hashTableUtilization
;
92 kas_serverProcStats_t authenticate
;
93 kas_serverProcStats_t changePassword
;
94 kas_serverProcStats_t getTicket
;
95 kas_serverProcStats_t createUser
;
96 kas_serverProcStats_t setPassword
;
97 kas_serverProcStats_t setFields
;
98 kas_serverProcStats_t deleteUser
;
99 kas_serverProcStats_t getEntry
;
100 kas_serverProcStats_t listEntry
;
101 kas_serverProcStats_t getStats
;
102 kas_serverProcStats_t getPassword
;
103 kas_serverProcStats_t getRandomKey
;
104 kas_serverProcStats_t debug
;
105 kas_serverProcStats_t udpAuthenticate
;
106 kas_serverProcStats_t udpGetTicket
;
107 kas_serverProcStats_t unlock
;
108 kas_serverProcStats_t lockStatus
;
110 } kas_serverStats_t
, *kas_serverStats_p
;
112 typedef struct key_keyCacheItem
{
113 unsigned int lastUsed
;
114 int keyVersionNumber
;
117 char principal
[KAS_MAX_NAME_LEN
];
118 } key_keyCacheItem_t
, *key_keyCacheItem_p
;
120 typedef struct kas_serverDebugInfo
{
122 unsigned int serverStartTime
;
123 unsigned int currentTime
;
125 unsigned int lastTransaction
;
126 char lastOperation
[KAS_MAX_SERVER_OPERATION_LEN
];
127 char lastPrincipalAuth
[KAS_MAX_PRINCIPAL_LEN
];
128 char lastPrincipalUDPAuth
[KAS_MAX_PRINCIPAL_LEN
];
129 char lastPrincipalTGS
[KAS_MAX_PRINCIPAL_LEN
];
130 char lastPrincipalUDPTGS
[KAS_MAX_PRINCIPAL_LEN
];
131 char lastPrincipalAdmin
[KAS_MAX_PRINCIPAL_LEN
];
132 char lastServerTGS
[KAS_MAX_PRINCIPAL_LEN
];
133 char lastServerUDPTGS
[KAS_MAX_PRINCIPAL_LEN
];
134 unsigned int nextAutoCheckPointWrite
;
135 int updatesRemainingBeforeAutoCheckPointWrite
;
136 unsigned int dbHeaderRead
;
141 int dbSpecialKeysVersion
;
147 key_keyCacheItem_t keyCache
[KAS_KEYCACHE_DEBUG_INFO_SIZE
];
148 } kas_serverDebugInfo_t
, *kas_serverDebugInfo_p
;
150 extern int ADMINAPI
kas_ServerOpen(const void *cellHandle
,
151 const char **serverList
,
152 void **serverHandleP
, afs_status_p st
);
154 extern int ADMINAPI
kas_ServerClose(const void *serverHandle
,
157 extern int ADMINAPI
kas_PrincipalCreate(const void *cellHandle
,
158 const void *serverHandle
,
159 const kas_identity_p who
,
160 const char *password
,
163 extern int ADMINAPI
kas_PrincipalDelete(const void *cellHandle
,
164 const void *serverHandle
,
165 const kas_identity_p who
,
168 extern int ADMINAPI
kas_PrincipalGet(const void *cellHandle
,
169 const void *serverHandle
,
170 const kas_identity_p who
,
171 kas_principalEntry_p principal
,
174 extern int ADMINAPI
kas_PrincipalGetBegin(const void *cellHandle
,
175 const void *serverHandle
,
179 extern int ADMINAPI
kas_PrincipalGetNext(const void *iterationId
,
180 kas_identity_p who
, afs_status_p st
);
182 extern int ADMINAPI
kas_PrincipalGetDone(const void *iterationIdP
,
185 extern int ADMINAPI
kas_PrincipalKeySet(const void *cellHandle
,
186 const void *serverHandle
,
187 const kas_identity_p who
,
189 const kas_encryptionKey_p key
,
192 extern int ADMINAPI
kas_PrincipalLockStatusGet(const void *cellHandle
,
193 const void *serverHandle
,
194 const kas_identity_p who
,
195 unsigned int *lock_end_timeP
,
198 extern int ADMINAPI
kas_PrincipalUnlock(const void *cellHandle
,
199 const void *serverHandle
,
200 const kas_identity_p who
,
203 extern int ADMINAPI
kas_PrincipalFieldsSet(const void *cellHandle
,
204 const void *serverHandle
,
205 const kas_identity_p who
,
206 const kas_admin_p isAdmin
,
207 const kas_tgs_p grantTickets
,
208 const kas_enc_p canEncrypt
,
209 const kas_cpw_p canChangePassword
,
210 const unsigned int *expirationDate
,
212 *maxTicketLifetime
, const unsigned int
214 const kas_rpw_p passwordReuse
,
216 *failedPasswordAttempts
, const unsigned int
217 *failedPasswordLockTime
,
220 extern int ADMINAPI
kas_ServerStatsGet(const void *cellHandle
,
221 const void *serverHandle
,
222 kas_serverStats_p stats
,
225 extern int ADMINAPI
kas_ServerDebugGet(const void *cellHandle
,
226 const void *serverHandle
,
227 kas_serverDebugInfo_p debug
,
230 extern int ADMINAPI
kas_ServerRandomKeyGet(const void *cellHandle
,
231 const void *serverHandle
,
232 kas_encryptionKey_p key
,
235 extern int ADMINAPI
kas_StringToKey(const char *cellName
, const char *string
,
236 kas_encryptionKey_p key
, afs_status_p st
);
238 extern int ADMINAPI
kas_KeyCheckSum(const kas_encryptionKey_p key
,
239 unsigned int *cksumP
, afs_status_p st
);
241 #endif /* OPENAFS_KAS_ADMIN_H */