2 * Copyright 1993 OpenVision Technologies, Inc., All Rights Reserved
7 #ifndef __KADM5_ADMIN_H__
8 #define __KADM5_ADMIN_H__
10 #if !defined(USE_KADM5_API_VERSION)
11 #define USE_KADM5_API_VERSION 2
14 #include <sys/types.h>
15 #include <gssrpc/rpc.h>
19 #include <kadm5/kadm_err.h>
20 #include <kadm5/adb_err.h>
21 #include <kadm5/chpass_util_strings.h>
23 #define KADM5_ADMIN_SERVICE "kadmin/admin"
24 #define KADM5_CHANGEPW_SERVICE "kadmin/changepw"
25 #define KADM5_HIST_PRINCIPAL "kadmin/history"
27 typedef krb5_principal kadm5_princ_t;
28 typedef char *kadm5_policy_t;
29 typedef long kadm5_ret_t;
31 #define KADM5_PW_FIRST_PROMPT \
32 ((char *) error_message(CHPASS_UTIL_NEW_PASSWORD_PROMPT))
33 #define KADM5_PW_SECOND_PROMPT \
34 ((char *) error_message(CHPASS_UTIL_NEW_PASSWORD_AGAIN_PROMPT))
37 * Succsessfull return code
45 /* kadm5_principal_ent_t */
46 #define KADM5_PRINCIPAL 0x000001
47 #define KADM5_PRINC_EXPIRE_TIME 0x000002
48 #define KADM5_PW_EXPIRATION 0x000004
49 #define KADM5_LAST_PWD_CHANGE 0x000008
50 #define KADM5_ATTRIBUTES 0x000010
51 #define KADM5_MAX_LIFE 0x000020
52 #define KADM5_MOD_TIME 0x000040
53 #define KADM5_MOD_NAME 0x000080
54 #define KADM5_KVNO 0x000100
55 #define KADM5_MKVNO 0x000200
56 #define KADM5_AUX_ATTRIBUTES 0x000400
57 #define KADM5_POLICY 0x000800
58 #define KADM5_POLICY_CLR 0x001000
60 #define KADM5_MAX_RLIFE 0x002000
61 #define KADM5_LAST_SUCCESS 0x004000
62 #define KADM5_LAST_FAILED 0x008000
63 #define KADM5_FAIL_AUTH_COUNT 0x010000
64 #define KADM5_KEY_DATA 0x020000
65 #define KADM5_TL_DATA 0x040000
66 /* all but KEY_DATA and TL_DATA */
67 #define KADM5_PRINCIPAL_NORMAL_MASK 0x01ffff
69 /* kadm5_policy_ent_t */
70 #define KADM5_PW_MAX_LIFE 0x004000
71 #define KADM5_PW_MIN_LIFE 0x008000
72 #define KADM5_PW_MIN_LENGTH 0x010000
73 #define KADM5_PW_MIN_CLASSES 0x020000
74 #define KADM5_PW_HISTORY_NUM 0x040000
75 #define KADM5_REF_COUNT 0x080000
77 /* kadm5_config_params */
78 #define KADM5_CONFIG_REALM 0x000001
79 #define KADM5_CONFIG_DBNAME 0x000002
80 #define KADM5_CONFIG_MKEY_NAME 0x000004
81 #define KADM5_CONFIG_MAX_LIFE 0x000008
82 #define KADM5_CONFIG_MAX_RLIFE 0x000010
83 #define KADM5_CONFIG_EXPIRATION 0x000020
84 #define KADM5_CONFIG_FLAGS 0x000040
85 #define KADM5_CONFIG_ADMIN_KEYTAB 0x000080
86 #define KADM5_CONFIG_STASH_FILE 0x000100
87 #define KADM5_CONFIG_ENCTYPE 0x000200
88 #define KADM5_CONFIG_ADBNAME 0x000400
89 #define KADM5_CONFIG_ADB_LOCKFILE 0x000800
90 #define KADM5_CONFIG_PROFILE 0x001000
91 #define KADM5_CONFIG_ACL_FILE 0x002000
92 #define KADM5_CONFIG_KADMIND_PORT 0x004000
93 #define KADM5_CONFIG_ENCTYPES 0x008000
94 #define KADM5_CONFIG_ADMIN_SERVER 0x010000
95 #define KADM5_CONFIG_DICT_FILE 0x020000
96 #define KADM5_CONFIG_MKEY_FROM_KBD 0x040000
97 #define KADM5_CONFIG_KPASSWD_PORT 0x080000
102 #define KADM5_PRIV_GET 0x01
103 #define KADM5_PRIV_ADD 0x02
104 #define KADM5_PRIV_MODIFY 0x04
105 #define KADM5_PRIV_DELETE 0x08
108 * API versioning constants
110 #define KADM5_MASK_BITS 0xffffff00
112 #define KADM5_STRUCT_VERSION_MASK 0x12345600
113 #define KADM5_STRUCT_VERSION_1 (KADM5_STRUCT_VERSION_MASK|0x01)
114 #define KADM5_STRUCT_VERSION KADM5_STRUCT_VERSION_1
116 #define KADM5_API_VERSION_MASK 0x12345700
117 #define KADM5_API_VERSION_1 (KADM5_API_VERSION_MASK|0x01)
118 #define KADM5_API_VERSION_2 (KADM5_API_VERSION_MASK|0x02)
120 typedef struct _kadm5_principal_ent_t_v2 {
121 krb5_principal principal;
122 krb5_timestamp princ_expire_time;
123 krb5_timestamp last_pwd_change;
124 krb5_timestamp pw_expiration;
125 krb5_deltat max_life;
126 krb5_principal mod_name;
127 krb5_timestamp mod_date;
128 krb5_flags attributes;
134 /* version 2 fields */
135 krb5_deltat max_renewable_life;
136 krb5_timestamp last_success;
137 krb5_timestamp last_failed;
138 krb5_kvno fail_auth_count;
139 krb5_int16 n_key_data;
140 krb5_int16 n_tl_data;
141 krb5_tl_data *tl_data;
142 krb5_key_data *key_data;
143 } kadm5_principal_ent_rec_v2, *kadm5_principal_ent_t_v2;
145 typedef struct _kadm5_principal_ent_t_v1 {
146 krb5_principal principal;
147 krb5_timestamp princ_expire_time;
148 krb5_timestamp last_pwd_change;
149 krb5_timestamp pw_expiration;
150 krb5_deltat max_life;
151 krb5_principal mod_name;
152 krb5_timestamp mod_date;
153 krb5_flags attributes;
158 } kadm5_principal_ent_rec_v1, *kadm5_principal_ent_t_v1;
160 #if USE_KADM5_API_VERSION == 1
161 typedef struct _kadm5_principal_ent_t_v1
162 kadm5_principal_ent_rec, *kadm5_principal_ent_t;
164 typedef struct _kadm5_principal_ent_t_v2
165 kadm5_principal_ent_rec, *kadm5_principal_ent_t;
168 typedef struct _kadm5_policy_ent_t {
176 } kadm5_policy_ent_rec, *kadm5_policy_ent_t;
178 typedef struct __krb5_key_salt_tuple {
179 krb5_enctype ks_enctype;
180 krb5_int32 ks_salttype;
181 } krb5_key_salt_tuple;
184 * Data structure returned by kadm5_get_config_params()
186 typedef struct _kadm5_config_params {
197 char * admin_lockfile;
205 krb5_enctype enctype;
206 krb5_deltat max_life;
207 krb5_deltat max_rlife;
208 krb5_timestamp expiration;
210 krb5_key_salt_tuple *keysalts;
211 krb5_int32 num_keysalts;
212 } kadm5_config_params;
214 /***********************************************************************
215 * This is the old krb5_realm_read_params, which I mutated into
216 * kadm5_get_config_params but which old code (kdb5_* and krb5kdc)
218 ***********************************************************************/
221 * Data structure returned by krb5_read_realm_params()
223 typedef struct __krb5_realm_params {
224 char * realm_profile;
226 char * realm_mkey_name;
227 char * realm_stash_file;
228 char * realm_kdc_ports;
229 char * realm_acl_file;
230 krb5_int32 realm_kadmind_port;
231 krb5_enctype realm_enctype;
232 krb5_deltat realm_max_life;
233 krb5_deltat realm_max_rlife;
234 krb5_timestamp realm_expiration;
235 krb5_flags realm_flags;
236 krb5_key_salt_tuple *realm_keysalts;
237 unsigned int realm_kadmind_port_valid:1;
238 unsigned int realm_enctype_valid:1;
239 unsigned int realm_max_life_valid:1;
240 unsigned int realm_max_rlife_valid:1;
241 unsigned int realm_expiration_valid:1;
242 unsigned int realm_flags_valid:1;
243 unsigned int realm_filler:7;
244 krb5_int32 realm_num_keysalts;
251 #if USE_KADM5_API_VERSION > 1
252 krb5_error_code kadm5_get_config_params(krb5_context context,
253 char *kdcprofile, char *kdcenv,
254 kadm5_config_params *params_in,
255 kadm5_config_params *params_out);
256 krb5_error_code kadm5_free_realm_params(krb5_context kcontext,
257 kadm5_config_params *params);
260 kadm5_ret_t kadm5_init(char *client_name, char *pass,
262 #if USE_KADM5_API_VERSION == 1
265 kadm5_config_params *params,
267 krb5_ui_4 struct_version,
268 krb5_ui_4 api_version,
269 void **server_handle);
270 kadm5_ret_t kadm5_init_with_password(char *client_name,
273 #if USE_KADM5_API_VERSION == 1
276 kadm5_config_params *params,
278 krb5_ui_4 struct_version,
279 krb5_ui_4 api_version,
280 void **server_handle);
281 kadm5_ret_t kadm5_init_with_skey(char *client_name,
284 #if USE_KADM5_API_VERSION == 1
287 kadm5_config_params *params,
289 krb5_ui_4 struct_version,
290 krb5_ui_4 api_version,
291 void **server_handle);
292 #if USE_KADM5_API_VERSION > 1
293 kadm5_ret_t kadm5_init_with_creds(char *client_name,
296 kadm5_config_params *params,
297 krb5_ui_4 struct_version,
298 krb5_ui_4 api_version,
299 void **server_handle);
301 kadm5_ret_t kadm5_flush(void *server_handle);
302 kadm5_ret_t kadm5_destroy(void *server_handle);
303 kadm5_ret_t kadm5_create_principal(void *server_handle,
304 kadm5_principal_ent_t ent,
305 long mask, char *pass);
306 kadm5_ret_t kadm5_create_principal_3(void *server_handle,
307 kadm5_principal_ent_t ent,
310 krb5_key_salt_tuple *ks_tuple,
312 kadm5_ret_t kadm5_delete_principal(void *server_handle,
313 krb5_principal principal);
314 kadm5_ret_t kadm5_modify_principal(void *server_handle,
315 kadm5_principal_ent_t ent,
317 kadm5_ret_t kadm5_rename_principal(void *server_handle,
318 krb5_principal,krb5_principal);
319 #if USE_KADM5_API_VERSION == 1
320 kadm5_ret_t kadm5_get_principal(void *server_handle,
321 krb5_principal principal,
322 kadm5_principal_ent_t *ent);
324 kadm5_ret_t kadm5_get_principal(void *server_handle,
325 krb5_principal principal,
326 kadm5_principal_ent_t ent,
329 kadm5_ret_t kadm5_chpass_principal(void *server_handle,
330 krb5_principal principal,
332 kadm5_ret_t kadm5_chpass_principal_3(void *server_handle,
333 krb5_principal principal,
334 krb5_boolean keepold,
336 krb5_key_salt_tuple *ks_tuple,
338 #if USE_KADM5_API_VERSION == 1
339 kadm5_ret_t kadm5_randkey_principal(void *server_handle,
340 krb5_principal principal,
341 krb5_keyblock **keyblock);
343 kadm5_ret_t kadm5_randkey_principal(void *server_handle,
344 krb5_principal principal,
345 krb5_keyblock **keyblocks,
347 kadm5_ret_t kadm5_randkey_principal_3(void *server_handle,
348 krb5_principal principal,
349 krb5_boolean keepold,
351 krb5_key_salt_tuple *ks_tuple,
352 krb5_keyblock **keyblocks,
355 kadm5_ret_t kadm5_setv4key_principal(void *server_handle,
356 krb5_principal principal,
357 krb5_keyblock *keyblock);
359 kadm5_ret_t kadm5_setkey_principal(void *server_handle,
360 krb5_principal principal,
361 krb5_keyblock *keyblocks,
364 kadm5_ret_t kadm5_setkey_principal_3(void *server_handle,
365 krb5_principal principal,
366 krb5_boolean keepold,
368 krb5_key_salt_tuple *ks_tuple,
369 krb5_keyblock *keyblocks,
372 kadm5_ret_t kadm5_create_policy(void *server_handle,
373 kadm5_policy_ent_t ent,
376 * kadm5_create_policy_internal is not part of the supported,
377 * exposed API. It is available only in the server library, and you
378 * shouldn't use it unless you know why it's there and how it's
379 * different from kadm5_create_policy.
381 kadm5_ret_t kadm5_create_policy_internal(void *server_handle,
384 kadm5_ret_t kadm5_delete_policy(void *server_handle,
385 kadm5_policy_t policy);
386 kadm5_ret_t kadm5_modify_policy(void *server_handle,
387 kadm5_policy_ent_t ent,
390 * kadm5_modify_policy_internal is not part of the supported,
391 * exposed API. It is available only in the server library, and you
392 * shouldn't use it unless you know why it's there and how it's
393 * different from kadm5_modify_policy.
395 kadm5_ret_t kadm5_modify_policy_internal(void *server_handle,
398 #if USE_KADM5_API_VERSION == 1
399 kadm5_ret_t kadm5_get_policy(void *server_handle,
400 kadm5_policy_t policy,
401 kadm5_policy_ent_t *ent);
403 kadm5_ret_t kadm5_get_policy(void *server_handle,
404 kadm5_policy_t policy,
405 kadm5_policy_ent_t ent);
407 kadm5_ret_t kadm5_get_privs(void *server_handle,
410 kadm5_ret_t kadm5_chpass_principal_util(void *server_handle,
411 krb5_principal princ,
416 kadm5_ret_t kadm5_free_principal_ent(void *server_handle,
417 kadm5_principal_ent_t
419 kadm5_ret_t kadm5_free_policy_ent(void *server_handle,
420 kadm5_policy_ent_t ent);
422 kadm5_ret_t kadm5_get_principals(void *server_handle,
423 char *exp, char ***princs,
426 kadm5_ret_t kadm5_get_policies(void *server_handle,
427 char *exp, char ***pols,
430 #if USE_KADM5_API_VERSION > 1
431 kadm5_ret_t kadm5_free_key_data(void *server_handle,
432 krb5_int16 *n_key_data,
433 krb5_key_data *key_data);
436 #if USE_KADM5_API_VERSION == 1
438 * OVSEC_KADM_API_VERSION_1 should be, if possible, compile-time
439 * compatible with KADM5_API_VERSION_2. Basically, this means we have
440 * to continue to provide all the old ovsec_kadm function and symbol
444 #define OVSEC_KADM_ACLFILE "/krb5/ovsec_adm.acl"
445 #define OVSEC_KADM_WORDFILE "/krb5/ovsec_adm.dict"
447 #define OVSEC_KADM_ADMIN_SERVICE "ovsec_adm/admin"
448 #define OVSEC_KADM_CHANGEPW_SERVICE "ovsec_adm/changepw"
449 #define OVSEC_KADM_HIST_PRINCIPAL "ovsec_adm/history"
451 typedef krb5_principal ovsec_kadm_princ_t;
452 typedef krb5_keyblock ovsec_kadm_keyblock;
453 typedef char *ovsec_kadm_policy_t;
454 typedef long ovsec_kadm_ret_t;
456 enum ovsec_kadm_salttype { OVSEC_KADM_SALT_V4, OVSEC_KADM_SALT_NORMAL };
457 enum ovsec_kadm_saltmod { OVSEC_KADM_MOD_KEEP, OVSEC_KADM_MOD_V4, OVSEC_KADM_MOD_NORMAL };
459 #define OVSEC_KADM_PW_FIRST_PROMPT \
460 ((char *) error_message(CHPASS_UTIL_NEW_PASSWORD_PROMPT))
461 #define OVSEC_KADM_PW_SECOND_PROMPT \
462 ((char *) error_message(CHPASS_UTIL_NEW_PASSWORD_AGAIN_PROMPT))
465 * Succsessfull return code
467 #define OVSEC_KADM_OK 0
470 * Create/Modify masks
473 #define OVSEC_KADM_PRINCIPAL 0x000001
474 #define OVSEC_KADM_PRINC_EXPIRE_TIME 0x000002
475 #define OVSEC_KADM_PW_EXPIRATION 0x000004
476 #define OVSEC_KADM_LAST_PWD_CHANGE 0x000008
477 #define OVSEC_KADM_ATTRIBUTES 0x000010
478 #define OVSEC_KADM_MAX_LIFE 0x000020
479 #define OVSEC_KADM_MOD_TIME 0x000040
480 #define OVSEC_KADM_MOD_NAME 0x000080
481 #define OVSEC_KADM_KVNO 0x000100
482 #define OVSEC_KADM_MKVNO 0x000200
483 #define OVSEC_KADM_AUX_ATTRIBUTES 0x000400
484 #define OVSEC_KADM_POLICY 0x000800
485 #define OVSEC_KADM_POLICY_CLR 0x001000
487 #define OVSEC_KADM_PW_MAX_LIFE 0x004000
488 #define OVSEC_KADM_PW_MIN_LIFE 0x008000
489 #define OVSEC_KADM_PW_MIN_LENGTH 0x010000
490 #define OVSEC_KADM_PW_MIN_CLASSES 0x020000
491 #define OVSEC_KADM_PW_HISTORY_NUM 0x040000
492 #define OVSEC_KADM_REF_COUNT 0x080000
497 #define OVSEC_KADM_PRIV_GET 0x01
498 #define OVSEC_KADM_PRIV_ADD 0x02
499 #define OVSEC_KADM_PRIV_MODIFY 0x04
500 #define OVSEC_KADM_PRIV_DELETE 0x08
503 * API versioning constants
505 #define OVSEC_KADM_MASK_BITS 0xffffff00
507 #define OVSEC_KADM_STRUCT_VERSION_MASK 0x12345600
508 #define OVSEC_KADM_STRUCT_VERSION_1 (OVSEC_KADM_STRUCT_VERSION_MASK|0x01)
509 #define OVSEC_KADM_STRUCT_VERSION OVSEC_KADM_STRUCT_VERSION_1
511 #define OVSEC_KADM_API_VERSION_MASK 0x12345700
512 #define OVSEC_KADM_API_VERSION_1 (OVSEC_KADM_API_VERSION_MASK|0x01)
515 typedef struct _ovsec_kadm_principal_ent_t {
516 krb5_principal principal;
517 krb5_timestamp princ_expire_time;
518 krb5_timestamp last_pwd_change;
519 krb5_timestamp pw_expiration;
520 krb5_deltat max_life;
521 krb5_principal mod_name;
522 krb5_timestamp mod_date;
523 krb5_flags attributes;
528 } ovsec_kadm_principal_ent_rec, *ovsec_kadm_principal_ent_t;
530 typedef struct _ovsec_kadm_policy_ent_t {
538 } ovsec_kadm_policy_ent_rec, *ovsec_kadm_policy_ent_t;
543 ovsec_kadm_ret_t ovsec_kadm_init(char *client_name, char *pass,
544 char *service_name, char *realm,
545 krb5_ui_4 struct_version,
546 krb5_ui_4 api_version,
547 void **server_handle);
548 ovsec_kadm_ret_t ovsec_kadm_init_with_password(char *client_name,
552 krb5_ui_4 struct_version,
553 krb5_ui_4 api_version,
554 void **server_handle);
555 ovsec_kadm_ret_t ovsec_kadm_init_with_skey(char *client_name,
559 krb5_ui_4 struct_version,
560 krb5_ui_4 api_version,
561 void **server_handle);
562 ovsec_kadm_ret_t ovsec_kadm_flush(void *server_handle);
563 ovsec_kadm_ret_t ovsec_kadm_destroy(void *server_handle);
564 ovsec_kadm_ret_t ovsec_kadm_create_principal(void *server_handle,
565 ovsec_kadm_principal_ent_t ent,
566 long mask, char *pass);
567 ovsec_kadm_ret_t ovsec_kadm_delete_principal(void *server_handle,
568 krb5_principal principal);
569 ovsec_kadm_ret_t ovsec_kadm_modify_principal(void *server_handle,
570 ovsec_kadm_principal_ent_t ent,
572 ovsec_kadm_ret_t ovsec_kadm_rename_principal(void *server_handle,
573 krb5_principal,krb5_principal);
574 ovsec_kadm_ret_t ovsec_kadm_get_principal(void *server_handle,
575 krb5_principal principal,
576 ovsec_kadm_principal_ent_t *ent);
577 ovsec_kadm_ret_t ovsec_kadm_chpass_principal(void *server_handle,
578 krb5_principal principal,
580 ovsec_kadm_ret_t ovsec_kadm_randkey_principal(void *server_handle,
581 krb5_principal principal,
582 krb5_keyblock **keyblock);
583 ovsec_kadm_ret_t ovsec_kadm_create_policy(void *server_handle,
584 ovsec_kadm_policy_ent_t ent,
587 * ovsec_kadm_create_policy_internal is not part of the supported,
588 * exposed API. It is available only in the server library, and you
589 * shouldn't use it unless you know why it's there and how it's
590 * different from ovsec_kadm_create_policy.
592 ovsec_kadm_ret_t ovsec_kadm_create_policy_internal(void *server_handle,
593 ovsec_kadm_policy_ent_t
595 ovsec_kadm_ret_t ovsec_kadm_delete_policy(void *server_handle,
596 ovsec_kadm_policy_t policy);
597 ovsec_kadm_ret_t ovsec_kadm_modify_policy(void *server_handle,
598 ovsec_kadm_policy_ent_t ent,
601 * ovsec_kadm_modify_policy_internal is not part of the supported,
602 * exposed API. It is available only in the server library, and you
603 * shouldn't use it unless you know why it's there and how it's
604 * different from ovsec_kadm_modify_policy.
606 ovsec_kadm_ret_t ovsec_kadm_modify_policy_internal(void *server_handle,
607 ovsec_kadm_policy_ent_t
609 ovsec_kadm_ret_t ovsec_kadm_get_policy(void *server_handle,
610 ovsec_kadm_policy_t policy,
611 ovsec_kadm_policy_ent_t *ent);
612 ovsec_kadm_ret_t ovsec_kadm_get_privs(void *server_handle,
615 ovsec_kadm_ret_t ovsec_kadm_chpass_principal_util(void *server_handle,
616 krb5_principal princ,
621 ovsec_kadm_ret_t ovsec_kadm_free_principal_ent(void *server_handle,
622 ovsec_kadm_principal_ent_t
624 ovsec_kadm_ret_t ovsec_kadm_free_policy_ent(void *server_handle,
625 ovsec_kadm_policy_ent_t ent);
627 ovsec_kadm_ret_t ovsec_kadm_get_principals(void *server_handle,
628 char *exp, char ***princs,
631 ovsec_kadm_ret_t ovsec_kadm_get_policies(void *server_handle,
632 char *exp, char ***pols,
635 #define OVSEC_KADM_FAILURE KADM5_FAILURE
636 #define OVSEC_KADM_AUTH_GET KADM5_AUTH_GET
637 #define OVSEC_KADM_AUTH_ADD KADM5_AUTH_ADD
638 #define OVSEC_KADM_AUTH_MODIFY KADM5_AUTH_MODIFY
639 #define OVSEC_KADM_AUTH_DELETE KADM5_AUTH_DELETE
640 #define OVSEC_KADM_AUTH_INSUFFICIENT KADM5_AUTH_INSUFFICIENT
641 #define OVSEC_KADM_BAD_DB KADM5_BAD_DB
642 #define OVSEC_KADM_DUP KADM5_DUP
643 #define OVSEC_KADM_RPC_ERROR KADM5_RPC_ERROR
644 #define OVSEC_KADM_NO_SRV KADM5_NO_SRV
645 #define OVSEC_KADM_BAD_HIST_KEY KADM5_BAD_HIST_KEY
646 #define OVSEC_KADM_NOT_INIT KADM5_NOT_INIT
647 #define OVSEC_KADM_UNK_PRINC KADM5_UNK_PRINC
648 #define OVSEC_KADM_UNK_POLICY KADM5_UNK_POLICY
649 #define OVSEC_KADM_BAD_MASK KADM5_BAD_MASK
650 #define OVSEC_KADM_BAD_CLASS KADM5_BAD_CLASS
651 #define OVSEC_KADM_BAD_LENGTH KADM5_BAD_LENGTH
652 #define OVSEC_KADM_BAD_POLICY KADM5_BAD_POLICY
653 #define OVSEC_KADM_BAD_PRINCIPAL KADM5_BAD_PRINCIPAL
654 #define OVSEC_KADM_BAD_AUX_ATTR KADM5_BAD_AUX_ATTR
655 #define OVSEC_KADM_BAD_HISTORY KADM5_BAD_HISTORY
656 #define OVSEC_KADM_BAD_MIN_PASS_LIFE KADM5_BAD_MIN_PASS_LIFE
657 #define OVSEC_KADM_PASS_Q_TOOSHORT KADM5_PASS_Q_TOOSHORT
658 #define OVSEC_KADM_PASS_Q_CLASS KADM5_PASS_Q_CLASS
659 #define OVSEC_KADM_PASS_Q_DICT KADM5_PASS_Q_DICT
660 #define OVSEC_KADM_PASS_REUSE KADM5_PASS_REUSE
661 #define OVSEC_KADM_PASS_TOOSOON KADM5_PASS_TOOSOON
662 #define OVSEC_KADM_POLICY_REF KADM5_POLICY_REF
663 #define OVSEC_KADM_INIT KADM5_INIT
664 #define OVSEC_KADM_BAD_PASSWORD KADM5_BAD_PASSWORD
665 #define OVSEC_KADM_PROTECT_PRINCIPAL KADM5_PROTECT_PRINCIPAL
666 #define OVSEC_KADM_BAD_SERVER_HANDLE KADM5_BAD_SERVER_HANDLE
667 #define OVSEC_KADM_BAD_STRUCT_VERSION KADM5_BAD_STRUCT_VERSION
668 #define OVSEC_KADM_OLD_STRUCT_VERSION KADM5_OLD_STRUCT_VERSION
669 #define OVSEC_KADM_NEW_STRUCT_VERSION KADM5_NEW_STRUCT_VERSION
670 #define OVSEC_KADM_BAD_API_VERSION KADM5_BAD_API_VERSION
671 #define OVSEC_KADM_OLD_LIB_API_VERSION KADM5_OLD_LIB_API_VERSION
672 #define OVSEC_KADM_OLD_SERVER_API_VERSION KADM5_OLD_SERVER_API_VERSION
673 #define OVSEC_KADM_NEW_LIB_API_VERSION KADM5_NEW_LIB_API_VERSION
674 #define OVSEC_KADM_NEW_SERVER_API_VERSION KADM5_NEW_SERVER_API_VERSION
675 #define OVSEC_KADM_SECURE_PRINC_MISSING KADM5_SECURE_PRINC_MISSING
676 #define OVSEC_KADM_NO_RENAME_SALT KADM5_NO_RENAME_SALT
678 #endif /* USE_KADM5_API_VERSION == 1 */
680 #endif /* __KADM5_ADMIN_H__ */