src/libadmin/kas/afs_kasAdmin.h

   1 /*
   2  * Copyright 2000, International Business Machines Corporation and others.
   3  * All Rights Reserved.
   4  *
   5  * This software has been released under the terms of the IBM Public
   6  * License.  For details, see the LICENSE file in the top-level source
   7  * directory or online at http://www.openafs.org/dl/license10.html
   8  */
   9
  10 #ifndef OPENAFS_KAS_ADMIN_H
  11 #define OPENAFS_KAS_ADMIN_H
  12
  13 #include <afs/param.h>
  14 #include <afs/afs_Admin.h>
  15 #include <time.h>
  16 #ifdef AFS_NT40_ENV
  17 #ifndef _MFC_VER
  18 #include <winsock2.h>
  19 #endif /* _MFC_VER */
  20 #endif
  21
  22 #define KAS_MAX_NAME_LEN 64
  23 #define KAS_ENCRYPTION_KEY_LEN 8
  24 extern const int KAS_PRINCIPAL_FLAG_NORMAL;
  25 extern const int KAS_PRINCIPAL_FLAG_FREE;
  26 extern const int KAS_PRINCIPAL_FLAG_OLDKEYS;
  27 extern const int KAS_PRINCIPAL_FLAG_SPECIAL;
  28 extern const int KAS_PRINCIPAL_FLAG_ASSOC_ROOT;
  29 extern const int KAS_PRINCIPAL_FLAG_ASSOC;
  30 extern const int KAS_PRINCIPAL_FLAG_ADMIN;
  31 extern const int KAS_PRINCIPAL_FLAG_NO_TGS;
  32 extern const int KAS_PRINCIPAL_FLAG_NO_SEAL;
  33 extern const int KAS_PRINCIPAL_FLAG_NO_CPW;
  34 extern const int KAS_PRINCIPAL_FLAG_NEW_ASSOC;
  35 #define KAS_MAX_SERVER_OPERATION_LEN 16
  36 #define KAS_MAX_PRINCIPAL_LEN 256
  37 #define KAS_KEYCACHE_DEBUG_INFO_SIZE 25
  38
  39 typedef struct kas_identity {
  40     char principal[KAS_MAX_NAME_LEN];
  41     char instance[KAS_MAX_NAME_LEN];
  42 } kas_identity_t, *kas_identity_p;
  43
  44 typedef struct kas_encryptionKey {
  45     unsigned char key[KAS_ENCRYPTION_KEY_LEN];
  46 } kas_encryptionKey_t, *kas_encryptionKey_p;
  47
  48 typedef enum { KAS_ADMIN, NO_KAS_ADMIN } kas_admin_t, *kas_admin_p;
  49 typedef enum { TGS, NO_TGS } kas_tgs_t, *kas_tgs_p;
  50 typedef enum { ENCRYPT, NO_ENCRYPT } kas_enc_t, *kas_enc_p;
  51 typedef enum { CHANGE_PASSWORD, NO_CHANGE_PASSWORD } kas_cpw_t, *kas_cpw_p;
  52 typedef enum { REUSE_PASSWORD, NO_REUSE_PASSWORD } kas_rpw_t, *kas_rpw_p;
  53
  54
  55 typedef struct kas_principalEntry {
  56     kas_admin_t adminSetting;
  57     kas_tgs_t tgsSetting;
  58     kas_enc_t encSetting;
  59     kas_cpw_t cpwSetting;
  60     kas_rpw_t rpwSetting;
  61     unsigned int userExpiration;
  62     unsigned int lastModTime;
  63     kas_identity_t lastModPrincipal;
  64     unsigned int lastChangePasswordTime;
  65     int maxTicketLifetime;
  66     int keyVersion;
  67     kas_encryptionKey_t key;
  68     unsigned int keyCheckSum;
  69     int daysToPasswordExpire;
  70     int failLoginCount;
  71     int lockTime;
  72 } kas_principalEntry_t, *kas_principalEntry_p;
  73
  74 typedef struct kas_serverProcStats {
  75     int requests;
  76     int aborts;
  77 } kas_serverProcStats_t, *kas_serverProcStats_p;
  78
  79 typedef struct kas_serverStats {
  80     int allocations;
  81     int frees;
  82     int changePasswordRequests;
  83     int adminAccounts;
  84     int host;
  85     unsigned int serverStartTime;
  86     struct timeval userTime;
  87     struct timeval systemTime;
  88     int dataSize;
  89     int stackSize;
  90     int pageFaults;
  91     int hashTableUtilization;
  92     kas_serverProcStats_t authenticate;
  93     kas_serverProcStats_t changePassword;
  94     kas_serverProcStats_t getTicket;
  95     kas_serverProcStats_t createUser;
  96     kas_serverProcStats_t setPassword;
  97     kas_serverProcStats_t setFields;
  98     kas_serverProcStats_t deleteUser;
  99     kas_serverProcStats_t getEntry;
 100     kas_serverProcStats_t listEntry;
 101     kas_serverProcStats_t getStats;
 102     kas_serverProcStats_t getPassword;
 103     kas_serverProcStats_t getRandomKey;
 104     kas_serverProcStats_t debug;
 105     kas_serverProcStats_t udpAuthenticate;
 106     kas_serverProcStats_t udpGetTicket;
 107     kas_serverProcStats_t unlock;
 108     kas_serverProcStats_t lockStatus;
 109     int stringChecks;
 110 } kas_serverStats_t, *kas_serverStats_p;
 111
 112 typedef struct key_keyCacheItem {
 113     unsigned int lastUsed;
 114     int keyVersionNumber;
 115     char primary;
 116     char keyCheckSum;
 117     char principal[KAS_MAX_NAME_LEN];
 118 } key_keyCacheItem_t, *key_keyCacheItem_p;
 119
 120 typedef struct kas_serverDebugInfo {
 121     int host;
 122     unsigned int serverStartTime;
 123     unsigned int currentTime;
 124     int noAuth;
 125     unsigned int lastTransaction;
 126     char lastOperation[KAS_MAX_SERVER_OPERATION_LEN];
 127     char lastPrincipalAuth[KAS_MAX_PRINCIPAL_LEN];
 128     char lastPrincipalUDPAuth[KAS_MAX_PRINCIPAL_LEN];
 129     char lastPrincipalTGS[KAS_MAX_PRINCIPAL_LEN];
 130     char lastPrincipalUDPTGS[KAS_MAX_PRINCIPAL_LEN];
 131     char lastPrincipalAdmin[KAS_MAX_PRINCIPAL_LEN];
 132     char lastServerTGS[KAS_MAX_PRINCIPAL_LEN];
 133     char lastServerUDPTGS[KAS_MAX_PRINCIPAL_LEN];
 134     unsigned int nextAutoCheckPointWrite;
 135     int updatesRemainingBeforeAutoCheckPointWrite;
 136     unsigned int dbHeaderRead;
 137     int dbVersion;
 138     int dbFreePtr;
 139     int dbEOFPtr;
 140     int dbKvnoPtr;
 141     int dbSpecialKeysVersion;
 142     int dbHeaderLock;
 143     int keyCacheLock;
 144     int keyCacheVersion;
 145     int keyCacheSize;
 146     int keyCacheUsed;
 147     key_keyCacheItem_t keyCache[KAS_KEYCACHE_DEBUG_INFO_SIZE];
 148 } kas_serverDebugInfo_t, *kas_serverDebugInfo_p;
 149
 150 extern int ADMINAPI kas_ServerOpen(const void *cellHandle,
 151                                    const char **serverList,
 152                                    void **serverHandleP, afs_status_p st);
 153
 154 extern int ADMINAPI kas_ServerClose(const void *serverHandle,
 155                                     afs_status_p st);
 156
 157 extern int ADMINAPI kas_PrincipalCreate(const void *cellHandle,
 158                                         const void *serverHandle,
 159                                         const kas_identity_p who,
 160                                         const char *password,
 161                                         afs_status_p st);
 162
 163 extern int ADMINAPI kas_PrincipalDelete(const void *cellHandle,
 164                                         const void *serverHandle,
 165                                         const kas_identity_p who,
 166                                         afs_status_p st);
 167
 168 extern int ADMINAPI kas_PrincipalGet(const void *cellHandle,
 169                                      const void *serverHandle,
 170                                      const kas_identity_p who,
 171                                      kas_principalEntry_p principal,
 172                                      afs_status_p st);
 173
 174 extern int ADMINAPI kas_PrincipalGetBegin(const void *cellHandle,
 175                                           const void *serverHandle,
 176                                           void **iterationIdP,
 177                                           afs_status_p st);
 178
 179 extern int ADMINAPI kas_PrincipalGetNext(const void *iterationId,
 180                                          kas_identity_p who, afs_status_p st);
 181
 182 extern int ADMINAPI kas_PrincipalGetDone(const void *iterationIdP,
 183                                          afs_status_p st);
 184
 185 extern int ADMINAPI kas_PrincipalKeySet(const void *cellHandle,
 186                                         const void *serverHandle,
 187                                         const kas_identity_p who,
 188                                         int keyVersion,
 189                                         const kas_encryptionKey_p key,
 190                                         afs_status_p st);
 191
 192 extern int ADMINAPI kas_PrincipalLockStatusGet(const void *cellHandle,
 193                                                const void *serverHandle,
 194                                                const kas_identity_p who,
 195                                                unsigned int *lock_end_timeP,
 196                                                afs_status_p st);
 197
 198 extern int ADMINAPI kas_PrincipalUnlock(const void *cellHandle,
 199                                         const void *serverHandle,
 200                                         const kas_identity_p who,
 201                                         afs_status_p st);
 202
 203 extern int ADMINAPI kas_PrincipalFieldsSet(const void *cellHandle,
 204                                            const void *serverHandle,
 205                                            const kas_identity_p who,
 206                                            const kas_admin_p isAdmin,
 207                                            const kas_tgs_p grantTickets,
 208                                            const kas_enc_p canEncrypt,
 209                                            const kas_cpw_p canChangePassword,
 210                                            const unsigned int *expirationDate,
 211                                            const unsigned int
 212                                            *maxTicketLifetime, const unsigned int
 213                                            *passwordExpires,
 214                                            const kas_rpw_p passwordReuse,
 215                                            const unsigned int
 216                                            *failedPasswordAttempts, const unsigned int
 217                                            *failedPasswordLockTime,
 218                                            afs_status_p st);
 219
 220 extern int ADMINAPI kas_ServerStatsGet(const void *cellHandle,
 221                                        const void *serverHandle,
 222                                        kas_serverStats_p stats,
 223                                        afs_status_p st);
 224
 225 extern int ADMINAPI kas_ServerDebugGet(const void *cellHandle,
 226                                        const void *serverHandle,
 227                                        kas_serverDebugInfo_p debug,
 228                                        afs_status_p st);
 229
 230 extern int ADMINAPI kas_ServerRandomKeyGet(const void *cellHandle,
 231                                            const void *serverHandle,
 232                                            kas_encryptionKey_p key,
 233                                            afs_status_p st);
 234
 235 extern int ADMINAPI kas_StringToKey(const char *cellName, const char *string,
 236                                     kas_encryptionKey_p key, afs_status_p st);
 237
 238 extern int ADMINAPI kas_KeyCheckSum(const kas_encryptionKey_p key,
 239                                     unsigned int *cksumP, afs_status_p st);
 240
 241 #endif /* OPENAFS_KAS_ADMIN_H */