1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
|
/*
* $Id: kadm.h,v 1.17 1998/10/23 14:25:55 joda Exp $
*
* Copyright 1988 by the Massachusetts Institute of Technology.
*
* For copying and distribution information, please see the file
* <mit-copyright.h>.
*
* Definitions for Kerberos administration server & client
*/
#ifndef KADM_DEFS
#define KADM_DEFS
/*
* kadm.h
* Header file for the fourth attempt at an admin server
* Doug Church, December 28, 1989, MIT Project Athena
*/
#include <krb_db.h>
/* The global structures for the client and server */
typedef struct {
struct sockaddr_in admin_addr;
struct sockaddr_in my_addr;
int my_addr_len;
int admin_fd; /* file descriptor for link to admin server */
char sname[ANAME_SZ]; /* the service name */
char sinst[INST_SZ]; /* the services instance */
char krbrlm[REALM_SZ];
} Kadm_Client;
typedef struct { /* status of the server, i.e the parameters */
int inter; /* Space for command line flags */
char *sysfile; /* filename of server */
} admin_params; /* Well... it's the admin's parameters */
/* Largest password length to be supported */
#define MAX_KPW_LEN 128
/* Minimum allowed password length */
#define MIN_KPW_LEN 6
/* Largest packet the admin server will ever allow itself to return */
#define KADM_RET_MAX 2048
/* That's right, versions are 8 byte strings */
#define KADM_VERSTR "KADM0.0A"
#define KADM_ULOSE "KYOULOSE" /* sent back when server can't
decrypt client's msg */
#define KADM_VERSIZE strlen(KADM_VERSTR)
/* the lookups for the server instances */
#define PWSERV_NAME "changepw"
#define KADM_SNAME "kerberos_master"
#define KADM_PORT 751
#define KADM_SINST "kerberos"
/* Attributes fields constants and macros */
#define ALLOC 2
#define RESERVED 3
#define DEALLOC 4
#define DEACTIVATED 5
#define ACTIVE 6
/* Kadm_vals structure for passing db fields into the server routines */
#define FLDSZ 4
/* XXX enable new extended kadm fields */
#define EXTENDED_KADM 1
typedef struct {
u_int8_t fields[FLDSZ]; /* The active fields in this struct */
char name[ANAME_SZ];
char instance[INST_SZ];
u_int32_t key_low;
u_int32_t key_high;
u_int32_t exp_date;
u_int16_t attributes;
u_int8_t max_life;
#ifdef EXTENDED_KADM
u_int32_t mod_date;
char mod_name[ANAME_SZ];
char mod_instance[INST_SZ];
u_int8_t key_version;
#endif
} Kadm_vals; /* The basic values structure in Kadm */
/* Need to define fields types here */
#define KADM_NAME 31
#define KADM_INST 30
#define KADM_EXPDATE 29
#define KADM_ATTR 28
#define KADM_MAXLIFE 27
#define KADM_DESKEY 26
#ifdef EXTENDED_KADM
#define KADM_MODDATE 25
#define KADM_MODNAME 24
#define KADM_MODINST 23
#define KADM_KVNO 22
#endif
/* To set a field entry f in a fields structure d */
#define SET_FIELD(f,d) (d[3-(f/8)]|=(1<<(f%8)))
/* To set a field entry f in a fields structure d */
#define CLEAR_FIELD(f,d) (d[3-(f/8)]&=(~(1<<(f%8))))
/* Is field f in fields structure d */
#define IS_FIELD(f,d) (d[3-(f/8)]&(1<<(f%8)))
/* Various return codes */
#define KADM_SUCCESS 0
#define WILDCARD_STR "*"
enum acl_types {
ADDACL,
GETACL,
MODACL,
STABACL, /* not used */
DELACL
};
/* Various opcodes for the admin server's functions */
#define CHANGE_PW 2
#define ADD_ENT 3
#define MOD_ENT 4
#define GET_ENT 5
#define CHECK_PW 6 /* not used */
#define CHG_STAB 7 /* not used */
#define DEL_ENT 8
void prin_vals __P((Kadm_vals *));
int stv_long __P((u_char *, u_int32_t *, int, int));
int vts_long __P((u_int32_t, u_char **, int));
int vts_string __P((char *, u_char **, int));
int stv_string __P((u_char *, char *, int, int, int));
int stream_to_vals __P((u_char *, Kadm_vals *, int));
int vals_to_stream __P((Kadm_vals *, u_char **));
int kadm_init_link __P((char *, char *, char *));
int kadm_change_pw __P((unsigned char *));
int kadm_change_pw_plain __P((unsigned char *, char *, char**));
int kadm_change_pw2 __P((unsigned char *, char *, char**));
int kadm_mod __P((Kadm_vals *, Kadm_vals *));
int kadm_get __P((Kadm_vals *, u_char *));
int kadm_add __P((Kadm_vals *));
int kadm_del __P((Kadm_vals *));
void kadm_vals_to_prin __P((u_char *, Principal *, Kadm_vals *));
void kadm_prin_to_vals __P((u_char *, Kadm_vals *, Principal *));
int kadm_check_pw __P((const char*));
#endif /* KADM_DEFS */
|
