src/kdc/kdc_util.h

   1 /*
   2  * kdc/kdc_util.h
   3  *
   4  * Copyright 1990 by the Massachusetts Institute of Technology.
   5  *
   6  * Export of this software from the United States of America may
   7  *   require a specific license from the United States Government.
   8  *   It is the responsibility of any person or organization contemplating
   9  *   export to obtain such a license before exporting.
  10  *
  11  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
  12  * distribute this software and its documentation for any purpose and
  13  * without fee is hereby granted, provided that the above copyright
  14  * notice appear in all copies and that both that copyright notice and
  15  * this permission notice appear in supporting documentation, and that
  16  * the name of M.I.T. not be used in advertising or publicity pertaining
  17  * to distribution of the software without specific, written prior
  18  * permission.  Furthermore if you modify this software you must label
  19  * your software as modified software and not distribute it in such a
  20  * fashion that it might be confused with the original M.I.T. software.
  21  * M.I.T. makes no representations about the suitability of
  22  * this software for any purpose.  It is provided "as is" without express
  23  * or implied warranty.
  24  *
  25  *
  26  * Declarations for policy.c
  27  */
  28
  29 #ifndef __KRB5_KDC_UTIL__
  30 #define __KRB5_KDC_UTIL__
  31
  32 typedef struct _krb5_fulladdr {
  33     krb5_address *      address;
  34     krb5_ui_4           port;
  35 } krb5_fulladdr;
  36
  37 krb5_error_code check_hot_list PROTOTYPE((krb5_ticket *));
  38 krb5_boolean realm_compare PROTOTYPE((krb5_principal, krb5_principal));
  39 krb5_boolean krb5_is_tgs_principal PROTOTYPE((krb5_principal));
  40 krb5_error_code add_to_transited PROTOTYPE((krb5_data *,
  41                                             krb5_data *,
  42                                             krb5_principal,
  43                                             krb5_principal,
  44                                             krb5_principal));
  45 krb5_error_code compress_transited PROTOTYPE((krb5_data *,
  46                                               krb5_principal,
  47                                               krb5_data *));
  48 krb5_error_code concat_authorization_data PROTOTYPE((krb5_authdata **,
  49                                                      krb5_authdata **,
  50                                                      krb5_authdata ***));
  51 krb5_error_code fetch_last_req_info PROTOTYPE((krb5_db_entry *,
  52                                                krb5_last_req_entry ***));
  53
  54 krb5_error_code kdc_convert_key PROTOTYPE((krb5_keyblock *,
  55                                            krb5_keyblock *,
  56                                            int));
  57 krb5_error_code kdc_process_tgs_req
  58         PROTOTYPE((krb5_kdc_req *,
  59                    const krb5_fulladdr *,
  60                    krb5_data *,
  61                    krb5_ticket **,
  62                    krb5_keyblock **));
  63
  64 krb5_error_code kdc_get_server_key PROTOTYPE((krb5_ticket *,
  65                                               krb5_keyblock **,
  66                                               krb5_kvno *));
  67
  68 int validate_as_request PROTOTYPE((krb5_kdc_req *, krb5_db_entry,
  69                                           krb5_db_entry, krb5_timestamp,
  70                                           const char **));
  71
  72 int validate_tgs_request PROTOTYPE((krb5_kdc_req *, krb5_db_entry,
  73                                           krb5_ticket *, krb5_timestamp,
  74                                           const char **));
  75
  76 int fetch_asn1_field PROTOTYPE((unsigned char *, unsigned int, unsigned int,
  77                                  krb5_data *));
  78
  79 int
  80 dbentry_has_key_for_enctype PROTOTYPE((krb5_context context,
  81                                        krb5_db_entry *client,
  82                                        krb5_enctype enctype));
  83
  84 int
  85 dbentry_supports_enctype PROTOTYPE((krb5_context context,
  86                                     krb5_db_entry *client,
  87                                     krb5_enctype enctype));
  88
  89 krb5_enctype
  90 select_session_keytype PROTOTYPE((krb5_context context,
  91                                   krb5_db_entry *server,
  92                                   int nktypes,
  93                                   krb5_enctype *ktypes));
  94
  95 krb5_error_code
  96 get_salt_from_key PROTOTYPE((krb5_context, krb5_principal,
  97                              krb5_key_data *, krb5_data *));
  98
  99 void limit_string PROTOTYPE((char *name));
 100
 101 /* do_as_req.c */
 102 krb5_error_code process_as_req PROTOTYPE((krb5_kdc_req *,
 103                                           const krb5_fulladdr *,
 104                                           int,
 105                                           krb5_data ** ));
 106
 107 /* do_tgs_req.c */
 108 krb5_error_code process_tgs_req PROTOTYPE((krb5_data *,
 109                                            const krb5_fulladdr *,
 110                                            int,
 111                                            krb5_data ** ));
 112 /* dispatch.c */
 113 krb5_error_code dispatch PROTOTYPE((krb5_data *,
 114                                     const krb5_fulladdr *,
 115                                     int,
 116                                     krb5_data **));
 117
 118 /* main.c */
 119 krb5_error_code kdc_initialize_rcache PROTOTYPE((krb5_context, char *));
 120
 121 krb5_error_code setup_server_realm PROTOTYPE((krb5_principal));
 122
 123 /* network.c */
 124 krb5_error_code listen_and_process PROTOTYPE((const char *));
 125 krb5_error_code setup_network PROTOTYPE((const char *));
 126 krb5_error_code closedown_network PROTOTYPE((const char *));
 127 void process_packet PROTOTYPE((int, const char *, int));
 128
 129 /* policy.c */
 130 int against_local_policy_as PROTOTYPE((krb5_kdc_req *, krb5_db_entry,
 131                                         krb5_db_entry, krb5_timestamp,
 132                                         const char **));
 133
 134 int against_local_policy_tgs PROTOTYPE((krb5_kdc_req *, krb5_db_entry,
 135                                         krb5_ticket *, const char **));
 136
 137 /* kdc_preauth.c */
 138 const char * missing_required_preauth
 139     PROTOTYPE((krb5_db_entry *client, krb5_db_entry *server,
 140                krb5_enc_tkt_part *enc_tkt_reply));
 141 void get_preauth_hint_list PROTOTYPE((krb5_kdc_req * request,
 142                                       krb5_db_entry *client,
 143                                       krb5_db_entry *server,
 144                                       krb5_data *e_data));
 145 krb5_error_code check_padata
 146     PROTOTYPE((krb5_context context, krb5_db_entry *client,
 147                krb5_kdc_req *request, krb5_enc_tkt_part *enc_tkt_reply));
 148
 149 krb5_error_code return_padata
 150     PROTOTYPE((krb5_context context, krb5_db_entry *client,
 151                krb5_kdc_req *request, krb5_kdc_rep *reply,
 152                krb5_key_data *client_key, krb5_keyblock *encrypting_key));
 153
 154 /* replay.c */
 155 krb5_boolean kdc_check_lookaside PROTOTYPE((krb5_data *, krb5_fulladdr *,
 156                                             krb5_data **));
 157 void kdc_insert_lookaside PROTOTYPE((krb5_data *, krb5_fulladdr *,
 158                                      krb5_data *));
 159
 160 /* which way to convert key? */
 161 #define CONVERT_INTO_DB 0
 162 #define CONVERT_OUTOF_DB 1
 163
 164 #define isflagset(flagfield, flag) (flagfield & (flag))
 165 #define setflag(flagfield, flag) (flagfield |= (flag))
 166 #define clear(flagfield, flag) (flagfield &= ~(flag))
 167
 168 #ifdef KRB5_KRB4_COMPAT
 169 krb5_error_code process_v4 PROTOTYPE((const krb5_data *,
 170                                       const krb5_fulladdr *,
 171                                       int is_secondary,
 172                                       krb5_data **));
 173 #else
 174 #define process_v4(foo,bar,quux,foobar) KRB5KRB_AP_ERR_BADVERSION
 175 #endif
 176
 177 #ifndef min
 178 #define min(a, b)       ((a) < (b) ? (a) : (b))
 179 #define max(a, b)       ((a) > (b) ? (a) : (b))
 180 #endif
 181
 182 #endif /* __KRB5_KDC_UTIL__ */