4 * Copyright 1990 by the Massachusetts Institute of Technology.
6 * Export of this software from the United States of America may
7 * require a specific license from the United States Government.
8 * It is the responsibility of any person or organization contemplating
9 * export to obtain such a license before exporting.
11 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
12 * distribute this software and its documentation for any purpose and
13 * without fee is hereby granted, provided that the above copyright
14 * notice appear in all copies and that both that copyright notice and
15 * this permission notice appear in supporting documentation, and that
16 * the name of M.I.T. not be used in advertising or publicity pertaining
17 * to distribution of the software without specific, written prior
18 * permission. M.I.T. makes no representations about the suitability of
19 * this software for any purpose. It is provided "as is" without express
20 * or implied warranty.
23 * Declarations for policy.c
26 #ifndef __KRB5_KDC_UTIL__
27 #define __KRB5_KDC_UTIL__
29 typedef struct _krb5_fulladdr {
30 krb5_address * address;
34 krb5_error_code check_hot_list PROTOTYPE((krb5_ticket *));
35 krb5_boolean realm_compare PROTOTYPE((krb5_principal, krb5_principal));
36 krb5_boolean krb5_is_tgs_principal PROTOTYPE((krb5_principal));
37 krb5_error_code add_to_transited PROTOTYPE((krb5_data *,
42 krb5_error_code compress_transited PROTOTYPE((krb5_data *,
45 krb5_error_code concat_authorization_data PROTOTYPE((krb5_authdata **,
48 krb5_error_code fetch_last_req_info PROTOTYPE((krb5_db_entry *,
49 krb5_last_req_entry ***));
51 krb5_error_code kdc_convert_key PROTOTYPE((krb5_keyblock *,
54 krb5_error_code kdc_process_tgs_req
55 PROTOTYPE((krb5_kdc_req *,
56 const krb5_fulladdr *,
61 krb5_error_code kdc_get_server_key PROTOTYPE((krb5_ticket *,
65 int validate_as_request PROTOTYPE((krb5_kdc_req *, krb5_db_entry,
66 krb5_db_entry, krb5_timestamp,
69 int validate_tgs_request PROTOTYPE((krb5_kdc_req *, krb5_db_entry,
70 krb5_ticket *, krb5_timestamp,
73 int fetch_asn1_field PROTOTYPE((unsigned char *, unsigned int, unsigned int,
77 krb5_error_code process_as_req PROTOTYPE((krb5_kdc_req *,
78 const krb5_fulladdr *,
83 krb5_error_code process_tgs_req PROTOTYPE((krb5_data *,
84 const krb5_fulladdr *,
88 krb5_error_code dispatch PROTOTYPE((krb5_data *,
89 const krb5_fulladdr *,
94 krb5_error_code kdc_initialize_rcache PROTOTYPE((krb5_context, char *));
97 krb5_error_code listen_and_process PROTOTYPE((const char *));
98 krb5_error_code setup_network PROTOTYPE((const char *,
101 krb5_error_code closedown_network PROTOTYPE((const char *));
102 void process_packet PROTOTYPE((int, const char *, int));
105 int against_local_policy_as PROTOTYPE((krb5_kdc_req *, krb5_db_entry,
106 krb5_db_entry, krb5_timestamp,
109 int against_local_policy_tgs PROTOTYPE((krb5_kdc_req *, krb5_db_entry,
110 krb5_ticket *, char **));
113 const char * missing_required_preauth
114 PROTOTYPE((krb5_db_entry *client, krb5_db_entry *server,
115 krb5_enc_tkt_part *enc_tkt_reply));
116 void get_preauth_hint_list PROTOTYPE((krb5_db_entry *client,
117 krb5_db_entry *server,
121 krb5_boolean kdc_check_lookaside PROTOTYPE((krb5_data *, krb5_data **));
122 void kdc_insert_lookaside PROTOTYPE((krb5_data *, krb5_data *));
124 /* which way to convert key? */
125 #define CONVERT_INTO_DB 0
126 #define CONVERT_OUTOF_DB 1
128 #define isflagset(flagfield, flag) (flagfield & (flag))
129 #define setflag(flagfield, flag) (flagfield |= (flag))
130 #define clear(flagfield, flag) (flagfield &= ~(flag))
132 #ifdef KRB5_KRB4_COMPAT
133 krb5_error_code process_v4 PROTOTYPE((const krb5_data *,
134 const krb5_fulladdr *,
138 #define process_v4(foo,bar,quux,foobar) KRB5KRB_AP_ERR_BADVERSION
142 #define min(a, b) ((a) < (b) ? (a) : (b))
143 #define max(a, b) ((a) > (b) ? (a) : (b))
146 #endif /* __KRB5_KDC_UTIL__ */