2
* Copyright 2000, International Business Machines Corporation and others.
5
* This software has been released under the terms of the IBM Public
6
* License. For details, see the LICENSE file in the top-level source
7
* directory or online at http://www.openafs.org/dl/license10.html
10
#ifndef TRANSARC_AFS_KAS_ADMIN_H
11
#define TRANSARC_AFS_KAS_ADMIN_H
13
#include <afs/param.h>
14
#include <afs/afs_Admin.h>
22
#define KAS_MAX_NAME_LEN 64
23
#define KAS_ENCRYPTION_KEY_LEN 8
24
extern const int KAS_PRINCIPAL_FLAG_NORMAL;
25
extern const int KAS_PRINCIPAL_FLAG_FREE;
26
extern const int KAS_PRINCIPAL_FLAG_OLDKEYS;
27
extern const int KAS_PRINCIPAL_FLAG_SPECIAL;
28
extern const int KAS_PRINCIPAL_FLAG_ASSOC_ROOT;
29
extern const int KAS_PRINCIPAL_FLAG_ASSOC;
30
extern const int KAS_PRINCIPAL_FLAG_ADMIN;
31
extern const int KAS_PRINCIPAL_FLAG_NO_TGS;
32
extern const int KAS_PRINCIPAL_FLAG_NO_SEAL;
33
extern const int KAS_PRINCIPAL_FLAG_NO_CPW;
34
extern const int KAS_PRINCIPAL_FLAG_NEW_ASSOC;
35
#define KAS_MAX_SERVER_OPERATION_LEN 16
36
#define KAS_MAX_PRINCIPAL_LEN 256
37
#define KAS_KEYCACHE_DEBUG_INFO_SIZE 25
39
typedef struct kas_identity {
40
char principal[KAS_MAX_NAME_LEN];
41
char instance[KAS_MAX_NAME_LEN];
42
} kas_identity_t, *kas_identity_p;
44
typedef struct kas_encryptionKey {
45
unsigned char key[KAS_ENCRYPTION_KEY_LEN];
46
} kas_encryptionKey_t, *kas_encryptionKey_p;
48
typedef enum {KAS_ADMIN, NO_KAS_ADMIN} kas_admin_t, *kas_admin_p;
49
typedef enum {TGS, NO_TGS} kas_tgs_t, *kas_tgs_p;
50
typedef enum {ENCRYPT, NO_ENCRYPT} kas_enc_t, *kas_enc_p;
51
typedef enum {CHANGE_PASSWORD, NO_CHANGE_PASSWORD} kas_cpw_t, *kas_cpw_p;
52
typedef enum {REUSE_PASSWORD, NO_REUSE_PASSWORD} kas_rpw_t, *kas_rpw_p;
55
typedef struct kas_principalEntry {
56
kas_admin_t adminSetting;
61
unsigned int userExpiration;
62
unsigned int lastModTime;
63
kas_identity_t lastModPrincipal;
64
unsigned int lastChangePasswordTime;
65
int maxTicketLifetime;
67
kas_encryptionKey_t key;
68
unsigned int keyCheckSum;
69
int daysToPasswordExpire;
72
} kas_principalEntry_t, *kas_principalEntry_p;
74
typedef struct kas_serverProcStats {
77
} kas_serverProcStats_t, *kas_serverProcStats_p;
79
typedef struct kas_serverStats {
82
int changePasswordRequests;
85
unsigned int serverStartTime;
86
struct timeval userTime;
87
struct timeval systemTime;
91
int hashTableUtilization;
92
kas_serverProcStats_t authenticate;
93
kas_serverProcStats_t changePassword;
94
kas_serverProcStats_t getTicket;
95
kas_serverProcStats_t createUser;
96
kas_serverProcStats_t setPassword;
97
kas_serverProcStats_t setFields;
98
kas_serverProcStats_t deleteUser;
99
kas_serverProcStats_t getEntry;
100
kas_serverProcStats_t listEntry;
101
kas_serverProcStats_t getStats;
102
kas_serverProcStats_t getPassword;
103
kas_serverProcStats_t getRandomKey;
104
kas_serverProcStats_t debug;
105
kas_serverProcStats_t udpAuthenticate;
106
kas_serverProcStats_t udpGetTicket;
107
kas_serverProcStats_t unlock;
108
kas_serverProcStats_t lockStatus;
110
} kas_serverStats_t, *kas_serverStats_p;
112
typedef struct key_keyCacheItem {
113
unsigned int lastUsed;
114
int keyVersionNumber;
117
char principal[KAS_MAX_NAME_LEN];
118
} key_keyCacheItem_t, *key_keyCacheItem_p;
120
typedef struct kas_serverDebugInfo {
122
unsigned int serverStartTime;
123
unsigned int currentTime;
125
unsigned int lastTransaction;
126
char lastOperation[KAS_MAX_SERVER_OPERATION_LEN];
127
char lastPrincipalAuth[KAS_MAX_PRINCIPAL_LEN];
128
char lastPrincipalUDPAuth[KAS_MAX_PRINCIPAL_LEN];
129
char lastPrincipalTGS[KAS_MAX_PRINCIPAL_LEN];
130
char lastPrincipalUDPTGS[KAS_MAX_PRINCIPAL_LEN];
131
char lastPrincipalAdmin[KAS_MAX_PRINCIPAL_LEN];
132
char lastServerTGS[KAS_MAX_PRINCIPAL_LEN];
133
char lastServerUDPTGS[KAS_MAX_PRINCIPAL_LEN];
134
unsigned int nextAutoCheckPointWrite;
135
int updatesRemainingBeforeAutoCheckPointWrite;
136
unsigned int dbHeaderRead;
141
int dbSpecialKeysVersion;
147
key_keyCacheItem_t keyCache[KAS_KEYCACHE_DEBUG_INFO_SIZE];
148
} kas_serverDebugInfo_t, *kas_serverDebugInfo_p;
150
extern int ADMINAPI kas_ServerOpen(
151
const void *cellHandle,
152
const char **serverList,
153
void **serverHandleP,
157
extern int ADMINAPI kas_ServerClose(
158
const void *serverHandle,
162
extern int ADMINAPI kas_PrincipalCreate(
163
const void *cellHandle,
164
const void *serverHandle,
165
const kas_identity_p who,
166
const char *password,
170
extern int ADMINAPI kas_PrincipalDelete(
171
const void *cellHandle,
172
const void *serverHandle,
173
const kas_identity_p who,
177
extern int ADMINAPI kas_PrincipalGet(
178
const void *cellHandle,
179
const void *serverHandle,
180
const kas_identity_p who,
181
kas_principalEntry_p principal,
185
extern int ADMINAPI kas_PrincipalGetBegin(
186
const void *cellHandle,
187
const void *serverHandle,
192
extern int ADMINAPI kas_PrincipalGetNext(
193
const void *iterationId,
198
extern int ADMINAPI kas_PrincipalGetDone(
199
const void *iterationIdP,
203
extern int ADMINAPI kas_PrincipalKeySet(
204
const void *cellHandle,
205
const void *serverHandle,
206
const kas_identity_p who,
208
const kas_encryptionKey_p key,
212
extern int ADMINAPI kas_PrincipalLockStatusGet(
213
const void *cellHandle,
214
const void *serverHandle,
215
const kas_identity_p who,
216
unsigned int *lock_end_timeP,
220
extern int ADMINAPI kas_PrincipalUnlock(
221
const void *cellHandle,
222
const void *serverHandle,
223
const kas_identity_p who,
227
extern int ADMINAPI kas_PrincipalFieldsSet(
228
const void *cellHandle,
229
const void *serverHandle,
230
const kas_identity_p who,
231
const kas_admin_p isAdmin,
232
const kas_tgs_p grantTickets,
233
const kas_enc_p canEncrypt,
234
const kas_cpw_p canChangePassword,
235
const unsigned int *expirationDate,
236
const unsigned int *maxTicketLifetime,
237
const unsigned int *passwordExpires,
238
const kas_rpw_p passwordReuse,
239
const unsigned int *failedPasswordAttempts,
240
const unsigned int *failedPasswordLockTime,
244
extern int ADMINAPI kas_ServerStatsGet(
245
const void *cellHandle,
246
const void *serverHandle,
247
kas_serverStats_p stats,
251
extern int ADMINAPI kas_ServerDebugGet(
252
const void *cellHandle,
253
const void *serverHandle,
254
kas_serverDebugInfo_p debug,
258
extern int ADMINAPI kas_ServerRandomKeyGet(
259
const void *cellHandle,
260
const void *serverHandle,
261
kas_encryptionKey_p key,
265
extern int ADMINAPI kas_StringToKey(
266
const char *cellName,
268
kas_encryptionKey_p key,
272
extern int ADMINAPI kas_KeyCheckSum(
273
const kas_encryptionKey_p key,
274
unsigned int *cksumP,
278
#endif /* TRANSARC_AFS_KAS_ADMIN_H */