+++ /dev/null
-\documentstyle[times,fullpage,rcsid]{article}
-
-\rcs$Header$
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%% Make _ actually generate an _, and allow line-breaking after it.
-\let\underscore=\_
-\catcode`_=13
-\def_{\underscore\penalty75\relax}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-
-\newcommand{\test}[1]{\begin{description}
-\setlength{\itemsep}{0pt}
-#1
-\end{description}
-
-}
-
-\newcommand{\numtest}[2]{\begin{description}
-\setlength{\itemsep}{0pt}
-\Number{#1}
-#2
-\end{description}
-
-}
-
-\newcommand{\Number}[1]{\item[Number:] #1}
-\newcommand{\Reason}[1]{\item[Reason:] #1}
-%\newcommand{\Call}[1]{\item[Call:] #1}
-\newcommand{\Expected}[1]{\item[Expected:] #1}
-\newcommand{\Conditions}[1]{\item[Conditions:] #1}
-\newcommand{\Priority}[1]{\item[Priority:] #1}
-\newcommand{\Status}[1]{\item[Status:] #1}
-%\newcommand{\Number}[1]{}
-%\newcommand{\Reason}[1]{}
-\newcommand{\Call}[1]{}
-%\newcommand{\Expected}[1]{}
-%\newcommand{\Conditions}[1]{}
-%\newcommand{\Priority}[1]{}
-
-\title{OpenV*Secure Admin Database API\\
-Unit Test Description\footnote{\rcsHeader}}
-\author{Jonathan I. Kamens}
-
-\begin{document}
-
-\maketitle
-
-%\tableofcontents
-
-\section{Introduction}
-
-The following is a description of a black-box unit test of the
-OpenV*Secure Admin Database API (osa_adb). Each API function is
-listed, followed by the tests that shoud be performed on it.
-
-The tests described here are based on the ``OV*Secure Admin Server
-Implementation Design'' revision 1.14.
-
-\section{osa_adb_get_lock and osa_adb_release_lock}
-
-\numtest{1}{
-\Reason{A shared lock can be acquired.}
-\Status{Implemented}
-}
-
-\numtest{2}{
-\Reason{An exclusive lock can be acquired and released.}
-\Status{Implemented}
-}
-
-\numtest{3}{
-\Reason{A permanent lock can be acquired and released.}
-\Status{Implemented}
-}
-
-\numtest{4}{
-\Reason{Attempting to release a lock when none is held fails with
-NOTLOCKED.}
-\Status{Implemented}
-}
-
-\numtest{5}{
-\Reason{Two processes can both acquire a shared lock.}
-\Status{Implemented}
-}
-
-\numtest{6}{
-\Reason{An attempt to acquire a shared lock while another process holds an
-exclusive lock fails with CANTLOCK_DB.}
-\Status{Implemented}
-}
-
-\numtest{7}{
-\Reason{An attempt to acquire an exclusive lock while another process holds a
-shared lock fails with CANTLOCK_DB.}
-\Status{Implemented}
-}
-
-\numtest{8}{
-\Reason{An attempt to open the database while a process holds a
-permanent lock fails with NO_LOCKFILE.}
-\Status{Implemented}
-}
-
-\numtest{9}{
-\Reason{An attempt to acquire an exclusive lock while a process holds a
-permanent lock fails with NO_LOCKFILE.}
-\Status{Implemented}
-}
-
-\numtest{10}{
-\Reason{Acquiring a permanent lock deletes the lockfile.}
-\Status{Implemented}
-}
-
-\numtest{11}{
-\Reason{Releasing a permanent lock re-creates the lockfile.}
-\Status{Implemented}
-}
-
-\numtest{12}{
-\Reason{A process can perform a get operation while another process holds a
-shared lock.}
-\Status{Implemented}
-}
-
-\numtest{13}{
-\Reason{A process that is running and has opened the adb principal database
-can retrieve a principal created after the open occurred.}
-\Status{Implemented, but not working}
-}
-
-\end{document}
+++ /dev/null
-\documentstyle[12pt,fullpage,changebar,rcsid]{article}
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%% Make _ actually generate an _, and allow line-breaking after it.
-\let\underscore=\_
-\catcode`_=13
-\def_{\underscore\penalty75\relax}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-
-\rcs$Id$
-
-\setlength{\parskip}{.7\baselineskip}
-\setlength{\parindent}{0pt}
-
-\def\v#1{\verb+#1+}
-
-\title{Kerberos Administration System \\
- KADM5 API Functional Specifications\thanks{\rcsId}}
-\author{Barry Jaspan}
-
-\begin{document}
-
-\sloppy
-\maketitle
-
-{\setlength{\parskip}{0pt}\tableofcontents}
-
-\section{Introduction}
-
-This document describes the Admin API that can be used to maintain
-principals and policies. It describes the data structures used for
-each function and the interpretation of each data type field, the
-semantics of each API function, and the possible return codes.
-
-The Admin API is intended to be used by remote clients using an RPC
-interface. It is implemented by the admin server running on the
-Kerberos master server. It is also possible for a program running on
-the Kerberos master server to use the Admin API directly, without
-going through the admin server.
-
-\section{Versions of the API}
-
-The versions of this API and a brief description of the changes for
-each are:
-
-\begin{description}
-\item[KADM5_API_VERSION_1] Also called OVSEC_KADM_API_VERSION_1. The
-initial version of this API, written by OpenVision Technologies and
-donated to MIT for including in the public release.
-
-\item[KADM5_API_VERSION_2] This version contains the initial changes
-necessary to make the OpenVision administration system work with the
-mid-1996 MIT version of Kerberos 5. Changes include
-\begin{enumerate}
-\item Renaming of the API from OVSEC_KADM to KADM5. Most everything
-has been renamed in one way or another, including functions, header
-files, and data structures. Where possible, the old OVSEC_KADM names
-have been left behind for compatibility with version 1. The
-OVSEC_KADM name compatibility has not been extended to new
-functionality in this version and will not be extended to future
-versions.
-
-\item The kadm5_init functions now take a structure of parameters
-instead of just a realm name, allowing the calling program to specify
-non-default values for various configuration options. See section
-\ref{sec:configparams} for details.
-
-\item The KADM5 API has been extended to support new features of the
-Kerberos database, including multiple encryption and salt types per
-principal. See section \ref{sec:keys} for details.
-
-\item kadm5_get_principal now allows a principal's keys to be
-retrieved {\it by local clients only}. This is necessary in order for
-the kadm5 API to provide the primary Kerberos database interface.
-
-\item The KADM5 authorization system has been completely changed.
-
-\item The functions kadm5_flush, kadm5_get_principals, and
-kadm5_get_policies have been added.
-
-\item The KADM5 API now obeys a caller-allocates rather than
-callee-allocates system. kadm5_get_principal and kadm5_get_policy are
-affected.
-\end{enumerate}
-\end{description}
-
-\section{Policies and Password Quality}
-
-The Admin API Password Quality mechanism provides the following
-controls. Note that two strings are defined to be ``significantly
-different'' if they differ by at least one character. The compare is not
-case sensitive.
-
-\begin{itemize}
-\item A minimum length can be required; a password with
-fewer than the specified number of characters will not be accepted.
-
-\item A minimum number of character classes can be required; a
-password that does not contain at least one character from at least
-the specified number of character classes will not be accepted. The
-character classes are defined by islower(), isupper(), isdigit(),
-ispunct(), and other.
-
-\item Passwords can be required to be different from
-previous passwords; a password that generates the same encryption key
-as any of the principal's specified previous number of passwords will
-not be accepted. This comparison is performed on the encryption keys
-generated from the passwords, not on the passwords themselves.
-
-\item A single ``forbidden password'' dictionary can be specified for all
-users; a password that is not significantly different from every word
-in the dictionary will not be accepted.
-\end{itemize}
-
-\section{Data Structures}
-
-This section describes the data structures used by the Admin API.
-They are defined in $<$kadm5/admin.h$>$.
-
-\subsection{Principals, kadm5_principal_ent_t}
-\label{sec:principal-structure}
-
-A Kerberos principal entry is represented by a kadm5_principal_ent_t.
-It contains a subset of the information stored in the master Kerberos
-database as well as the additional information maintained by the admin
-system. In the current version, the only additional information is
-the principal's policy and the aux_attributes flags.
-
-The principal may or may not have a policy enforced on it. If the
-POLICY bit (see section \ref{sec:masks}) is set in aux_attributes, the
-policy field names the principal's policy. If the POLICY bit is not
-set in aux_attributes, no policy is enforced on the principal and the
-value of the policy field is undefined.
-
-\begin{figure}[htbp]
-\begin{verbatim}
-typedef struct _kadm5_principal_ent_t {
- krb5_principal principal;
-
- krb5_timestamp princ_expire_time;
- krb5_timestamp last_pwd_change;
- krb5_timestamp pw_expiration;
- krb5_deltat max_life;
- krb5_principal mod_name;
- krb5_timestamp mod_date;
- krb5_flags attributes;
- krb5_kvno kvno;
- krb5_kvno mkvno;
-
- char * policy;
- u_int32 aux_attributes;
-
- krb5_deltat max_renewable_life;
- krb5_timestamp last_success;
- krb5_timestamp last_failed;
- krb5_kvno fail_auth_count;
- krb5_int16 n_key_data;
- krb5_int16 n_tl_data;
- krb5_tl_data *tl_data;
- krb5_key_data *key_data;
-} kadm5_principal_ent_rec, *kadm5_principal_ent_t;
-\end{verbatim}
-\caption{Definition of kadm5_principal_ent_t.}
-\label{fig:princ-t}
-\end{figure}
-
-The fields of an kadm5_principal_ent_t are interpreted as
-follows.
-
-\begin{description}
-\item[principal] The name of the principal; must conform to Kerberos
-naming specifications.
-
-\item[princ_expire_time] The expire time of the principal as a Kerberos
-timestamp. No Kerberos tickets will be issued for a principal after
-its expire time.
-
-\item[last_pwd_change] The time this principal's password was last
-changed, as a Kerberos timestamp.
-
-\item[pw_expiration] The expire time of the user's current password, as a
-Kerberos timestamp. No application service tickets will be issued for the
-principal once the password expire time has passed. Note that the user can
-only obtain tickets for services that have the PW_CHANGE_SERVICE bit set in
-the attributes field.
-
-\item[max_life] The maximum lifetime of any Kerberos ticket issued to
-this principal.
-
-\item[attributes] A bitfield of attributes for use by the KDC.
-Note that only some are explicitly supported by the admin system.
-
-\begin{tabular}{clr}
-{\bf Supported} & {\bf Name} & {\bf Value} \\
- & KRB5_KDB_DISALLOW_POSTDATED & 0x00000001 \\
- & KRB5_KDB_DISALLOW_FORWARDABLE & 0x00000002 \\
-X & KRB5_KDB_DISALLOW_TGT_BASED & 0x00000004 \\
- & KRB5_KDB_DISALLOW_RENEWABLE & 0x00000008 \\
- & KRB5_KDB_DISALLOW_PROXIABLE & 0x00000010 \\
- & KRB5_KDB_DISALLOW_DUP_SKEY & 0x00000020 \\
-X & KRB5_KDB_DISALLOW_ALL_TIX & 0x00000040 \\
- & KRB5_KDB_REQUIRES_PRE_AUTH & 0x00000080 \\
- & KRB5_KDB_REQUIRES_HW_AUTH & 0x00000100 \\
-X & KRB5_KDB_REQUIRES_PWCHANGE & 0x00000200 \\
- & KRB5_KDB_DISALLOW_SVR & 0x00001000 \\
-X & KRB5_KDB_PWCHANGE_SERVICE & 0x00002000 \\
- & KRB5_KDB_SUPPORT_DESMD5 & 0x00004000 \\
- & KRB5_KDB_NEW_PRINC & 0x00008000
-\end{tabular}
-
-The interpretation of each bit is as follows. For each of the bits
-that disables a corresponding KDC_OPT option, the option is disabled
-on an AS_REQ if the bit is set on either the client or the server, and
-the option is disabled on TGS_REQ if the bit is set on the server (the
-setting of the bit on the client is irrelevant for a TGS_REQ).
-
-\begin{description}
-\item[KRB5_KDB_DISALLOW_POSTDATED] Disables the ALLOW_POSTDATED
-and POSTDATED KDC options on AS_REQ and TGS_REQ.
-
-\item[KRB5_KDB_DISALLOW_FORWARDABLE] Disables the FORWARDABLE KDC
-option for AS_REQ and TGS_REQ.
-
-\item[KRB5_KDB_DISALLOW_TGT_BASED] All TGS_REQ requests will fail for
-a principal with this bit set.
-
-\item[KRB5_KDB_DISALLOW_RENEWABLE] Disables the RENEWABLE KDC option for
-AS_REQ and TGS_REQ.
-
-\item[KRB5_KDB_DISALLOW_PROXIABLE] Disables the PROXIABLE KDC option on
-AS_REQ and TGS_REQ.
-
-\item[KRB5_KDB_DISALLOW_DUP_SKEY] Disables the ENC_TKT_IN_SKEY option on
-TGS_REQ.
-
-\item[KRB5_KDB_DISALLOW_ALL_TIX] All AS_REQ requests fail if this bit
-is set for the client or the server, and all TGS_REQ requests fail if
-this bit is set for the server. Note that this bit can be set
-automatically if the symbol KRBCONF_KDC_MODIFIES_KDC is defined and a
-specified number of pre-authentication attempts fail.
-
-\item[KRB5_KDB_REQUIRES_PRE_AUTH] Any AS_REQ will fail if this bit is
-set and the padata field of the request is empty. Any TGS_REQ will
-fail if this bit is set and the TKT_FLAG_PRE_AUTH bit is not set in
-the tgt. Thus, it is possible to have the bit not set on the TGT but
-to have a specific service require pre-authentication.
-
-\item[KRB5_KDB_REQUIRES_HW_AUTH] Unclear.
-
-\item[KRB5_KDB_REQUIRES_PWCHANGE] An AS_REQ will fail if this bit is
-set on the client and the KRB5_KDC_PWCHANGE_SERVICE bit is not set on
-the server.
-
-\item[KRB5_KDB_DISALLOW_SVR] All AS_REQ and TGS_REQ request will fail
-if the server has this bit set.
-
-\item[KRB5_KDB_PWCHANGE_SERVICE] An request from a client whose
-password has expired will succeed if this bit is set on the server.
-Also see KRB5_KDC_REQUIRES_PWCHANGE.
-
-\item[KRB5_KDB_SUPPORT_DESMD5] This bit indicates that the principal
-understands ENCTYPE_DES_MD5 and therefore that that encryption type
-should be used whenever a DES encryption type is request (implicitly
-assuming that it is the best DES-based encryption type available,
-which may not be the case if we implement ENCTYPE_DES_SHA for
-example). The bit is employed during an AS_REQ and a TGS_REQ whenever
-the a key to be used is ENCTYPE_DES_CRC; if this bit is set (and if
-the client listed MD5 in its request, in the case of a session key),
-ENCTYPE_DES_MD5 is used instead.
-
-This bit is basically a kludge to save space in the KDC database.
-Without it, a service that supported DES with CRC and MD5 would have
-to have two separate key_data entries in the database, differing only
-in encryption type. This bit allows a principal to have only a single
-key, using CRC, because it tells the KDC that the same key can be used
-with MD5.
-
-This solution will not scale well to handle the inevitable future
-situation of multiple salt types with DES3 or other encryption
-systems. A better solution is needed; perhaps the redundant key data
-should just be stored in the database.
-
-\item[KRB5_KDB_NEW_PRINC] If this bit is set, the principal is still
-being ``created'' and the administration system should allow
-administrators with ``add'' priviledge to modify it. This bit was
-created for use by a different Kerberos administration system that was
-never completed, and is not presently used.
-\end{description}
-
-\item[mod_name] The name of the Kerberos principal that most recently
-modified this principal.
-
-\item[mod_date] The time this principal was last modified, as a Kerberos
-timestamp.
-
-\item[kvno] The version of the principal's current key.
-
-\item[mkvno] The version of the Kerberos Master Key in effect when
-this principal's key was last changed. In KADM5_API_VERSION_2, this
-field is always zero.
-
-\item[policy] If the POLICY bit is set in aux_attributes, the name
-of the policy controlling this principal.
-
-\item[aux_attributes] A bitfield of flags for use by the
-administration system. Currently, the only valid flag is POLICY, and
-it indicates whether or not the principal has a policy enforced on it.
-
-\item[max_renewable_life] The maximum renewable lifetime of any
-Kerberos ticket issued to or for this principal. This field only
-exists in KADM5_API_VERSION_2.
-
-\item[last_success] The KDC time of the last successful AS_REQ. This
-is only updated if KRBCONF_KDC_MODIFIES_KDB is defined during
-compilation of the KDC. This field only exists in
-KADM5_API_VERSION_2.
-
-\item[last_failed] The KDC time of the last failed AS_REQ. This is
-only updated if KRBCONF_KDC_MODIFIES_KDB is defined during compilation
-of the KDC. This field only exists in KADM5_API_VERSION_2.
-
-\item[fail_auth_count] The number of consecutive failed AS_REQs. When
-this number reaches KRB5_MAX_FAIL_COUNT, the KRB5_KDC_DISALLOW_ALL_TIX
-is set on the principal. This is only updated if
-KRBCONF_KDC_MODIFIES_KDB is defined during compilation. This field
-only exists in KADM5_API_VERSION_2.
-
-\item[n_tl_data] The number of elements in the \v{tl_data} linked
-list. This field only exists in KADM5_API_VERSION_2.
-
-\item[n_key_data] The number of elements in the \v{key_data}
-array. This field only exists in KADM5_API_VERSION_2.
-
-\item[tl_data] A linked list of tagged data. This list is a mechanism
-by which programs can store extended information in a principal entry,
-without having to modify the database API. Each element is of type
-krb5_tl_data:
-\begin{verbatim}
-typedef struct _krb5_tl_data {
- struct _krb5_tl_data* tl_data_next;
- krb5_int16 tl_data_type;
- krb5_int16 tl_data_length;
- krb5_octet * tl_data_contents;
-} krb5_tl_data;
-\end{verbatim}
-The libkdb library defines the tagged data types
-KRB5_TL_LAST_PWD_CHANGE, KRB5_TL_MOD_PRINC, and KRB5_TL_KADM_DATA,
-which store the last password modification time, time and modifier of
-last principal modification, and administration system data. All of
-these entries are expected by the administration system and parsed out
-into fields of the kadm5_principal_ent_rec structure; they are also
-left in the tl_data list.
-
-The KADM5 API defines its own tagged data type, KRB5_TL_KADM5_E_DATA,
-which stores the contents of the e_data field of a krb5_db_entry. The
-tagged data is only present if the database entry has extended data,
-and will only ever exist while KADM5 is implemented on top of the
-DB/DBM database mechansim.
-
-Any additional tagged data fields found in the database will also be
-provided, without interpretation.
-
-\item[key_data] An array of the principal's keys. The keys contained
-in this array are encrypted in the Kerberos master key. See section
-\ref{sec:keys} for a discussion of the krb5_key_data structure.
-\end{description}
-
-\subsection{Policies, kadm5_policy_ent_t}
-\label{sec:policy-fields}
-
-If the POLICY bit is set in aux_attributes, the \v{policy} name field
-in the kadm5_principal_ent_t structure refers to a password policy
-entry defined in a \v{kadm5_policy_ent_t}.
-
-\begin{verbatim}
-typedef struct _kadm5_policy_ent_t {
- char *policy;
-
- u_int32 pw_min_life;
- u_int32 pw_max_life;
- u_int32 pw_min_length;
- u_int32 pw_min_classes;
- u_int32 pw_history_num;
- u_int32 policy_refcnt;
-} kadm5_policy_ent_rec, *kadm5_policy_ent_t;
-\end{verbatim}
-
-The fields of an kadm5_policy_ent_t are interpreted as follows.
-Note that a policy's values only apply to a principal using that
-policy.
-
-\begin{description}
-\item[policy] The name of this policy, as a NULL-terminated string.
-The ASCII characters between 32 (space) and 126 (tilde), inclusive,
-are legal.
-
-\item[pw_min_life] The minimum password lifetime, in seconds.
-A principal cannot change its password before pw_min_life seconds have
-passed since last_pwd_change.
-
-\item[pw_max_life] The default duration, in seconds, used to compute
-pw_expiration when a principal's password is changed.
-
-\item[pw_min_length] The minimum password length, in characters. A
-principal cannot set its password to anything with fewer than this
-number of characters. This value must be greater than zero.
-
-\item[pw_min_classes] The minimum number of character classes in the
-password. This value can only be 1, 2, 3, 4, or 5. A principal cannot
-set its password to anything with fewer than this number of character
-classes in it.
-
-\item[pw_history_num] The number of past passwords that are
-stored for the principal; the minimum value is 1 and the maximum value
-is 10. A principal cannot set its password to any of its previous
-pw_history_num passwords. The first ``previous'' password is the
-current password; thus, a principal with a policy can never reset its
-password to its current value.
-
-\item[policy_refcnt] The number of principals currently using this policy.
-A policy cannot be deleted unless this number is zero.
-\end{description}
-
-\subsection{Configuration parameters}
-\label{sec:configparams}
-
-The KADM5 API acquires configuration information from the Kerberos
-configuration file (\$KRB5_CONFIG or /etc/krb5.conf) and from the KDC
-configuration file (\$KRB5_KDC_CONFIG or DEFAULT_KDC_PROFILE). In
-KADM5_API_VERSION_2, some of the configuration parameters used by the
-KADM5 API can be controlled by the caller by providing a
-kadm5_config_params structure to kadm5_init:
-%
-\begin{verbatim}
-typedef struct _kadm5_config_params {
- u_int32 mask;
-
- /* Client and server fields */
- char *realm;
- char *profile;
- int kadmind_port;
-
- /* client fields */
- char *admin_server;
-
- /* server fields */
- char *dbname;
- char *admin_dbname;
- char *admin_lockfile;
- char *acl_file;
- char *dict_file;
- char *admin_keytab;
-
- /* server library (database) fields */
- char *stash_file;
- char *mkey_name;
- krb5_enctype enctype;
- krb5_deltat max_life;
- krb5_deltat max_rlife;
- krb5_timestamp expiration;
- krb5_flags flags;
- krb5_key_salt_tuple *keysalts;
- krb5_int32 num_keysalts;
-} kadm5_config_params;
-\end{verbatim}
-%
-The following list describes each of the fields of the structure,
-along with the profile variable name it overrides, its mask value, its
-default value, and whether it is valid on the client, server, or both.
-\begin{description}
-\item[mask] No variable. No mask value. A bitfield specifying which
-fields of the structure contain valid information. A caller sets this
-mask before calling kadm5_init_*, indicating which parameters are
-specified. The mask values are defined in $<$kadm5/admin.h$>$ and are
-all prefixed with KADM5_CONFIG_; the prefix is not included in the
-descriptions below.
-
-\item[realm] No variable. REALM. Client and server. The realm to
-which these parameters apply, and the realm for which additional
-parameters are to be acquired, if any. If this field is not specified
-in the mask, the default local realm is used.
-
-\item[profile] Variable: profile (server only). PROFILE. Client and
-server. The Kerberos profile to use. On the client, the default is
-the value of the KRB5_CONFIG environment variable, or /etc/krb5.conf
-if that is not set. On the server, the value of the ``profile''
-variable of the KDC configuration file will be used as the first
-default if it exists; otherwise, the default is the value of the
-KRB5_KDC_PROFILE environment variable or DEFAULT_KDC_PROFILE.
-
-\item[kadmind_port] Variable: kadmind_port. KADMIND_PORT. Client and
-server. The port number the kadmind server listens on. The client
-uses this field to determine where to connect, and the server to
-determine where to listen. The default is 752 (XXX).
-
-\item[admin_server] Variable: admin_server. ADMIN_SERVER. Client.
-The host name of the admin server to which to connect. There is no
-default. If the value of this field contains a colon (:), the text
-following the colon is treated as an integer and assigned to the
-kadmind_port field, overriding any value of the kadmind_port variable.
-
-\item[dbname] Variable: dbname. DBNAME. Server. The Kerberos
-database name to use; the Kerberos database stores principal
-information. There is no default.
-
-\item[admin_dbname] Variable: admin_database_name. ADBNAME. Server.
-The administration database name to use; the administration database
-stores policy information. The default is the value of dbname
-followed by ``.kadm5'', if dbname is set.
-
-\item[admin_lockfile] Variable: admin_database_lockfile.
-ADB_LOCKFILE. Server. The administration database lock file name,
-used to lock the administration database. The default is admin_dbname
-followed by ``.lock'', if admin_dbname is set.
-
-\item[acl_file] Variable: acl_file. ACL_FILE. Server. The admin
-server's ACL file. No default.
-
-\item[dict_file] Variable: admin_dict_file. DICT_FILE. Server. The
-admin server's dictionary file of passwords to disallow. No default.
-
-\item[admin_keytab] Variable: admin_keytab. ADMIN_KEYTAB. Server.
-The keytab file containing the kadmin/admin and kadmin/changepw
-entries for the server to use. The default is the value of the
-KRB5_KTNAME environment variable, if defined.
-
-\item[stash_file] Variable: key_stash_file. STASH_FILE. Server. The
-file name containing the master key stash file. No default; libkdb
-will work with a NULL value.
-
-\item[mkey_name] Variable: master_key_name. MKEY_NAME. Server. The
-name of the master principal for the realm. No default; lbkdb will
-work with a NULL value.
-
-\item[enctype] Variable: master_key_type. ENCTYPE. Server. The
-encryption type of the master principal. No default.
-
-\item[max_life, max_rlife, expiration, flags] Variables: max_life,
-max_renewable_life, default_principal_expiration,
-default_principal_flags. MAX_LIFE, MAX_RLIFE, EXPIRATION, FLAGS.
-Server. Default values for new principals. All default to 0.
-
-\item[keysalts, num_keysalts] Variable: supported_enctypes. ENCTYPES.
-Server. The list of supported encryption type/salt type tuples; both
-fields must be assigned if ENCTYPES is set. No default.
-\end{description}
-
-\subsection{Principal keys}
-\label{sec:keys}
-
-In KADM5_API_VERSION_1, all principals had a single key. The
-encryption method was always DES, and the salt type was determined
-outside the API (by command-line options to the administration
-server).
-
-In KADM5_API_VERSION_2, principals can have multiple keys, each with
-its own encryption type and salt. Each time a principal's key is
-changed with kadm5_create_principal, kadm5_chpass_principal or
-kadm5_randkey_principal, existing key entries are removed and a key
-entry for each encryption and salt type tuple specified in the
-configuration parameters is added. There is no provision for
-specifying encryption and salt type information on a per-principal
-basis; in a future version, this will probably be part of the admin
-policy. There is also presently no provision for keeping multiple key
-versions for a single principal active in the database.
-
-A single key is represented by a krb5_key_data:
-%
-\begin{verbatim}
-typedef struct _krb5_key_data {
- krb5_int16 key_data_ver; /* Version */
- krb5_int16 key_data_kvno; /* Key Version */
- krb5_int16 key_data_type[2]; /* Array of types */
- krb5_int16 key_data_length[2]; /* Array of lengths */
- krb5_octet * key_data_contents[2]; /* Array of pointers */
-} krb5_key_data;
-\end{verbatim}
-%
-\begin{description}
-\item[key_data_ver] The verion number of the structure. Versions 1
-and 2 are currently defined. If key_data_ver is 1 then the key is
-either a random key (not requiring a salt) or the salt is the normal
-v5 salt which is the same as the realm and therefore doesn't need to
-be saved in the database.
-
-\item[key_data_kvno] The key version number of this key.
-
-\item[key_data_type] The first element is the enctype of this key. In
-a version 2 structure, the second element is the salttype of this key.
-The legal encryption types are defined in $<$krb5.h$>$. The legal
-salt types are defined in $<$k5-int.h$>$.
-
-\item[key_data_length] The first element is length this key. In a
-version 2 structure, the second element is length of the salt for this
-key.
-
-\item[key_data_contents] The first element is the content of this key.
-In a version 2 structure, the second element is the contents of the
-salt for this key.
-\end{description}
-
-\subsection{Field masks}
-\label{sec:masks}
-
-The API functions for creating, retrieving, and modifying principals
-and policies allow for a relevant subset of the fields of the
-kadm5_principal_ent_t and kadm5_policy_ent_t to be specified or
-changed. The chosen fields are determined by a bitmask that is passed
-to the relevant function. Each API function has different rules for
-which mask values can be specified, and can specify whether a given
-mask value is mandatory, optional, or forbidden. Mandatory fields
-must be present and forbidden fields must not be present or an error
-is generated. When creating a principal or policy, optional fields
-have a default value if they are not specified. When modifying a
-principal or policy, optional fields are unchanged if they are not
-specified. When retrieving a principal, optional fields are simply
-not provided if they are not specified; not specifying undeeded fields
-for retrieval may improve efficiency. The values for forbidden fields
-are defined in the function semantics.
-
-The masks for principals are in table \ref{tab:princ-bits} and the
-masks for policies are in table \ref{tab:policy-bits}. They are
-defined in $<$kadm5/admin.h$>$. The KADM5_ prefix has been removed
-from the Name fields. In the Create and Modify fields, M means
-mandatory, F means forbidden, and O means optional. Create fields
-that are optional specify the default value. The notation ``K/M
-value'' means that the field inherits its value from the corresponding
-field in the Kerberos master principal, for KADM5_API_VERSION_1, and
-from the configuration parameters for KADM5_API_VERSION_2.
-
-All masks for principals are optional for retrevial, {\it except} that
-the KEY_DATA mask is illegal when specified by a remote client; for
-details, see the function semantics for kadm5_get_principal.
-
-Note that the POLICY and POLICY_CLR bits are special. When POLICY is
-set, the policy is assigned to the principal. When POLICY_CLR is
-specified, the policy is unassigned to the principal and as a result
-no policy controls the principal.
-
-For convenience, the mask KADM5_PRINCIPAL_NORMAL_MASK contains all of
-the principal masks {\it except} KADM5_KEY_DATA and KADM5_TL_DATA, and
-the mask KADM5_POLICY_NORMAL_MASK contains all of the policy masks.
-
-\begin{table}[htbp]
-\begin{tabular}{@{}lclll}
-{\bf Name} & {\bf Value} & {\bf Fields Affected} & {\bf Create} &
- {\bf Modify} \\
-PRINCIPAL & 0x000001 & principal & M & F \\
-PRINC_EXPIRE_TIME & 0x000002 & princ_expire_time & O, K/M value & O \\
-PW_EXPIRATION & 0x000004 & pw_expiration & O, now+pw_max_life & O \\
-LAST_PWD_CHANGE & 0x000008 & last_pwd_change & F & F \\
-ATTRIBUTES & 0x000010 & attributes & O, 0 & O \\
-MAX_LIFE & 0x000020 & max_life & O, K/M value & O \\
-MOD_TIME & 0x000040 & mod_date & F & F \\
-MOD_NAME & 0x000080 & mod_name & F & F \\
-KVNO & 0x000100 & kvno & O, 1 & O \\
-MKVNO & 0x000200 & mkvno & F & F \\
-AUX_ATTRIBUTES & 0x000400 & aux_attributes & F & F \\
-POLICY & 0x000800 & policy & O, none & O \\
-POLICY_CLR & 0x001000 & policy & F & O \\
-MAX_RLIFE & 0x002000 & max_renewable_life & O, K/M value & O \\
-LAST_SUCCESS & 0x004000 & last_success & F & O \\
-LAST_FAILED & 0x008000 & last_failed & F & O \\
-FAIL_AUTH_COUNT & 0x010000 & fail_auth_count & F & O \\
-KEY_DATA & 0x020000 & n_key_data, key_data & F & F \\
-TL_DATA & 0x040000 & n_tl_data, tl_data & F & F
-\end{tabular}
-\caption{Mask bits for creating, retrieving, and modifying principals.}
-\label{tab:princ-bits}
-\end{table}
-
-\begin{table}[htbp]
-\begin{tabular}{@{}lclll}
-Name & Value & Field Affected & Create & Modify \\
-POLICY & same & policy & M & F \\
-PW_MAX_LIFE & 0x004000 & pw_max_life & O, 0 (infinite) & O \\
-PW_MIN_LIFE & 0x008000 & pw_min_life & O, 0 & O \\
-PW_MIN_LENGTH & 0x010000 & pw_min_length & O, 1 & O \\
-PW_MIN_CLASSES & 0x020000 & pw_min_classes & O, 1 & O \\
-PW_HISTORY_NUM & 0x040000 & pw_history_num & O, 0 & O \\
-REF_COUNT & 0x080000 & pw_refcnt & F & F
-\end{tabular}
-\caption{Mask bits for creating/modifying policies.}
-\label{tab:policy-bits}
-\end{table}
-
-\section{Constants, Header Files, Libraries}
-
-$<$kadm5/admin.h$>$ includes a number of required header files,
-including RPC, Kerberos 5, com_err, and admin com_err
-defines. It contains prototypes for all kadm5 routines mentioned
-below, as well as all Admin API data structures, type definitions and
-defines mentioned in this document.
-
-Before \v{\#include}ing $<$kadm5/admin.h$>$, the programmer can
-specify the API version number that the program will use by
-\v{\#define}ing USE_KADM5_API_VERSION; for example, define that symbol
-to be 1 to use KADM5_API_VERSION_1. This will ensure that the correct
-functional protoypes and data structures are defined. If no version
-symbol is defined, the most recent version supported by the header
-files will be used.
-
-Some of the defines and their values contained in $<$kadm5/admin.h$>$
-include the following, whose KADM5_ prefixes have been removed.
-Symbols that do not exist in KADM5_API_VERSION_2 do not have a KADM5_
-prefix, but instead retain only with OVSEC_KADM_ prefix for
-compatibility.
-\begin{description}
-\item[admin service principal] ADMIN_SERVICE (``kadmin/admin'')
-\item[admin history key] HIST_PRINCIPAL (``kadmin/history'')
-\item[change password principal] CHANGEPW_SERVICE (``kadmin/changepw'')
-\item[server acl file path] ACLFILE (``/krb5/ovsec_adm.acl''). In
-KADM5_API_VERSION 2, this is controlled by configuration parameters.
-\item[dictionary] WORDFILE (``/krb5/kadmind.dict''). In
-KADM5_API_VERSION 2, this is controlled by configuration parameters.
-\end{description}
-
-KADM5 errors are described in $<$kadm5/kadm_err.h$>$, which
-is included by $<$kadm5/admin.h$>$.
-
-The locations of the admin policy and principal databases, as well as
-defines and type definitions for the databases, are defined in
-$<$kadm5/adb.h$>$. Some of the defines in that file are:
-\begin{description}
-\item[admin policy database] POLICY_DB (``/krb5/kadm5_policy.db''). In
-KADM5_API_VERSION 2, this is controlled by configuration parameters.
-\item[admin principal database] PRINCIPAL_DB
-(``/krb5/ovsec_principal.db''). In KADM5_API_VERSION 2, this is
-controlled by configuration parameters.
-\end{description}
-
-Client applications will link against libkadm5clnt.a and server
-programs against libkadm5srv.a. Client applications must also link
-against: libgssapi_krb5.a, libkrb5.a, libcrypto.a, librpclib.a,
-libcom_err.a, and libdyn.a. Server applications must also link
-against: libkdb5.a, libkrb5.a, libcrypto.a, librpclib.a, libcom_err.a,
-and libdyn.a.
-
-\section{Error Codes}
-
-The error codes that can be returned by admin functions are listed
-below. Error codes indicated with a ``*'' can be returned by every
-admin function and always have the same meaning; these codes are
-omitted from the list presented with each function.
-
-The admin system guarantees that a function that returns an error code
-has no other side effect.
-
-The Admin system will use \v{com_err} for error codes. Note that this
-means \v{com_err} codes may be returned from functions that the admin
-routines call (e.g. the kerberos library). Callers should not expect
-that only KADM5 errors will be returned. The Admin system error code
-table name will be ``kadm'', and the offsets will be the same as the
-order presented here. As mentioned above, the error table include file
-will be $<$kadm5/kadm_err.h$>$.
-
-Note that these error codes are also used as protocol error code
-constants and therefore must not change between product releases.
-Additional codes should be added at the end of the list, not in the
-middle. The integer value of KADM5_FAILURE is 43787520; the
-remaining values are assigned in sequentially increasing order.
-
-\begin{description}
-\item[* KADM5_FAILURE] Operation failed for unspecified reason
-\item[* KADM5_AUTH_GET] Operation requires ``get'' privilege
-\item[* KADM5_AUTH_ADD] Operation requires ``add'' privilege
-\item[* KADM5_AUTH_MODIFY] Operation requires ``modify'' privilege
-\item[* KADM5_AUTH_DELETE] Operation requires ``delete'' privilege
-\item[* KADM5_AUTH_INSUFFICIENT] Insufficient authorization for
-operation
-\item[* KADM5_BAD_DB] Database inconsistency detected
-\item[KADM5_DUP] Principal or policy already exists
-\item[KADM5_RPC_ERROR] Communication failure with server
-\item[KADM5_NO_SRV] No administration server found for realm
-\item[KADM5_BAD_HIST_KEY] Password history principal key version
-mismatch
-\item[KADM5_NOT_INIT] Connection to server not initialized
-\item[KADM5_UNK_PRINC] Principal does not exist
-\item[KADM5_UNK_POLICY] Policy does not exist
-\item[KADM5_BAD_MASK] Invalid field mask for operation
-\item[KADM5_BAD_CLASS] Invalid number of character classes
-\item[KADM5_BAD_LENGTH] Invalid password length
-\item[KADM5_BAD_POLICY] Illegal policy name
-\item[KADM5_BAD_PRINCIPAL] Illegal principal name.
-\item[KADM5_BAD_AUX_ATTR] Invalid auxillary attributes
-\item[KADM5_BAD_HISTORY] Invalid password history count
-\item[KADM5_BAD_MIN_PASS_LIFE] Password minimum life is greater
-then password maximum life
-\item[KADM5_PASS_Q_TOOSHORT] Password is too short
-\item[KADM5_PASS_Q_CLASS] Password does not contain enough
-character classes
-\item[KADM5_PASS_Q_DICT] Password is in the password dictionary
-\item[KADM5_PASS_REUSE] Cannot resuse password
-\item[KADM5_PASS_TOOSOON] Current password's minimum life has not
-expired
-\item[KADM5_POLICY_REF] Policy is in use
-\item[KADM5_INIT] Connection to server already initialized
-\item[KADM5_BAD_PASSWORD] Incorrect password
-\item[KADM5_PROTECT_PRINCIPAL] Cannot change protected principal
-\item[* KADM5_BAD_SERVER_HANDLE] Programmer error! Bad Admin server handle
-\item[* KADM5_BAD_STRUCT_VERSION] Programmer error! Bad API structure version
-\item[* KADM5_OLD_STRUCT_VERSION] API structure version specified by application is no longer supported (to fix, recompile application against current Admin API header files and libraries)
-\item[* KADM5_NEW_STRUCT_VERSION] API structure version specified by application is unknown to libraries (to fix, obtain current Admin API header files and libraries and recompile application)
-\item[* KADM5_BAD_API_VERION] Programmer error! Bad API version
-\item[* KADM5_OLD_LIB_API_VERSION] API version specified by application is no longer supported by libraries (to fix, update application to adhere to current API version and recompile)
-\item[* KADM5_OLD_SERVER_API_VERSION] API version specified by application is no longer supported by server (to fix, update application to adhere to current API version and recompile)
-\item[* KADM5_NEW_LIB_API_VERSION] API version specified by application is unknown to libraries (to fix, obtain current Admin API header files and libraries and recompile application)
-\item[* KADM5_NEW_SERVER_API_VERSION] API version specified by
-application is unknown to server (to fix, obtain and install newest
-Admin Server)
-\item[KADM5_SECURE_PRINC_MISSING] Database error! Required principal missing
-\item[KADM5_NO_RENAME_SALT] The salt type of the specified principal
-does not support renaming
-\item[KADM5_BAD_CLIENT_PARAMS] Illegal configuration parameter for
-remote KADM5 client
-\item[KADM5_BAD_SERVER_PARAMS] Illegal configuration parameter for
-local KADM5 client.
-\item[KADM5_AUTH_LIST] Operation requires ``list'' privilege
-\item[KADM5_AUTH_CHANGEPW] Operation requires ``change-password'' privilege
-\end{description}
-
-\section{Authentication and Authorization}
-\label{sec:auth}
-
-Two Kerberos principals exist for use in communicating with the Admin
-system: kadmin/admin and kadmin/changepw. Both principals
-have the KRB5_KDB_DISALLOW_TGT_BASED bit set in their attributes so
-that service tickets for them can only be acquired via a
-password-based (AS_REQ) request. Additionally, kadmin/changepw
-has the KRB5_KDB_PWCHANGE_SERVICE bit set so that a principal with an
-expired password can still obtain a service ticket for it.
-
-The Admin system accepts requests that are authenticated to either
-service principal, but the sets of operations that can be performed by
-a request authenticated to each service are different. In particular,
-only the functions chpass_principal, randkey_principal, get_principal,
-and get_policy can be performed by a request authenticated to the
-kadmin/changepw service. The function semantics descriptions below
-give the precise details.
-
-Each Admin API operation authenticated to the kadmin/admin service
-requires a specific authorization to run. This version uses a simple
-named privilege system with the following names and meanings:
-
-\begin{description}
-\item[Get] Able to examine the attributes (NOT key data) of principals
-and policies.
-\item[Add] Able to add principals and policies.
-\item[Modify] Able to modify attributes of existing principals and
-policies; this does not include changing passwords.
-\item[Delete] Able to remove principals and policies.
-\item[List] Able to retrieve a list of principals and policies.
-\item[Changepw] Able to change the password of principals.
-\end{description}
-
-Privileges are specified via an external configuration file on the
-Kerberos master server.
-
-Table \ref{tab:func-overview} summarizes the authorization
-requirements of each function. Additionally, each API function
-description identifies the privilege required to perform it. The
-Authorization checks only happen if you are using the RPC mechanism.
-If you are using the server-side API functions locally on the admin
-server, the only authorization check is if you can access the
-approporiate local files.
-
-\section{Functions}
-
-\subsection{Overview}
-
-The functions provided by the Admin API, and the authorization they
-require, are listed in the table \ref{tab:func-overview}. The
-``kadm5_'' prefix has been removed from each function name.
-
-The function semantics in the following sections omit details that are
-the same for every function.
-
-\begin{itemize}
-\item The effects of every function are atomic.
-
-\item Every function performs an authorization check and returns
-the appropriate KADM5_AUTH_* error code if the caller does not
-have the required privilege. No other information or error code is
-ever returned to an unauthorized user.
-
-\item Every function checks its arguments for NULL pointers or other
-obviously invalid values, and returns EINVAL if any are detected.
-
-\item Any function that performs a policy check uses the policy named
-in the principal's policy field. If the POLICY bit is not set in the
-principal's aux_attributes field, however, the principal has no
-policy, so the policy check is not performed.
-
-\item Unless otherwise specified, all functions return KADM5_OK.
-\end{itemize}
-
-\begin{table}[htbp]
-\caption{Summary of functions and required authorization.}
-\label{tab:func-overview}
-\begin{tabular}{@{}llp{3.24in}}
-\\
-{\bf Function Name} & {\bf Authorization} & {\bf Operation} \\
-
-init & none & Open a connection with the kadm5 library. OBSOLETE
-but still provided---use init_with_password instead. \\
-init_with_password & none & Open a connection with the kadm5
-library using a password to obtain initial credentials. \\
-init_with_skey & none & Open a connection with the kadm5 library
-using the keytab entry to obtain initial credentials. \\
-destroy & none & Close the connection with the kadm5 library. \\
-flush & none & Flush all database changes to disk; no-op when called
-remotely. \\
-create_principal & add & Create a new principal. \\
-delete_principal & delete & Delete a principal. \\
-modify_principal & modify & Modify the attributes of an existing
- principal (not password). \\
-rename_principal & add and delete & Rename a principal. \\
-get_principal & get\footnotemark & Retrieve a principal. \\
-get_principals & list & Retrieve some or all principal names. \\
-chpass_principal & changepw\footnotemark[\thefootnote] &
- Change a principal's password. \\
-chpass_principal_util & changepw\footnotemark[\thefootnote] & Utility wrapper around chpass_principal. \\
-randkey_principal & changepw\footnotemark[\thefootnote] &
- Randomize a principal's key. \\
-create_policy & add & Create a new policy. \\
-delete_policy & delete & Delete a policy. \\
-modify_policy & modify & Modify the attributes of a policy. \\
-get_policy & get & Retrieve a policy. \\
-get_policies & list & Retrieve some or all policy names. \\
-free_principal_ent & none & Free the memory associated with an
- kadm5_principal_ent_t. \\
-free_policy_ent & none & Free the memory associated with an
- kadm5_policy_ent_t. \\
-get_privs & none & Return the caller's admin server privileges.
-\end{tabular}
-\end{table}
-\footnotetext[\thefootnote]{These functions also allow a principal to
-perform the operation on itself; see the function's semantics for
-details.}
-
-\subsection{kadm5_init_*}
-
-In KADM5_API_VERSION 1:
-
-\begin{verbatim}
-kadm5_ret_t kadm5_init_with_password(char *client_name, char *pass,
- char *service_name, char *realm,
- unsigned long struct_version,
- unsigned long api_version,
- void **server_handle)
-
-kadm5_ret_t kadm5_init_with_skey(char *client_name, char *keytab,
- char *service_name, char *realm,
- unsigned long struct_version,
- unsigned long api_version,
- void **server_handle)
-
-kadm5_ret_t kadm5_init(char *client_name, char *pass,
- char *service_name, char *realm,
- unsigned long struct_version,
- unsigned long api_version,
- void **server_handle)
-\end{verbatim}
-
-In KADM5_API_VERSION 2:
-
-\begin{verbatim}
-kadm5_ret_t kadm5_init_with_password(char *client_name, char *pass,
- char *service_name,
- kadm5_config_params *realm_params,
- unsigned long struct_version,
- unsigned long api_version,
- void **server_handle)
-
-kadm5_ret_t kadm5_init_with_skey(char *client_name, char *keytab,
- char *service_name,
- kadm5_config_params *realm_params,
- unsigned long struct_version,
- unsigned long api_version,
- void **server_handle)
-
-kadm5_ret_t kadm5_init(char *client_name, char *pass,
- char *service_name,
- kadm5_config_params *realm_params,
- unsigned long struct_version,
- unsigned long api_version,
- void **server_handle)
-\end{verbatim}
-
-AUTHORIZATION REQUIRED: none
-
-NOTE: kadm5_init is an obsolete provided for backwards
-compatibility. It is identical to kadm5_init_with_password.
-
-These three functions open a connection to the kadm5 library and
-initialize any neccessary state information. They behave differently
-when called from local and remote clients.
-
-In KADM5_API_VERSION_2, these functions take a kadm5_config_params
-structure instead of a realm name as an argument. The semantics are
-similar: if a NULL pointer is passed for the realm_params argument,
-the default realm and default parameters for that realm, as specified
-in the krb5 configuration file (e.g. /etc/krb5.conf) are used. If a
-realm_params structure is provided, the fields that are set override
-the default values. If a parameter is specified to the local or
-remote libraries that does not apply to that side, an error code
-(KADM5_BAD_CLIENT_PARAMS or KADM5_BAD_SERVER_PARAMS) is returned. See
-section \ref{sec:configparams} for a discussion of configuration
-parameters.
-
-For remote clients, the semantics are:
-
-\begin{enumerate}
-\item Initializes all the com_err error tables used by the Admin
-system.
-
-\item Acquires configuration parameters. In KADM5_API_VERSION_1, all
-the defaults specified in the configuration file are used, according
-to the realm. In KADM5_API_VERSION_2, the values in params_in are
-merged with the default values. If an illegal mask value is
-specified, KADM5_BAD_CLIENT_PARAMS is returned.
-
-\item Acquires a Kerberos ticket for the specified service.
-
-\begin{enumerate}
-\item The ticket's client is client_name, which can be any valid
-Kerberos principal. If client_name does not include a realm, the
-default realm of the local host is used
-\item The ticket's service is service_name@realm. service_name must
-be one of the constants KADM5_ADMIN_SERVICE or
-KADM5_CHANGEPW_SERVICE.
-\item If realm is NULL, client_name's realm is used.
-
-\item For init_with_password, the ticket is decoded with the password
-pass, which must be client_name's password. If pass is NULL or an
-empty string, the user is prompted (via the tty) for a password.
-
-\item For init_with_skey, the ticket is decoded with client_name's key
-obtained from the keytab keytab. If keytab is NULL or an empty string
-the default keytab is used.
-\end{enumerate}
-
-\item Creates a GSS-API authenticated connection to the Admin server,
-using the just-acquired Kerberos ticket.
-
-\item Verifies that the struct_version and api_version specified by
-the caller are valid and known to the library.
-
-\item Sends the specified api_version to the server.
-
-\item Upon successful completion, fills in server_handle with a handle
-for this connection, to be used in all subsequent API calls.
-\end{enumerate}
-
-The caller should always specify KADM5_STRUCT_VERSION for the
-struct_version argument, a valid and supported API version constant
-for the api_version argument (currently, theonly valid API version
-constant is KADM5_API_VERSION_1), and a valid pointer in which
-the server handle will be stored.
-
-Local clients, running on the KDC, may be useful. For now this is will
-most likely be used for testing, but could in the future be the basis
-for a command-line system that works both remotely and on the KDC
-machine. If any kadm5_init_* is invoked locally its semantics are:
-
-\begin{enumerate}
-\item Initializes all the com_err error tables used by the Admin
-system.
-
-\item Acquires configuration parameters. In KADM5_API_VERSION_1, all
-the defaults specified in the configuration file are used, according
-to the realm. In KADM5_API_VERSION_2, the values in params_in are
-merged with the default values. If an illegal mask value is
-specified, KADM5_BAD_SERVER_PARAMS is returned.
-
-\item Initializes direct access to the KDC database. If pass (or
-keytab) is NULL or an empty string, reads the master password from
-/.k5.REALM-NAME (created by kstash). Otherwise, the non-NULL password
-is ignored and the user is prompted for it via the tty.
-
-\item Initializes the dictionary (if present) for dictionary checks.
-
-\item Parses client_name as a Kerberos principal. client_name should
-usually be specified as the name of the program.
-
-\item Verifies that the struct_version and api_version specified by
-the caller are valid.
-
-\item Fills in server_handle with a handle containing all state
-information (version numbers and client name) for this ``connection.''
-\end{enumerate}
-The service_name argument is not used.
-
-RETURN CODES:
-
-\begin{description}
-\item[KADM5_NO_SRV] No Admin server can be found for the
-specified realm.
-
-\item[KADM5_RPC_ERROR] The RPC connection to the server cannot be
-initiated.
-
-\item[KADM5_BAD_PASSWORD] Incorrect password.
-
-\item[KADM5_SECURE_PRINC_MISSING] The principal
-KADM5_ADMIN_SERVICE or KADM5_CHANGEPW_SERVICE does not
-exist. This is a special-case replacement return code for ``Server
-not found in database'' for these required principals.
-
-\item[KADM5_BAD_CLIENT_PARAMS] A field in the parameters mask was
-specified to the remote client library that is not legal for remote
-clients.
-
-\item[KADM5_BAD_SERVER_PARAMS] A field in the parameters mask was
-specified to the local client library that is not legal for local
-clients.
-\end{description}
-
-\subsection{kadm5_flush}
-
-\begin{verbatim}
-kadm5_ret_t kadm5_flush(void *server_handle)
-\end{verbatim}
-
-AUTHORIZATION REQUIRED: none
-
-Flush all changes to the Kerberos databases, leaving the connection to
-the Admin API open. This function behaves differently when called by
-local and remote clients.
-
-For local clients, the function closes and reopens the Kerberos
-database with krb5_db_fini() and krb5_db_init(), and closes and
-reopens the Admin policy database with adb_policy_close() and
-adb_policy_open(). Although it is unlikely, any other these functions
-could return errors; in that case, this function calls
-kadm5_destroy and returns the error code. Therefore, if
-kadm5_flush does not return KADM5_OK, the connection to the
-Admin server has been terminated and, in principle, the databases
-might be corrupt.
-
-For remote clients, the function is a no-op.
-
-\subsection{kadm5_destroy}
-
-\begin{verbatim}
-kadm5_ret_t kadm5_destroy(void *server_handle)
-\end{verbatim}
-
-AUTHORIZATION REQUIRED: none
-
-Close the connection to the Admin server and releases all related
-resources. This function behaves differently when called by local and
-remote clients.
-
-For remote clients, the semantics are:
-
-\begin{enumerate}
-\item Destroy the temporary credential cache created by
-kadm5_init.
-
-\item Tear down the GSS-API context negotiated with the server.
-
-\item Close the RPC connection.
-
-\item Free storage space associated with server_handle, after erasing
-its magic number so it won't be mistaken for a valid handle by the
-library later.
-\end{enumerate}
-
-For local clients, this function just frees the storage space
-associated with server_handle after erasing its magic number.
-
-RETURN CODES:
-
-\subsection{kadm5_create_principal}
-
-\begin{verbatim}
-kadm5_ret_t
-kadm5_create_principal(void *server_handle,
- kadm5_principal_ent_t princ, u_int32 mask,
- char *pw);
-\end{verbatim}
-
-AUTHORIZATION REQUIRED: add
-
-\begin{enumerate}
-
-\item Return KADM5_BAD_MASK if the mask is invalid.
-\item If the named principal exists, return KADM5_DUP.
-\item If the POLICY bit is set and the named policy does not exist,
-return KADM5_UNK_POLICY.
-\item If KADM5_POLICY bit is set in aux_attributes check to see if
-the password does not meets quality standards, return the appropriate
-KADM5_PASS_Q_* error code if it fails.
-\item Store the principal, set the key; see section \ref{sec:keys}.
-\item If the POLICY bit is set, increment the named policy's reference
-count by one.
-
-\item Set the pw_expiration field.
-\begin{enumerate}
-\item If the POLICY bit is not set, then
-\begin{enumerate}
-\item if the PW_EXPIRATION bit is set, set pw_expiration to the given
-value, else
-\item set pw_expiration to never.
-\end{enumerate}
-\item Otherwise, if the PW_EXPIRATION bit is set, set pw_expiration to
-the sooner of the given value and now + pw_max_life.
-\item Otherwise, set pw_expiration to now + pw_max_life.
-\end{enumerate}
-
-\item Set mod_date to now and set mod_name to caller.
-\item Set last_pwd_change to now.
-\end{enumerate}
-
-RETURN CODES:
-
-\begin{description}
-\item[KADM5_BAD_MASK] The field mask is invalid for a create
-operation.
-\item[KADM5_DUP] Principal already exists.
-\item[KADM5_UNK_POLICY] Policy named in entry does not exist.
-\item[KADM5_PASS_Q_*] Specified password does not meet policy
-standards.
-\end{description}
-
-\subsection{kadm5_delete_principal}
-
-\begin{verbatim}
-kadm5_ret_t
-kadm5_delete_principal(void *server_handle, krb5_principal princ);
-\end{verbatim}
-
-AUTHORIZATION REQUIRED: delete
-
-\begin{enumerate}
-\item Return KADM5_UNK_PRINC if the principal does not exist.
-\item If the POLICY bit is set in aux_attributes, decrement the named
-policy's reference count by one.
-\item Delete principal.
-\end{enumerate}
-
-RETURN CODES:
-
-\begin{description}
-\item[KADM5_UNK_PRINC] Principal does not exist.
-\end{description}
-
-\subsection{kadm5_modify_principal}
-
-\begin{verbatim}
-kadm5_ret_t
-kadm5_modify_principal(void *server_handle,
- kadm5_principal_ent_t princ, u_int32 mask);
-\end{verbatim}
-
-Modify the attributes of the principal named in
-kadm5_principal_ent_t. This does not allow the principal to be
-renamed or for its password to be changed.
-
-AUTHORIZATION REQUIRED: modify
-
-Although a principal's pw_expiration is usually computed based on its
-policy and the time at which it changes its password, this function
-also allows it to be specified explicitly. This allows an
-administrator, for example, to create a principal and assign it to a
-policy with a pw_max_life of one month, but to declare that the new
-principal must change its password away from its initial value
-sometime within the first week.
-
-\begin{enumerate}
-\item Return KADM5_UNK_PRINC if the principal does not exist.
-\item Return KADM5_BAD_MASK if the mask is invalid.
-\item If POLICY bit is set but the new policy does not exist, return
-KADM5_UNK_POLICY.
-\item If either the POLICY or POLICY_CLR bits are set, update the
-corresponding bits in aux_attributes.
-
-\item Update policy reference counts.
-\begin{enumerate}
-\item If the POLICY bit is set, then increment policy count on new
-policy.
-\item If the POLICY or POLICY_CLR bit is set, and the POLICY bit in
-aux_attributes is set, decrement policy count on old policy.
-\end{enumerate}
-
-\item Set pw_expiration according to the new policy.
-\begin{enumerate}
-\item If the POLICY bit is not set in aux_attributes, then
-\begin{enumerate}
-\item if the PW_EXPIRATION bit is set, set pw_expiration to the given
-value, else
-\item set pw_expiration to never.
-\end{enumerate}
-\item Otherwise, if the PW_EXPIRATION bit is set, set pw_expiration to
-the sooner of the given value and last_pwd_change + pw_max_life.
-\item Otherwise, set pw_expiration to last_pwd_change + pw_max_life.
-\end{enumerate}
-
-\item Update the fields specified in the mask.
-\item Update mod_name field to caller and mod_date to now.
-\end{enumerate}
-
-RETURN CODES:
-
-\begin{description}
-\item[KADM5_UNK_PRINC] Entry does not exist.
-\item[KADM5_BAD_MASK] The mask is not valid for a modify
-operation.
-\item[KADM5_UNK_POLICY] The POLICY bit is set but the new
-policy does not exist.
-\end{description}
-
-\subsection{kadm5_rename_principal}
-
-\begin{verbatim}
-kadm5_ret_t
-kadm5_rename_principal(void *server_handle, krb5_principal source,
- krb5_principal target);
-\end{verbatim}
-
-AUTHORIZATION REQUIRED: add and delete
-
-\begin{enumerate}
-\item Check to see if source principal exists, if not return
-KADM5_UNK_PRINC error.
-\item Check to see if target exists, if so return KADM5_DUP error.
-\item Create the new principal named target, then delete the old
-principal named source. All of target's fields will be the same as
-source's fields, except that mod_name and mod_date will be updated to
-reflect the current caller and time.
-\end{enumerate}
-
-Note that since the principal name may have been used as the salt for
-the principal's key, renaming the principal may render the principal's
-current password useless; with the new salt, the key generated by
-string-to-key on the password will suddenly be different. Therefore,
-an application that renames a principal must also require the user to
-specify a new password for the principal (and administrators should
-notify the affected party).
-
-Note also that, by the same argument, renaming a principal will
-invalidate that principal's password history information; since the
-salt will be different, a user will be able to select a previous
-password without error.
-
-RETURN CODES:
-
-\begin{description}
-\item[KADM5_UNK_PRINC] Source principal does not exist.
-\item[KADM5_DUP] Target principal already exist.
-\end{description}
-
-\subsection{kadm5_chpass_principal}
-
-\begin{verbatim}
-kadm5_ret_t
-kadm5_chpass_principal(void *server_handle, krb5_principal princ,
- char *pw);
-\end{verbatim}
-
-AUTHORIZATION REQUIRED: changepw, or the calling principal being the
-same as the princ argument. If the request is authenticated to the
-kadmin/changepw service, the changepw privilege is disregarded.
-
-Change a principal's password. See section \ref{sec:keys} for a
-description of how the keys are determined.
-
-This function enforces password policy and dictionary checks. If the new
-password specified is in the password dictionary, and the policy bit is set
-KADM5_PASS_DICT is returned. If the principal's POLICY bit is set in
-aux_attributes, compliance with each of the named policy fields is verified
-and an appropriate error code is returned if verification fails.
-
-Note that the policy checks are only be performed if the POLICY bit is
-set in the principal's aux_attributes field.
-
-\begin{enumerate}
-\item Make sure principal exists, if not return KADM5_UNK_PRINC error.
-\item If caller does not have modify privilege, (now - last_pwd_change) $<$
-pw_min_life, and the KRB5_KDB_REQUIRES_PWCHANGE bit is not set in the
-principal's attributes, return KADM5_PASS_TOOSOON.
-\item If the principal your are trying to change is kadmin/history
-return KADM5_PROTECT_PRINCIPAL.
-\item If the password does not meet the quality
-standards, return the appropriate KADM5_PASS_Q_* error code.
-\item Convert password to key; see section \ref{sec:keys}.
-\item If the new key is in the principal's password history, return
-KADM5_PASS_REUSE.
-\item Store old key in history.
-\item Update principal to have new key.
-\item Increment principal's key version number by one.
-\item If the POLICY bit is set, set pw_expiration to now +
-max_pw_life. If the POLICY bit is not set, set pw_expiration to
-never.
-\item If the KRB5_KDB_REQUIRES_PWCHANGE bit is set in the principal's
-attributes, clear it.
-\item Update last_pwd_change and mod_date to now, update mod_name to
-caller.
-\end{enumerate}
-
-RETURN CODES:
-
-\begin{description}
-\item[KADM5_UNK_PRINC] Principal does not exist.
-\item[KADM5_PASS_Q_*] Requested password does not meet quality
-standards.
-\item[KADM5_PASS_REUSE] Requested password is in user's
-password history.
-\item[KADM5_PASS_TOOSOON] Current password has not reached minimum life
-\item[KADM5_PROTECT_PRINCIPAL] Cannot change the password of a special principal
-\end{description}
-
-
-\subsection{kadm5_chpass_principal_util}
-
-\begin{verbatim}
-kadm5_ret_t
-kadm5_chpass_principal_util(void *server_handle, krb5_principal princ,
- char *new_pw, char **pw_ret,
- char *msg_ret);
-\end{verbatim}
-
-AUTHORIZATION REQUIRED: changepw, or the calling principal being the
-same as the princ argument. If the request is authenticated to the
-kadmin/changepw service, the changepw privilege is disregarded.
-
-This function is a wrapper around kadm5_chpass_principal. It can
-read a new password from a user, change a principal's password, and
-return detailed error messages. msg_ret should point to a char buffer
-in the caller's space of sufficient length for the error messages
-described below. 1024 bytes is recommended. It will also return the
-new password to the caller if pw_ret is non-NULL.
-
-\begin{enumerate}
-\item If new_pw is NULL, this routine will prompt the user for the new
-password (using the strings specified by KADM5_PW_FIRST_PROMPT and
-KADM5_PW_SECOND_PROMPT) and read (without echoing) the password input.
-Since it is likely that this will simply call krb5_read_password only
-terminal-based applications will make use of the password reading
-functionality. If the passwords don't match the string ``New passwords do
-not match - password not changed.'' will be copied into msg_ret, and the
-error code KRB5_LIBOS_BADPWDMATCH will be returned. For other errors that
-ocurr while reading the new password, copy the string ``<com_err message$>$
-occurred while trying to read new password.'' followed by a blank line and
-the string specified by CHPASS_UTIL_PASSWORD_NOT_CHANGED into msg_ret and
-return the error code returned by krb5_read_password.
-
-\item If pw_ret is non-NULL, and the password was prompted, set *pw_ret to
-point to a static buffer containing the password. If pw_ret is non-NULL
-and the password was supplied, set *pw_ret to the supplied password.
-
-\item Call kadm5_chpass_principal with princ, and new_pw.
-
-\item If successful copy the string specified by CHPASS_UTIL_PASSWORD_CHANGED
-into msg_ret and return zero.
-
-\item For a policy related failure copy the appropriate message (from below)
-followed by a newline and ``Password not changed.'' into msg_ret
-filling in the parameters from the principal's policy information. If
-the policy information cannot be obtained copy the generic message if
-one is specified below. Return the error code from
-kadm5_chpass_principal.
-
-Detailed messages:
-\begin{description}
-
-\item[PASS_Q_TOO_SHORT]
-New password is too short. Please choose a
-password which is more than $<$pw-min-len$>$ characters.
-
-\item[PASS_Q_TOO_SHORT - generic]
-New password is too short. Please choose a longer password.
-
-\item[PASS_REUSE]
-New password was used previously. Please choose a
-different password.
-
-\item[PASS_Q_CLASS]
-New password does not have enough character classes. Classes include
-lower class letters, upper case letters, digits, punctuation and all
-other characters. Please choose a password with at least
-$<$min-classes$>$ character classes.
-
-\item[PASS_Q_CLASS - generic]
-New password does not have enough character classes. Classes include
-lower class letters, upper case letters, digits, punctuation and all
-other characters.
-
-\item[PASS_Q_DICT]
-New password was found in a dictionary of possible passwords and
-therefore may be easily guessed. Please choose another password. See
-the kpasswd man page for help in choosing a good password.
-
-\item[PASS_TOOSOON]
-Password cannot be changed because it was changed too recently. Please
-wait until $<$last-pw-change+pw-min-life$>$ before you change it. If you
-need to change your password before then, contact your system
-security administrator.
-
-\item[PASS_TOOSOON - generic]
-Password cannot be changed because it was changed too recently. If you
-need to change your now please contact your system security
-administrator.
-\end{description}
-
-\item For other errors copy the string ``$<$com_err message$>$
-occurred while trying to change password.'' following by a blank line
-and ``Password not changed.'' into msg_ret. Return the error code
-returned by kadm5_chpass_principal.
-\end{enumerate}
-
-
-RETURN CODES:
-
-\begin{description}
-\item[KRB5_LIBOS_BADPWDMATCH] Typed new passwords did not match.
-\item[KADM5_UNK_PRINC] Principal does not exist.
-\item[KADM5_PASS_Q_*] Requested password does not meet quality
-standards.
-\item[KADM5_PASS_REUSE] Requested password is in user's
-password history.
-\item[KADM5_PASS_TOOSOON] Current password has not reached minimum
-life.
-\end{description}
-
-\subsection{kadm5_randkey_principal}
-
-In KADM5_API_VERSION_1:
-
-\begin{verbatim}
-kadm5_ret_t
-kadm5_randkey_principal(void *server_handle, krb5_principal princ,
- krb5_keyblock **new_key)
-\end{verbatim}
-
-In KADM5_API_VERSION_2:
-
-\begin{verbatim}
-kadm5_ret_t
-kadm5_randkey_principal(void *server_handle, krb5_principal princ,
- krb5_keyblock **new_keys, int *n_keys)
-\end{verbatim}
-
-AUTHORIZATION REQUIRED: changepw, or the calling principal being the
-same as the princ argument. If the request is authenticated to the
-kadmin/changepw service, the changepw privilege is disregarded.
-
-Generate and assign a new random key to the named principal, and
-return the generated key in allocated storage. In
-KADM5_API_VERSION_2, multiple keys may be generated and returned as an
-array, and n_new_keys is filled in with the number of keys generated.
-See section \ref{sec:keys} for a description of how the keys are
-chosen. In KADM5_API_VERSION_1, the caller must free the returned
-krb5_keyblock * with krb5_free_keyblock. In KADM5_API_VERSION_2, the
-caller must free each returned keyblock with krb5_free_keyblock.
-
-If the principal's POLICY bit is set in aux_attributes and the caller does
-not have modify privilege , compliance with the password minimum life
-specified by the policy is verified and an appropriate error code is returned
-if verification fails.
-
-\begin{enumerate}
-\item If the principal does not exist, return KADM5_UNK_PRINC.
-\item If caller does not have modify privilege, (now - last_pwd_change) $<$
-pw_min_life, and the KRB5_KDB_REQUIRES_PWCHANGE bit is not set in the
-principal's attributes, return KADM5_PASS_TOOSOON.
-\item If the principal you are trying to change is kadmin/history return
-KADM5_PROTECT_PRINCIPAL.
-\item Store old key in history.
-\item Update principal to have new key.
-\item Increment principal's key version number by one.
-\item If the POLICY bit in aux_attributes is set, set pw_expiration to
-now + max_pw_life.
-\item If the KRB5_KDC_REQUIRES_PWCHANGE bit is set in the principal's
-attributes, clear it.
-\item Update last_pwd_change and mod_date to now, update mod_name to
-caller.
-\end{enumerate}
-
-RETURN CODES:
-
-\begin{description}
-\item[KADM5_UNK_PRINC] Principal does not exist.
-\item[KADM5_PASS_TOOSOON] The minimum lifetime for the current
-key has not expired.
-\item[KADM5_PROTECT_PRINCIPAL] Cannot change the password of a special
-principal
-\end{description}
-
-This function can also be used as part of a sequence to create a new
-principal with a random key. The steps to perform the operation
-securely are
-
-\begin{enumerate}
-\item Create the principal with kadm5_create_principal with a
-random password string and with the KRB5_KDB_DISALLOW_ALL_TIX bit set
-in the attributes field.
-
-\item Randomize the principal's key with kadm5_randkey_principal.
-
-\item Call kadm5_modify_principal to reset the
-KRB5_KDB_DISALLOW_ALL_TIX bit in the attributes field.
-\end{enumerate}
-
-The three steps are necessary to ensure secure creation. Since an
-attacker might be able to guess the initial password assigned by the
-client program, the principal must be disabled until the key can be
-truly randomized.
-
-\subsection{kadm5_get_principal}
-
-In KADM5_API_VERSION_1:
-
-\begin{verbatim}
-kadm5_ret_t
-kadm5_get_principal(void *server_handle, krb5_principal princ,
- kadm5_principal_ent_t *ent);
-\end{verbatim}
-
-In KADM5_API_VERSION_2:
-
-\begin{verbatim}
-kadm5_ret_t
-kadm5_get_principal(void *server_handle, krb5_principal princ,
- kadm5_principal_ent_t ent, u_int32 mask);
-\end{verbatim}
-
-AUTHORIZATION REQUIRED: get, or the calling principal being the same
-as the princ argument. If the request is authenticated to the
-kadmin/changepw service, the get privilege is disregarded.
-
-In KADM5_API_VERSION_1, return all of the principal's attributes in
-allocated memory; if an error is returned entry is set to NULL. In
-KADM5_API_VERSION_2, fill in the fields of the principal structure
-specified in the mask; memory for the structure is not allocated.
-Typically, a caller will specify the mask KADM5_PRINCIPAL_NORMAL_MASK,
-which includes all the fields {\it except} key_data and tl_data to
-improve time and memory efficiency. A caller that wants key_data and
-tl_data can bitwise-OR those masks onto NORMAL_MASK.
-
-The caller must free the returned entry with kadm5_free_principal_ent.
-
-
-The function behaves differently for local and remote clients. For
-remote clients, the KEY_DATA mask is illegal and results in a
-KADM5_BAD_MASK error.
-
-RETURN CODES:
-
-\begin{description}
-\item[KADM5_UNK_PRINC] Principal does not exist.
-\item[KADM5_BAD_MASK] The mask is not valid for a get operation.
-
-\end{description}
-
-\subsection{kadm5_get_principals}
-
-\begin{verbatim}
-kadm5_ret_t
-kadm5_get_principals(void *server_handle, char *exp,
- char ***princs, int *count)
-\end{verbatim}
-
-Retrieves the list of principal names.
-
-AUTHORIZATION REQUIRED: list
-
-If \v{exp} is NULL, all principal names are retrieved; otherwise,
-principal names that match the expression exp are retrieved.
-\v{princs} is filled in with a pointer to a NULL-terminated array of
-strings, and \v{count} is filled in with the number of principal names
-in the array. \v{princs} must be freed with a call to
-\v{kadm5_free_name_list}.
-
-All characters in the expression match themselves except ``?'' which
-matches any single character, ``*'' which matches any number of
-consecutive characters, and ``[chars]'' which matches any single
-character of ``chars''. Any character which follows a ``$\backslash$''
-matches itself exactly, and a ``$\backslash$'' cannot be the last
-character in the string.
-
-\subsection{kadm5_create_policy}
-
-\begin{verbatim}
-kadm5_ret_t
-kadm5_create_policy(void *server_handle,
- kadm5_policy_ent_t policy, u_int32 mask);
-\end{verbatim}
-
-Create a new policy.
-
-AUTHORIZATION REQUIRED: add
-
-\begin{enumerate}
-\item Check to see if mask is valid, if not return KADM5_BAD_MASK error.
-\item Return KADM5_BAD_POLICY if the policy name contains illegal
-characters.
-
-\item Check to see if the policy already exists, if so return
-KADM5_DUP error.
-\item If the PW_MIN_CLASSES bit is set and pw_min_classes is not 1, 2,
-3, 4, or 5, return KADM5_BAD_CLASS.
-\item Create a new policy setting the appropriate fields determined
-by the mask.
-\end{enumerate}
-
-RETURN CODES:
-
-\begin{description}
-\item[KADM5_DUP] Policy already exists
-\item[KADM5_BAD_MASK] The mask is not valid for a create
-operation.
-\item[KADM5_BAD_CLASS] The specified number of character classes
-is invalid.
-\item[KADM5_BAD_POLICY] The policy name contains illegal characters.
-\end{description}
-
-\subsection{kadm5_delete_policy}
-
-\begin{verbatim}
-kadm5_ret_t
-kadm5_delete_policy(void *server_handle, char *policy);
-\end{verbatim}
-
-Deletes a policy.
-
-AUTHORIZATION REQUIRED: delete
-
-\begin{enumerate}
-\item Return KADM5_BAD_POLICY if the policy name contains illegal
-characters.
-\item Return KADM5_UNK_POLICY if the named policy does not exist.
-\item Return KADM5_POLICY_REF if the named policy's refcnt is not 0.
-\item Delete policy.
-\end{enumerate}
-
-RETURN CODES:
-
-\begin{description}
-\item[KADM5_BAD_POLICY] The policy name contains illegal characters.
-\item[KADM5_UNK_POLICY] Policy does not exist.
-\item[KADM5_POLICY_REF] Policy is being referenced.
-\end{description}
-
-\subsection{kadm5_modify_policy}
-
-\begin{verbatim}
-kadm5_ret_t
-kadm5_modify_policy(void *server_handle,
- kadm5_policy_ent_t policy, u_int32 mask);
-\end{verbatim}
-
-Modify an existing policy. Note that modifying a policy has no affect
-on a principal using the policy until the next time the principal's
-password is changed.
-
-AUTHORIZATION REQUIRED: modify
-
-\begin{enumerate}
-\item Return KADM5_BAD_POLICY if the policy name contains illegal
-characters.
-\item Check to see if mask is legal, if not return KADM5_BAD_MASK error.
-\item Check to see if policy exists, if not return
-KADM5_UNK_POLICY error.
-\item If the PW_MIN_CLASSES bit is set and pw_min_classes is not 1, 2,
-3, 4, or 5, return KADM5_BAD_CLASS.
-\item Update the fields specified in the mask.
-\end{enumerate}
-
-RETURN CODES:
-
-\begin{description}
-\item[KADM5_BAD_POLICY] The policy name contains illegal characters.
-\item[KADM5_UNK_POLICY] Policy not found.
-\item[KADM5_BAD_MASK] The mask is not valid for a modify
-operation.
-\item[KADM5_BAD_CLASS] The specified number of character classes
-is invalid.
-\end{description}
-
-\subsection{kadm5_get_policy}
-
-In KADM5_API_VERSION_1:
-
-\begin{verbatim}
-kadm5_ret_t
-kadm5_get_policy(void *server_handle, char *policy, kadm5_policy_ent_t *ent);
-\end{verbatim}
-
-In KADM5_API_VERSION_2:
-
-\begin{verbatim}
-kadm5_ret_t
-kadm5_get_policy(void *server_handle, char *policy, kadm5_policy_ent_t ent);
-\end{verbatim}
-
-AUTHORIZATION REQUIRED: get, or the calling principal's policy being
-the same as the policy argument. If the request is authenticated to
-the kadmin/changepw service, the get privilege is disregarded.
-
-In KADM5_API_VERSION_1, return the policy's attributes in allocated
-memory; if an error is returned entry is set to NULL. In
-KADM5_API_VERSION_2, fill in fields of the policy structure allocated
-by the caller. The caller must free the returned entry with
-kadm5_free_policy_ent
-
-RETURN CODES:
-
-\begin{description}
-\item[KADM5_BAD_POLICY] The policy name contains illegal characters.
-\item[KADM5_UNK_POLICY] Policy not found.
-\end{description}
-
-\subsection{kadm5_get_policies}
-
-\begin{verbatim}
-kadm5_ret_t
-kadm5_get_policies(void *server_handle, char *exp,
- char ***pols, int *count)
-\end{verbatim}
-
-Retrieves the list of principal names.
-
-AUTHORIZATION REQUIRED: list
-
-If \v{exp} is NULL, all principal names are retrieved; otherwise,
-principal names that match the expression exp are retrieved. \v{pols}
-is filled in with a pointer to a NULL-terminated array of strings, and
-\v{count} is filled in with the number of principal names in the
-array. \v{pols} must be freed with a call to
-\v{kadm5_free_name_list}.
-
-All characters in the expression match themselves except ``?'' which
-matches any single character, ``*'' which matches any number of
-consecutive characters, and ``[chars]'' which matches any single
-character of ``chars''. Any character which follows a ``$\backslash$''
-matches itself exactly, and a ``$\backslash$'' cannot be the last
-character in the string.
-
-\subsection{kadm5_free_principal_ent, _policy_ent}
-
-\begin{verbatim}
-void kadm5_free_principal_ent(void *server_handle,
- kadm5_principal_ent_t princ);
-\end{verbatim}
-
-In KADM5_API_VERSION_1, free the structure and contents allocated by a
-call to kadm5_get_principal. In KADM5_API_VERSION_2, free the
-contents allocated by a call to kadm5_get_principal.
-
-AUTHORIZATION REQUIRED: none (local operation)
-
-\begin{verbatim}
-void kadm5_free_policy_ent(kadm5_policy_ent_t policy);
-\end{verbatim}
-
-Free memory that was allocated by a call to kadm5_get_policy. If
-the argument is NULL, the function returns succesfully.
-
-AUTHORIZATION REQUIRED: none (local operation)
-
-\subsection{kadm5_free_name_list}
-
-\begin{verbatim}
-void kadm5_free_name_list(void *server_handle,
- char **names, int *count);
-\end{verbatim}
-
-Free the memory that was allocated by kadm5_get_principals or
-kadm5_get_policies. names and count must be a matched pair of
-values returned from one of those two functions.
-
-\subsection{kadm5_free_key_data}
-
-\begin{verbatim}
-void kadm5_free_key_data(void *server_handle,
- krb5_int16 *n_key_data, krb5_key_data *key_data)
-\end{verbatim}
-
-Free the memory that was allocated by kadm5_randkey_principal.
-n_key_data and key_data must be a matched pair of values returned from
-that function.
-
-\subsection{kadm5_get_privs}
-
-\begin{verbatim}
-kadm5_ret_t
-kadm5_get_privs(void *server_handle, u_int32 *privs);
-\end{verbatim}
-
-Return the caller's admin server privileges in the integer pointed to
-by the argument. The Admin API does not define any way for a
-principal's privileges to be set. Note that this function will
-probably be removed or drastically changed in future versions of this
-system.
-
-The returned value is a bitmask indicating the caller's privileges:
-
-\begin{tabular}{llr}
-{\bf Privilege} & {\bf Symbol} & {\bf Value} \\
-Get & KADM5_PRIV_GET & 0x01 \\
-Add & KADM5_PRIV_ADD & 0x02 \\
-Modify & KADM5_PRIV_MODIFY & 0x04 \\
-Delete & KADM5_PRIV_DELETE & 0x08 \\
-List & KADM5_PRIV_LIST & 0x10 \\
-Changepw & KADM5_PRIV_CPW & 0x20
-\end{tabular}
-
-There is no guarantee that a caller will have a privilege indicated by
-this function for any length of time or for any particular target;
-applications using this function must still be prepared to handle all
-possible KADM5_AUTH_* error codes.
-
-In the initial MIT Kerberos version of the admin server, permissions
-depend both on the caller and the target; this function returns a
-bitmask representing all privileges the caller can possibly have for
-any possible target.
-
-\end{document}
+++ /dev/null
-\documentstyle[12pt,fullpage,changebar,rcsid]{article}
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%% Make _ actually generate an _, and allow line-breaking after it.
-\let\underscore=\_
-\catcode`_=13
-\def_{\underscore\penalty75\relax}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-
-\rcs$Id$
-
-\setlength{\parskip}{.7\baselineskip}
-\setlength{\parindent}{0pt}
-
-\def\secure{OV*Secure}
-\def\v#1{\verb+#1+}
-\def\k#1{K$_#1$}
-
-\title{OV*Secure Admin Server \\ Implementation Design\thanks{\rcsId}}
-\author{Barry Jaspan}
-
-\begin{document}
-
-\sloppy
-\maketitle
-
-{\setlength{\parskip}{0pt}\tableofcontents}
-
-\section{Overview}
-
-The admin server is implemented as a nearly-stateless transaction
-server, where each admin API function represents a single transaction.
-No per-client or per-connection information is stored; only local
-database handles are maintained between requests.
-
-The admin API is exported via an RPC interface that hides all details
-about network encoding, authentication, and encryption of data on the
-wire. The RPC mechanism does, however, allow the server to access the
-underlying authentication credentials for authorization purposes.
-
-The admin server accesses a total of three databases.
-\begin{itemize}
-\item The master Kerberos database is used to store all the
-information that the Kerberos server understands, thus allowing the
-greatest functionality with no modifications to a standard KDC.
-
-\item The admin principal database stores \secure{}-specific per-principal
-information.
-
-\item The policy database stores \secure{} policy information.
-\end{itemize}
-
-The per-principal information stored in the admin principal database
-consists of the principal's policy name and an array of the
-principal's previous keys. The old keys are stored encrypted in the
-key of the special principal ``ovsec_adm/history'' that is created by
-ovsec_adm_create. Since a change in ovsec_adm/history's key renders
-every principal's key history array useless, it can only be changed
-using the ovsec_adm_edit utility; that program will reencrypt every
-principal's key history in the new key.\footnote{ovsec_adm_edit has
-not yet been implemented, and there are currently no plans to
-implement it.} The admin server refuses all requests to change
-ovsec_adm/history's key.
-
-\section{Main}
-
-The admin server starts by trapping all fatal signals and directing
-them to a cleanup-and-exit function. It then creates and exports the
-RPC interface and enters its main loop.
-
-The main loop dispatches all incoming requests to the RPC mechanism.
-After 15 seconds of inactivity, the server closes all open databases;
-each database will be automatically reopened by the API function
-implementations as necessary.
-
-\section{Remote Procedure Calls}
-
-The RPC for the Admin system will be based on SUNRPC. SUNRPC is used
-because it is a well-known, portable RPC mechanism. The underlying
-external data representation (xdr) mechanisms for wire encapsulation
-are well-known and extensible.
-
-Authentication to the admin server will be handled by adding a GSS-API
-authentication type within the existing SUNRPC structure. This will
-require code modifications to SUNRPC, but the API and wire protocol do
-not need to change. This may affect whether the RPC will use UDP or
-TCP; although all the admin functions are stateless, the GSS-API
-authentication binding will not be and it might be easier to use TCP
-for this reason.
-
-\section{Database Record Types}
-\label{sec:db-types}
-
-\subsection{Admin Principal, osa_princ_ent_t}
-
-The admin principal database stores records of the type
-osa_princ_ent_t (declared in $<$ovsec_admin/adb.h$>$), which is the
-subset of the ovsec_kadm_principal_ent_t structure that is not stored
-in the Kerberos database plus the necessary bookkeeping information.
-The records are keyed by the ASCII representation of the principal's
-name, including the trailing NULL.
-
-\begin{verbatim}
-typedef struct _osa_princ_ent_t {
- krb5_principal name;
-
- char * policy;
- u_int32 aux_attributes;
-
- u_int32 num_old_keys;
- u_int32 next_old_key;
- krb5_kvno admin_history_kvno;
- krb5_encrypted_keyblock *old_keys;
-} osa_princ_ent_rec, *osa_princ_ent_t;
-\end{verbatim}
-
-The fields that are different from ovsec_kadm_principal_ent_t are:
-
-\begin{description}
-\item[num_old_keys] The number of previous keys in the old_keys array.
-This value must be 0 $\le$ num_old_keys $<$ pw_history_num.
-
-\item[next_old_key] The index into old_keys where the next key should
-be inserted. This value must be 0 $\le$ next_old_key $\le$
-num_old_keys.
-
-\item[admin_history_kvno] The key version number of the admin/history
-principal's key used to encrypt the values in old_keys. If the admin
-server finds that admin/history's kvno is different from the value in
-this field, an error message is logged. (XXX where?)
-
-\item[old_keys] The array of the principal's previous keys, each
-encrypted in the admin/history key. There are num_old_keys elements.
-\end{description}
-
-\subsection{Policy, osa_policy_ent_t}
-
-The policy database stores records of the type osa_policy_ent_t
-(declared in $<$ovsec_admin/adb.h$>$) , which is all of
-ovsec_kadm_policy_ent_t plus necessary bookkeeping information. The
-records are keyed by the policy name.
-
-\begin{verbatim}
-typedef struct _osa_policy_ent_t {
- char *policy;
-
- u_int32 pw_min_life;
- u_int32 pw_max_life;
- u_int32 pw_min_length;
- u_int32 pw_min_classes;
- u_int32 pw_history_num;
-
- u_int32 refcnt;
-} osa_policy_ent_rec, *osa_policy_ent_t;
-\end{verbatim}
-
-\subsection{Kerberos, krb5_db_entry}
-
-The Kerberos database stores records of type krb5_db_entry, which is
-defined in the $<$krb5/kdb.h$>$ header file.
-
-\begin{verbatim}
-typedef struct _krb5_encrypted_keyblock {
- krb5_keytype keytype;
- int length;
- krb5_octet *contents;
-} krb5_encrypted_keyblock;
-
-typedef struct _krb5_db_entry {
- krb5_principal principal;
- krb5_encrypted_keyblock key;
- krb5_kvno kvno;
- krb5_deltat max_life;
- krb5_deltat max_renewable_life;
- krb5_kvno mkvno;
-
- krb5_timestamp expiration;
- krb5_timestamp pw_expiration;
- krb5_timestamp last_pwd_change;
- krb5_timestamp last_success;
-
- krb5_timestamp last_failed;
- krb5_kvno fail_auth_count;
-
- krb5_principal mod_name;
- krb5_timestamp mod_date;
- krb5_flags attributes;
- krb5_int32 salt_type:8,
- salt_length:24;
- krb5_octet *salt;
- krb5_encrypted_keyblock alt_key;
- krb5_int32 alt_salt_type:8,
- alt_salt_length:24;
- krb5_octet *alt_salt;
-
- krb5_int32 expansion[8];
-} krb5_db_entry;
-\end{verbatim}
-
-The interpretation of most of these fields is the same as given in the
-``Principals, ovsec_kadm_principal_ent_t'' section of the functional
-specification. The fields that are not defined there are not used by
-\secure{}; however, the admin server preserves the value of any fields
-it does not understand.
-
-\section{Database Access Methods}
-
-\subsection{Principal and Policy Databases}
-
-This section describes the database abstraction used for the admin
-principal and policy databases. Since both databases export
-equivalent functionality, the API is only described once. The
-character T is used to represent both ``princ'' and ``policy''. The
-location of the principal database is defined by the \#define
-PRINCIPAL_DB (``/krb5/ovsec_principal.db'') in $<$ovsec_admin/adb.h$>$. The
-location of the policy database is defined by the \#define POLICY_DB
-(``/krb5/ovsec_policy.db'') in $<$ovsec_admin/adb.h$>$.
-
-Note that this is {\it only} a database abstraction. All functional
-intelligence, such as maintaining policy reference counts or sanity
-checking, must be implemented above this layer.
-
-Prototypes for the osa functions are supplied in
-$<$ovsec_admin/adb.h$>$. The routines can be found in
-``install/lib/libadmsrv.a''. They require linking with the Berkely DB
-library (``install/lib/libdb.a''). [Note: We needed to remove the dbm
-compatibility routines from libdb.a because we want to leave KDB
-library alone in case somebody wants to run a stock MIT KDC with our
-admin server.]
-
-\subsubsection{Error codes}
-
-The database routines use com_err for error codes. The error code
-table name is ``adb'' and the offsets are the same as the order
-presented here. The error table header file is
-$<$ovsec_admin/adb_err.h$>$. Callers of the OSA routines should first call
-init_adb_err_tbl() to initialize the database table.
-
-\begin{description}
-\item[OSA_ADB_OK] Operation successful.
-\item[OSA_ADB_FAILURE] General failure.
-\item[OSA_ADB_DUP] Operation would create a duplicate database entry.
-\item[OSA_ADB_NOENT] Named entry not in database.
-\item[OSA_ADB_BAD_PRINC] The krb5_principal structure is invalid.
-\item[OSA_ADB_BAD_POLICY] The specified policy name is invalid.
-\item[OSA_ADB_XDR_FAILURE] The principal or policy structure cannot be
-encoded for storage.
-\item[OSA_ADB_BADLOCKMODE] Bad lock mode specified.
-\item[OSA_ADB_CANTLOCK_DB] Cannot lock database, presumably because it
-is already locked.
-\item[OSA_ADB_NOTLOCKED] Internal error, database not locked when
-unlock is called.
-\item[OSA_ADB_NOLOCKFILE] OpenV*Secure administration database lock
-file (/krb5/ovsec_adm.lock) missing.
-\end{description}
-
-Database functions can also return system errors. Unless otherwise
-specified, database functions return OSA_ADB_OK.
-
-\subsubsection{Locking}
-
-All of the osa_adb functions except open and close lock and unlock the
-database to prevent concurrency collisions. The overall locking
-algorithm is as follows:
-
-\begin{enumerate}
-\item osa_adb_open_T calls osa_adb_init_db to allocate the osa_adb_T_t
-structure and open the locking file for further use.
-
-\item Each osa_adb functions locks the locking file and opens the
-appropriate database with osa_adb_open_and_lock, performs its action,
-and then closes the database and unlocks the locking file with
-osa_adb_close_and_unlock.
-
-\item osa_adb_close_T calls osa_adb_fini_db to close the locking file
-and deallocate the db structure.
-\end{enumerate}
-
-Functions which modify the database acquire an exclusive lock, others
-acqure a shared lock. osa_adb_iter_T acquires an exclusive lock for
-safety but as stated below consequences of modifying the database in
-the iteration function are undefined.
-
-\subsubsection{Function descriptions}
-
-\begin{verbatim}
-osa_adb_ret_t
-osa_adb_open_T(osa_adb_T_t *db, char *filename);
-\end{verbatim}
-%
-Open the database named filename. Returns OSA_ADB_FAILURE if it
-cannot open the database.
-
-\begin{verbatim}
-osa_adb_ret_t
-osa_adb_close_T(osa_adb_T_t db);
-\end{verbatim}
-%
-Release all shared or exclusive locks (on BOTH databases, since they
-use the same lock file) and close the database.
-
-It is an error to exit while a permanent lock is held;
-OSA_ADB_NOLOCKFILE is returned in this case.
-
-\begin{verbatim}
-osa_adb_ret_t osa_adb_get_lock(osa_adb_T_t db, int mode)
-\end{verbatim}
-
-Acquire a lock on the administration databases; note that both
-databases are locked simultaneously by a single call. The mode
-argument can be OSA_ADB_SHARED, OSA_ADB_EXCLUSIVE, or
-OSA_ADB_PERMANENT. The first two and the third are really disjoint
-locking semantics and should not be interleaved.
-
-Shared and exclusive locks have the usual semantics, and a program can
-upgrade a shared lock to an exclusive lock by calling the function
-again. A reference count of open locks is maintained by this function
-and osa_adb_release_lock so the functions can be called multiple
-times; the actual lock is not released until the final
-osa_adb_release_lock. Note, however, that once a lock is upgraded
-from shared to exclusive it is not downgraded again until released
-completely. In other words, get_lock(SHARED), get_lock(EXCLUSIVE),
-release_lock() leaves the process with an exclusive lock with a
-reference count of one. An attempt to get a shared or exclusive lock
-that conflicts with another process results in the OSA_ADB_CANLOCK_DB
-error code.
-
-This function and osa_adb_release_lock are called automatically as
-needed by all other osa_adb functions to acquire shared and exclusive
-locks and so are not normally needed. They can be used explicitly by
-a program that wants to perform multiple osa_adb functions within the
-context of a single lock (ie: ovsec_adm_export).
-
-Acquiring an OSA_ADB_PERMANENT lock is different. A permanent lock
-consists of first acquiring an exclusive lock and then {\it deleting
-the lock file}. Any subsequent attempt to acquire a lock by a
-different process will fail with OSA_ADB_NOLOCKFILE instead of
-OSA_ADB_CANTLOCK_DB (attempts in the same process will ``succeed''
-because only the reference count gets incremented). Releasing a
-permanent lock re-creates the lock file.
-
-The purpose of a permanent lock is to absolutely ensure that the
-database remain locked during non-atomic operations. If the locking
-process dies while holding a permanent lock, all subsequent osa_adb
-operations will fail, even through a system reboot. This is useful,
-for example, for ovsec_adm_import which creates both new database
-files in a temporary location and renames them into place. If both
-renames do not fully complete the database will probably be
-inconsistent and everything should stop working until an administrator
-can clean it up.
-
-\begin{verbatim}
-osa_adb_ret_t osa_adb_release_lock(osa_adb_T_t db)
-\end{verbatim}
-
-Releases a shared or exclusive lock acquired with osa_adb_get_lock, or
-decrements the reference count if multiple locks have been requested.
-Releasing a permanent lock re-creates the lock file and releases all
-of the processes locks (ie: the reference count is set back to zero).
-
-All of a process' shared or exclusive database locks are released when
-the process terminates. A permanent lock is {\it not} released when
-the process exits (although the exclusive lock it begins with
-obviously is).
-
-\begin{verbatim}
-osa_adb_ret_t
-osa_adb_create_T(osa_adb_T_t db, osa_T_ent_t entry);
-\end{verbatim}
-%
-Adds the entry to the database. All fields are defined. Returns
-OSA_ADB_DUP if it already exists.
-
-\begin{verbatim}
-osa_adb_ret_t
-osa_adb_destroy_T(osa_adb_T_t db, osa_T_t name);
-\end{verbatim}
-
-Removes the named entry from the database. Returns OSA_ADB_NOENT if
-it does not exist.
-
-\begin{verbatim}
-osa_adb_ret_t
-osa_adb_get_T(osa_adb_T_t db, osa_T_t name,
- osa_princ_ent_t *entry);
-\end{verbatim}
-
-Looks up the named entry in the db, and returns it in *entry in
-allocated storage that must be freed with osa_adb_free_T. Returns
-OSA_ADB_NOENT if name does not exist, OSA_ADB_MEM if memory cannot be
-allocated.
-
-\begin{verbatim}
-osa_adb_ret_t
-osadb_adb_put_T(osa_adb_T_t db, osa_T_ent_t entry);
-\end{verbatim}
-
-Modifies the existing entry named in entry. All fields must be filled
-in. Returns OSA_DB_NOENT if the named entry does not exist. Note
-that this cannot be used to rename an entry; rename is implemented by
-deleting the old name and creating the new one (NOT ATOMIC!).
-
-\begin{verbatim}
-void osa_adb_free_T(osa_T_ent_t);
-\end{verbatim}
-
-Frees the memory associated with an osa_T_ent_t allocated by
-osa_adb_get_T.
-
-\begin{verbatim}
-typedef osa_adb_ret_t (*osa_adb_iter_T_func)(void *data,
- osa_T_ent_t entry);
-
-osa_adb_ret_t osa_adb_iter_T(osa_adb_T_t db, osa_adb_iter_T_func func,
- void *data);
-\end{verbatim}
-
-Iterates over every entry in the database. For each entry ent in the
-database db, the function (*func)(data, ent) is called. If func
-returns an error code, osa_adb_iter_T returns an error code. If all
-invokations of func return OSA_ADB_OK, osa_adb_iter_T returns
-OSA_ADB_OK. The function func is permitted to access the database,
-but the consequences of modifying the database during the iteration
-are undefined.
-
-\subsection{Kerberos Database}
-
-Kerberos uses dbm to store krb5_db_entry records. It can be accessed
-and modified in parallel with the Kerberos server, using functions
-that are defined inside the KDC and the libkdb.a.
-
-\subsubsection{Database Manipulation Functions}
-
-The following functions are declared in \v{lib/kdb/kdb_dbm.c} in the
-Kerberos sources and are available in libkdb.a. They can return the
-following error codes; error codes that can be returned by any
-function are indicated with a ``*'' and are not listed specifically
-for each function.
-
-\begin{description}
-\item[* KRB5_KDB_NOTINITED] The database is not open; call
-krb5_dbm_db_init.
-\item[* KRB5_KDB_CANTLOCK_DB] The necessary lock cannot be acquired. Try
-again later.
-\item[* system errors] An error occurred accessing the database files.
-\item[KRB5_KDB_DB_INUSE] The database was modified without the use
-of proper locking.\footnote{This error occurs when the entire database
-is swapped out from the under the process, say by a kdb5_edit restore.
-It can only be returned by krb5_db_get_principal. It is not yet clear
-what a program should do when it gets this error.}
-\item[KRB5_KDB_NOENTRY] The principal to be deleted is not
-in the database.
-\end{description}
-
-\begin{verbatim}
-krb5_dbm_db_init(void)
-\end{verbatim}
-
-Opens the Kerberos database file (but does not actually call
-dbm_open). This can be called even if the database is already open,
-in which case it just returns success.
-
-\begin{verbatim}
-krb5_dbm_db_fini(void)
-\end{verbatim}
-
-Closes the database file; this MUST be called before the process
-exits. Returns KRB5_KDB_DBNOTINITED if the database isn't open, but
-that isn't really a fatal error.
-
-\begin{verbatim}
-krb5_dbm_get_principal(krb5_principal searchfor,
- krb5_db_entry *entries, int *nentries, krb5_boolean *more)
-\end{verbatim}
-
-Search the database for the principal searchfor and write the results
-into *entries. The interface is set up to handle wildcard gets, but
-the code doesn't handle it: *nentries is assumed to be 1, and *more is
-always returned as 0.
-
-This function does not retry if the database cannot be locked; that is
-up to the caller.
-
-Returns KRB5_KDB_DB_INUSE.
-
-\begin{verbatim}
-krb5_dbm_put_principal(krb5_db_entry *entries, int *nentries)
-\end{verbatim}
-
-Stores *nentries elements from the entries array into the database.
-On return *nentries is set to the number of entries actually written;
-the first *nentries entries will have been written, even if an error
-pis returned.
-
-This function does not retry if the database cannot be locked; that is
-up to the caller.
-
-\begin{verbatim}
-krb5_dbm_db_delete_principal(krb5_principal searchfor, int *nentries)
-\end{verbatim}
-
-Removes the principal searchfor from the database. nentries will be
-set to 0 or 1 on output, indicating the number of entries deleted (the
-code does not currently support wildcards).
-
-Returns KRB5_KDB_NOENTRY.
-
-\begin{verbatim}
-typedef krb5_error_code (*iter_func)(krb5_pointer, krb5_db_entry *);
-
-krb5_dbm_db_iterate(iter_func func, krb5_point func_arg)
-\end{verbatim}
-
-Calls (*func)(func_arg, entry) for every entry in the database. If
-func returns an error code, the iteration stops and that error code is
-returned.
-
-Returns func error codes.
-
-\begin{verbatim}
-void krb5_dbm_db_free_principal(krb5_db_entry *entries, int nentries)
-\end{verbatim}
-
-Frees entries returned by krb5_dbm_db_get_principal. nentries entries
-in the array entries will be freed.
-
-\subsubsection{Initialization and Key Access}
-
-Keys stored in the Kerberos database are encrypted in the Kerberos
-master key. The admin server will therefore have to acquire the key
-before it can perform any key-changing operations, and will have to
-decrypt and encrypt the keys retrieved from and placed into the
-database via krb5_db_get_principal and _put_principal. This section
-describes the internal admin server API that will be used to perform
-these functions.
-
-\begin{verbatim}
-krb5_principal master_princ;
-krb5_encrypt_block master_encblock;
-krb5_keyblock master_keyblock;
-
-void kdc_init_master()
-\end{verbatim}
-
-kdc_init_master opens the database and acquires the master key. It
-also sets the global variables master_princ, master_encblock, and
-master_keyblock:
-
-\begin{itemize}
-\item master_princ is set to the name of the Kerberos master principal
-(\v{K/M@REALM}).
-
-\item master_encblock is something I have no idea about.
-
-\item master_keyblock is the Kerberos master key
-\end{itemize}
-
-\begin{verbatim}
-krb5_error_code kdb_get_entry_and_key(krb5_principal principal,
- krb5_db_entry *entry,
- krb5_keyblock *key)
-\end{verbatim}
-
-kdb_get_entry_and_key retrieves the named principal's entry from the
-database in entry, and decrypts its key into key. The caller must
-free entry with krb5_dbm_db_free_principal and free key-$>$contents with
-free.\footnote{The caller should also \v{memset(key-$>$contents, 0,
-key-$>$length)}. There should be a function krb5_free_keyblock_contents
-for this, but there is not.}
-
-\begin{verbatim}
-krb5_error_code kdb_put_entry_pw(krb5_db_entry *entry, char *pw)
-\end{verbatim}
-
-kdb_put_entry_pw stores entry in the database. All the entry values
-must already be set; this function does not change any of them except
-the key. pw, the NULL-terminated password string, is converted to a
-key using string-to-key with the salt type specified in
-entry-$>$salt_type.\footnote{The salt_type should be set based on the
-command line arguments to the kadmin server (see the ``Command Line''
-section of the functional specification).}
-
-\section{Admin Principal and Policy Database Implementation}
-
-The admin principal and policy databases will each be stored in a
-single hash table, implemented by the Berkeley 4.4BSD db library.
-Each record will consist of an entire osa_T_ent_t. The key into the
-hash table is the entry name (for principals, the ASCII representation
-of the name). The value is the T entry structure. Since the key and
-data must be self-contained, with no pointers, the Sun xdr mechanisms
-will be used to marshal and unmarshal data in the database.
-
-The server in the first release will be single-threaded in that a
-request will run to completion (or error) before the next will run,
-but multiple connections will be allowed simultaneously.
-
-\section{ACLs, acl_check}
-
-The ACL mechanism described in the ``Authorization ACLs'' section of
-the functional specifications will be implemented by the acl_check
-function.
-
-\begin{verbatim}
-enum access_t {
- ACCESS_DENIED = 0,
- ACCESS_OK = 1,
-};
-
-enum access_t acl_check(krb5_principal princ, char *priv);
-\end{verbatim}
-
-The priv argument must be one of ``get'', ``add'', ``delete'', or
-``modify''. acl_check returns 1 if the principal princ has the named
-privilege, 0 if it does not.
-
-\section{Function Details}
-
-This section discusses specific design issues for Admin API functions
-that are not addresed by the functional specifications.
-
-\subsection{ovsec_kadm_create_principal}
-
-If the named principal exists in either the Kerberos or admin
-principal database, but not both, return OVSEC_KADM_BAD_DB.
-
-The principal's initial key is not stored in the key history array at
-creation time.
-
-\subsection{ovsec_kadm_delete_principal}
-
-If the named principal exists in either the Kerberos or admin
-principal database, but not both, return OVSEC_KADM_BAD_DB.
-
-\subsection{ovsec_kadm_modify_principal}
-
-If the named principal exists in either the Kerberos or admin
-principal database, but not both, return OVSEC_KADM_BAD_DB.
-
-If pw_history_num changes and the new value $n$ is smaller than the
-current value of num_old_keys, old_keys should end up with the $n$
-most recent keys; these are found by counting backwards $n$ elements
-in old_keys from next_old_key. next_old_keys should then be reset to
-0, the oldest of the saved keys, and num_old_keys set to $n$, the
-new actual number of old keys in the array.
-
-\subsection{ovsec_kadm_chpass_principal, randkey_principal}
-
-The algorithm for determining whether a password is in the principal's
-key history is complicated by the use of the kadmin/history \k{h}
-encrypting key.
-
-\begin{enumerate}
-\item For ovsec_kadm_chpass_principal, convert the password to a key
-using string-to-key and the salt method specified by the command line
-arguments.
-
-\item If the POLICY bit is set and pw_history_num is not zero, check
-if the new key is in the history.
-\begin{enumerate}
-\item Retrieve the principal's current key and decrypt it with \k{M}.
-If it is the same as the new key, return OVSEC_KADM_PASS_REUSE.
-\item Retrieve the kadmin/history key \k{h} and decrypt it with \k{M}.
-\item Encrypt the principal's new key in \k{h}.
-\item If the principal's new key encrypted in \k{h} is in old_keys,
-return OVSEC_KADM_PASS_REUSE.
-\item Encrypt the principal's current key in \k{h} and store it in
-old_keys.
-\item Erase the memory containing \k{h}.
-\end{enumerate}
-
-\item Encrypt the principal's new key in \k{M} and store it in the
-database.
-\item Erase the memory containing \k{M}.
-\end{enumerate}
-
-To store the an encrypted key in old_keys, insert it as the
-next_old_key element of old_keys, and increment next_old_key by one
-modulo pw_history_num.
-
-\subsection{ovsec_kadm_get_principal}
-
-If the named principal exists in either the Kerberos or admin
-principal database, but not both, return OVSEC_KADM_BAD_DB.
-
-\end{document}
+++ /dev/null
-\documentstyle[times,fullpage,rcsid]{article}
-
-\rcs$Header$
-
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-%% Make _ actually generate an _, and allow line-breaking after it.
-\let\underscore=\_
-\catcode`_=13
-\def_{\underscore\penalty75\relax}
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-
-\newcommand{\test}[1]{\begin{description}
-\setlength{\itemsep}{0pt}
-#1
-\end{description}
-
-}
-
-\newcommand{\numtest}[2]{\begin{description}
-\setlength{\itemsep}{0pt}
-\Number{#1}
-#2
-\end{description}
-
-}
-
-\newcommand{\Number}[1]{\item[Number:] #1}
-\newcommand{\Reason}[1]{\item[Reason:] #1}
-%\newcommand{\Call}[1]{\item[Call:] #1}
-\newcommand{\Expected}[1]{\item[Expected:] #1}
-\newcommand{\Conditions}[1]{\item[Conditions:] #1}
-\newcommand{\Priority}[1]{\item[Priority:] #1}
-\newcommand{\Status}[1]{\item[Status:] #1}
-%\newcommand{\Number}[1]{}
-%\newcommand{\Reason}[1]{}
-\newcommand{\Call}[1]{}
-%\newcommand{\Expected}[1]{}
-%\newcommand{\Conditions}[1]{}
-%\newcommand{\Priority}[1]{}
-
-\title{OpenV*Secure 1.0 Admin API\\
-Unit Test Description\footnote{\rcsHeader}}
-\author{Jonathan I. Kamens}
-
-\begin{document}
-
-\maketitle
-
-%\tableofcontents
-
-\section{Introduction}
-
-The following is a description of a black-box unit test of the
-OpenV*Secure Admin API. Each API function is listed, followed by the
-tests that shoud be performed on it.
-
-The tests described here are based on the ``OV*Secure Admin Functional
-Specifications'' revision 1.41, dated August 18, 1994.
-
-Since inter-realm functionality is not a requirement for OpenV*Secure
-1.0, it is not tested.
-
-All tests which test for success should verify, using some means other
-than the return value of the function being tested, that the requested
-operation was successfully performed. For example: for init, test
-that other operations can be performed after init; for destroy, test
-that other operations can't be performed after destroy; for modify
-functions, verify that all modifications to the database which should
-have taken place did, and that the new, modified data is in effect;
-for get operations, verify that the data retrieved is the data that
-should actually be in the database.
-
-As of now the tests are being re-worked to use database comparision routines
-simular to the GUI tests. This routines are not completly in place yet. The
-purpose for using these routines is for better detection of incorrect
-database modification.
-
-Similarly, all tests which test for failure should verify that the
-no component of the requested operation took place. For example: if
-init fails, other operations should not work. If a modify fails, all
-data in the database should be the same as it was before the attempt
-to modify, and the old data should still be what is enforced.
-Furthermore, tests which test for failure should verify that the
-failure code returned is correct for the specific failure condition
-tested.
-
-Most of the tests listed below should be run twice -- once locally on
-the server after linking against the server API library, and once
-talking to the server via authenticated Sun RPC after linking against
-the client API library. Tests which should only be run locally or via
-RPC are labelled with a ``local'' or ``RPC''.
-
-Furthermore, in addition to the tests labelled below, a test should be
-implemented to verify that a client can't perform operations on the
-server through the client API library when it's linked against
-standard Sun RPC instead of OpenV*Secure's authenticated Sun RPC.
-This will require a client with a modified version of ovsec_kadm_init
-which doesn't call auth_gssapi_create. This client should call this
-modified ovsec_kadm_init and then call some other admin API function,
-specifying arguments to both functions that would work if the
-authenticated Sun RPC had been used, but shouldn't if authentication
-wasn't used. The test should verify that the API function call after
-the init doesn't succeed.
-
-There is also another test to see if all the API functions handle getting an
-invalid server handle correctly. This is not done as part of the tests that
-are run through the TCL program cause the TCL program has no way of
-invalidating a server handle. So there is a program that calls init and
-changes the handle magic number, and then attempts to call each API function
-with the corrupted server handle.
-
-\section{ovsec_kadm_init}
-
-\numtest{1}{
-\Reason{An empty string realm is rejected.}
-\Status{Implemented}
-}
-
-\numtest{2}{
-\Reason{A realm containing invalid characters is rejected.}
-\Status{Implemented}
-}
-
-\numtest{2.5}{
-\Reason{A non-existent realm is rejected.}
-\Status{Implemented}
-}
-
-\numtest{3}{
-\Reason{A bad service name representing an existing principal
- (different from the client principal) is rejected.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{4}{
-\Reason{A bad service name representing a non-existent
- principal is rejected.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{5}{
-\Reason{A bad service name identical to the (existing) client
- name is rejected.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{6}{
-\Reason{A null password causes password prompting.}
-\Status{Implemented}
-}
-
-\numtest{7}{
-\Reason{An empty-string causes password prompting}
-\Status{Implemented}
-}
-
-\numtest{8}{
-\Reason{An incorrect password which is the password of another
- user is rejected.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{9}{
-\Reason{An incorrect password which isn't the password of any
- user is rejected.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{10}{
-\Reason{A null client_name is rejected.}
-\Status{Implemented}
-}
-
-% Empty string client name is legal.
-%\numtest{11}{
-%\Reason{An empty-string client_name is rejected.}
-%}
-
-\numtest{12}{
-\Reason{A client_name referring to a non-existent principal in
- the default realm is rejected.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{13}{
-\Reason{A client_name referring to a non-existent principal
- with the local realm specified explicitly is rejected.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{14}{
-\Reason{A client_name referring to a non-existent principal in
- a nonexistent realm is rejected.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{15}{
-\Reason{A client_name referring to an existing principal in a
- nonexistent realm is rejected.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{16}{
-\Reason{Valid invocation.}
-\Status{Implemented}
-}
-
-\numtest{17}{
-\Reason{Valid invocation (explicit client realm).}
-\Status{Implemented}
-}
-
-\numtest{18}{
-\Reason{Valid invocation (CHANGEPW_SERVICE).}
-\Status{Implemented}
-}
-
-\numtest{19}{
-\Reason{Valid invocation (explicit service realm).}
-\Status{Implemented}
-}
-
-\numtest{20}{
-\Reason{Valid invocation (database access allowed after init).}
-\Status{Implemented}
-}
-
-%\numtest{21}{
-%\Reason{Init fails when called twice in a row.}
-%\Status{Implemented}
-%}
-
-\numtest{22}{
-\Reason{A null password causes master-key prompting.}
-\Conditions{local}
-\Status{Implemented}
-}
-
-\numtest{22.5}{
-\Reason{A empty string password causes master-key prompting.}
-\Conditions{local}
-\Status{Implemented}
-}
-
-%\numtest{23}{
-%\Reason{A non-null password causes reading from the kstash.}
-%\Conditions{local}
-%\Status{Implemented}
-%}
-
-\numtest{24}{
-\Reason{Null service name is ignored in local invocation.}
-\Conditions{local}
-\Status{Implemented}
-}
-
-\numtest{25}{
-\Reason{Non-null service name is ignored in local invocation.}
-\Conditions{local}
-\Status{Implemented}
-}
-
-%\numtest{26}{
-%\Reason{Can't do ``get'' operation before calling init.}
-%\Status{Implemented}
-%}
-
-%\numtest{27}{
-%\Reason{Can't do ``add'' operation before calling init.}
-%\Status{Implemented}
-%}
-
-%\numtest{28}{
-%\Reason{Can't do ``modify'' operation before calling init.}
-%\Status{Implemented}
-%}
-
-%\numtest{29}{
-%\Reason{Can't do ``delete'' operation before calling init.}
-%\Status{Implemented}
-%}
-
-\numtest{30}{
-\Reason{Can init after failed init attempt.}
-\Conditions{local}
-\Status{Implemented}
-}
-
-\numtest{31}{
-\Priority{High}
-\Reason{Return BAD_STRUCT_VERSION when the mask bits are set to invalid values}
-\Status{Implemented}
-}
-
-\numtest{32}{
-\Priority{High}
-\Reason{Return BAD_STRUCT_VERSION when the mask bits are not set}
-\Status{Implemented}
-}
-
-\numtest{33}{
-\Priority{High}
-\Reason{Return OLD_STRUCT_VERSION when attempting to use an old/unsupported
- structure version}
-\Status{Implemented}
-}
-
-\numtest{34}{
-\Priority{High}
-\Reason{Return NEW_STRUCT_VERSION when attempting to use a newer version of
- of the structure then what is supported}
-\Status{Implemented}
-}
-
-\numtest{35}{
-\Priority{High}
-\Reason{Return BAD_API_VERSION when the mask bits are set to invalid values}
-\Status{Implemented}
-}
-
-\numtest{36}{
-\Priority{High}
-\Reason{Return BAD_API_VERSION when the mask bits are not set}
-\Status{Implemented}
-}
-
-\numtest{37}{
-\Priority{High}
-\Reason{Return OLD_LIB_API_VERSION when using an old/unsuppored
- api version number}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{38}{
-\Priority{High}
-\Reason{Return OLD_SERVER_API_VERSION attempting to use an
- old/unsupported api version number}
-\Conditions{local}
-\Status{Implemented}
-}
-
-\numtest{39}{
-\Priority{High}
-\Reason{Return NEW_LIB_API_VERSION when using a newer api
- version number then supported}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{40}{
-\Priority{High}
-\Reason{Return NEW_SERVER_API_VERSION when using a newer api version
- number then supported}
-\Conditions{local}
-\Status{Implemented}
-}
-
-\numtest{41}{
-\Priority{High}
-\Reason{Return BAD_XXX_VERSION when the API and the structure
- version numbers are reversed}
-\Status{Implemented}
-}
-
-\numtest{42}{
-\Priority{High}
-\Reason{Succeeds when using valid api and struct version numbers and masks}
-\Status{Implemented}
-}
-
-\numtest{43}{
-\Priority{Low}
-\Reason{Returns two different server handle when called twice with same info}
-}
-
-\numtest{44}{
-\Priority{Low}
-\Reason{Returns two different server handles when called twice with
- different info}
-}
-
-\numtest{45}{
-\Priority{Bug fix, secure-install/3390}
-\Reason{Returns SECURE_PRINC_MISSING when ADMIN_SERVICE does not
-exist.}
-\Status{Implemented}
-}
-
-\numtest{46}{
-\Priority{Bug fix, secure-install/3390}
-\Reason{Returns SECURE_PRINC_MISSING when CHANGEPW_SERVICE does not
-exist.}
-\Status{Implemented}
-}
-
-\section{ovsec_kadm_destroy}
-
-\numtest{1}{
-\Reason{Valid invocation.}
-\Status{Implemented}
-}
-
-%\numtest{2}{
-%\Reason{Valid invocation (``get'' not allowed after destroy).}
-%\Status{Implemented}
-%}
-
-%\numtest{3}{
-%\Reason{Valid invocation (``add'' not allowed after destroy).}
-%\Status{Implemented}
-%}
-
-%\numtest{4}{
-%\Reason{Valid invocation (``modify'' not allowed after destroy).}
-%\Status{Implemented}
-%}
-
-%\numtest{5}{
-%\Reason{Valid invocation (``delete'' not allowed after destroy).}
-%\Status{Implemented}
-%}
-
-%\numtest{6}{
-%\Reason{Fails if database not initialized.}
-%\Status{Implemented}
-%}
-
-%\numtest{7}{
-%\Reason{Fails if invoked twice in a row.}
-%\Status{Implemented}
-%}
-
-\numtest{8}{
-\Reason{Database can be reinitialized after destroy.}
-\Status{Implemented}
-}
-
-\numtest{9}{
-\Priority{High}
-\Reason{Returns BAD_SERVER_HANDLE when a null server handle is passed in}
-\Status{Implemented}
-}
-
-\numtest{10}{
-\Priority{Low}
-\Reason{Connects to correct server when mutliple handles exist}
-\Conditions{client}
-}
-
-\section{ovsec_kadm_create_principal}
-
-%In the tests below, ``getu'' refers to a user who has only ``get'' access,
-%''addu'' refers to a user who has only ``add'' access, ``modifyu'' refers to
-%a user who has only ``modify'' access, and ``deleteu'' refers to a user
-%who has only ``delete'' access. ``amu'' refers to a user with ``add'' and
-%''modify'' access. ``new_princ'' refers to a principal entry structure
-%filled in as follows:
-%
-% krb5_parse_name("newuser", \&new_princ.principal);
-% krb5_timeofday(\&new_princ.princ_expire_time);
-% new_princ.princ_expire_time += 130;
-% krb5_timeofday(\&new_princ.last_pwd_change);
-% new_princ.last_pwd_change += 140;
-% krb5_timeofday(\&new_princ.pw_expiration);
-% new_princ.pw_expiration += 150;
-% new_princ.max_life = 160;
-% krb5_parse_name("usera", \&new_princ.mod_name);
-% krb5_timeofday(\&new_princ.mod_date);
-% new_princ.mod_date += 170;
-% new_princ.attributes = 0xabcdabcd;
-% new_princ.kvno = 180;
-% new_princ.mkvno = 190;
-% new_princ.policy = null;
-% new_princ.aux_attributes = 0xdeadbeef;
-%
-%The offsets of 130 through 190 above are used to ensure that the
-%fields are all known to be different from each other, so that
-%accidentally switched fields can be detected. Some of the fields in
-%this structure may be changed by the tests, but they should clean up
-%after themselves.
-
-%\numtest{1}{
-%\Reason{Fails if database not initialized.}
-%\Status{Implemented}
-%}
-
-\numtest{2}{
-\Reason{Fails on null princ argument.}
-\Status{Implemented}
-}
-
-\numtest{3}{
-\Reason{Fails on null password argument.}
-\Status{Implemented}
-}
-
-\numtest{4}{
-\Reason{Fails on empty-string password argument.}
-\Status{Implemented}
-}
-
-\numtest{5}{
-\Reason{Fails when mask contains undefined bit.}
-\Status{Implemented}
-}
-
-\numtest{6}{
-\Reason{Fails when mask contains LAST_PWD_CHANGE bit.}
-\Status{Implemented}
-}
-
-\numtest{7}{
-\Reason{Fails when mask contains MOD_TIME bit.}
-\Status{Implemented}
-}
-
-\numtest{8}{
-\Reason{Fails when mask contains MOD_NAME bit.}
-\Status{Implemented}
-}
-
-\numtest{9}{
-\Reason{Fails when mask contains MKVNO bit.}
-\Status{Implemented}
-}
-
-\numtest{10}{
-\Reason{Fails when mask contains AUX_ATTRIBUTES bit.}
-\Status{Implemented}
-}
-
-\numtest{11}{
-\Reason{Fails when mask contains POLICY_CLR bit.}
-\Status{Implemented}
-}
-
-\numtest{12}{
-\Reason{Fails for caller with no access bits.}
-\Status{Implemented}
-}
-
-\numtest{13}{
-\Reason{Fails when caller has ``get'' access and not ``add''.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{14}{
-\Reason{Fails when caller has ``modify'' access and not ``add''.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{15}{
-\Reason{Fails when caller has ``delete'' access and not ``add''.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{16}{
-\Reason{Fails when caller connected with CHANGEPW_SERVICE.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{17}{
-\Reason{Fails on attempt to create existing principal.}
-\Status{Implemented}
-}
-
-\numtest{18}{
-\Reason{Fails when password is too short.}
-\Status{Implemented}
-}
-
-\numtest{19}{
-\Reason{Fails when password has too few classes.}
-\Status{Implemented}
-}
-
-\numtest{20}{
-\Reason{Fails when password is in dictionary.}
-\Status{Implemented}
-}
-
-\numtest{21}{
-\Reason{Nonexistent policy is rejected.}
-\Status{Implemented}
-}
-
-\numtest{22}{
-\Reason{Fails on invalid principal name.}
-\Status{Implemented}
-}
-
-\numtest{23}{
-\Reason{Valid invocation.}
-\Status{Implemented}
-}
-
-\numtest{24}{
-\Reason{Succeeds when caller has ``add'' access and another one.}
-\Status{Implemented}
-}
-
-%\numtest{25}{
-%\Reason{Fails when password is too short, when override_qual is true.}
-%}
-
-%\numtest{26}{
-%\Reason{Fails when password has too few classes, when
-% override_qual is true.}
-%}
-
-%\numtest{27}{
-%\Reason{Fails when password is in dictionary, when override_qual is
-% true.}
-%}
-
-\numtest{28}{
-\Reason{Succeeds when assigning policy.}
-\Status{Implemented}
-}
-
-\numtest{29}{
-\Priority{High}
-\Reason{Allows 0 (never) for princ_expire_time.}
-\Status{Implemented}
-}
-
-\numtest{30}{
-\Reason{Allows 0 (never) for pw_expiration when there's no policy.}
-\Status{Implemented}
-}
-
-\numtest{31}{
-\Reason{Allows 0 (never) for pw_expiration when there's a policy with
- 0 for pw_max_life.}
-\Status{Implemented}
-}
-
-\numtest{32}{
-\Reason{Accepts 0 (never) for pw_expiration when there's a policy with
- non-zero pw_max_life, but actually sets pw_expiration to now +
- pw_max_life.}
-\Status{Implemented}
-}
-
-\numtest{33}{
-\Reason{Accepts and sets non-zero pw_expiration when no policy.}
-\Status{Implemented}
-}
-
-\numtest{34}{
-\Reason{Accepts and sets non-zero pw_expiration when there's a policy
- with zero pw_max_life.}
-\Status{Implemented}
-}
-
-\numtest{35}{
-\Reason{Accepts and sets non-zero pw_expiration when there's a policy
- with pw_max_life later than the specified pw_expiration.}
-\Status{Implemented}
-}
-
-\numtest{36}{
-\Reason{Accepts non-zero pw_expiration and limits it to now +
- pw_max_life when it's later than now + non-zero pw_max_life in
- policy.}
-\Status{Implemented}
-}
-
-\numtest{37}{
-\Priority{High}
-\Reason{Sets pw_expiration to 0 (never) if there's no policy and no
- specified pw_expiration.}
-\Status{Implemented}
-}
-
-\numtest{38}{
-\Priority{High}
-\Reason{Sets pw_expiration to 0 (never) if it isn't specified and the
- policy has a 0 (never) pw_max_life.}
-\Status{Implemented}
-}
-
-\numtest{39}{
-\Priority{High}
-\Reason{Sets pw_expiration to now + pw_max_life if it isn't specified
- and the policy has a non-zero pw_max_life.}
-\Status{Implemented}
-}
-
-\numtest{40}{
-\Priority{High}
-\Reason{Allows 0 (forever) for max_life.}
-\Status{Implemented}
-}
-
-\numtest{41}{
-\Priority{High}
-\Reason{Doesn't modify or free mod_name on success.}
-}
-
-\numtest{42}{
-\Priority{High}
-\Reason{Doesn't modify or free mod_name on failure.}
-}
-
-\numtest{43}{
-\Priority{High}
-\Reason{Returns BAD_SERVER_HANDLE when a null server handle is passed in}
-\Status{Implemented}
-}
-
-\numtest{44}{
-\Priority{Low}
-\Reason{Connects to correct server when mutliple handles exist}
-\Conditions{RPC}
-}
-
-
-\section{ovsec_kadm_delete_principal}
-
-%\numtest{1}{
-%\Reason{Fails if database not initialized.}
-%\Status{Implemented}
-%}
-
-\numtest{2}{
-\Reason{Fails on null principal.}
-\Status{Implemented}
-}
-
-% Empty string principal is legal.
-%\numtest{3}{
-%\Reason{Fails on empty-string principal.}
-%}
-
-% There is not invalid principal names
-%\numtest{4}{
-%\Reason{Fails on invalid principal name.}
-%}
-
-\numtest{5}{
-\Priority{High}
-\Reason{Fails on nonexistent principal.}
-\Status{Implemented}
-}
-
-\numtest{6}{
-\Priority{High}
-\Reason{Fails when caller connected with CHANGEPW_SERVICE.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{7}{
-\Priority{High}
-\Reason{Fails if caller has ``add'' access and not ``delete''.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{8}{
-\Priority{High}
-\Reason{Fails if caller has ``modify'' access and not ``delete''.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{9}{
-\Priority{High}
-\Reason{Fails if caller has ``get'' access and not ``delete''.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{10}{
-\Priority{High}
-\Reason{Fails if caller has no access bits.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{11}{
-\Priority{High}
-\Reason{Valid invocation.}
-\Status{Implemented}
-}
-
-\numtest{12}{
-\Priority{High}
-\Reason{Valid invocation (on principal with policy).}
-\Status{Implemented}
-}
-
-\numtest{13}{
-\Priority{High}
-\Reason{Returns BAD_SERVER_HANDLE when a null server handle is passed in}
-\Status{Implemented}
-}
-
-\numtest{14}{
-\Priority{Low}
-\Reason{Connects to correct server when mutliple handles exist}
-\Conditions{RPC}
-}
-
-
-\section{ovsec_kadm_modify_principal}
-
-%\numtest{1}{
-%\Reason{Fails if database not initialized.}
-%\Status{Implemented}
-%}
-
-\numtest{2}{
-\Priority{High}
-\Reason{Fails if user connected with CHANGEPW_SERVICE.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{3}{
-\Reason{Fails on mask with undefined bit set.}
-\Status{Implemented}
-}
-
-\numtest{4}{
-\Reason{Fails on mask with PRINCIPAL set.}
-\Status{Implemented}
-}
-
-\numtest{5}{
-\Priority{High}
-\Reason{Fails on mask with LAST_PWD_CHANGE set.}
-\Status{Implemented}
-}
-
-\numtest{6}{
-\Reason{Fails on mask with MOD_TIME set.}
-\Status{Implemented}
-}
-
-\numtest{7}{
-\Reason{Fails on mask with MOD_NAME set.}
-\Status{Implemented}
-}
-
-\numtest{8}{
-\Reason{Fails on mask with MKVNO set.}
-\Status{Implemented}
-}
-
-\numtest{9}{
-\Priority{High}
-\Reason{Fails on mask with AUX_ATTRIBUTES set.}
-\Status{Implemented}
-}
-
-\numtest{10}{
-\Reason{Fails on nonexistent principal.}
-\Status{Implemented}
-}
-
-\numtest{11}{
-\Priority{High}
-\Reason{Fails for user with no access bits.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{12}{
-\Priority{High}
-\Reason{Fails for user with ``get'' access.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{13}{
-\Priority{High}
-\Reason{Fails for user with ``add'' access.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{14}{
-\Priority{High}
-\Reason{Fails for user with ``delete'' access.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{15}{
-\Priority{High}
-\Reason{Succeeds for user with ``modify'' access.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{16}{
-\Reason{Succeeds for user with ``modify'' and another access.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{17}{
-\Priority{High}
-\Reason{Fails when nonexistent policy is specified.}
-\Status{Implemented}
-}
-
-\numtest{18}{
-\Priority{High}
-\Reason{Succeeds when existent policy is specified.}
-\Status{Implemented}
-}
-
-\numtest{19}{
-\Reason{Updates policy count when setting policy from none.}
-\Status{Implemented}
-}
-
-\numtest{20}{
-\Reason{Updates policy count when clearing policy from set.}
-\Status{Implemented}
-}
-
-\numtest{21}{
-\Reason{Updates policy count when setting policy from other policy.}
-\Status{Implemented}
-}
-
-\numtest{21.5}{
-\Reason{Policy reference count remains unchanged when policy is
- changed to itself.}
-\Status{Implemented.}
-}
-
-\numtest{22}{
-\Reason{Allows 0 (never) for pw_expiration when there's no policy.}
-\Status{Implemented}
-}
-
-\numtest{23}{
-\Reason{Allows 0 (never) for pw_expiration when there's a policy with
- 0 for pw_max_life.}
-\Status{Implemented}
-}
-
-\numtest{24}{
-\Reason{Accepts 0 (never) for pw_expiration when there's a policy with
- non-zero pw_max_life, but actually sets pw_expiration to
- last_pwd_change + pw_max_life.}
-\Status{Implemented}
-}
-
-\numtest{25}{
-\Reason{Accepts and sets non-zero pw_expiration when no policy.}
-\Status{Implemented}
-}
-
-\numtest{26}{
-\Reason{Accepts and sets non-zero pw_expiration when there's a policy
- with zero pw_max_life.}
-\Status{Implemented}
-}
-
-\numtest{27}{
-\Reason{Accepts and sets non-zero pw_expiration when there's a policy
- with pw_max_life later than the specified pw_expiration.}
-\Status{Implemented}
-}
-
-\numtest{28}{
-\Reason{Accepts non-zero pw_expiration and limits it to last_pwd_change +
- pw_max_life when it's later than last_pwd_change + non-zero
- pw_max_life in policy.}
-\Status{Implemented}
-}
-
-\numtest{29}{
-\Priority{High}
-\Reason{Sets pw_expiration to 0 (never) if there's no policy and no
- specified pw_expiration.}
-\Status{Implemented}
-}
-
-\numtest{30}{
-\Priority{High}
-\Reason{Sets pw_expiration to 0 (never) if it isn't specified and the
- policy has a 0 (never) pw_max_life.}
-\Status{Implemented}
-}
-
-\numtest{31}{
-\Priority{High}
-\Reason{Sets pw_expiration to now + pw_max_life if it isn't specified
- and the policy has a non-zero pw_max_life.}
-\Status{Implemented}
-}
-
-\numtest{32}{
-\Priority{High}
-\Reason{Accepts princ_expire_time change.}
-\Status{Implemented}
-}
-
-
-
-\numtest{33}{
-\Priority{High}
-\Reason{Accepts attributes change.}
-\Status{Implemented}
-}
-
-\numtest{33.25}{
-\Priority{High}
-\Reason{Accepts attributes change (KRB5_KDB_REQUIRES_PW_CHANGE).}
-\Status{Implemented}
-}
-
-\numtest{33.5}{
-\Priority{High}
-\Reason{Accepts attributes change (KRB5_DISALLOW_TGT_BASE).}
-\Status{Implemented}
-}
-
-\numtest{33.75}{
-\Priority{High}
-\Reason{Accepts attributes change (KRB5_PW_CHANGE_SERVICE).}
-\Status{Implemented}
-}
-
-\numtest{34}{
-\Priority{High}
-\Reason{Accepts max_life change.}
-\Status{Implemented}
-}
-
-\numtest{35}{
-\Priority{High}
-\Reason{Accepts kvno change.}
-\Status{Implemented}
-}
-
-\numtest{36}{
-\Reason{Behaves correctly when policy is set to the same as it was
- before.}
-\Status{Implemented}
-}
-
-\numtest{37}{
-\Reason{Behaves properly when POLICY_CLR is specified and there was no
- policy before.}
-\Status{Implemented}
-}
-
-\numtest{38}{
-\Priority{High}
-\Reason{Accepts 0 (never) for princ_expire_time.}
-\Status{Implemented}
-}
-
-\numtest{39}{
-\Priority{High}
-\Reason{Accepts 0 for max_life.}
-\Status{Implemented}
-}
-
-\numtest{40}{
-\Reason{Rejects null principal argument.}
-\Status{Implemented}
-}
-
-\numtest{41}{
-\Priority{High}
-\Reason{Doesn't modify or free mod_name on success.}
-}
-
-\numtest{42}{
-\Priority{High}
-\Reason{Doesn't modify or free mod_name on failure.}
-}
-
-\numtest{43}{
-\Priority{High}
-\Reason{Returns BAD_SERVER_HANDLE when a null server handle is passed in}
-\Status{Implemented}
-}
-
-\numtest{44}{
-\Priority{Low}
-\Reason{Connects to correct server when mutliple handles exist}
-\Conditions{RPC}
-}
-
-
-\section{ovsec_kadm_rename_principal}
-
-%\numtest{1}{
-%\Reason{Fails if database not initialized.}
-%\Status{Implemented}
-%}
-
-\numtest{2}{
-\Priority{High}
-\Reason{Fails if user connected with CHANGEPW_SERVICE.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{3}{
-\Priority{High}
-\Reason{Fails for user with no access bits.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{4}{
-\Reason{Fails for user with ``modify'' access and not ``add'' or
-``delete''.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{5}{
-\Reason{Fails for user with ``get'' access and not ``add'' or
-``delete''.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{6}{
-\Reason{Fails for user with ``modify'' and ``add'' but not ``delete''.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{7}{
-\Reason{Fails for user with ``modify'' and ``delete'' but not ``add''.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{8}{
-\Reason{Fails for user with ``get'' and ``add'' but not ``delete''.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{9}{
-\Reason{Fails for user with ``get'' and ``delete'' but not ``add.''}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{10}{
-\Reason{Fails for user with ``modify'', ``get'' and ``add'', but not
- ``delete''.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{11}{
-\Reason{Fails for user with ``modify'', ``get'' and ``delete'', but
- not ``add''.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{12}{
-\Priority{High}
-\Reason{Fails for user with ``add'' but not ``delete''.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{13}{
-\Priority{High}
-\Reason{Fails for user with ``delete'' but not ``add''.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{14}{
-\Priority{High}
-\Reason{Succeeds for user with ``add'' and ``delete''.}
-\Status{Implemented}
-}
-
-\numtest{15}{
-\Priority{High}
-\Reason{Fails if target principal name exists.}
-\Status{Implemented}
-}
-
-\numtest{16}{
-\Priority{High}
-\Reason{Returns BAD_SERVER_HANDLE when a null server handle is passed in}
-\Status{Implemented}
-}
-
-\numtest{17}{
-\Priority{Low}
-\Reason{Connects to correct server when mutliple handles exist}
-\Conditions{RPC}
-}
-
-
-\section{ovsec_kadm_chpass_principal}
-\label{ovseckadmchpassprincipal}
-
-\subsection{Quality/history enforcement tests}
-
-This section lists a series of tests which will be run a number of
-times, with various parameter settings (e.g., which access bits user
-has, whether user connected with ADMIN_SERVICE or CHANGEPW_SERVICE,
-etc.). The table following the
-list of tests gives the various parameter settings under which the
-tests should be run, as well which should succeed and which should
-fail for each choice of parameter settings.
-
-\subsubsection{List of tests}
-
-The test number of each of these tests is an offset from the base
-given in the table below.
-
-\numtest{1}{
-\Priority{High}
-\Reason{With history setting of 1, change password to itself.}
-}
-
-\numtest{2}{
-\Reason{With history setting of 2 but no password changes since
- principal creation, change password to itself.}
-}
-
-\numtest{3}{
-\Reason{With history setting of 2 and one password change since
- principal creation, change password to itself
- and directly previous password.}
-}
-
-\numtest{4}{
-\Priority{High}
-\Reason{With a history setting of 3 and no password changes,
- change password to itself.}
-}
-
-\numtest{5}{
-\Priority{High}
-\Reason{With a history setting of 3 and 1 password change,
- change password to itself or previous password.}
-}
-
-\numtest{6}{
-\Priority{High}
-\Reason{With a history setting of 3 and 2 password changes,
- change password to itself and the two previous passwords.}
-}
-
-\numtest{7}{
-\Priority{High}
-\Reason{Change to previously unused password when now -
- last_pwd_change $<$ pw_min_life.}
-}
-
-\numtest{8}{
-\Priority{High}
-\Reason{Change to previously unused password that doesn't contain enough
- character classes.}
-}
-
-\numtest{9}{
-\Priority{High}
-\Reason{Change to previously unused password that's too short.}
-}
-
-\numtest{10}{
-\Priority{High}
-\Reason{Change to previously unused password that's in the dictionary.}
-}
-
-\subsubsection{List of parameter settings}
-
-In the table below, ``7 passes'' means that test 7 above passes and
-the rest of the tests fail.
-
-\begin{tabular}{llllll}
-Base & Modify access? & Own password? & Service & Pass/Fail \\ \hline
-0 & No & Yes & ADMIN & all fail \\
-20 & No & Yes & CHANGEPW & all fail \\
-40 & No & No & ADMIN & all fail \\
-60 & No & No & CHANGEPW & all fail \\
-80 & Yes & Yes & ADMIN & 7 passes \\
-100 & Yes & Yes & CHANGEPW & all fail \\
-120 & Yes & No & ADMIN & 7 passes \\
-140 & Yes & No & CHANGEPW & all fail \\
-\end{tabular}
-
-\subsection{Other quality/history tests}
-
-\numtest{161}{
-\Priority{High}
-\Reason{With history of 1, can change password to anything other than
- itself that doesn't conflict with other quality
- rules.}
-}
-
-\numtest{162}{
-\Reason{With history of 2 and 2 password changes, can change password
- to original password.}
-}
-
-\numtest{163}{
-\Priority{High}
-\Reason{With history of 3 and 3 password changes, can change password
- to original password.}
-}
-
-\numtest{164}{
-\Priority{High}
-\Reason{Can change password when now - last_pwd_change $>$ pw_min_life.}
-}
-
-\numtest{165}{
-\Priority{High}
-\Reason{Can change password when it contains exactly the number of
- classes required by the policy.}
-}
-
-\numtest{166}{
-\Priority{High}
-\Reason{Can change password when it is exactly the length required by
- the policy.}
-}
-
-\numtest{167}{
-\Priority{High}
-\Reason{Can change password to a word that isn't in the dictionary.}
-}
-
-
-\subsection{Other tests}
-
-%\numtest{168}{
-%\Reason{Fails if database not initialized.}
-%}
-
-\numtest{169}{
-\Reason{Fails for non-existent principal.}
-}
-
-\numtest{170}{
-\Reason{Fails for null password.}
-}
-
-\numtest{171}{
-\Priority{High}
-\Reason{Fails for empty-string password.}
-}
-
-\numtest{172}{
-\Priority{High}
-\Reason{Pw_expiration is set to now + max_pw_life if policy exists and
- has non-zero max_pw_life.}
-}
-
-\numtest{173}{
-\Priority{High}
-\Reason{Pw_expiration is set to 0 if policy exists and has zero
- max_pw_life.}
-}
-
-\numtest{174}{
-\Priority{High}
-\Reason{Pw_expiration is set to 0 if no policy.}
-}
-
-\numtest{175}{
-\Priority{High}
-\Reason{KRB5_KDC_REQUIRES_PWCHANGE bit is cleared when password is
- successfully changed.}
-}
-
-\numtest{176}{
-\Priority{High}
-\Reason{Fails for user with no access bits, on other's password.}
-}
-
-\numtest{177}{
-\Priority{High}
-\Reason{Fails for user with ``get'' but not ``modify'' access, on
- other's password.}
-}
-
-\numtest{178}{
-\Reason{Fails for user with ``delete'' but not ``modify'' access, on
- other's password.}
-}
-
-\numtest{179}{
-\Reason{Fails for user with ``add'' but not ``modify'' access, on
- other's password.}
-}
-
-\numtest{180}{
-\Reason{Succeeds for user with ``get'' and ``modify'' access, on
- other's password.}
-\Status{Implemented}
-}
-
-\numtest{180.5}{
-\Priority{High}
-\Reason{Succeeds for user with ``modify'' but not ``get'' access, on
- other's password.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-\numtest{180.625}{
-\Priority{High}
-\Reason{Fails for user with modify when connecting with CHANGEPW_SERVICE on
- others password}
-\Conditions{RPC}
-\Status{Implemented}
-}
-\numtest{180.75}{
-\Priority{High}
-\Reason{Fails for user with modify when connecting with CHANGEPW_SERVICE
- on other's password which has expired}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-%\numtest{181}{
-%\Reason{Password that would succeed if override_qual were false fails
-% if override_qual is true.}
-%\Expected{Returns CANNOT_OVERRIDE.}
-%}
-
-\numtest{182}{
-\Priority{High}
-\Reason{Can not change key of ovsec_adm/history principal.}
-\Status{Implemented}
-}
-
-\numtest{183}{
-\Priority{High}
-\Reason{Returns BAD_SERVER_HANDLE when a null server handle is passed in}
-\Status{Implemented}
-}
-
-\numtest{184}{
-\Priority{Low}
-\Reason{Connects to correct server when mutliple handles exist}
-\Conditions{RPC}
-}
-
-
-\section{ovsec_kadm_chpass_principal_util}
-
-Rerun all the tests listed for ovsec_kadm_chpass_principal above in
-Section \ref{ovseckadmchpassprincipal}. Verify that they succeed
-and fail in the same circumstances. Also verify that in each failure
-case, the error message returned in msg_ret is as specified in the
-functional specification.
-
-Also, run the following additional tests.
-
-\numtest{1}{
-\Reason{Null msg_ret is rejected.}
-}
-
-\numtest{2}{
-\Priority{High}
-\Reason{New password is put into pw_ret, when it's prompted for.}
-}
-
-\numtest{3}{
-\Priority{High}
-Reason{New password is put into pw_ret, when it's supplied by the
- caller.}
-}
-
-\numtest{4}{
-\Priority{High}
-\Reason{Successful invocation when pw_ret is null.}
-}
-
-
-
-\section{ovsec_kadm_randkey_principal}
-
-\subsection{TOOSOON enforcement tests}
-
-This test should be run a number of times, as indicated in the table
-following it. The table also indicates the expected result of each
-run of the test.
-
-\test{
-\Reason{Change key when now - last_pwd_change $<$ pw_min_life.}
-}
-
-\subsubsection{List of parameter settings}
-
-\begin{tabular}{llllll}
-Number & Modify Access? & Own Key? & Service & Pass/Fail & Implemented? \\ \hline
-1 & No & Yes & ADMIN & fail & Yes \\
-3 & No & Yes & CHANGEPW & fail & Yes \\
-5 & No & No & ADMIN & fail \\
-7 & No & No & CHANGEPW & fail \\
-9 & Yes & Yes & ADMIN & pass \\
-11 & Yes & Yes & CHANGEPW & fail \\
-13 & Yes & No & ADMIN & pass & Yes \\
-15 & Yes & No & CHANGEPW & fail & Yes \\
-\end{tabular}
-
-\subsection{Other tests}
-
-\numtest{17}{
-\Reason{Fails if database not initialized.}
-}
-
-\numtest{18}{
-\Reason{Fails for non-existent principal.}
-}
-
-\numtest{19}{
-\Reason{Fails for null keyblock pointer.}
-}
-
-\numtest{20}{
-\Priority{High}
-\Reason{Pw_expiration is set to now + max_pw_life if policy exists and
- has non-zero max_pw_life.}
-}
-
-\numtest{21}{
-\Priority{High}
-\Reason{Pw_expiration is set to 0 if policy exists and has zero
- max_pw_life.}
-}
-
-\numtest{22}{
-\Priority{High}
-\Reason{Pw_expiration is set to 0 if no policy.}
-}
-
-\numtest{23}{
-\Priority{High}
-\Reason{KRB5_KDC_REQUIRES_PWCHANGE bit is cleared when key is
- successfully changed.}
-}
-
-\numtest{24}{
-\Priority{High}
-\Reason{Fails for user with no access bits, on other's password.}
-}
-
-\numtest{25}{
-\Priority{High}
-\Reason{Fails for user with ``get'' but not ``modify'' access, on
- other's password.}
-}
-
-\numtest{26}{
-\Reason{Fails for user with ``delete'' but not ``modify'' access, on
- other's password.}
-}
-
-\numtest{27}{
-\Reason{Fails for user with ``add'' but not ``modify'' access, on
- other's password.}
-}
-
-\numtest{28}{
-\Reason{Succeeds for user with ``get'' and ``modify'' access, on
- other's password.}
-\Status{Implemented}
-}
-\numtest{28.25}{
-\Priority{High}
-\Reason{Fails for user with get and modify access on others password
- When conneceted with CHANGEPW_SERVICE}
-\Status{Implemented}
-}
-
-\numtest{28.5}{
-\Priority{High}
-\Reason{Succeeds for user with ``modify'' but not ``get'' access, on
- other's password.}
-\Status{Implemented}
-
-}
-
-\numtest{29}{
-\Reason{The new key that's assigned is truly random. XXX not sure how
- to test this.}
-}
-
-\numtest{30}{
-\Reason{Succeeds for own key, no other access bits when connecting with CHANGEPW service}
-\Status{Implemented}
-}
-\numtest{31}{
-\Reason{Succeeds for own key, no other access bits when connecting with ADMIM service}
-\Status{Implemented}
-}
-
-\numtest{32}{
-\Reason{Cannot change ovsec_adm/history key}
-\Status{Implemented}
-}
-
-\numtest{33}{
-\Priority{High}
-\Reason{Returns BAD_SERVER_HANDLE when a null server handle is passed in}
-\Status{Implemented}
-}
-
-\numtest{34}{
-\Priority{Low}
-\Reason{Connects to correct server when mutliple handles exist}
-\Conditions{RPC}
-}
-
-
-\section{ovsec_kadm_get_principal}
-
-\numtest{1}{
-\Reason{Fails for null ent.}
-\Status{Implemented}
-}
-
-\numtest{2}{
-\Reason{Fails for non-existent principal.}
-\Status{Implemented}
-}
-
-\numtest{3}{
-\Priority{High}
-\Reason{Fails for user with no access bits, retrieving other principal.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{4}{
-\Priority{High}
-\Reason{Fails for user with ``add'' but not ``get'', getting principal
- other than his own, using ADMIN_SERVICE.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{5}{
-\Reason{Fails for user with ``modify'' but not ``get'', getting
- principal other than his own, using ADMIN_SERVICE.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{6}{
-\Reason{Fails for user with ``delete'' but not ``get'', getting
- principal other than his own, using ADMIN_SERVICE.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{7}{
-\Reason{Fails for user with ``delete'' but not ``get'', getting
- principal other than his own, using CHANGEPW_SERVICE.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{8}{
-\Priority{High}
-\Reason{Fails for user with ``get'', getting principal other than his
- own, using CHANGEPW_SERVICE.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{9}{
-\Priority{High}
-\Reason{Succeeds for user without ``get'', retrieving self, using
- ADMIN_SERVICE.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{10}{
-\Reason{Succeeds for user without ``get'', retrieving self, using
- CHANGEPW_SERVICE.}
-\Status{Implemented}
-}
-
-\numtest{11}{
-\Reason{Succeeds for user with ``get'', retrieving self, using
- ADMIN_SERVICE.}
-\Status{Implemented}
-}
-
-\numtest{12}{
-\Reason{Succeeds for user with ``get'', retrieving self, using
- CHANGEPW_SERVICE.}
-\Status{Implemented}
-}
-
-\numtest{13}{
-\Priority{High}
-\Reason{Succeeds for user with ``get'', retrieving other user, using
- ADMIN_SERVICE.}
-\Status{Implemented}
-}
-
-\numtest{14}{
-\Reason{Succeeds for user with ``get'' and ``modify'', retrieving
- other principal, using ADMIN_SERVICE.}
-\Status{Implemented}
-}
-
-\numtest{15}{
-\Priority{High}
-\Reason{Returns BAD_SERVER_HANDLE when a null server handle is passed in}
-\Status{Implemented}
-}
-
-\numtest{16}{
-\Priority{Low}
-\Reason{Connects to correct server when mutliple handles exist}
-\Conditions{RPC}
-}
-
-
-\section{ovsec_kadm_create_policy}
-
-\numtest{1}{
-\Reason{Fails for mask with undefined bit set.}
-\Status{Implemented - untested}
-}
-
-\numtest{2}{
-\Priority{High}
-\Reason{Fails if caller connected with CHANGEPW_SERVICE.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{3}{
-\Reason{Fails for mask without POLICY bit set.}
-\Status{Implemented - untested}
-}
-
-\numtest{4}{
-\Reason{Fails for mask with REF_COUNT bit set.}
-\Status{Implemented}
-}
-
-\numtest{5}{
-\Reason{Fails for invalid policy name.}
-\Status{Implemented - untested}
-}
-
-\numtest{6}{
-\Priority{High}
-\Reason{Fails for existing policy name.}
-\Status{Implemented}
-}
-
-\numtest{7}{
-\Reason{Fails for null policy name.}
-\Status{Implemented - untested}
-}
-
-\numtest{8}{
-\Priority{High}
-\Reason{Fails for empty-string policy name.}
-\Status{Implemented}
-}
-
-\numtest{9}{
-\Priority{High}
-\Reason{Accepts 0 for pw_min_life.}
-\Status{Implemented}
-}
-
-\numtest{10}{
-\Priority{High}
-\Reason{Accepts non-zero for pw_min_life.}
-\Status{Implemented}
-}
-
-\numtest{11}{
-\Priority{High}
-\Reason{Accepts 0 for pw_max_life.}
-\Status{Implemented}
-}
-
-\numtest{12}{
-\Priority{High}
-\Reason{Accepts non-zero for pw_max_life.}
-\Status{Implemented}
-}
-
-\numtest{13}{
-\Priority{High}
-\Reason{Rejects 0 for pw_min_length.}
-\Status{Implemented}
-}
-
-\numtest{14}{
-\Priority{High}
-\Reason{Accepts non-zero for pw_min_length.}
-\Status{Implemented}
-}
-
-\numtest{15}{
-\Priority{High}
-\Reason{Rejects 0 for pw_min_classes.}
-\Status{Implemented}
-}
-
-\numtest{16}{
-\Priority{High}
-\Reason{Accepts 1 for pw_min_classes.}
-\Status{Implemented}
-}
-
-\numtest{17}{
-\Priority{High}
-\Reason{Accepts 4 for pw_min_classes.}
-\Status{Implemented}
-}
-
-\numtest{18}{
-\Priority{High}
-\Reason{Rejects 5 for pw_min_classes.}
-\Status{Implemented}
-}
-
-\numtest{19}{
-\Priority{High}
-\Reason{Rejects 0 for pw_history_num.}
-\Status{Implemented}
-}
-
-\numtest{20}{
-\Priority{High}
-\Reason{Accepts 1 for pw_history_num.}
-\Status{Implemented}
-}
-
-\numtest{21}{
-\Priority{High}
-\Reason{Accepts 10 for pw_history_num.}
-\Status{Implemented}
-}
-
-\numtest{21.5}{
-\Reason{Rejects 11 for pw_history_num.}
-\Status{Implemented - untested}
-}
-
-\numtest{22}{
-\Priority{High}
-\Reason{Fails for user with no access bits.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{23}{
-\Priority{High}
-\Reason{Fails for user with ``get'' but not ``add''.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{24}{
-\Reason{Fails for user with ``modify'' but not ``add.''}
-\Conditions{RPC}
-\Status{Implemented - untested}
-}
-
-\numtest{25}{
-\Reason{Fails for user with ``delete'' but not ``add.''}
-\Conditions{RPC}
-\Status{Implemented - untested}
-}
-
-\numtest{26}{
-\Priority{High}
-\Reason{Succeeds for user with ``add.''}
-\Status{Implemented}
-}
-
-\numtest{27}{
-\Reason{Succeeds for user with ``get'' and ``add.''}
-\Status{Implemented - untested}
-}
-
-\numtest{28}{
-\Reason{Rejects null policy argument.}
-\Status{Implemented - untested}
-}
-
-\numtest{29}{
-\Reason{Rejects pw_min_life greater than pw_max_life.}
-}
-
-\numtest{30}{
-\Priority{High}
-\Reason{Returns BAD_SERVER_HANDLE when a null server handle is passed in}
-\Status{Implemented}
-}
-
-\numtest{31}{
-\Priority{Low}
-\Reason{Connects to correct server when mutliple handles exist}
-\Conditions{RPC}
-}
-
-
-\section{ovsec_kadm_delete_policy}
-
-\numtest{1}{
-\Reason{Fails for null policy name.}
-}
-
-\numtest{2}{
-\Priority{High}
-\Reason{Fails for empty-string policy name.}
-\Status{Implemented}
-}
-
-\numtest{3}{
-\Reason{Fails for non-existent policy name.}
-}
-
-\numtest{4}{
-\Reason{Fails for bad policy name.}
-}
-
-\numtest{5}{
-\Priority{High}
-\Reason{Fails if caller connected with CHANGEPW_SERVICE.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{6}{
-\Priority{High}
-\Reason{Fails for user with no access bits.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{7}{
-\Priority{High}
-\Reason{Fails for user with ``add'' but not ``delete''.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{8}{
-\Reason{Fails for user with ``modify'' but not ``delete''.}
-\Conditions{RPC}
-}
-
-\numtest{9}{
-\Reason{Fails for user with ``get'' but not ``delete.''}
-\Conditions{RPC}
-}
-
-\numtest{10}{
-\Priority{High}
-\Reason{Succeeds for user with only ``delete''.}
-\Status{Implemented}
-}
-
-\numtest{11}{
-\Reason{Succeeds for user with ``delete'' and ``add''.}
-}
-
-\numtest{12}{
-\Priority{High}
-\Reason{Fails for policy with non-zero reference count.}
-\Status{Implemented}
-}
-
-\numtest{13}{
-\Priority{High}
-\Reason{Returns BAD_SERVER_HANDLE when a null server handle is passed in}
-\Status{Implemented}
-}
-
-\numtest{14}{
-\Priority{Low}
-\Reason{Connects to correct server when mutliple handles exist}
-\Conditions{RPC}
-}
-
-
-\section{ovsec_kadm_modify_policy}
-
-\numtest{1}{
-\Reason{Fails for mask with undefined bit set.}
-\Conditions{RPC}
-}
-
-\numtest{2}{
-\Priority{High}
-\Reason{Fails if caller connected with CHANGEPW_SERVICE.}
-\Status{Implemented}
-}
-
-\numtest{3}{
-\Reason{Fails for mask with POLICY bit set.}
-}
-
-\numtest{4}{
-\Reason{Fails for mask with REF_COUNT bit set.}
-\Status{Implemented}
-}
-
-\numtest{5}{
-\Reason{Fails for invalid policy name.}
-}
-
-\numtest{6}{
-\Reason{Fails for non-existent policy name.}
-}
-
-\numtest{7}{
-\Reason{Fails for null policy name.}
-}
-
-\numtest{8}{
-\Priority{High}
-\Reason{Fails for empty-string policy name.}
-\Status{Implemented}
-}
-
-\numtest{9}{
-\Priority{High}
-\Reason{Accepts 0 for pw_min_life.}
-\Status{Implemented}
-}
-
-\numtest{10}{
-\Priority{High}
-\Reason{Accepts non-zero for pw_min_life.}
-\Status{Implemented}
-}
-
-\numtest{11}{
-\Priority{High}
-\Reason{Accepts 0 for pw_max_life.}
-\Status{Implemented}
-}
-
-\numtest{12}{
-\Priority{High}
-\Reason{Accepts non-zero for pw_max_life.}
-\Status{Implemented}
-}
-
-\numtest{13}{
-\Priority{High}
-\Reason{Accepts 0 for pw_min_length.}
-\Status{Implemented}
-}
-
-\numtest{14}{
-\Priority{High}
-\Reason{Accepts non-zero for pw_min_length.}
-\Status{Implemented}
-}
-
-\numtest{15}{
-\Priority{High}
-\Reason{Rejects 0 for pw_min_classes.}
-\Status{Implemented}
-}
-
-\numtest{16}{
-\Priority{High}
-\Reason{Accepts 1 for pw_min_classes.}
-\Status{Implemented}
-}
-
-\numtest{17}{
-\Priority{High}
-\Reason{Accepts 4 for pw_min_classes.}
-\Status{Implemented}
-}
-
-\numtest{18}{
-\Priority{High}
-\Reason{Rejects 5 for pw_min_classes.}
-\Status{Implemented}
-}
-
-\numtest{19}{
-\Priority{High}
-\Reason{Rejects 0 for pw_history_num.}
-\Status{Implemented}
-}
-
-\numtest{20}{
-\Priority{High}
-\Reason{Accepts 1 for pw_history_num.}
-\Status{Implemented}
-}
-
-\numtest{21}{
-\Priority{High}
-\Reason{Accepts 10 for pw_history_num.}
-\Status{Implemented}
-}
-
-\numtest{22}{
-\Priority{High}
-\Reason{Fails for user with no access bits.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{23}{
-\Priority{High}
-\Reason{Fails for user with ``get'' but not ``modify''.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{24}{
-\Reason{Fails for user with ``add'' but not ``modify.''}
-\Conditions{RPC}
-}
-
-\numtest{25}{
-\Reason{Fails for user with ``delete'' but not ``modify.''}
-\Conditions{RPC}
-}
-
-\numtest{26}{
-\Priority{High}
-\Reason{Succeeds for user with ``modify.''}
-\Status{Implemented}
-}
-
-\numtest{27}{
-\Reason{Succeeds for user with ``get'' and ``modify.''}
-}
-
-\numtest{28}{
-\Reason{Rejects null policy argument.}
-}
-
-\numtest{29}{
-\Reason{Rejects change which makes pw_min_life greater than
- pw_max_life.}
-}
-
-\numtest{30}{
-\Priority{High}
-\Reason{Returns BAD_SERVER_HANDLE when a null server handle is passed in}
-\Status{Implemented}
-}
-
-\numtest{31}{
-\Priority{Low}
-\Reason{Connects to correct server when mutliple handles exist}
-\Conditions{RPC}
-}
-
-\section{ovsec_kadm_get_policy}
-
-\numtest{1}{
-\Reason{Fails for null policy.}
-}
-
-\numtest{2}{
-\Reason{Fails for invalid policy name.}
-}
-
-\numtest{3}{
-\Priority{High}
-\Reason{Fails for empty-string policy name.}
-\Status{Implemented}
-}
-
-\numtest{4}{
-\Reason{Fails for non-existent policy name.}
-}
-
-\numtest{5}{
-\Reason{Fails for null ent.}
-}
-
-\numtest{6}{
-\Priority{High}
-\Reason{Fails for user with no access bits trying to get other's
- policy, using ADMIN_SERVICE.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{7}{
-\Priority{High}
-\Reason{Fails for user with ``add'' but not ``get'' trying to get
- other's policy, using ADMIN_SERVICE.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{8}{
-\Reason{Fails for user with ``modify'' but not ``get'' trying to get
- other's policy, using ADMIN_SERVICE.}
-\Conditions{RPC}
-}
-
-\numtest{9}{
-\Reason{Fails for user with ``delete'' but not ``get'' trying to get
- other's policy, using ADMIN_SERVICE.}
-\Conditions{RPC}
-}
-
-\numtest{10}{
-\Reason{Fails for user with ``delete'' but not ``get'' trying to get
- other's policy, using CHANGEPW_SERVICE.}
-\Conditions{RPC}
-}
-
-\numtest{11}{
-\Priority{High}
-\Reason{Succeeds for user with only ``get'', trying to get own policy,
- using ADMIN_SERVICE.}
-\Status{Implemented}
-}
-
-\numtest{12}{
-\Priority{High}
-\Reason{Succeeds for user with only ``get'', trying to get own policy,
- using CHANGEPW_SERVICE.}
-\Status{Implemented}
-}
-
-\numtest{13}{
-\Reason{Succeeds for user with ``add'' and ``get'', trying to get own
- policy, using ADMIN_SERVICE.}
-}
-
-\numtest{14}{
-\Reason{Succeeds for user with ``add'' and ``get'', trying to get own
- policy, using CHANGEPW_SERVICE.}
-}
-
-\numtest{15}{
-\Reason{Succeeds for user without ``get'', trying to get own policy,
- using ADMIN_SERVICE.}
-}
-
-\numtest{16}{
-\Priority{High}
-\Reason{Succeeds for user without ``get'', trying to get own policy,
- using CHANGEPW_SERVICE.}
-\Status{Implemented}
-}
-
-\numtest{17}{
-\Priority{High}
-\Reason{Succeeds for user with ``get'', trying to get other's policy,
- using ADMIN_SERVICE.}
-\Status{Implemented}
-}
-
-\numtest{18}{
-\Priority{High}
-\Reason{Fails for user with ``get'', trying to get other's policy,
- using CHANGEPW_SERVICE.}
-\Conditions{RPC}
-\Status{Implemented}
-}
-
-\numtest{19}{
-\Reason{Succeeds for user with ``modify'' and ``get'', trying to get
- other's policy, using ADMIN_SERVICE.}
-}
-
-\numtest{20}{
-\Reason{Fails for user with ``modify'' and ``get'', trying to get
- other's policy, using CHANGEPW_SERVICE.}
-}
-
-\numtest{21}{
-\Priority{High}
-\Reason{Returns BAD_SERVER_HANDLE when a null server handle is passed in}
-\Status{Implemented}
-}
-
-\numtest{22}{
-\Priority{Low}
-\Reason{Connects to correct server when mutliple handles exist}
-\Conditions{RPC}
-}
-
-
-\section{ovsec_kadm_free_principal_ent}
-
-In addition to the tests listed here, a memory-leak detector such as
-TestCenter, Purify or dbmalloc should be used to verify that the
-memory freed by this function is really freed.
-
-\numtest{1}{
-\Reason{Null princ succeeds.}
-}
-
-\numtest{2}{
-\Reason{Non-null princ succeeds.}
-}
-
-
-\section{ovsec_kadm_free_policy_ent}
-
-In addition to the tests listed here, a memory-leak detector such as
-TestCenter, Purify or dbmalloc should be used to verify that the
-memory freed by this function is really freed.
-
-\numtest{1}{
-\Reason{Null policy succeeds.}
-}
-
-\numtest{2}{
-\Reason{Non-null policy succeeds.}
-}
-
-
-
-\section{ovsec_kadm_get_privs}
-
-\numtest{1}{
-\Reason{Fails for null pointer argument.}
-}
-
-This test should be run with the 16 possible combinations of access
-bits (since there are 4 access bits, there are $2^4 = 16$ possible
-combinations of them):
-
-\numtest{2}{
-\Priority{High}
-\Reason{Returns correct bit mask for access bits of user.}
-\Conditions{RPC}
-}
-
-This test should be run locally:
-
-\numtest{3}{
-\Priority{High}
-\Reason{Returns 0x0f.}
-\Conditions{local}
-}
-
-\end{document}
+++ /dev/null
-# $Source$
-# $Author$
-# $Id$
-#
-# Copyright 1991 by the Massachusetts Institute of Technology.
-# All Rights Reserved.
-#
-# Export of this software from the United States of America may
-# require a specific license from the United States Government.
-# It is the responsibility of any person or organization contemplating
-# export to obtain such a license before exporting.
-#
-# WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-# distribute this software and its documentation for any purpose and
-# without fee is hereby granted, provided that the above copyright
-# notice appear in all copies and that both that copyright notice and
-# this permission notice appear in supporting documentation, and that
-# the name of M.I.T. not be used in advertising or publicity pertaining
-# to distribution of the software without specific, written prior
-# permission. M.I.T. makes no representations about the suitability of
-# this software for any purpose. It is provided "as is" without express
-# or implied warranty.
-#
-#
-
-# Options are:
-# BIND43 - If you are using BSD 4.3 domain
-# name service.
-# DEBUG - Include the debugging code. Note: You
-# still have to use the -d or -t flag to
-# enable debugging.
-# HAVE_VSPRINTF - If the vsprintf functions are
-# available
-# on your system.
-# SYSLOG42 - For BSD 4.2 syslog (default is BSD 4.3
-# syslog).
-# STRNCASECMP - If you do not have strncasecmp()
-# KERBEROS - If you want authentication vis Kerberos
-# (tom)
-# KERBEROS_PASSWD_HACK - Use popper as passwd server
-# NOSTATUS - Don't create a Mail(1)-like
-# Status: header
-
-#if defined(OS_BSD_RENO) || defined(OS_Ultrix) || defined(OS_SunOS4) || defined(OS_BSD)
-BINDDEF=-DBIND43
-#else
-/* assume it's not there; not really critical since we are using Kerberos to
- beef up the normal IP-address checking stuff */
-BINDDEF=
-#endif
-
-#if 0
-
-/* Zephyr stuff not needed yet, since spop isn't done yet. */
-DEFINES = -DHAVE_VSPRINTF -DKERBEROS -DKRB5 -DNOSTATUS -DDEBUG $(BINDDEF) $(ZEPHDEFS)
-LOCAL_LIBRARIES = $(ZEPHLIBS) $(KLIB)
-DEP_LIBS= $(ZEPHDEPLIB) $(DEPKLIB)
-
-#else
-
-DEFINES = -DHAVE_VSPRINTF -DKERBEROS -DKRB5 -DNOSTATUS -DDEBUG $(BINDDEF)
-LOCAL_LIBRARIES = $(KLIB)
-DEP_LIBS= $(DEPKLIB)
-
-#endif
-OBJS = pop_dele.o pop_dropcopy.o pop_dropinfo.o \
- pop_get_command.o pop_get_subcommand.o pop_init.o \
- pop_last.o pop_list.o pop_log.o pop_lower.o \
- pop_msg.o pop_parse.o pop_pass.o pop_quit.o \
- pop_rset.o pop_send.o pop_stat.o pop_updt.o \
- pop_user.o pop_xtnd.o pop_xmit.o popper.o
-SRCS = pop_dele.c pop_dropcopy.c pop_dropinfo.c \
- pop_get_command.c pop_get_subcommand.c pop_init.c \
- pop_last.c pop_list.c pop_log.c pop_lower.c \
- pop_msg.c pop_parse.c pop_pass.c pop_quit.c \
- pop_rset.c pop_send.c pop_stat.c pop_updt.c \
- pop_user.c pop_xtnd.c pop_xmit.c popper.c $(SPOP_SRCS)
-#if 0
-SPOP_OBJS = pop_enter.o
-SPOP_SRCS = pop_enter.c
-#endif
-
-all:: popper
-
-NormalProgramTarget(popper,$(OBJS),$(DEP_LIBS),$(LOCAL_LIBRARIES),)
-Krb5InstallServerProgram(popper)
-
-#if 0
-NormalProgramTarget(spop,$(SPOP_OBJS),$(DEP_LIBS),$(LOCAL_LIBRARIES),)
-Krb5InstallServerProgram(spop)
-#endif
-
-DependTarget()
+++ /dev/null
-/*
- * include/krb5.h
- *
- * Copyright 1989,1990,1995 by the Massachusetts Institute of Technology.
- * All Rights Reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- *
- *
- * General definitions for Kerberos version 5.
- */
-
-#ifndef KRB5_GENERAL__
-#define KRB5_GENERAL__
-
-#ifdef _MSDOS
-
-#define SIZEOF_INT 2
-#define SIZEOF_LONG 4
-
-#ifndef KRB5_CONFIG__
-#define KRB5_PROVIDE_PROTOTYPES
-#define HAS_VOID_TYPE
-#define HAVE_STDARG_H
-#ifndef INTERFACE
-#define INTERFACE __far __export __pascal
-#define INTERFACE_C __far __export __cdecl
-#endif /* !INTERFACE */
-#define FAR _far
-#define NEAR _near
-#ifndef _SIZE_T_DEFINED
-typedef unsigned int size_t;
-#define _SIZE_T_DEFINED
-#endif /* !_SIZE_T_DEFINED */
-#ifndef KRB5_SYSTYPES__
-#define KRB5_SYSTYPES__
-#include <sys/types.h>
-typedef unsigned long u_long; /* Not part of sys/types.h on the pc */
-typedef unsigned int u_int;
-typedef unsigned short u_short;
-typedef unsigned char u_char;
-#endif /* KRB5_SYSTYPES__ */
-
-#endif /* !KRB5_CONFIG */
-#else /* !_MSDOS */
-#ifndef KRB5_CONFIG__
-#define INTERFACE
-#define INTERFACE_C
-#define FAR
-#define NEAR
-#endif /* !KRB5_CONFIG__ */
-#ifdef HAS_SYS_TYPES
-#include <sys/types.h>
-#endif
-#endif /* _MSDOS */
-
-/*
- * begin wordsize.h
- */
-
-/*
- * Word-size related definition.
- */
-
-typedef unsigned char krb5_octet;
-typedef unsigned char krb5_ui_1;
-
-#if (SIZEOF_INT == 2)
-typedef int krb5_int16;
-typedef unsigned int krb5_ui_2;
-#define VALID_INT_BITS 0x7fff
-#define VALID_UINT_BITS 0xffff
-#elif (SIZEOF_SHORT == 2)
-typedef short krb5_int16;
-typedef unsigned short krb5_ui_2;
-#else
- ?==error: undefined 16 bit type
-#endif
-
-#if (SIZEOF_INT == 4)
-typedef int krb5_int32;
-typedef unsigned int krb5_ui_4;
-#define VALID_INT_BITS 0x7fffffff
-#define VALID_UINT_BITS 0xffffffff
-#elif (SIZEOF_LONG == 4)
-typedef long krb5_int32;
-typedef unsigned long krb5_ui_4;
-#elif (SIZEOF_SHORT == 4)
-typedef short krb5_int32;
-typedef unsigned short krb5_ui_4;
-#else
- ?== error: undefined 32 bit type
-#endif
-
-#define KRB5_INT32_MAX 2147483647
-/* this strange form is necessary since - is a unary operator, not a sign
- indicator */
-#define KRB5_INT32_MIN (-KRB5_INT32_MAX-1)
-
-/*
- * end wordsize.h
- */
-
-/*
- * begin "base-defs.h"
- */
-
-/*
- * Basic definitions for Kerberos V5 library
- */
-
-#ifndef FALSE
-#define FALSE 0
-#endif
-#ifndef TRUE
-#define TRUE 1
-#endif
-
-typedef unsigned int krb5_boolean;
-typedef unsigned int krb5_msgtype;
-typedef unsigned int krb5_kvno;
-
-typedef unsigned int krb5_addrtype;
-typedef unsigned int krb5_keytype;
-typedef unsigned int krb5_enctype;
-typedef unsigned int krb5_cksumtype;
-typedef unsigned int krb5_authdatatype;
-
-typedef krb5_int32 krb5_preauthtype; /* This may change, later on */
-typedef krb5_int32 krb5_flags;
-typedef krb5_int32 krb5_timestamp;
-typedef krb5_int32 krb5_error_code;
-typedef krb5_int32 krb5_deltat;
-
-typedef krb5_error_code krb5_magic;
-
-typedef struct _krb5_data {
- krb5_magic magic;
- int length;
- char FAR *data;
-} krb5_data;
-
-/* Define krb5_const as necessary */
-
-/*
- * Hardcoded scrudge to deal with Ultrix; see note on NPROTOTYPE below
- */
-
-#if defined(KRB5_NO_CONST) || (defined(__ultrix) && !defined(__GNUC__))
-#define krb5_const
-#else
-#define krb5_const const
-#endif
-
-#if defined(__STDC__) || defined(HAS_VOID_TYPE) || defined(_WINDOWS)
-typedef void FAR * krb5_pointer;
-typedef void krb5_const FAR * krb5_const_pointer;
-#else
-typedef char FAR * krb5_pointer;
-typedef char krb5_const FAR * krb5_const_pointer;
-#endif
-
-#if (defined(__STDC__) || defined(_WINDOWS) || defined(KRB5_PROVIDE_PROTOTYPES)) && !defined(KRB5_NO_PROTOTYPES)
-#define KRB5_PROTOTYPE(x) x
-#if defined(__STDC__) || defined(HAVE_STDARG_H) || defined(_WINDOWS)
-#define KRB5_STDARG_P(x) x
-#else
-#define KRB5_STDARG_P(x) ()
-#endif /* defined(__STDC__) || defined(HAVE_STDARG_H) */
-#else
-#define KRB5_PROTOTYPE(x) ()
-#define KRB5_STDARG_P(x) ()
-#endif /* STDC or PROTOTYPES */
-
-/*
- * This gross compiler dependency is in here because the stock Ultrix
- * compiler defines __STDC__ but doesn't deal with nested prototypes
- * properly. The reason this isn't tested for is so that this header
- * is actually useful when installed.
- */
-#if defined(KRB5_NO_NESTED_PROTOTYPES) || (defined(__ultrix) && !defined(__GNUC__))
-#define KRB5_NPROTOTYPE(x) ()
-#else
-#define KRB5_NPROTOTYPE(x) KRB5_PROTOTYPE(x)
-#endif
-
-typedef struct krb5_principal_data {
- krb5_magic magic;
- krb5_data realm;
- krb5_data FAR *data; /* An array of strings */
- krb5_int32 length;
- krb5_int32 type;
-} krb5_principal_data;
-
-typedef krb5_principal_data FAR * krb5_principal;
-
-/*
- * Per V5 spec on definition of principal types
- */
-
-/* Name type not known */
-#define KRB5_NT_UNKNOWN 0
-/* Just the name of the principal as in DCE, or for users */
-#define KRB5_NT_PRINCIPAL 1
-/* Service and other unique instance (krbtgt) */
-#define KRB5_NT_SRV_INST 2
-/* Service with host name as instance (telnet, rcommands) */
-#define KRB5_NT_SRV_HST 3
-/* Service with host as remaining components */
-#define KRB5_NT_SRV_XHST 4
-/* Unique ID */
-#define KRB5_NT_UID 5
-
-/* constant version thereof: */
-typedef krb5_const krb5_principal_data FAR *krb5_const_principal;
-
-#define krb5_princ_realm(context, princ) (&(princ)->realm)
-#define krb5_princ_set_realm(context, princ,value) ((princ)->realm = *(value))
-#define krb5_princ_set_realm_length(context, princ,value) (princ)->realm.length = (value)
-#define krb5_princ_set_realm_data(context, princ,value) (princ)->realm.data = (value)
-#define krb5_princ_size(context, princ) (princ)->length
-#define krb5_princ_type(context, princ) (princ)->type
-#define krb5_princ_name(context, princ) (princ)->data
-#define krb5_princ_component(context, princ,i) ((princ)->data + i)
-
-/*
- * end "base-defs.h"
- */
-
-/*
- * begin "hostaddr.h"
- */
-
-/* structure for address */
-typedef struct _krb5_address {
- krb5_magic magic;
- krb5_addrtype addrtype;
- int length;
- krb5_octet FAR *contents;
-} krb5_address;
-
-/* per Kerberos v5 protocol spec */
-#define ADDRTYPE_INET 0x0002
-#define ADDRTYPE_CHAOS 0x0005
-#define ADDRTYPE_XNS 0x0006
-#define ADDRTYPE_ISO 0x0007
-#define ADDRTYPE_DDP 0x0010
-/* not yet in the spec... */
-#define ADDRTYPE_ADDRPORT 0x0100
-#define ADDRTYPE_IPPORT 0x0101
-
-/* macros to determine if a type is a local type */
-#define ADDRTYPE_IS_LOCAL(addrtype) (addrtype & 0x8000)
-
-/*
- * end "hostaddr.h"
- */
-
-
-struct _krb5_context;
-typedef struct _krb5_context FAR * krb5_context;
-
-struct _krb5_auth_context;
-typedef struct _krb5_auth_context FAR * krb5_auth_context;
-
-/*
- * begin "encryption.h"
- */
-
-typedef struct _krb5_keyblock {
- krb5_magic magic;
- krb5_keytype keytype;
- krb5_enctype etype; /* hint of what encryption type to use */
- int length;
- krb5_octet FAR *contents;
-} krb5_keyblock;
-
-typedef struct _krb5_checksum {
- krb5_magic magic;
- krb5_cksumtype checksum_type; /* checksum type */
- int length;
- krb5_octet FAR *contents;
-} krb5_checksum;
-
-typedef struct _krb5_encrypt_block {
- krb5_magic magic;
- struct _krb5_cryptosystem_entry FAR *crypto_entry;
- krb5_keyblock FAR *key;
- krb5_pointer priv; /* for private use, e.g. DES
- key schedules */
- krb5_int32 priv_size; /* Size of private data */
-} krb5_encrypt_block;
-
-typedef struct _krb5_enc_data {
- krb5_magic magic;
- krb5_enctype etype;
- krb5_kvno kvno;
- krb5_data ciphertext;
-} krb5_enc_data;
-
-/* could be used in a table to find an etype and initialize a block */
-typedef struct _krb5_cryptosystem_entry {
- krb5_magic magic;
- krb5_error_code (*encrypt_func) KRB5_NPROTOTYPE(( krb5_const_pointer /* in */,
- krb5_pointer /* out */,
- krb5_const size_t,
- krb5_encrypt_block FAR *,
- krb5_pointer));
- krb5_error_code (*decrypt_func) KRB5_NPROTOTYPE(( krb5_const_pointer /* in */,
- krb5_pointer /* out */,
- krb5_const size_t,
- krb5_encrypt_block FAR *,
- krb5_pointer));
- krb5_error_code (*process_key) KRB5_NPROTOTYPE(( krb5_encrypt_block FAR *,
- krb5_const krb5_keyblock FAR *));
- krb5_error_code (*finish_key) KRB5_NPROTOTYPE(( krb5_encrypt_block FAR *));
- krb5_error_code (*string_to_key) KRB5_NPROTOTYPE((krb5_const krb5_encrypt_block FAR *,
- krb5_const krb5_keytype,
- krb5_keyblock FAR *,
- krb5_const krb5_data FAR *,
- krb5_const krb5_data FAR *));
- krb5_error_code (*init_random_key) KRB5_NPROTOTYPE((krb5_const krb5_keyblock FAR *,
- krb5_pointer FAR *));
- krb5_error_code (*finish_random_key) KRB5_NPROTOTYPE(( krb5_pointer FAR *));
- krb5_error_code (*random_key) KRB5_NPROTOTYPE(( krb5_const krb5_encrypt_block FAR *,
- krb5_pointer,
- krb5_keyblock FAR * FAR *));
- int block_length;
- int pad_minimum; /* needed for cksum size computation */
- int keysize;
- krb5_enctype proto_enctype; /* encryption type,
- (assigned protocol number AND
- table index) */
- krb5_keytype proto_keytype; /* key type,
- (assigned protocol number AND
- table index) */
-} krb5_cryptosystem_entry;
-
-typedef struct _krb5_cs_table_entry {
- krb5_magic magic;
- krb5_cryptosystem_entry FAR *system;
- krb5_pointer random_sequence; /* from init_random_key() */
-} krb5_cs_table_entry;
-
-/* could be used in a table to find a sumtype */
-typedef krb5_error_code (*SUM_FUNC) KRB5_NPROTOTYPE (
- (krb5_pointer /* in */,
- size_t /* in_length */,
- krb5_pointer /* key/seed */,
- size_t /* key/seed size */,
- krb5_checksum FAR * /* out_cksum */));
-
-typedef krb5_error_code (*SUM_VERF_FUNC) KRB5_NPROTOTYPE (
- (krb5_checksum FAR * /* out_cksum */,
- krb5_pointer /* in */,
- size_t /* in_length */,
- krb5_pointer /* key/seed */,
- size_t /* key/seed size */));
-
-typedef struct _krb5_checksum_entry {
- krb5_magic magic;
- SUM_FUNC sum_func; /* Checksum generator */
- SUM_VERF_FUNC sum_verf_func; /* Verifier of checksum */
- int checksum_length; /* length of stuff returned by
- sum_func */
- unsigned int is_collision_proof:1;
- unsigned int uses_key:1;
-} krb5_checksum_entry;
-
-/* per Kerberos v5 protocol spec */
-#define KEYTYPE_NULL 0x0000
-#define KEYTYPE_DES 0x0001 /* Data Encryption Standard,
- FIPS 46,81 */
-#define KEYTYPE_UNKNOWN 0x01ff
-
-#define ETYPE_NULL 0x0000
-#define ETYPE_DES_CBC_CRC 0x0001 /* DES cbc mode with CRC-32 */
-#define ETYPE_DES_CBC_MD4 0x0002 /* DES cbc mode with RSA-MD4 */
-#define ETYPE_DES_CBC_MD5 0x0003 /* DES cbc mode with RSA-MD5 */
-#define ETYPE_RAW_DES_CBC 0x0004 /* Raw DES cbc mode */
-
-#define ETYPE_UNKNOWN 0x1FF /* Reserved local value */
-
-#define CKSUMTYPE_CRC32 0x0001
-#define CKSUMTYPE_RSA_MD4 0x0002
-#define CKSUMTYPE_RSA_MD4_DES 0x0003
-#define CKSUMTYPE_DESCBC 0x0004
-/* des-mac-k */
-/* rsa-md4-des-k */
-#define CKSUMTYPE_RSA_MD5 0x0007
-#define CKSUMTYPE_RSA_MD5_DES 0x0008
-
-#ifndef krb5_roundup
-/* round x up to nearest multiple of y */
-#define krb5_roundup(x, y) ((((x) + (y) - 1)/(y))*(y))
-#endif /* roundup */
-
-/* macro function definitions to help clean up code */
-#define krb5_encrypt_size(length, crypto) \
- krb5_roundup((length)+(crypto)->pad_minimum, (crypto)->block_length)
-
-/* This array is indexed by encryption type */
-extern krb5_cs_table_entry * NEAR krb5_csarray[];
-extern int krb5_max_cryptosystem; /* max entry in array */
-
-/* This array is indexed by key type, and has (should have) pointers to
- the same entries as krb5_csarray */
-/* XXX what if a given keytype works for several etypes? */
-extern krb5_cs_table_entry * NEAR krb5_keytype_array[];
-extern int krb5_max_keytype; /* max entry in array */
-
-/* This array is indexed by checksum type */
-extern krb5_checksum_entry * NEAR krb5_cksumarray[];
-extern int krb5_max_cksum; /* max entry in array */
-
-#define valid_etype(etype) ((((int) (etype)) <= krb5_max_cryptosystem) && ((etype) > 0) && krb5_csarray[etype])
-
-#define valid_keytype(ktype) ((((int) (ktype)) <= krb5_max_keytype) && ((ktype) > 0) && krb5_keytype_array[ktype])
-
-#define valid_cksumtype(cktype) ((((int) (cktype)) <= krb5_max_cksum) && ((cktype) > 0) && krb5_cksumarray[cktype])
-
-#define is_coll_proof_cksum(cktype) (krb5_cksumarray[cktype]->is_collision_proof)
-#define is_keyed_cksum(cktype) (krb5_cksumarray[cktype]->uses_key)
-
-/* set up *eblockp to use etype */
-#define krb5_use_cstype(context, eblockp, etype) (eblockp)->crypto_entry = krb5_csarray[(etype)]->system
-/* ...or keytype */
-#define krb5_use_keytype(context, eblockp, keytype) (eblockp)->crypto_entry = krb5_keytype_array[(keytype)]->system
-
-#define krb5_encrypt(context, inptr, outptr, size, eblock, ivec) (*(eblock)->crypto_entry->encrypt_func)(inptr, outptr, size, eblock, ivec)
-#define krb5_decrypt(context, inptr, outptr, size, eblock, ivec) (*(eblock)->crypto_entry->decrypt_func)(inptr, outptr, size, eblock, ivec)
-#define krb5_process_key(context, eblock, key) (*(eblock)->crypto_entry->process_key)(eblock, key)
-#define krb5_finish_key(context, eblock) (*(eblock)->crypto_entry->finish_key)(eblock)
-#define krb5_string_to_key(context, eblock, keytype, keyblock, data, princ) (*(eblock)->crypto_entry->string_to_key)(eblock, keytype, keyblock, data, princ)
-#define krb5_init_random_key(context, eblock, keyblock, ptr) (*(eblock)->crypto_entry->init_random_key)(keyblock, ptr)
-#define krb5_finish_random_key(context, eblock, ptr) (*(eblock)->crypto_entry->finish_random_key)(ptr)
-#define krb5_random_key(context, eblock, ptr, keyblock) (*(eblock)->crypto_entry->random_key)(eblock, ptr, keyblock)
-
-#define krb5_eblock_keytype(context, eblockp) ((eblockp)->crypto_entry->proto_keytype)
-#define krb5_eblock_enctype(context, eblockp) ((eblockp)->crypto_entry->proto_enctype)
-
-/*
- * Here's the stuff for the checksum switch:
- */
-#define krb5_checksum_size(context, ctype) (krb5_cksumarray[ctype]->checksum_length)
-#define krb5_calculate_checksum(context, ctype, in, in_length, seed, seed_length, outcksum) ((*krb5_cksumarray[ctype]->sum_func)(in, in_length, seed, seed_length, outcksum))
-#define krb5_verify_checksum(context, ctype, cksum, in, in_length, seed, seed_length) ((*krb5_cksumarray[ctype]->sum_verf_func)(cksum, in, in_length, seed, seed_length))
-
-/*
- * end "encryption.h"
- */
-
-/*
- * begin "fieldbits.h"
- */
-
-/* kdc_options for kdc_request */
-/* options is 32 bits; each host is responsible to put the 4 bytes
- representing these bits into net order before transmission */
-/* #define KDC_OPT_RESERVED 0x80000000 */
-#define KDC_OPT_FORWARDABLE 0x40000000
-#define KDC_OPT_FORWARDED 0x20000000
-#define KDC_OPT_PROXIABLE 0x10000000
-#define KDC_OPT_PROXY 0x08000000
-#define KDC_OPT_ALLOW_POSTDATE 0x04000000
-#define KDC_OPT_POSTDATED 0x02000000
-/* #define KDC_OPT_UNUSED 0x01000000 */
-#define KDC_OPT_RENEWABLE 0x00800000
-/* #define KDC_OPT_UNUSED 0x00400000 */
-/* #define KDC_OPT_RESERVED 0x00200000 */
-/* #define KDC_OPT_RESERVED 0x00100000 */
-/* #define KDC_OPT_RESERVED 0x00080000 */
-/* #define KDC_OPT_RESERVED 0x00040000 */
-/* #define KDC_OPT_RESERVED 0x00020000 */
-/* #define KDC_OPT_RESERVED 0x00010000 */
-/* #define KDC_OPT_RESERVED 0x00008000 */
-/* #define KDC_OPT_RESERVED 0x00004000 */
-/* #define KDC_OPT_RESERVED 0x00002000 */
-/* #define KDC_OPT_RESERVED 0x00001000 */
-/* #define KDC_OPT_RESERVED 0x00000800 */
-/* #define KDC_OPT_RESERVED 0x00000400 */
-/* #define KDC_OPT_RESERVED 0x00000200 */
-/* #define KDC_OPT_RESERVED 0x00000100 */
-/* #define KDC_OPT_RESERVED 0x00000080 */
-/* #define KDC_OPT_RESERVED 0x00000040 */
-/* #define KDC_OPT_RESERVED 0x00000020 */
-#define KDC_OPT_RENEWABLE_OK 0x00000010
-#define KDC_OPT_ENC_TKT_IN_SKEY 0x00000008
-/* #define KDC_OPT_UNUSED 0x00000004 */
-#define KDC_OPT_RENEW 0x00000002
-#define KDC_OPT_VALIDATE 0x00000001
-
-/*
- * Mask of ticket flags in the TGT which should be converted into KDC
- * options when using the TGT to get derivitive tickets.
- *
- * New mask = KDC_OPT_FORWARDABLE | KDC_OPT_PROXIABLE |
- * KDC_OPT_ALLOW_POSTDATE | KDC_OPT_RENEWABLE
- */
-#define KDC_TKT_COMMON_MASK 0x54800000
-
-/* definitions for ap_options fields */
-/* ap_options are 32 bits; each host is responsible to put the 4 bytes
- representing these bits into net order before transmission */
-#define AP_OPTS_RESERVED 0x80000000
-#define AP_OPTS_USE_SESSION_KEY 0x40000000
-#define AP_OPTS_MUTUAL_REQUIRED 0x20000000
-/* #define AP_OPTS_RESERVED 0x10000000 */
-/* #define AP_OPTS_RESERVED 0x08000000 */
-/* #define AP_OPTS_RESERVED 0x04000000 */
-/* #define AP_OPTS_RESERVED 0x02000000 */
-/* #define AP_OPTS_RESERVED 0x01000000 */
-/* #define AP_OPTS_RESERVED 0x00800000 */
-/* #define AP_OPTS_RESERVED 0x00400000 */
-/* #define AP_OPTS_RESERVED 0x00200000 */
-/* #define AP_OPTS_RESERVED 0x00100000 */
-/* #define AP_OPTS_RESERVED 0x00080000 */
-/* #define AP_OPTS_RESERVED 0x00040000 */
-/* #define AP_OPTS_RESERVED 0x00020000 */
-/* #define AP_OPTS_RESERVED 0x00010000 */
-/* #define AP_OPTS_RESERVED 0x00008000 */
-/* #define AP_OPTS_RESERVED 0x00004000 */
-/* #define AP_OPTS_RESERVED 0x00002000 */
-/* #define AP_OPTS_RESERVED 0x00001000 */
-/* #define AP_OPTS_RESERVED 0x00000800 */
-/* #define AP_OPTS_RESERVED 0x00000400 */
-/* #define AP_OPTS_RESERVED 0x00000200 */
-/* #define AP_OPTS_RESERVED 0x00000100 */
-/* #define AP_OPTS_RESERVED 0x00000080 */
-/* #define AP_OPTS_RESERVED 0x00000040 */
-/* #define AP_OPTS_RESERVED 0x00000020 */
-/* #define AP_OPTS_RESERVED 0x00000010 */
-/* #define AP_OPTS_RESERVED 0x00000008 */
-/* #define AP_OPTS_RESERVED 0x00000004 */
-/* #define AP_OPTS_RESERVED 0x00000002 */
-#define AP_OPTS_USE_SUBKEY 0x00000001
-
-#define AP_OPTS_WIRE_MASK 0xfffffff0
-
-/* definitions for ad_type fields. */
-#define AD_TYPE_RESERVED 0x8000
-#define AD_TYPE_EXTERNAL 0x4000
-#define AD_TYPE_REGISTERED 0x2000
-
-#define AD_TYPE_FIELD_TYPE_MASK 0x1fff
-
-/* Ticket flags */
-/* flags are 32 bits; each host is responsible to put the 4 bytes
- representing these bits into net order before transmission */
-/* #define TKT_FLG_RESERVED 0x80000000 */
-#define TKT_FLG_FORWARDABLE 0x40000000
-#define TKT_FLG_FORWARDED 0x20000000
-#define TKT_FLG_PROXIABLE 0x10000000
-#define TKT_FLG_PROXY 0x08000000
-#define TKT_FLG_MAY_POSTDATE 0x04000000
-#define TKT_FLG_POSTDATED 0x02000000
-#define TKT_FLG_INVALID 0x01000000
-#define TKT_FLG_RENEWABLE 0x00800000
-#define TKT_FLG_INITIAL 0x00400000
-#define TKT_FLG_PRE_AUTH 0x00200000
-#define TKT_FLG_HW_AUTH 0x00100000
-/* #define TKT_FLG_RESERVED 0x00080000 */
-/* #define TKT_FLG_RESERVED 0x00040000 */
-/* #define TKT_FLG_RESERVED 0x00020000 */
-/* #define TKT_FLG_RESERVED 0x00010000 */
-/* #define TKT_FLG_RESERVED 0x00008000 */
-/* #define TKT_FLG_RESERVED 0x00004000 */
-/* #define TKT_FLG_RESERVED 0x00002000 */
-/* #define TKT_FLG_RESERVED 0x00001000 */
-/* #define TKT_FLG_RESERVED 0x00000800 */
-/* #define TKT_FLG_RESERVED 0x00000400 */
-/* #define TKT_FLG_RESERVED 0x00000200 */
-/* #define TKT_FLG_RESERVED 0x00000100 */
-/* #define TKT_FLG_RESERVED 0x00000080 */
-/* #define TKT_FLG_RESERVED 0x00000040 */
-/* #define TKT_FLG_RESERVED 0x00000020 */
-/* #define TKT_FLG_RESERVED 0x00000010 */
-/* #define TKT_FLG_RESERVED 0x00000008 */
-/* #define TKT_FLG_RESERVED 0x00000004 */
-/* #define TKT_FLG_RESERVED 0x00000002 */
-/* #define TKT_FLG_RESERVED 0x00000001 */
-
-/* definitions for lr_type fields. */
-#define LR_TYPE_THIS_SERVER_ONLY 0x8000
-
-#define LR_TYPE_INTERPRETATION_MASK 0x7fff
-
-/* definitions for ad_type fields. */
-#define AD_TYPE_EXTERNAL 0x4000
-#define AD_TYPE_REGISTERED 0x2000
-
-#define AD_TYPE_FIELD_TYPE_MASK 0x1fff
-#define AD_TYPE_INTERNAL_MASK 0x3fff
-
-/* definitions for msec direction bit for KRB_SAFE, KRB_PRIV */
-#define MSEC_DIRBIT 0x8000
-#define MSEC_VAL_MASK 0x7fff
-
-/*
- * end "fieldbits.h"
- */
-
-/*
- * begin "proto.h"
- */
-
-/* Protocol version number */
-#define KRB5_PVNO 5
-
-/* Message types */
-
-#define KRB5_AS_REQ ((krb5_msgtype)10) /* Req for initial authentication */
-#define KRB5_AS_REP ((krb5_msgtype)11) /* Response to KRB_AS_REQ request */
-#define KRB5_TGS_REQ ((krb5_msgtype)12) /* TGS request to server */
-#define KRB5_TGS_REP ((krb5_msgtype)13) /* Response to KRB_TGS_REQ req */
-#define KRB5_AP_REQ ((krb5_msgtype)14) /* application request to server */
-#define KRB5_AP_REP ((krb5_msgtype)15) /* Response to KRB_AP_REQ_MUTUAL */
-#define KRB5_SAFE ((krb5_msgtype)20) /* Safe application message */
-#define KRB5_PRIV ((krb5_msgtype)21) /* Private application message */
-#define KRB5_CRED ((krb5_msgtype)22) /* Credential forwarding message */
-#define KRB5_ERROR ((krb5_msgtype)30) /* Error response */
-
-/* LastReq types */
-#define KRB5_LRQ_NONE 0
-#define KRB5_LRQ_ALL_LAST_TGT 1
-#define KRB5_LRQ_ONE_LAST_TGT (-1)
-#define KRB5_LRQ_ALL_LAST_INITIAL 2
-#define KRB5_LRQ_ONE_LAST_INITIAL (-2)
-#define KRB5_LRQ_ALL_LAST_TGT_ISSUED 3
-#define KRB5_LRQ_ONE_LAST_TGT_ISSUED (-3)
-#define KRB5_LRQ_ALL_LAST_RENEWAL 4
-#define KRB5_LRQ_ONE_LAST_RENEWAL (-4)
-#define KRB5_LRQ_ALL_LAST_REQ 5
-#define KRB5_LRQ_ONE_LAST_REQ (-5)
-
-/* PADATA types */
-#define KRB5_PADATA_NONE 0
-#define KRB5_PADATA_AP_REQ 1
-#define KRB5_PADATA_TGS_REQ KRB5_PADATA_AP_REQ
-#define KRB5_PADATA_ENC_TIMESTAMP 2
-#define KRB5_PADATA_PW_SALT 3
-#if 0 /* Not used */
-#define KRB5_PADATA_ENC_ENCKEY 4 /* Key encrypted within itself */
-#endif
-#define KRB5_PADATA_ENC_UNIX_TIME 5 /* timestamp encrypted in key */
-#define KRB5_PADATA_ENC_SANDIA_SECURID 6 /* SecurId passcode */
-#define KRB5_PADATA_SESAME 7 /* Sesame project */
-#define KRB5_PADATA_OSF_DCE 8 /* OSF DCE */
-
-/* Reserved for SPX pre-authentication. */
-#define KRB5_PADATA_DASS 16
-
-/* Transited encoding types */
-#define KRB5_DOMAIN_X500_COMPRESS 1
-
-/* alternate authentication types */
-#define KRB5_ALTAUTH_ATT_CHALLENGE_RESPONSE 64
-
-/* authorization data types */
-#define KRB5_AUTHDATA_OSF_DCE 64
-#define KRB5_AUTHDATA_SESAME 65
-
-/*
- * end "proto.h"
- */
-
-/*
- * begin "error_def.h"
- */
-
-#include <errno.h>
-
-/*
- * end "error_def.h"
- */
-
-/* Time set */
-typedef struct _krb5_ticket_times {
- krb5_timestamp authtime; /* XXX ? should ktime in KDC_REP == authtime
- in ticket? otherwise client can't get this */
- krb5_timestamp starttime; /* optional in ticket, if not present,
- use authtime */
- krb5_timestamp endtime;
- krb5_timestamp renew_till;
-} krb5_ticket_times;
-
-/* structure for auth data */
-typedef struct _krb5_authdata {
- krb5_magic magic;
- krb5_authdatatype ad_type;
- int length;
- krb5_octet FAR *contents;
-} krb5_authdata;
-
-/* structure for transited encoding */
-typedef struct _krb5_transited {
- krb5_magic magic;
- krb5_octet tr_type;
- krb5_data tr_contents;
-} krb5_transited;
-
-typedef struct _krb5_enc_tkt_part {
- krb5_magic magic;
- /* to-be-encrypted portion */
- krb5_flags flags; /* flags */
- krb5_keyblock FAR *session; /* session key: includes keytype */
- krb5_principal client; /* client name/realm */
- krb5_transited transited; /* list of transited realms */
- krb5_ticket_times times; /* auth, start, end, renew_till */
- krb5_address FAR * FAR *caddrs; /* array of ptrs to addresses */
- krb5_authdata FAR * FAR *authorization_data; /* auth data */
-} krb5_enc_tkt_part;
-
-typedef struct _krb5_ticket {
- krb5_magic magic;
- /* cleartext portion */
- krb5_principal server; /* server name/realm */
- krb5_enc_data enc_part; /* encryption type, kvno, encrypted
- encoding */
- krb5_enc_tkt_part FAR *enc_part2; /* ptr to decrypted version, if
- available */
-} krb5_ticket;
-
-/* the unencrypted version */
-typedef struct _krb5_authenticator {
- krb5_magic magic;
- krb5_principal client; /* client name/realm */
- krb5_checksum FAR *checksum; /* checksum, includes type, optional */
- krb5_int32 cusec; /* client usec portion */
- krb5_timestamp ctime; /* client sec portion */
- krb5_keyblock FAR *subkey; /* true session key, optional */
- krb5_int32 seq_number; /* sequence #, optional */
- krb5_authdata FAR * FAR *authorization_data; /* New add by Ari, auth data */
-} krb5_authenticator;
-
-typedef struct _krb5_tkt_authent {
- krb5_magic magic;
- krb5_ticket FAR *ticket;
- krb5_authenticator FAR *authenticator;
- krb5_flags ap_options;
-} krb5_tkt_authent;
-
-/* credentials: Ticket, session key, etc. */
-typedef struct _krb5_creds {
- krb5_magic magic;
- krb5_principal client; /* client's principal identifier */
- krb5_principal server; /* server's principal identifier */
- krb5_keyblock keyblock; /* session encryption key info */
- krb5_ticket_times times; /* lifetime info */
- krb5_boolean is_skey; /* true if ticket is encrypted in
- another ticket's skey */
- krb5_flags ticket_flags; /* flags in ticket */
- krb5_address FAR * FAR *addresses; /* addrs in ticket */
- krb5_data ticket; /* ticket string itself */
- krb5_data second_ticket; /* second ticket, if related to
- ticket (via DUPLICATE-SKEY or
- ENC-TKT-IN-SKEY) */
- krb5_authdata FAR * FAR *authdata; /* authorization data */
-} krb5_creds;
-
-/* Last request fields */
-typedef struct _krb5_last_req_entry {
- krb5_magic magic;
- krb5_octet lr_type;
- krb5_timestamp value;
-} krb5_last_req_entry;
-
-/* pre-authentication data */
-typedef struct _krb5_pa_data {
- krb5_magic magic;
- krb5_ui_2 pa_type;
- int length;
- krb5_octet FAR *contents;
-} krb5_pa_data;
-
-typedef struct _krb5_kdc_req {
- krb5_magic magic;
- krb5_msgtype msg_type; /* AS_REQ or TGS_REQ? */
- krb5_pa_data FAR * FAR *padata; /* e.g. encoded AP_REQ */
- /* real body */
- krb5_flags kdc_options; /* requested options */
- krb5_principal client; /* includes realm; optional */
- krb5_principal server; /* includes realm (only used if no
- client) */
- krb5_timestamp from; /* requested starttime */
- krb5_timestamp till; /* requested endtime */
- krb5_timestamp rtime; /* (optional) requested renew_till */
- krb5_int32 nonce; /* nonce to match request/response */
- int netypes; /* # of etypes, must be positive */
- krb5_enctype FAR *etype; /* requested encryption type(s) */
- krb5_address FAR * FAR *addresses; /* requested addresses, optional */
- krb5_enc_data authorization_data; /* encrypted auth data; OPTIONAL */
- krb5_authdata FAR * FAR *unenc_authdata; /* unencrypted auth data,
- if available */
- krb5_ticket FAR * FAR *second_ticket;/* second ticket array; OPTIONAL */
-} krb5_kdc_req;
-
-typedef struct _krb5_enc_kdc_rep_part {
- krb5_magic magic;
- /* encrypted part: */
- krb5_msgtype msg_type; /* krb5 message type */
- krb5_keyblock FAR *session; /* session key */
- krb5_last_req_entry FAR * FAR *last_req; /* array of ptrs to entries */
- krb5_int32 nonce; /* nonce from request */
- krb5_timestamp key_exp; /* expiration date */
- krb5_flags flags; /* ticket flags */
- krb5_ticket_times times; /* lifetime info */
- krb5_principal server; /* server's principal identifier */
- krb5_address FAR * FAR *caddrs; /* array of ptrs to addresses,
- optional */
-} krb5_enc_kdc_rep_part;
-
-typedef struct _krb5_kdc_rep {
- krb5_magic magic;
- /* cleartext part: */
- krb5_msgtype msg_type; /* AS_REP or KDC_REP? */
- krb5_pa_data FAR * FAR *padata; /* preauthentication data from KDC */
- krb5_principal client; /* client's principal identifier */
- krb5_ticket FAR *ticket; /* ticket */
- krb5_enc_data enc_part; /* encryption type, kvno, encrypted
- encoding */
- krb5_enc_kdc_rep_part FAR *enc_part2;/* unencrypted version, if available */
-} krb5_kdc_rep;
-
-/* error message structure */
-typedef struct _krb5_error {
- krb5_magic magic;
- /* some of these may be meaningless in certain contexts */
- krb5_timestamp ctime; /* client sec portion; optional */
- krb5_int32 cusec; /* client usec portion; optional */
- krb5_int32 susec; /* server usec portion */
- krb5_timestamp stime; /* server sec portion */
- krb5_ui_4 error; /* error code (protocol error #'s) */
- krb5_principal client; /* client's principal identifier;
- optional */
- krb5_principal server; /* server's principal identifier */
- krb5_data text; /* descriptive text */
- krb5_data e_data; /* additional error-describing data */
-} krb5_error;
-
-typedef struct _krb5_ap_req {
- krb5_magic magic;
- krb5_flags ap_options; /* requested options */
- krb5_ticket FAR *ticket; /* ticket */
- krb5_enc_data authenticator; /* authenticator (already encrypted) */
-} krb5_ap_req;
-
-typedef struct _krb5_ap_rep {
- krb5_magic magic;
- krb5_enc_data enc_part;
-} krb5_ap_rep;
-
-typedef struct _krb5_ap_rep_enc_part {
- krb5_magic magic;
- krb5_timestamp ctime; /* client time, seconds portion */
- krb5_int32 cusec; /* client time, microseconds portion */
- krb5_keyblock FAR *subkey; /* true session key, optional */
- krb5_int32 seq_number; /* sequence #, optional */
-} krb5_ap_rep_enc_part;
-
-typedef struct _krb5_response {
- krb5_magic magic;
- krb5_octet message_type;
- krb5_data response;
-} krb5_response;
-
-typedef struct _krb5_safe {
- krb5_magic magic;
- krb5_data user_data; /* user data */
- krb5_timestamp timestamp; /* client time, optional */
- krb5_int32 usec; /* microsecond portion of time,
- optional */
- krb5_int32 seq_number; /* sequence #, optional */
- krb5_address FAR *s_address; /* sender address */
- krb5_address FAR *r_address; /* recipient address, optional */
- krb5_checksum FAR *checksum; /* data integrity checksum */
-} krb5_safe;
-
-typedef struct _krb5_priv {
- krb5_magic magic;
- krb5_enc_data enc_part; /* encrypted part */
-} krb5_priv;
-
-typedef struct _krb5_priv_enc_part {
- krb5_magic magic;
- krb5_data user_data; /* user data */
- krb5_timestamp timestamp; /* client time, optional */
- krb5_int32 usec; /* microsecond portion of time, opt. */
- krb5_int32 seq_number; /* sequence #, optional */
- krb5_address FAR *s_address; /* sender address */
- krb5_address FAR *r_address; /* recipient address, optional */
-} krb5_priv_enc_part;
-
-typedef struct _krb5_cred_info {
- krb5_magic magic;
- krb5_keyblock FAR *session; /* session key used to encrypt */
- /* ticket */
- krb5_principal client; /* client name/realm, optional */
- krb5_principal server; /* server name/realm, optional */
- krb5_flags flags; /* ticket flags, optional */
- krb5_ticket_times times; /* auth, start, end, renew_till, */
- /* optional */
- krb5_address FAR * FAR *caddrs; /* array of ptrs to addresses */
-} krb5_cred_info;
-
-typedef struct _krb5_cred_enc_part {
- krb5_magic magic;
- krb5_int32 nonce; /* nonce, optional */
- krb5_timestamp timestamp; /* client time */
- krb5_int32 usec; /* microsecond portion of time */
- krb5_address FAR *s_address; /* sender address, optional */
- krb5_address FAR *r_address; /* recipient address, optional */
- krb5_cred_info FAR * FAR *ticket_info;
-} krb5_cred_enc_part;
-
-typedef struct _krb5_cred {
- krb5_magic magic;
- krb5_ticket FAR * FAR *tickets; /* tickets */
- krb5_enc_data enc_part; /* encrypted part */
- krb5_cred_enc_part FAR *enc_part2; /* unencrypted version, if available*/
-} krb5_cred;
-
-/* Sandia password generation structures */
-typedef struct _passwd_phrase_element {
- krb5_magic magic;
- krb5_data FAR *passwd;
- krb5_data FAR *phrase;
-} passwd_phrase_element;
-
-typedef struct _krb5_pwd_data {
- krb5_magic magic;
- int sequence_count;
- passwd_phrase_element FAR * FAR *element;
-} krb5_pwd_data;
-
-/* these need to be here so the typedefs are available for the prototypes */
-
-/*
- * begin "safepriv.h"
- */
-
-#define KRB5_AUTH_CONTEXT_DO_TIME 0x00000001
-#define KRB5_AUTH_CONTEXT_RET_TIME 0x00000002
-#define KRB5_AUTH_CONTEXT_DO_SEQUENCE 0x00000004
-#define KRB5_AUTH_CONTEXT_RET_SEQUENCE 0x00000008
-
-typedef struct krb5_replay_data {
- krb5_timestamp timestamp;
- krb5_int32 usec;
- krb5_int32 seq;
-} krb5_replay_data;
-
-/* flags for krb5_auth_con_genaddrs() */
-#define KRB5_AUTH_CONTEXT_GENERATE_LOCAL_ADDR 0x00000001
-#define KRB5_AUTH_CONTEXT_GENERATE_REMOTE_ADDR 0x00000002
-#define KRB5_AUTH_CONTEXT_GENERATE_LOCAL_FULL_ADDR 0x00000004
-#define KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR 0x00000008
-
-/*
- * end "safepriv.h"
- */
-
-
-/*
- * begin "ccache.h"
- */
-
-typedef krb5_pointer krb5_cc_cursor; /* cursor for sequential lookup */
-
-typedef struct _krb5_ccache {
- krb5_magic magic;
- struct _krb5_cc_ops FAR *ops;
- krb5_pointer data;
-} FAR *krb5_ccache;
-
-typedef struct _krb5_cc_ops {
- krb5_magic magic;
- char FAR *prefix;
- char FAR * (INTERFACE *get_name) KRB5_NPROTOTYPE((krb5_context, krb5_ccache));
- krb5_error_code (INTERFACE *resolve) KRB5_NPROTOTYPE((krb5_context, krb5_ccache FAR *,
- char FAR *));
- krb5_error_code (INTERFACE *gen_new) KRB5_NPROTOTYPE((krb5_context, krb5_ccache FAR *));
- krb5_error_code (INTERFACE *init) KRB5_NPROTOTYPE((krb5_context, krb5_ccache,
- krb5_principal));
- krb5_error_code (INTERFACE *destroy) KRB5_NPROTOTYPE((krb5_context, krb5_ccache));
- krb5_error_code (INTERFACE *close) KRB5_NPROTOTYPE((krb5_context, krb5_ccache));
- krb5_error_code (INTERFACE *store) KRB5_NPROTOTYPE((krb5_context, krb5_ccache,
- krb5_creds FAR *));
- krb5_error_code (INTERFACE *retrieve) KRB5_NPROTOTYPE((krb5_context, krb5_ccache,
- krb5_flags, krb5_creds FAR *,
- krb5_creds FAR *));
- krb5_error_code (INTERFACE *get_princ) KRB5_NPROTOTYPE((krb5_context, krb5_ccache,
- krb5_principal FAR *));
- krb5_error_code (INTERFACE *get_first) KRB5_NPROTOTYPE((krb5_context, krb5_ccache,
- krb5_cc_cursor FAR *));
- krb5_error_code (INTERFACE *get_next) KRB5_NPROTOTYPE((krb5_context, krb5_ccache,
- krb5_cc_cursor FAR *, krb5_creds FAR *));
- krb5_error_code (INTERFACE *end_get) KRB5_NPROTOTYPE((krb5_context, krb5_ccache,
- krb5_cc_cursor FAR *));
- krb5_error_code (INTERFACE *remove_cred) KRB5_NPROTOTYPE((krb5_context, krb5_ccache,
- krb5_flags, krb5_creds FAR *));
- krb5_error_code (INTERFACE *set_flags) KRB5_NPROTOTYPE((krb5_context, krb5_ccache,
- krb5_flags));
-} krb5_cc_ops;
-
-/* for retrieve_cred */
-#define KRB5_TC_MATCH_TIMES 0x00000001
-#define KRB5_TC_MATCH_IS_SKEY 0x00000002
-#define KRB5_TC_MATCH_FLAGS 0x00000004
-#define KRB5_TC_MATCH_TIMES_EXACT 0x00000008
-#define KRB5_TC_MATCH_FLAGS_EXACT 0x00000010
-#define KRB5_TC_MATCH_AUTHDATA 0x00000020
-#define KRB5_TC_MATCH_SRV_NAMEONLY 0x00000040
-#define KRB5_TC_MATCH_2ND_TKT 0x00000080
-
-/* for set_flags and other functions */
-#define KRB5_TC_OPENCLOSE 0x00000001
-
-#define krb5_cc_initialize(context, cache, principal) (*(cache)->ops->init)(context, cache, principal)
-#define krb5_cc_gen_new(context, cache) (*(cache)->ops->gen_new)(context, cache)
-#define krb5_cc_destroy(context, cache) (*(cache)->ops->destroy)(context, cache)
-#define krb5_cc_close(context, cache) (*(cache)->ops->close)(context, cache)
-#define krb5_cc_store_cred(context, cache, creds) (*(cache)->ops->store)(context, cache, creds)
-#define krb5_cc_retrieve_cred(context, cache, flags, mcreds, creds) (*(cache)->ops->retrieve)(context, cache, flags, mcreds, creds)
-#define krb5_cc_get_principal(context, cache, principal) (*(cache)->ops->get_princ)(context, cache, principal)
-#define krb5_cc_start_seq_get(context, cache, cursor) (*(cache)->ops->get_first)(context, cache, cursor)
-#define krb5_cc_next_cred(context, cache, cursor, creds) (*(cache)->ops->get_next)(context, cache, cursor, creds)
-#define krb5_cc_end_seq_get(context, cache, cursor) (*(cache)->ops->end_get)(context, cache, cursor)
-#define krb5_cc_remove_cred(context, cache, flags, creds) (*(cache)->ops->remove_cred)(context, cache,flags, creds)
-#define krb5_cc_set_flags(context, cache, flags) (*(cache)->ops->set_flags)(context, cache, flags)
-#define krb5_cc_get_name(context, cache) (*(cache)->ops->get_name)(context, cache)
-#define krb5_cc_get_type(context, cache) (*(cache)->ops->prefix)
-
-extern krb5_cc_ops FAR *krb5_cc_dfl_ops;
-
-/*
- * end "ccache.h"
- */
-
-/*
- * begin "rcache.h"
- */
-
-typedef struct krb5_rc_st {
- krb5_magic magic;
- struct _krb5_rc_ops FAR *ops;
- krb5_pointer data;
-} FAR *krb5_rcache;
-
-typedef struct _krb5_donot_replay {
- krb5_magic magic;
- char FAR *server; /* null-terminated */
- char FAR *client; /* null-terminated */
- krb5_int32 cusec;
- krb5_timestamp ctime;
-} krb5_donot_replay;
-
-typedef struct _krb5_rc_ops {
- krb5_magic magic;
- char FAR *type;
- krb5_error_code (*init)KRB5_NPROTOTYPE((krb5_context, krb5_rcache,krb5_deltat)); /* create */
- krb5_error_code (*recover)KRB5_NPROTOTYPE((krb5_context, krb5_rcache)); /* open */
- krb5_error_code (*destroy)KRB5_NPROTOTYPE((krb5_context, krb5_rcache));
- krb5_error_code (*close)KRB5_NPROTOTYPE((krb5_context, krb5_rcache));
- krb5_error_code (*store)KRB5_NPROTOTYPE((krb5_context, krb5_rcache,krb5_donot_replay FAR *));
- krb5_error_code (*expunge)KRB5_NPROTOTYPE((krb5_context, krb5_rcache));
- krb5_error_code (*get_span)KRB5_NPROTOTYPE((krb5_context, krb5_rcache,krb5_deltat FAR *));
- char FAR *(*get_name)KRB5_NPROTOTYPE((krb5_context, krb5_rcache));
- krb5_error_code (*resolve)KRB5_NPROTOTYPE((krb5_context, krb5_rcache, char FAR *));
-} krb5_rc_ops;
-
-krb5_error_code krb5_rc_default
- KRB5_PROTOTYPE((krb5_context,
- krb5_rcache FAR *));
-krb5_error_code krb5_rc_register_type
- KRB5_PROTOTYPE((krb5_context,
- krb5_rc_ops FAR *));
-krb5_error_code krb5_rc_resolve_type
- KRB5_PROTOTYPE((krb5_context,
- krb5_rcache FAR *,char FAR *));
-krb5_error_code krb5_rc_resolve_full
- KRB5_PROTOTYPE((krb5_context,
- krb5_rcache FAR *,char FAR *));
-char FAR * krb5_rc_get_type
- KRB5_PROTOTYPE((krb5_context,
- krb5_rcache));
-char FAR * krb5_rc_default_type
- KRB5_PROTOTYPE((krb5_context));
-char FAR * krb5_rc_default_name
- KRB5_PROTOTYPE((krb5_context));
-krb5_error_code krb5_auth_to_rep
- KRB5_PROTOTYPE((krb5_context,
- krb5_tkt_authent FAR *,
- krb5_donot_replay FAR *));
-
-#define krb5_rc_initialize(context, id, span) (*(id)->ops->init)(context, id, span)
-#define krb5_rc_recover(context, id) (*(id)->ops->recover)(context, id)
-#define krb5_rc_destroy(context, id) (*(id)->ops->destroy)(context, id)
-#define krb5_rc_close(context, id) (*(id)->ops->close)(context, id)
-#define krb5_rc_store(context, id, dontreplay) (*(id)->ops->store)(context, id, dontreplay)
-#define krb5_rc_expunge(context, id) (*(id)->ops->expunge)(context, id)
-#define krb5_rc_get_lifespan(context, id, spanp) (*(id)->ops->get_span)(context, id, spanp)
-#define krb5_rc_get_name(context, id) (*(id)->ops->get_name)(context, id)
-#define krb5_rc_resolve(context, id, name) (*(id)->ops->resolve)(context, id, name)
-
-extern krb5_rc_ops krb5_rc_dfl_ops;
-
-/*
- * end "rcache.h"
- */
-
-/*
- * begin "keytab.h"
- */
-
-
-/* XXX */
-#define MAX_KEYTAB_NAME_LEN 1100 /* Long enough for MAXPATHLEN + some extra */
-
-typedef krb5_pointer krb5_kt_cursor; /* XXX */
-
-typedef struct krb5_keytab_entry_st {
- krb5_magic magic;
- krb5_principal principal; /* principal of this key */
- krb5_timestamp timestamp; /* time entry written to keytable */
- krb5_kvno vno; /* key version number */
- krb5_keyblock key; /* the secret key */
-} krb5_keytab_entry;
-
-
-typedef struct _krb5_kt {
- krb5_magic magic;
- struct _krb5_kt_ops FAR *ops;
- krb5_pointer data;
-} FAR *krb5_keytab;
-
-
-typedef struct _krb5_kt_ops {
- krb5_magic magic;
- char FAR *prefix;
- /* routines always present */
- krb5_error_code (*resolve)
- KRB5_NPROTOTYPE((krb5_context,
- krb5_const char FAR *,
- krb5_keytab FAR *));
- krb5_error_code (*get_name)
- KRB5_NPROTOTYPE((krb5_context,
- krb5_keytab,
- char FAR *,
- int));
- krb5_error_code (*close)
- KRB5_NPROTOTYPE((krb5_context,
- krb5_keytab));
- krb5_error_code (*get)
- KRB5_NPROTOTYPE((krb5_context,
- krb5_keytab,
- krb5_principal,
- krb5_kvno,
- krb5_keytype,
- krb5_keytab_entry FAR *));
- krb5_error_code (*start_seq_get)
- KRB5_NPROTOTYPE((krb5_context,
- krb5_keytab,
- krb5_kt_cursor FAR *));
- krb5_error_code (*get_next)
- KRB5_NPROTOTYPE((krb5_context,
- krb5_keytab,
- krb5_keytab_entry FAR *,
- krb5_kt_cursor FAR *));
- krb5_error_code (*end_get)
- KRB5_NPROTOTYPE((krb5_context,
- krb5_keytab,
- krb5_kt_cursor FAR *));
- /* routines to be included on extended version (write routines) */
- krb5_error_code (*add)
- KRB5_NPROTOTYPE((krb5_context,
- krb5_keytab,
- krb5_keytab_entry FAR *));
- krb5_error_code (*remove)
- KRB5_NPROTOTYPE((krb5_context,
- krb5_keytab,
- krb5_keytab_entry FAR *));
-
- /* Handle for serializer */
- void * serializer;
-} krb5_kt_ops;
-
-#define krb5_kt_get_type(context, keytab) (*(keytab)->ops->prefix)
-#define krb5_kt_get_name(context, keytab, name, namelen) (*(keytab)->ops->get_name)(context, keytab,name,namelen)
-#define krb5_kt_close(context, keytab) (*(keytab)->ops->close)(context, keytab)
-#define krb5_kt_get_entry(context, keytab, principal, vno, keytype, entry) (*(keytab)->ops->get)(context, keytab, principal, vno, keytype, entry)
-#define krb5_kt_start_seq_get(context, keytab, cursor) (*(keytab)->ops->start_seq_get)(context, keytab, cursor)
-#define krb5_kt_next_entry(context, keytab, entry, cursor) (*(keytab)->ops->get_next)(context, keytab, entry, cursor)
-#define krb5_kt_end_seq_get(context, keytab, cursor) (*(keytab)->ops->end_get)(context, keytab, cursor)
-/* remove and add are functions, so that they can return NOWRITE
- if not a writable keytab */
-
-
-extern krb5_kt_ops krb5_kt_dfl_ops;
-
-/*
- * end "keytab.h"
- */
-
-/*
- * begin "func-proto.h"
- */
-
-krb5_error_code INTERFACE krb5_init_context
- KRB5_PROTOTYPE((krb5_context FAR *));
-void krb5_free_context
- KRB5_PROTOTYPE((krb5_context));
-
-krb5_error_code krb5_set_default_in_tkt_etypes
- KRB5_PROTOTYPE((krb5_context,
- krb5_const krb5_enctype *));
-krb5_error_code krb5_get_default_in_tkt_etypes
- KRB5_PROTOTYPE((krb5_context,
- krb5_enctype **));
-
-/* libkrb.spec */
-krb5_error_code krb5_kdc_rep_decrypt_proc
- KRB5_PROTOTYPE((krb5_context,
- krb5_const krb5_keyblock *,
- krb5_const_pointer,
- krb5_kdc_rep * ));
-krb5_error_code krb5_encrypt_tkt_part
- KRB5_PROTOTYPE((krb5_context,
- krb5_encrypt_block *,
- krb5_const krb5_keyblock *,
- krb5_ticket * ));
-krb5_error_code krb5_decrypt_tkt_part
- KRB5_PROTOTYPE((krb5_context,
- krb5_const krb5_keyblock *,
- krb5_ticket * ));
-krb5_error_code krb5_get_cred_from_kdc
- KRB5_PROTOTYPE((krb5_context,
- krb5_ccache, /* not const, as reading may save
- state */
- krb5_creds *,
- krb5_creds **,
- krb5_creds *** ));
-void krb5_free_tgt_creds
- KRB5_PROTOTYPE((krb5_context,
- krb5_creds ** )); /* XXX too hard to do with const */
-
-#define KRB5_GC_USER_USER 1 /* want user-user ticket */
-#define KRB5_GC_CACHED 2 /* want cached ticket only */
-
-krb5_error_code INTERFACE krb5_get_credentials
- KRB5_PROTOTYPE((krb5_context,
- krb5_const krb5_flags,
- krb5_ccache,
- krb5_creds FAR *,
- krb5_creds FAR * FAR *));
-krb5_error_code INTERFACE krb5_get_cred_via_tkt
- KRB5_PROTOTYPE((krb5_context,
- krb5_creds *,
- krb5_const krb5_flags,
- krb5_address * krb5_const *,
- krb5_creds *,
- krb5_creds **));
-krb5_error_code krb5_mk_req
- KRB5_PROTOTYPE((krb5_context,
- krb5_auth_context *,
- krb5_const krb5_flags,
- char *,
- char *,
- krb5_data *,
- krb5_ccache,
- krb5_data * ));
-krb5_error_code INTERFACE krb5_mk_req_extended
- KRB5_PROTOTYPE((krb5_context,
- krb5_auth_context FAR *,
- krb5_const krb5_flags,
- krb5_data FAR *,
- krb5_creds FAR *,
- krb5_data FAR * ));
-krb5_error_code krb5_mk_rep
- KRB5_PROTOTYPE((krb5_context,
- krb5_auth_context,
- krb5_data *));
-krb5_error_code INTERFACE krb5_rd_rep
- KRB5_PROTOTYPE((krb5_context,
- krb5_auth_context,
- krb5_const krb5_data FAR *,
- krb5_ap_rep_enc_part FAR * FAR *));
-krb5_error_code krb5_mk_error
- KRB5_PROTOTYPE((krb5_context,
- krb5_const krb5_error *,
- krb5_data * ));
-krb5_error_code krb5_rd_error
- KRB5_PROTOTYPE((krb5_context,
- krb5_const krb5_data *,
- krb5_error ** ));
-krb5_error_code krb5_rd_safe
- KRB5_PROTOTYPE((krb5_context,
- krb5_auth_context,
- krb5_const krb5_data *,
- krb5_data *,
- krb5_replay_data *));
-krb5_error_code krb5_rd_priv
- KRB5_PROTOTYPE((krb5_context,
- krb5_auth_context,
- krb5_const krb5_data *,
- krb5_data *,
- krb5_replay_data *));
-krb5_error_code INTERFACE krb5_parse_name
- KRB5_PROTOTYPE((krb5_context,
- krb5_const char FAR *,
- krb5_principal FAR * ));
-krb5_error_code INTERFACE krb5_unparse_name
- KRB5_PROTOTYPE((krb5_context,
- krb5_const_principal,
- char FAR * FAR * ));
-krb5_error_code krb5_unparse_name_ext
- KRB5_PROTOTYPE((krb5_context,
- krb5_const_principal,
- char **,
- int *));
-krb5_boolean krb5_address_search
- KRB5_PROTOTYPE((krb5_context,
- krb5_const krb5_address *,
- krb5_address * krb5_const *));
-krb5_boolean krb5_address_compare
- KRB5_PROTOTYPE((krb5_context,
- krb5_const krb5_address *,
- krb5_const krb5_address *));
-int krb5_address_order
- KRB5_PROTOTYPE((krb5_context,
- krb5_const krb5_address *,
- krb5_const krb5_address *));
-krb5_boolean krb5_realm_compare
- KRB5_PROTOTYPE((krb5_context,
- krb5_const_principal,
- krb5_const_principal));
-krb5_boolean krb5_principal_compare
- KRB5_PROTOTYPE((krb5_context,
- krb5_const_principal,
- krb5_const_principal));
-krb5_error_code krb5_copy_keyblock
- KRB5_PROTOTYPE((krb5_context,
- krb5_const krb5_keyblock *,
- krb5_keyblock **));
-krb5_error_code krb5_copy_keyblock_contents
- KRB5_PROTOTYPE((krb5_context,
- krb5_const krb5_keyblock *,
- krb5_keyblock *));
-krb5_error_code krb5_copy_creds
- KRB5_PROTOTYPE((krb5_context,
- krb5_const krb5_creds *,
- krb5_creds **));
-krb5_error_code krb5_copy_data
- KRB5_PROTOTYPE((krb5_context,
- krb5_const krb5_data *,
- krb5_data **));
-krb5_error_code krb5_copy_principal
- KRB5_PROTOTYPE((krb5_context,
- krb5_const_principal,
- krb5_principal *));
-krb5_error_code krb5_copy_addresses
- KRB5_PROTOTYPE((krb5_context,
- krb5_address * krb5_const *,
- krb5_address ***));
-krb5_error_code krb5_copy_ticket
- KRB5_PROTOTYPE((krb5_context,
- krb5_const krb5_ticket *, krb5_ticket **));
-krb5_error_code krb5_copy_authdata
- KRB5_PROTOTYPE((krb5_context,
- krb5_authdata * krb5_const *,
- krb5_authdata ***));
-krb5_error_code krb5_copy_authenticator
- KRB5_PROTOTYPE((krb5_context,
- krb5_const krb5_authenticator *,
- krb5_authenticator **));
-krb5_error_code krb5_copy_checksum
- KRB5_PROTOTYPE((krb5_context,
- krb5_const krb5_checksum *,
- krb5_checksum **));
-void INTERFACE krb5_init_ets KRB5_PROTOTYPE((krb5_context));
-krb5_error_code krb5_generate_subkey
- KRB5_PROTOTYPE((krb5_context,
- krb5_const krb5_keyblock *, krb5_keyblock **));
-krb5_error_code krb5_generate_seq_number
- KRB5_PROTOTYPE((krb5_context,
- krb5_const krb5_keyblock *, krb5_int32 *));
-krb5_error_code krb5_get_server_rcache
- KRB5_PROTOTYPE((krb5_context,
- krb5_const krb5_data *, krb5_rcache *));
-krb5_error_code INTERFACE_C krb5_build_principal_ext
- KRB5_STDARG_P((krb5_context, krb5_principal FAR *, int, krb5_const char FAR *, ...));
-krb5_error_code krb5_build_principal
- KRB5_STDARG_P((krb5_context, krb5_principal *, int, krb5_const char *, ...));
-#ifdef va_start
-/* XXX depending on varargs include file defining va_start... */
-krb5_error_code krb5_build_principal_va
- KRB5_PROTOTYPE((krb5_context,
- krb5_principal *, int, krb5_const char *, va_list));
-#endif
-
-krb5_error_code krb5_425_conv_principal
- KRB5_PROTOTYPE((krb5_context,
- krb5_const char *name, krb5_const char *instance, krb5_const char *realm,
- krb5_principal *princ));
-
-krb5_error_code
-krb5_524_conv_principal
- KRB5_PROTOTYPE((krb5_context context, krb5_const krb5_principal princ,
- char *name, char *inst, char *realm));
-
-krb5_error_code krb5_obtain_padata
- KRB5_PROTOTYPE((krb5_context,
- int type, krb5_principal client, krb5_address **src_addr,
- krb5_keyblock *encrypt_key, krb5_pa_data **data));
-
-krb5_error_code krb5_verify_padata
- KRB5_PROTOTYPE((krb5_context,
- krb5_pa_data * data, krb5_principal client,
- krb5_address **src_addr, krb5_keyblock *decrypt_key,
- int *req_id, int *flags));
-
-/* libkt.spec */
-krb5_error_code krb5_kt_register
- KRB5_PROTOTYPE((krb5_context,
- krb5_kt_ops * ));
-krb5_error_code krb5_kt_resolve
- KRB5_PROTOTYPE((krb5_context,
- krb5_const char *,
- krb5_keytab * ));
-krb5_error_code krb5_kt_default_name
- KRB5_PROTOTYPE((krb5_context,
- char *,
- int ));
-krb5_error_code krb5_kt_default
- KRB5_PROTOTYPE((krb5_context,
- krb5_keytab * ));
-krb5_error_code krb5_kt_free_entry
- KRB5_PROTOTYPE((krb5_context,
- krb5_keytab_entry * ));
-/* remove and add are functions, so that they can return NOWRITE
- if not a writable keytab */
-krb5_error_code krb5_kt_remove_entry
- KRB5_PROTOTYPE((krb5_context,
- krb5_keytab,
- krb5_keytab_entry * ));
-krb5_error_code krb5_kt_add_entry
- KRB5_PROTOTYPE((krb5_context,
- krb5_keytab,
- krb5_keytab_entry * ));
-krb5_error_code krb5_principal2salt
- KRB5_PROTOTYPE((krb5_context,
- krb5_const_principal, krb5_data *));
-krb5_error_code krb5_principal2salt_norealm
- KRB5_PROTOTYPE((krb5_context,
- krb5_const_principal, krb5_data *));
-
-/* librc.spec--see rcache.h */
-
-/* libcc.spec */
-krb5_error_code krb5_cc_resolve
- KRB5_PROTOTYPE((krb5_context,
- char *,
- krb5_ccache * ));
-krb5_error_code krb5_cc_generate_new
- KRB5_PROTOTYPE((krb5_context,
- krb5_cc_ops *,
- krb5_ccache * ));
-char * krb5_cc_default_name
- KRB5_PROTOTYPE((krb5_context));
-krb5_error_code INTERFACE krb5_cc_default
- KRB5_PROTOTYPE((krb5_context,
- krb5_ccache FAR *));
-unsigned int INTERFACE krb5_get_notification_message
- KRB5_PROTOTYPE((void));
-
-/* chk_trans.c */
-krb5_error_code krb5_check_transited_list
- KRB5_PROTOTYPE((krb5_context,
- krb5_data *trans, krb5_data *realm1, krb5_data *realm2));
-
-/* free_rtree.c */
-void krb5_free_realm_tree
- KRB5_PROTOTYPE((krb5_context,
- krb5_principal *));
-
-/* krb5_free.c */
-void INTERFACE krb5_free_principal
- KRB5_PROTOTYPE((krb5_context,
- krb5_principal ));
-void krb5_free_authenticator
- KRB5_PROTOTYPE((krb5_context,
- krb5_authenticator * ));
-void krb5_free_authenticator_contents
- KRB5_PROTOTYPE((krb5_context,
- krb5_authenticator * ));
-void INTERFACE krb5_free_addresses
- KRB5_PROTOTYPE((krb5_context,
- krb5_address FAR * FAR * ));
-void krb5_free_address
- KRB5_PROTOTYPE((krb5_context,
- krb5_address * ));
-void krb5_free_authdata
- KRB5_PROTOTYPE((krb5_context,
- krb5_authdata ** ));
-void krb5_free_enc_tkt_part
- KRB5_PROTOTYPE((krb5_context,
- krb5_enc_tkt_part * ));
-void krb5_free_ticket
- KRB5_PROTOTYPE((krb5_context,
- krb5_ticket * ));
-void krb5_free_tickets
- KRB5_PROTOTYPE((krb5_context,
- krb5_ticket ** ));
-void krb5_free_kdc_req
- KRB5_PROTOTYPE((krb5_context,
- krb5_kdc_req * ));
-void krb5_free_kdc_rep
- KRB5_PROTOTYPE((krb5_context,
- krb5_kdc_rep * ));
-void krb5_free_last_req
- KRB5_PROTOTYPE((krb5_context,
- krb5_last_req_entry ** ));
-void krb5_free_enc_kdc_rep_part
- KRB5_PROTOTYPE((krb5_context,
- krb5_enc_kdc_rep_part * ));
-void krb5_free_error
- KRB5_PROTOTYPE((krb5_context,
- krb5_error * ));
-void krb5_free_ap_req
- KRB5_PROTOTYPE((krb5_context,
- krb5_ap_req * ));
-void krb5_free_ap_rep
- KRB5_PROTOTYPE((krb5_context,
- krb5_ap_rep * ));
-void krb5_free_safe
- KRB5_PROTOTYPE((krb5_context,
- krb5_safe * ));
-void krb5_free_priv
- KRB5_PROTOTYPE((krb5_context,
- krb5_priv * ));
-void krb5_free_priv_enc_part
- KRB5_PROTOTYPE((krb5_context,
- krb5_priv_enc_part * ));
-void krb5_free_cred
- KRB5_PROTOTYPE((krb5_context,
- krb5_cred *));
-void INTERFACE krb5_free_creds
- KRB5_PROTOTYPE((krb5_context,
- krb5_creds FAR *));
-void INTERFACE krb5_free_cred_contents
- KRB5_PROTOTYPE((krb5_context,
- krb5_creds FAR *));
-void krb5_free_cred_enc_part
- KRB5_PROTOTYPE((krb5_context,
- krb5_cred_enc_part *));
-void krb5_free_checksum
- KRB5_PROTOTYPE((krb5_context,
- krb5_checksum *));
-void krb5_free_keyblock
- KRB5_PROTOTYPE((krb5_context,
- krb5_keyblock *));
-void krb5_free_pa_data
- KRB5_PROTOTYPE((krb5_context,
- krb5_pa_data **));
-void INTERFACE krb5_free_ap_rep_enc_part
- KRB5_PROTOTYPE((krb5_context,
- krb5_ap_rep_enc_part FAR *));
-void krb5_free_tkt_authent
- KRB5_PROTOTYPE((krb5_context,
- krb5_tkt_authent *));
-void krb5_free_pwd_data
- KRB5_PROTOTYPE((krb5_context,
- krb5_pwd_data *));
-void krb5_free_pwd_sequences
- KRB5_PROTOTYPE((krb5_context,
- passwd_phrase_element **));
-
-/* From krb5/os but needed but by the outside world */
-krb5_error_code INTERFACE krb5_us_timeofday
- KRB5_PROTOTYPE((krb5_context,
- krb5_int32 FAR *,
- krb5_int32 FAR * ));
-krb5_error_code INTERFACE krb5_timeofday
- KRB5_PROTOTYPE((krb5_context,
- krb5_int32 FAR * ));
- /* get all the addresses of this host */
-krb5_error_code INTERFACE krb5_os_localaddr
- KRB5_PROTOTYPE((krb5_context,
- krb5_address FAR * FAR * FAR *));
-krb5_error_code INTERFACE krb5_get_default_realm
- KRB5_PROTOTYPE((krb5_context,
- char FAR * FAR * ));
-krb5_error_code INTERFACE krb5_set_default_realm
- KRB5_PROTOTYPE((krb5_context,
- krb5_const char FAR * ));
-krb5_error_code INTERFACE krb5_sname_to_principal
- KRB5_PROTOTYPE((krb5_context,
- krb5_const char FAR *,
- krb5_const char FAR *,
- krb5_int32,
- krb5_principal FAR *));
-
-krb5_error_code INTERFACE krb5_set_config_files
- KRB5_PROTOTYPE ((krb5_context, krb5_const char **));
-
-krb5_error_code krb5_encode_kdc_rep
- KRB5_PROTOTYPE((krb5_context,
- krb5_const krb5_msgtype,
- krb5_const krb5_enc_kdc_rep_part *,
- krb5_encrypt_block *,
- krb5_const krb5_keyblock *,
- krb5_kdc_rep *,
- krb5_data ** ));
-
-krb5_error_code krb5_send_tgs
- KRB5_PROTOTYPE((krb5_context,
- krb5_const krb5_flags,
- krb5_const krb5_ticket_times *,
- krb5_const krb5_enctype *,
- krb5_const_principal,
- krb5_address * krb5_const *,
- krb5_authdata * krb5_const *,
- krb5_pa_data * krb5_const *,
- krb5_const krb5_data *,
- krb5_creds *,
- krb5_response * ));
-
-krb5_error_code krb5_get_in_tkt
- KRB5_PROTOTYPE((krb5_context,
- krb5_const krb5_flags,
- krb5_address * krb5_const *,
- krb5_enctype *,
- krb5_preauthtype *,
- krb5_error_code ( * )(krb5_context,
- krb5_const krb5_keytype,
- krb5_data *,
- krb5_const_pointer,
- krb5_keyblock **),
- krb5_const_pointer,
- krb5_error_code ( * )(krb5_context,
- krb5_const krb5_keyblock *,
- krb5_const_pointer,
- krb5_kdc_rep * ),
- krb5_const_pointer,
- krb5_creds *,
- krb5_ccache,
- krb5_kdc_rep ** ));
-
-krb5_error_code INTERFACE krb5_get_in_tkt_with_password
- KRB5_PROTOTYPE((krb5_context,
- krb5_const krb5_flags,
- krb5_address FAR * krb5_const FAR *,
- krb5_enctype FAR *,
- krb5_preauthtype FAR *,
- krb5_const char FAR *,
- krb5_ccache,
- krb5_creds FAR *,
- krb5_kdc_rep FAR * FAR * ));
-
-krb5_error_code krb5_get_in_tkt_with_skey
- KRB5_PROTOTYPE((krb5_context,
- krb5_const krb5_flags,
- krb5_address * krb5_const *,
- krb5_enctype *,
- krb5_preauthtype *,
- krb5_const krb5_keyblock *,
- krb5_ccache,
- krb5_creds *,
- krb5_kdc_rep ** ));
-
-krb5_error_code krb5_get_in_tkt_with_keytab
- KRB5_PROTOTYPE((krb5_context,
- krb5_const krb5_flags,
- krb5_address * krb5_const *,
- krb5_enctype *,
- krb5_preauthtype *,
- krb5_const krb5_keytab,
- krb5_ccache,
- krb5_creds *,
- krb5_kdc_rep ** ));
-
-
-krb5_error_code krb5_decode_kdc_rep
- KRB5_PROTOTYPE((krb5_context,
- krb5_data *,
- krb5_const krb5_keyblock *,
- krb5_const krb5_enctype,
- krb5_kdc_rep ** ));
-
-krb5_error_code krb5_rd_req
- KRB5_PROTOTYPE((krb5_context,
- krb5_auth_context *,
- krb5_const krb5_data *,
- krb5_const_principal,
- krb5_keytab,
- krb5_flags *,
- krb5_ticket **));
-
-krb5_error_code krb5_rd_req_decoded
- KRB5_PROTOTYPE((krb5_context,
- krb5_auth_context *,
- krb5_const krb5_ap_req *,
- krb5_const_principal,
- krb5_keytab,
- krb5_flags *,
- krb5_ticket **));
-
-krb5_error_code krb5_kt_read_service_key
- KRB5_PROTOTYPE((krb5_context,
- krb5_pointer,
- krb5_principal,
- krb5_kvno,
- krb5_keytype,
- krb5_keyblock **));
-krb5_error_code krb5_mk_safe
- KRB5_PROTOTYPE((krb5_context,
- krb5_auth_context,
- krb5_const krb5_data *,
- krb5_data *,
- krb5_replay_data *));
-krb5_error_code krb5_mk_priv
- KRB5_PROTOTYPE((krb5_context,
- krb5_auth_context,
- krb5_const krb5_data *,
- krb5_data *,
- krb5_replay_data *));
-krb5_error_code krb5_cc_register
- KRB5_PROTOTYPE((krb5_context,
- krb5_cc_ops *,
- krb5_boolean ));
-
-krb5_error_code krb5_sendauth
- KRB5_PROTOTYPE((krb5_context,
- krb5_auth_context *,
- krb5_pointer,
- char *,
- krb5_principal,
- krb5_principal,
- krb5_flags,
- krb5_data *,
- krb5_creds *,
- krb5_ccache,
- krb5_error **,
- krb5_ap_rep_enc_part **,
- krb5_creds **));
-
-krb5_error_code krb5_recvauth KRB5_PROTOTYPE((krb5_context,
- krb5_auth_context *,
- krb5_pointer,
- char *,
- krb5_principal,
- krb5_int32,
- krb5_keytab,
- krb5_ticket **));
-
-krb5_error_code krb5_walk_realm_tree
- KRB5_PROTOTYPE((krb5_context,
- krb5_const krb5_data *,
- krb5_const krb5_data *,
- krb5_principal **,
- int));
-
-krb5_error_code INTERFACE krb5_mk_ncred
- KRB5_PROTOTYPE((krb5_context,
- krb5_auth_context,
- krb5_creds **,
- krb5_data **,
- krb5_replay_data *));
-
-krb5_error_code INTERFACE krb5_mk_1cred
- KRB5_PROTOTYPE((krb5_context,
- krb5_auth_context,
- krb5_creds *,
- krb5_data **,
- krb5_replay_data *));
-
-krb5_error_code krb5_rd_cred
- KRB5_PROTOTYPE((krb5_context,
- krb5_auth_context,
- krb5_data *,
- krb5_creds ***,
- krb5_replay_data *));
-
-krb5_error_code krb5_auth_con_init
- KRB5_PROTOTYPE((krb5_context,
- krb5_auth_context *));
-
-krb5_error_code krb5_auth_con_free
- KRB5_PROTOTYPE((krb5_context,
- krb5_auth_context));
-
-krb5_error_code krb5_auth_con_setflags
- KRB5_PROTOTYPE((krb5_context,
- krb5_auth_context,
- krb5_int32));
-
-krb5_error_code krb5_auth_con_getflags
- KRB5_PROTOTYPE((krb5_context,
- krb5_auth_context,
- krb5_int32 *));
-
-krb5_error_code krb5_auth_con_setaddrs
- KRB5_PROTOTYPE((krb5_context,
- krb5_auth_context,
- krb5_address *,
- krb5_address *));
-
-krb5_error_code krb5_auth_con_getaddrs
- KRB5_PROTOTYPE((krb5_context,
- krb5_auth_context,
- krb5_address **,
- krb5_address **));
-
-krb5_error_code krb5_auth_con_setports
- KRB5_PROTOTYPE((krb5_context,
- krb5_auth_context,
- krb5_address *,
- krb5_address *));
-
-krb5_error_code krb5_auth_con_setuseruserkey
- KRB5_PROTOTYPE((krb5_context,
- krb5_auth_context,
- krb5_keyblock *));
-
-krb5_error_code krb5_auth_con_getkey
- KRB5_PROTOTYPE((krb5_context,
- krb5_auth_context,
- krb5_keyblock **));
-
-krb5_error_code krb5_auth_con_getlocalsubkey
- KRB5_PROTOTYPE((krb5_context,
- krb5_auth_context,
- krb5_keyblock **));
-
-krb5_error_code krb5_auth_con_setcksumtype
- KRB5_PROTOTYPE((krb5_context,
- krb5_auth_context,
- krb5_cksumtype));
-
-krb5_error_code krb5_auth_con_getcksumtype
- KRB5_PROTOTYPE((krb5_context,
- krb5_auth_context,
- krb5_cksumtype *));
-
-krb5_error_code krb5_auth_con_getlocalseqnumber
- KRB5_PROTOTYPE((krb5_context,
- krb5_auth_context,
- krb5_int32 *));
-
-krb5_error_code krb5_auth_con_getremoteseqnumber
- KRB5_PROTOTYPE((krb5_context,
- krb5_auth_context,
- krb5_int32 *));
-
-krb5_error_code krb5_auth_con_initivector
- KRB5_PROTOTYPE((krb5_context,
- krb5_auth_context));
-
-krb5_error_code krb5_auth_con_setivector
- KRB5_PROTOTYPE((krb5_context,
- krb5_auth_context,
- krb5_pointer));
-
-krb5_error_code krb5_auth_con_getivector
- KRB5_PROTOTYPE((krb5_context,
- krb5_auth_context,
- krb5_pointer *));
-
-krb5_error_code krb5_auth_con_setrcache
- KRB5_PROTOTYPE((krb5_context,
- krb5_auth_context,
- krb5_rcache));
-
-krb5_error_code krb5_auth_con_getrcache
- KRB5_PROTOTYPE((krb5_context,
- krb5_auth_context,
- krb5_rcache *));
-
-krb5_error_code krb5_auth_con_getauthenticator
- KRB5_PROTOTYPE((krb5_context,
- krb5_auth_context,
- krb5_authenticator **));
-
-krb5_error_code krb5_auth_con_getremotesubkey
- KRB5_PROTOTYPE((krb5_context,
- krb5_auth_context,
- krb5_keyblock **));
-
-#define KRB5_REALM_BRANCH_CHAR '.'
-
-/*
- * end "func-proto.h"
- */
-
-/*
- * begin "k5-free.h"
- */
-
-/* to keep lint happy */
-#define krb5_xfree(val) free((char FAR *)(val))
-
-#define krb5_free_data(context, val) { krb5_xfree((val)->data); krb5_xfree(val);}
-
-/*
- * end "k5-free.h"
- */
-
-/* The name of the Kerberos ticket granting service... and its size */
-#define KRB5_TGS_NAME "krbtgt"
-#define KRB5_TGS_NAME_SIZE 6
-
-/* flags for recvauth */
-#define KRB5_RECVAUTH_SKIP_VERSION 0x0001
-#define KRB5_RECVAUTH_BADAUTHVERS 0x0002
-
-#endif /* KRB5_GENERAL__ */
-/*
- * include/krb5/krb5_err.h:
- * This file is automatically generated; please do not edit it.
- */
-#define KRB5KDC_ERR_NONE (-1765328384L)
-#define KRB5KDC_ERR_NAME_EXP (-1765328383L)
-#define KRB5KDC_ERR_SERVICE_EXP (-1765328382L)
-#define KRB5KDC_ERR_BAD_PVNO (-1765328381L)
-#define KRB5KDC_ERR_C_OLD_MAST_KVNO (-1765328380L)
-#define KRB5KDC_ERR_S_OLD_MAST_KVNO (-1765328379L)
-#define KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN (-1765328378L)
-#define KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN (-1765328377L)
-#define KRB5KDC_ERR_PRINCIPAL_NOT_UNIQUE (-1765328376L)
-#define KRB5KDC_ERR_NULL_KEY (-1765328375L)
-#define KRB5KDC_ERR_CANNOT_POSTDATE (-1765328374L)
-#define KRB5KDC_ERR_NEVER_VALID (-1765328373L)
-#define KRB5KDC_ERR_POLICY (-1765328372L)
-#define KRB5KDC_ERR_BADOPTION (-1765328371L)
-#define KRB5KDC_ERR_ETYPE_NOSUPP (-1765328370L)
-#define KRB5KDC_ERR_SUMTYPE_NOSUPP (-1765328369L)
-#define KRB5KDC_ERR_PADATA_TYPE_NOSUPP (-1765328368L)
-#define KRB5KDC_ERR_TRTYPE_NOSUPP (-1765328367L)
-#define KRB5KDC_ERR_CLIENT_REVOKED (-1765328366L)
-#define KRB5KDC_ERR_SERVICE_REVOKED (-1765328365L)
-#define KRB5KDC_ERR_TGT_REVOKED (-1765328364L)
-#define KRB5KDC_ERR_CLIENT_NOTYET (-1765328363L)
-#define KRB5KDC_ERR_SERVICE_NOTYET (-1765328362L)
-#define KRB5KDC_ERR_KEY_EXP (-1765328361L)
-#define KRB5KDC_ERR_PREAUTH_FAILED (-1765328360L)
-#define KRB5KDC_ERR_PREAUTH_REQUIRED (-1765328359L)
-#define KRB5KDC_ERR_SERVER_NOMATCH (-1765328358L)
-#define KRB5PLACEHOLD_27 (-1765328357L)
-#define KRB5PLACEHOLD_28 (-1765328356L)
-#define KRB5PLACEHOLD_29 (-1765328355L)
-#define KRB5PLACEHOLD_30 (-1765328354L)
-#define KRB5KRB_AP_ERR_BAD_INTEGRITY (-1765328353L)
-#define KRB5KRB_AP_ERR_TKT_EXPIRED (-1765328352L)
-#define KRB5KRB_AP_ERR_TKT_NYV (-1765328351L)
-#define KRB5KRB_AP_ERR_REPEAT (-1765328350L)
-#define KRB5KRB_AP_ERR_NOT_US (-1765328349L)
-#define KRB5KRB_AP_ERR_BADMATCH (-1765328348L)
-#define KRB5KRB_AP_ERR_SKEW (-1765328347L)
-#define KRB5KRB_AP_ERR_BADADDR (-1765328346L)
-#define KRB5KRB_AP_ERR_BADVERSION (-1765328345L)
-#define KRB5KRB_AP_ERR_MSG_TYPE (-1765328344L)
-#define KRB5KRB_AP_ERR_MODIFIED (-1765328343L)
-#define KRB5KRB_AP_ERR_BADORDER (-1765328342L)
-#define KRB5KRB_AP_ERR_ILL_CR_TKT (-1765328341L)
-#define KRB5KRB_AP_ERR_BADKEYVER (-1765328340L)
-#define KRB5KRB_AP_ERR_NOKEY (-1765328339L)
-#define KRB5KRB_AP_ERR_MUT_FAIL (-1765328338L)
-#define KRB5KRB_AP_ERR_BADDIRECTION (-1765328337L)
-#define KRB5KRB_AP_ERR_METHOD (-1765328336L)
-#define KRB5KRB_AP_ERR_BADSEQ (-1765328335L)
-#define KRB5KRB_AP_ERR_INAPP_CKSUM (-1765328334L)
-#define KRB5PLACEHOLD_51 (-1765328333L)
-#define KRB5PLACEHOLD_52 (-1765328332L)
-#define KRB5PLACEHOLD_53 (-1765328331L)
-#define KRB5PLACEHOLD_54 (-1765328330L)
-#define KRB5PLACEHOLD_55 (-1765328329L)
-#define KRB5PLACEHOLD_56 (-1765328328L)
-#define KRB5PLACEHOLD_57 (-1765328327L)
-#define KRB5PLACEHOLD_58 (-1765328326L)
-#define KRB5PLACEHOLD_59 (-1765328325L)
-#define KRB5KRB_ERR_GENERIC (-1765328324L)
-#define KRB5KRB_ERR_FIELD_TOOLONG (-1765328323L)
-#define KRB5PLACEHOLD_62 (-1765328322L)
-#define KRB5PLACEHOLD_63 (-1765328321L)
-#define KRB5PLACEHOLD_64 (-1765328320L)
-#define KRB5PLACEHOLD_65 (-1765328319L)
-#define KRB5PLACEHOLD_66 (-1765328318L)
-#define KRB5PLACEHOLD_67 (-1765328317L)
-#define KRB5PLACEHOLD_68 (-1765328316L)
-#define KRB5PLACEHOLD_69 (-1765328315L)
-#define KRB5PLACEHOLD_70 (-1765328314L)
-#define KRB5PLACEHOLD_71 (-1765328313L)
-#define KRB5PLACEHOLD_72 (-1765328312L)
-#define KRB5PLACEHOLD_73 (-1765328311L)
-#define KRB5PLACEHOLD_74 (-1765328310L)
-#define KRB5PLACEHOLD_75 (-1765328309L)
-#define KRB5PLACEHOLD_76 (-1765328308L)
-#define KRB5PLACEHOLD_77 (-1765328307L)
-#define KRB5PLACEHOLD_78 (-1765328306L)
-#define KRB5PLACEHOLD_79 (-1765328305L)
-#define KRB5PLACEHOLD_80 (-1765328304L)
-#define KRB5PLACEHOLD_81 (-1765328303L)
-#define KRB5PLACEHOLD_82 (-1765328302L)
-#define KRB5PLACEHOLD_83 (-1765328301L)
-#define KRB5PLACEHOLD_84 (-1765328300L)
-#define KRB5PLACEHOLD_85 (-1765328299L)
-#define KRB5PLACEHOLD_86 (-1765328298L)
-#define KRB5PLACEHOLD_87 (-1765328297L)
-#define KRB5PLACEHOLD_88 (-1765328296L)
-#define KRB5PLACEHOLD_89 (-1765328295L)
-#define KRB5PLACEHOLD_90 (-1765328294L)
-#define KRB5PLACEHOLD_91 (-1765328293L)
-#define KRB5PLACEHOLD_92 (-1765328292L)
-#define KRB5PLACEHOLD_93 (-1765328291L)
-#define KRB5PLACEHOLD_94 (-1765328290L)
-#define KRB5PLACEHOLD_95 (-1765328289L)
-#define KRB5PLACEHOLD_96 (-1765328288L)
-#define KRB5PLACEHOLD_97 (-1765328287L)
-#define KRB5PLACEHOLD_98 (-1765328286L)
-#define KRB5PLACEHOLD_99 (-1765328285L)
-#define KRB5PLACEHOLD_100 (-1765328284L)
-#define KRB5PLACEHOLD_101 (-1765328283L)
-#define KRB5PLACEHOLD_102 (-1765328282L)
-#define KRB5PLACEHOLD_103 (-1765328281L)
-#define KRB5PLACEHOLD_104 (-1765328280L)
-#define KRB5PLACEHOLD_105 (-1765328279L)
-#define KRB5PLACEHOLD_106 (-1765328278L)
-#define KRB5PLACEHOLD_107 (-1765328277L)
-#define KRB5PLACEHOLD_108 (-1765328276L)
-#define KRB5PLACEHOLD_109 (-1765328275L)
-#define KRB5PLACEHOLD_110 (-1765328274L)
-#define KRB5PLACEHOLD_111 (-1765328273L)
-#define KRB5PLACEHOLD_112 (-1765328272L)
-#define KRB5PLACEHOLD_113 (-1765328271L)
-#define KRB5PLACEHOLD_114 (-1765328270L)
-#define KRB5PLACEHOLD_115 (-1765328269L)
-#define KRB5PLACEHOLD_116 (-1765328268L)
-#define KRB5PLACEHOLD_117 (-1765328267L)
-#define KRB5PLACEHOLD_118 (-1765328266L)
-#define KRB5PLACEHOLD_119 (-1765328265L)
-#define KRB5PLACEHOLD_120 (-1765328264L)
-#define KRB5PLACEHOLD_121 (-1765328263L)
-#define KRB5PLACEHOLD_122 (-1765328262L)
-#define KRB5PLACEHOLD_123 (-1765328261L)
-#define KRB5PLACEHOLD_124 (-1765328260L)
-#define KRB5PLACEHOLD_125 (-1765328259L)
-#define KRB5PLACEHOLD_126 (-1765328258L)
-#define KRB5PLACEHOLD_127 (-1765328257L)
-#define KRB5_ERR_RCSID (-1765328256L)
-#define KRB5_LIBOS_BADLOCKFLAG (-1765328255L)
-#define KRB5_LIBOS_CANTREADPWD (-1765328254L)
-#define KRB5_LIBOS_BADPWDMATCH (-1765328253L)
-#define KRB5_LIBOS_PWDINTR (-1765328252L)
-#define KRB5_PARSE_ILLCHAR (-1765328251L)
-#define KRB5_PARSE_MALFORMED (-1765328250L)
-#define KRB5_CONFIG_CANTOPEN (-1765328249L)
-#define KRB5_CONFIG_BADFORMAT (-1765328248L)
-#define KRB5_CONFIG_NOTENUFSPACE (-1765328247L)
-#define KRB5_BADMSGTYPE (-1765328246L)
-#define KRB5_CC_BADNAME (-1765328245L)
-#define KRB5_CC_UNKNOWN_TYPE (-1765328244L)
-#define KRB5_CC_NOTFOUND (-1765328243L)
-#define KRB5_CC_END (-1765328242L)
-#define KRB5_NO_TKT_SUPPLIED (-1765328241L)
-#define KRB5KRB_AP_WRONG_PRINC (-1765328240L)
-#define KRB5KRB_AP_ERR_TKT_INVALID (-1765328239L)
-#define KRB5_PRINC_NOMATCH (-1765328238L)
-#define KRB5_KDCREP_MODIFIED (-1765328237L)
-#define KRB5_KDCREP_SKEW (-1765328236L)
-#define KRB5_IN_TKT_REALM_MISMATCH (-1765328235L)
-#define KRB5_PROG_ETYPE_NOSUPP (-1765328234L)
-#define KRB5_PROG_KEYTYPE_NOSUPP (-1765328233L)
-#define KRB5_WRONG_ETYPE (-1765328232L)
-#define KRB5_PROG_SUMTYPE_NOSUPP (-1765328231L)
-#define KRB5_REALM_UNKNOWN (-1765328230L)
-#define KRB5_SERVICE_UNKNOWN (-1765328229L)
-#define KRB5_KDC_UNREACH (-1765328228L)
-#define KRB5_NO_LOCALNAME (-1765328227L)
-#define KRB5_RC_TYPE_EXISTS (-1765328226L)
-#define KRB5_RC_MALLOC (-1765328225L)
-#define KRB5_RC_TYPE_NOTFOUND (-1765328224L)
-#define KRB5_RC_UNKNOWN (-1765328223L)
-#define KRB5_RC_REPLAY (-1765328222L)
-#define KRB5_RC_IO (-1765328221L)
-#define KRB5_RC_NOIO (-1765328220L)
-#define KRB5_RC_PARSE (-1765328219L)
-#define KRB5_RC_IO_EOF (-1765328218L)
-#define KRB5_RC_IO_MALLOC (-1765328217L)
-#define KRB5_RC_IO_PERM (-1765328216L)
-#define KRB5_RC_IO_IO (-1765328215L)
-#define KRB5_RC_IO_UNKNOWN (-1765328214L)
-#define KRB5_RC_IO_SPACE (-1765328213L)
-#define KRB5_TRANS_CANTOPEN (-1765328212L)
-#define KRB5_TRANS_BADFORMAT (-1765328211L)
-#define KRB5_LNAME_CANTOPEN (-1765328210L)
-#define KRB5_LNAME_NOTRANS (-1765328209L)
-#define KRB5_LNAME_BADFORMAT (-1765328208L)
-#define KRB5_CRYPTO_INTERNAL (-1765328207L)
-#define KRB5_KT_BADNAME (-1765328206L)
-#define KRB5_KT_UNKNOWN_TYPE (-1765328205L)
-#define KRB5_KT_NOTFOUND (-1765328204L)
-#define KRB5_KT_END (-1765328203L)
-#define KRB5_KT_NOWRITE (-1765328202L)
-#define KRB5_KT_IOERR (-1765328201L)
-#define KRB5_NO_TKT_IN_RLM (-1765328200L)
-#define KRB5DES_BAD_KEYPAR (-1765328199L)
-#define KRB5DES_WEAK_KEY (-1765328198L)
-#define KRB5_BAD_KEYTYPE (-1765328197L)
-#define KRB5_BAD_KEYSIZE (-1765328196L)
-#define KRB5_BAD_MSIZE (-1765328195L)
-#define KRB5_CC_TYPE_EXISTS (-1765328194L)
-#define KRB5_KT_TYPE_EXISTS (-1765328193L)
-#define KRB5_CC_IO (-1765328192L)
-#define KRB5_FCC_PERM (-1765328191L)
-#define KRB5_FCC_NOFILE (-1765328190L)
-#define KRB5_FCC_INTERNAL (-1765328189L)
-#define KRB5_CC_WRITE (-1765328188L)
-#define KRB5_CC_NOMEM (-1765328187L)
-#define KRB5_INVALID_FLAGS (-1765328186L)
-#define KRB5_NO_2ND_TKT (-1765328185L)
-#define KRB5_NOCREDS_SUPPLIED (-1765328184L)
-#define KRB5_SENDAUTH_BADAUTHVERS (-1765328183L)
-#define KRB5_SENDAUTH_BADAPPLVERS (-1765328182L)
-#define KRB5_SENDAUTH_BADRESPONSE (-1765328181L)
-#define KRB5_SENDAUTH_REJECTED (-1765328180L)
-#define KRB5_SENDAUTH_MUTUAL_FAILED (-1765328179L)
-#define KRB5_PREAUTH_BAD_TYPE (-1765328178L)
-#define KRB5_PREAUTH_NO_KEY (-1765328177L)
-#define KRB5_PREAUTH_FAILED (-1765328176L)
-#define KRB5_RCACHE_BADVNO (-1765328175L)
-#define KRB5_CCACHE_BADVNO (-1765328174L)
-#define KRB5_KEYTAB_BADVNO (-1765328173L)
-#define KRB5_PROG_ATYPE_NOSUPP (-1765328172L)
-#define KRB5_RC_REQUIRED (-1765328171L)
-#define KRB5_ERR_BAD_HOSTNAME (-1765328170L)
-#define KRB5_ERR_HOST_REALM_UNKNOWN (-1765328169L)
-#define KRB5_SNAME_UNSUPP_NAMETYPE (-1765328168L)
-#define KRB5KRB_AP_ERR_V4_REPLY (-1765328167L)
-#define KRB5_REALM_CANT_RESOLVE (-1765328166L)
-#define KRB5_TKT_NOT_FORWARDABLE (-1765328165L)
-extern void initialize_krb5_error_table ();
-#define ERROR_TABLE_BASE_krb5 (-1765328384L)
-
-/* for compatibility with older versions... */
-#define init_krb5_err_tbl initialize_krb5_error_table
-#define krb5_err_base ERROR_TABLE_BASE_krb5
-/*
- * include/krb5/kdb5_err.h:
- * This file is automatically generated; please do not edit it.
- */
-#define KRB5_KDB_RCSID (-1780008448L)
-#define KRB5_KDB_INUSE (-1780008447L)
-#define KRB5_KDB_UK_SERROR (-1780008446L)
-#define KRB5_KDB_UK_RERROR (-1780008445L)
-#define KRB5_KDB_UNAUTH (-1780008444L)
-#define KRB5_KDB_NOENTRY (-1780008443L)
-#define KRB5_KDB_ILL_WILDCARD (-1780008442L)
-#define KRB5_KDB_DB_INUSE (-1780008441L)
-#define KRB5_KDB_DB_CHANGED (-1780008440L)
-#define KRB5_KDB_TRUNCATED_RECORD (-1780008439L)
-#define KRB5_KDB_RECURSIVELOCK (-1780008438L)
-#define KRB5_KDB_NOTLOCKED (-1780008437L)
-#define KRB5_KDB_BADLOCKMODE (-1780008436L)
-#define KRB5_KDB_DBNOTINITED (-1780008435L)
-#define KRB5_KDB_DBINITED (-1780008434L)
-#define KRB5_KDB_ILLDIRECTION (-1780008433L)
-#define KRB5_KDB_NOMASTERKEY (-1780008432L)
-#define KRB5_KDB_BADMASTERKEY (-1780008431L)
-#define KRB5_KDB_INVALIDKEYSIZE (-1780008430L)
-#define KRB5_KDB_CANTREAD_STORED (-1780008429L)
-#define KRB5_KDB_BADSTORED_MKEY (-1780008428L)
-#define KRB5_KDB_CANTLOCK_DB (-1780008427L)
-#define KRB5_KDB_DB_CORRUPT (-1780008426L)
-#define KRB5_KDB_BAD_VERSION (-1780008425L)
-#define KRB5_KDB_BAD_SALTTYPE (-1780008424L)
-#define KRB5_KDB_BAD_KEYTYPE (-1780008423L)
-extern void initialize_kdb5_error_table ();
-#define ERROR_TABLE_BASE_kdb5 (-1780008448L)
-
-/* for compatibility with older versions... */
-#define init_kdb5_err_tbl initialize_kdb5_error_table
-#define kdb5_err_base ERROR_TABLE_BASE_kdb5
-/*
- * include/krb5/kv5m_err.h:
- * This file is automatically generated; please do not edit it.
- */
-#define KV5M_NONE (-1760647424L)
-#define KV5M_PRINCIPAL (-1760647423L)
-#define KV5M_DATA (-1760647422L)
-#define KV5M_KEYBLOCK (-1760647421L)
-#define KV5M_CHECKSUM (-1760647420L)
-#define KV5M_ENCRYPT_BLOCK (-1760647419L)
-#define KV5M_ENC_DATA (-1760647418L)
-#define KV5M_CRYPTOSYSTEM_ENTRY (-1760647417L)
-#define KV5M_CS_TABLE_ENTRY (-1760647416L)
-#define KV5M_CHECKSUM_ENTRY (-1760647415L)
-#define KV5M_AUTHDATA (-1760647414L)
-#define KV5M_TRANSITED (-1760647413L)
-#define KV5M_ENC_TKT_PART (-1760647412L)
-#define KV5M_TICKET (-1760647411L)
-#define KV5M_AUTHENTICATOR (-1760647410L)
-#define KV5M_TKT_AUTHENT (-1760647409L)
-#define KV5M_CREDS (-1760647408L)
-#define KV5M_LAST_REQ_ENTRY (-1760647407L)
-#define KV5M_PA_DATA (-1760647406L)
-#define KV5M_KDC_REQ (-1760647405L)
-#define KV5M_ENC_KDC_REP_PART (-1760647404L)
-#define KV5M_KDC_REP (-1760647403L)
-#define KV5M_ERROR (-1760647402L)
-#define KV5M_AP_REQ (-1760647401L)
-#define KV5M_AP_REP (-1760647400L)
-#define KV5M_AP_REP_ENC_PART (-1760647399L)
-#define KV5M_RESPONSE (-1760647398L)
-#define KV5M_SAFE (-1760647397L)
-#define KV5M_PRIV (-1760647396L)
-#define KV5M_PRIV_ENC_PART (-1760647395L)
-#define KV5M_CRED (-1760647394L)
-#define KV5M_CRED_INFO (-1760647393L)
-#define KV5M_CRED_ENC_PART (-1760647392L)
-#define KV5M_PWD_DATA (-1760647391L)
-#define KV5M_ADDRESS (-1760647390L)
-#define KV5M_KEYTAB_ENTRY (-1760647389L)
-#define KV5M_CONTEXT (-1760647388L)
-#define KV5M_OS_CONTEXT (-1760647387L)
-#define KV5M_ALT_METHOD (-1760647386L)
-#define KV5M_ETYPE_INFO_ENTRY (-1760647385L)
-#define KV5M_DB_CONTEXT (-1760647384L)
-#define KV5M_AUTH_CONTEXT (-1760647383L)
-#define KV5M_KEYTAB (-1760647382L)
-#define KV5M_RCACHE (-1760647381L)
-#define KV5M_CCACHE (-1760647380L)
-extern void initialize_kv5m_error_table ();
-#define ERROR_TABLE_BASE_kv5m (-1760647424L)
-
-/* for compatibility with older versions... */
-#define init_kv5m_err_tbl initialize_kv5m_error_table
-#define kv5m_err_base ERROR_TABLE_BASE_kv5m
-/*
- * include/krb5/asn1_err.h:
- * This file is automatically generated; please do not edit it.
- */
-#define ASN1_BAD_TIMEFORMAT (1859794432L)
-#define ASN1_MISSING_FIELD (1859794433L)
-#define ASN1_MISPLACED_FIELD (1859794434L)
-#define ASN1_TYPE_MISMATCH (1859794435L)
-#define ASN1_OVERFLOW (1859794436L)
-#define ASN1_OVERRUN (1859794437L)
-#define ASN1_BAD_ID (1859794438L)
-#define ASN1_BAD_LENGTH (1859794439L)
-#define ASN1_BAD_FORMAT (1859794440L)
-#define ASN1_PARSE_ERROR (1859794441L)
-extern void initialize_asn1_error_table ();
-#define ERROR_TABLE_BASE_asn1 (1859794432L)
-
-/* for compatibility with older versions... */
-#define init_asn1_err_tbl initialize_asn1_error_table
-#define asn1_err_base ERROR_TABLE_BASE_asn1
+++ /dev/null
-/*
- * Copyright 1990,1991,1994,1995 by the Massachusetts Institute of Technology.
- * All Rights Reserved.
- *
- * Export of this software from the United States of America may
- * require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- *
- * Configuration definition file.
- */
-
-
-#ifndef KRB5_CONFIG__
-#define KRB5_CONFIG__
-
-#ifdef _MSDOS
-/*
- * Machine-type definitions: PC Clone 386 running Microloss Windows
- */
-
-/* Kerberos Windows initialization file */
-#define KERBEROS_INI "kerberos.ini"
-#define INI_FILES "Files"
-#define INI_KRB_CCACHE "krb5cc" /* Location of the ccache */
-#define INI_KRB5_CONF "krb5.ini" /* Location of krb5.conf file */
-
-#define KRB5_DBM_COMPAT__ /* Don't load dbm.h */
-#define KRB5_KDB5__ /* Don't load kdb.h */
-#define KRB5_KDB5_DBM__ /* Don't load kdb_dbm.h */
-
-#define BITS16
-#define SIZEOF_INT 2
-#define SIZEOF_SHORT 2
-#define SIZEOF_LONG 4
-#define MAXHOSTNAMELEN 512
-#define MAXPATHLEN 256 /* Also for Windows temp files */
-
-#define KRB5_USE_INET
-#define MSDOS_FILESYSTEM
-#define USE_STRING_H
-#define HAVE_SRAND
-#define HAVE_ERRNO
-#define HAS_STRDUP
-#define NO_USERID
-#define NOFCHMOD
-#define NOCHMOD
-#define NO_PASSWORD
-#define WM_KERBEROS5_CHANGED "Kerberos5 Changed"
-
-#define HAS_ANSI_VOLATILE
-#define HAS_VOID_TYPE
-#define KRB5_PROVIDE_PROTOTYPES
-#define HAVE_STDARG_H
-#define HAVE_SYS_TYPES_H
-
-#ifndef _SIZE_T_DEFINED
-typedef unsigned int size_t;
-#define _SIZE_T_DEFINED
-#endif
-
-#ifndef KRB5_SYSTYPES__
-#define KRB5_SYSTYPES__
-#include <sys/types.h>
-typedef unsigned long u_long; /* Not part of sys/types.h on the pc */
-typedef unsigned int u_int;
-typedef unsigned short u_short;
-typedef unsigned char u_char;
-#endif /* KRB5_SYSTYPES__ */
-
-#ifndef INTERFACE
-#define INTERFACE __far __export __pascal
-#define INTERFACE_C __far __export __cdecl
-#endif
-
-/*
- * The following defines are needed to make <windows.h> work
- * in stdc mode (/Za flag). Winsock.h needs <windows.h>.
- */
-#define FAR _far
-#define NEAR _near
-#define _far __far
-#define _near __near
-#define _pascal __pascal
-#define _cdecl __cdecl
-#define _huge __huge
-
-#ifdef NEED_WINDOWS
-#include <windows.h>
-#endif
-
-#ifdef NEED_LOWLEVEL_IO
-/* Ugly. Microsoft, in stdc mode, doesn't support the low-level i/o
- * routines directly. Rather, they only export the _<function> version.
- * The following defines works around this problem.
- */
-#include <sys\types.h>
-#include <sys\stat.h>
-#include <fcntl.h>
-#include <io.h>
-#include <process.h>
-#define O_RDONLY _O_RDONLY
-#define O_WRONLY _O_WRONLY
-#define O_RDWR _O_RDWR
-#define O_APPEND _O_APPEND
-#define O_CREAT _O_CREAT
-#define O_TRUNC _O_TRUNC
-#define O_EXCL _O_EXCL
-#define O_TEXT _O_TEXT
-#define O_BINARY _O_BINARY
-#define O_NOINHERIT _O_NOINHERIT
-#define stat _stat
-#define unlink _unlink
-#define lseek _lseek
-#define write _write
-#define open _open
-#define close _close
-#define read _read
-#define fstat _fstat
-#define mktemp _mktemp
-#define dup _dup
-
-#define getpid _getpid
-#endif
-
-#ifdef NEED_SYSERROR
-/* Only needed by util/et/error_message.c but let's keep the source clean */
-#define sys_nerr _sys_nerr
-#define sys_errlist _sys_errlist
-#endif
-
-/* XXX these should be parameterized soon... */
-#define PROVIDE_DES_CBC_MD5
-#define PROVIDE_DES_CBC_CRC
-#define PROVIDE_RAW_DES_CBC
-#define PROVIDE_CRC32
-#define PROVIDE_DES_CBC_CKSUM
-#define PROVIDE_RSA_MD4
-#define PROVIDE_RSA_MD5
-#define DEFAULT_PWD_STRING1 "Enter password:"
-#define DEFAULT_PWD_STRING2 "Re-enter password for verification:"
-
-/* Functions with slightly different names on the PC
-*/
-#define strcasecmp _stricmp
-#define strdup _strdup
-#define off_t _off_t
-
-#else /* Rest of include file is for non-Microloss-Windows */
-
-#if defined(_MACINTOSH)
-#include <stddef.h>
-
-typedef struct {
- int dummy;
-} datum;
-
-#include <stddef.h>
-
-#ifdef NEED_LOWLEVEL_IO
-#include <fcntl.h>
-#endif
-
-#ifndef _MWERKS
-/* there is no <stat.h> for mpw */
-typedef unsigned long mode_t;
-typedef unsigned long ino_t;
-typedef unsigned long dev_t;
-typedef short nlink_t;
-typedef unsigned long uid_t;
-typedef unsigned long gid_t;
-typedef long off_t;
-struct stat
-{
- mode_t st_mode; /* File mode; see #define's below */
- ino_t st_ino; /* File serial number */
- dev_t st_dev; /* ID of device containing this file */
- nlink_t st_nlink; /* Number of links */
- uid_t st_uid; /* User ID of the file's owner */
- gid_t st_gid; /* Group ID of the file's group */
- dev_t st_rdev; /* Device type */
- off_t st_size; /* File size in bytes */
- unsigned long st_atime; /* Time of last access */
- unsigned long st_mtime; /* Time of last data modification */
- unsigned long st_ctime; /* Time of last file status change */
- long st_blksize; /* Optimal blocksize */
- long st_blocks; /* blocks allocated for file */
-};
-
-int stat(const char *path, struct stat *buf);
-int fstat(int fildes, struct stat *buf);
-
-#endif /* _MWERKS */
-
-#define EFBIG 1000
-
-#define NOFCHMOD 1
-#define NOCHMOD 1
-#define _MACSOCKAPI_
-
-#define THREEPARAMOPEN(x,y,z) open(x,y)
-#define MAXPATHLEN 255
-
-/* protocol families same as address families */
-#define PF_INET AF_INET
-
-/* XXX these should be parameterized soon... */
-#define PROVIDE_DES_CBC_MD5
-#define PROVIDE_DES_CBC_CRC
-#define PROVIDE_RAW_DES_CBC
-#define PROVIDE_CRC32
-#define PROVIDE_DES_CBC_CKSUM
-#define PROVIDE_RSA_MD4
-#define PROVIDE_RSA_MD5
-
-#else /* _MACINTOSH */
-#define THREEPARAMOPEN(x,y,z) open(x,y,z)
-#endif /* _MACINTOSH */
-
-#ifndef KRB5_AUTOCONF__
-#define KRB5_AUTOCONF__
-#include "autoconf.h"
-#endif
-
-#ifndef KRB5_SYSTYPES__
-#define KRB5_SYSTYPES__
-
-#ifdef HAVE_SYS_TYPES_H /* From autoconf.h */
-#include <sys/types.h>
-#else /* HAVE_SYS_TYPES_H */
-typedef unsigned long u_long;
-typedef unsigned int u_int;
-typedef unsigned short u_short;
-typedef unsigned char u_char;
-#endif /* HAVE_SYS_TYPES_H */
-#endif /* KRB5_SYSTYPES__ */
-
-#ifdef SYSV
-/* Change srandom and random to use rand and srand */
-/* Taken from the Sandia changes. XXX We should really just include */
-/* srandom and random into Kerberos release, since rand() is a really */
-/* bad random number generator.... [tytso:19920616.2231EDT] */
-#define random() rand()
-#define srandom(a) srand(a)
-#ifndef unicos61
-#define utimes(a,b) utime(a,b)
-#endif /* unicos61 */
-#endif /* SYSV */
-
-/* XXX these should be parameterized soon... */
-#define PROVIDE_DES_CBC_MD5
-#define PROVIDE_DES_CBC_CRC
-#define PROVIDE_RAW_DES_CBC
-#define PROVIDE_CRC32
-#define PROVIDE_DES_CBC_CKSUM
-#define PROVIDE_RSA_MD4
-#define PROVIDE_RSA_MD5
-
-#define DEFAULT_PWD_STRING1 "Enter password:"
-#define DEFAULT_PWD_STRING2 "Re-enter password for verification:"
-
-#define KRB5_KDB_MAX_LIFE (60*60*24) /* one day */
-#define KRB5_KDB_MAX_RLIFE (60*60*24*7) /* one week */
-#define KRB5_KDB_EXPIRATION 2145830400 /* Thu Jan 1 00:00:00 2038 UTC */
-
-/*
- * For paranoid DOE types that don't want to give helpful error
- * messages to the client....er, attacker
- */
-#undef KRBCONF_VAGUE_ERRORS
-
-/*
- * Define this if you want the KDC to modify the Kerberos database;
- * this allows the last request information to be updated, as well as
- * the failure count information.
- *
- * Note that this doesn't work if you're using slave servers!!! It
- * also causes the database to be modified (and thus need to be
- * locked) frequently.
- */
-#undef KRBCONF_KDC_MODIFIES_KDB
-
-/*
- * Windows requires a different api interface to each function. Here
- * just define it as NULL.
- */
-#define INTERFACE
-#define INTERFACE_C
-#define FAR
-#define NEAR
-#ifndef O_BINARY
-#define O_BINARY 0
-#endif
-
-#ifndef HAS_LABS
-#define labs(x) abs(x)
-#endif
-
-#endif /* _MSDOS */
-#endif /* KRB5_CONFIG__ */
projects / krb5.git / commitdiff