4 * Copyright 1990 by the Massachusetts Institute of Technology.
6 * Export of this software from the United States of America may
7 * require a specific license from the United States Government.
8 * It is the responsibility of any person or organization contemplating
9 * export to obtain such a license before exporting.
11 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
12 * distribute this software and its documentation for any purpose and
13 * without fee is hereby granted, provided that the above copyright
14 * notice appear in all copies and that both that copyright notice and
15 * this permission notice appear in supporting documentation, and that
16 * the name of M.I.T. not be used in advertising or publicity pertaining
17 * to distribution of the software without specific, written prior
18 * permission. Furthermore if you modify this software you must label
19 * your software as modified software and not distribute it in such a
20 * fashion that it might be confused with the original M.I.T. software.
21 * M.I.T. makes no representations about the suitability of
22 * this software for any purpose. It is provided "as is" without express
23 * or implied warranty.
26 * Declarations for policy.c
29 #ifndef __KRB5_KDC_UTIL__
30 #define __KRB5_KDC_UTIL__
32 typedef struct _krb5_fulladdr {
33 krb5_address * address;
37 krb5_error_code check_hot_list PROTOTYPE((krb5_ticket *));
38 krb5_boolean realm_compare PROTOTYPE((krb5_principal, krb5_principal));
39 krb5_boolean krb5_is_tgs_principal PROTOTYPE((krb5_principal));
40 krb5_error_code add_to_transited PROTOTYPE((krb5_data *,
45 krb5_error_code compress_transited PROTOTYPE((krb5_data *,
48 krb5_error_code concat_authorization_data PROTOTYPE((krb5_authdata **,
51 krb5_error_code fetch_last_req_info PROTOTYPE((krb5_db_entry *,
52 krb5_last_req_entry ***));
54 krb5_error_code kdc_convert_key PROTOTYPE((krb5_keyblock *,
57 krb5_error_code kdc_process_tgs_req
58 PROTOTYPE((krb5_kdc_req *,
59 const krb5_fulladdr *,
64 krb5_error_code kdc_get_server_key PROTOTYPE((krb5_ticket *,
68 int validate_as_request PROTOTYPE((krb5_kdc_req *, krb5_db_entry,
69 krb5_db_entry, krb5_timestamp,
72 int validate_tgs_request PROTOTYPE((krb5_kdc_req *, krb5_db_entry,
73 krb5_ticket *, krb5_timestamp,
76 int fetch_asn1_field PROTOTYPE((unsigned char *, unsigned int, unsigned int,
80 dbentry_has_key_for_enctype PROTOTYPE((krb5_context context,
81 krb5_db_entry *client,
82 krb5_enctype enctype));
85 dbentry_supports_enctype PROTOTYPE((krb5_context context,
86 krb5_db_entry *client,
87 krb5_enctype enctype));
90 select_session_keytype PROTOTYPE((krb5_context context,
91 krb5_db_entry *server,
93 krb5_enctype *ktypes));
96 get_salt_from_key PROTOTYPE((krb5_context, krb5_principal,
97 krb5_key_data *, krb5_data *));
99 void limit_string PROTOTYPE((char *name));
102 krb5_error_code process_as_req PROTOTYPE((krb5_kdc_req *,
103 const krb5_fulladdr *,
108 krb5_error_code process_tgs_req PROTOTYPE((krb5_data *,
109 const krb5_fulladdr *,
113 krb5_error_code dispatch PROTOTYPE((krb5_data *,
114 const krb5_fulladdr *,
119 krb5_error_code kdc_initialize_rcache PROTOTYPE((krb5_context, char *));
121 krb5_error_code setup_server_realm PROTOTYPE((krb5_principal));
124 krb5_error_code listen_and_process PROTOTYPE((const char *));
125 krb5_error_code setup_network PROTOTYPE((const char *));
126 krb5_error_code closedown_network PROTOTYPE((const char *));
127 void process_packet PROTOTYPE((int, const char *, int));
130 int against_local_policy_as PROTOTYPE((krb5_kdc_req *, krb5_db_entry,
131 krb5_db_entry, krb5_timestamp,
134 int against_local_policy_tgs PROTOTYPE((krb5_kdc_req *, krb5_db_entry,
135 krb5_ticket *, const char **));
138 const char * missing_required_preauth
139 PROTOTYPE((krb5_db_entry *client, krb5_db_entry *server,
140 krb5_enc_tkt_part *enc_tkt_reply));
141 void get_preauth_hint_list PROTOTYPE((krb5_kdc_req * request,
142 krb5_db_entry *client,
143 krb5_db_entry *server,
145 krb5_error_code check_padata
146 PROTOTYPE((krb5_context context, krb5_db_entry *client,
147 krb5_kdc_req *request, krb5_enc_tkt_part *enc_tkt_reply));
149 krb5_error_code return_padata
150 PROTOTYPE((krb5_context context, krb5_db_entry *client,
151 krb5_kdc_req *request, krb5_kdc_rep *reply,
152 krb5_key_data *client_key, krb5_keyblock *encrypting_key));
155 krb5_boolean kdc_check_lookaside PROTOTYPE((krb5_data *, krb5_fulladdr *,
157 void kdc_insert_lookaside PROTOTYPE((krb5_data *, krb5_fulladdr *,
160 /* which way to convert key? */
161 #define CONVERT_INTO_DB 0
162 #define CONVERT_OUTOF_DB 1
164 #define isflagset(flagfield, flag) (flagfield & (flag))
165 #define setflag(flagfield, flag) (flagfield |= (flag))
166 #define clear(flagfield, flag) (flagfield &= ~(flag))
168 #ifdef KRB5_KRB4_COMPAT
169 krb5_error_code process_v4 PROTOTYPE((const krb5_data *,
170 const krb5_fulladdr *,
174 #define process_v4(foo,bar,quux,foobar) KRB5KRB_AP_ERR_BADVERSION
178 #define min(a, b) ((a) < (b) ? (a) : (b))
179 #define max(a, b) ((a) > (b) ? (a) : (b))
182 #endif /* __KRB5_KDC_UTIL__ */