macos-move-afssettings-20060801

[openafs.git] / src / dauth / adkint.xg

/*
 * Copyright 2000, International Business Machines Corporation and others.
 * All Rights Reserved.
 * 
 * This software has been released under the terms of the IBM Public
 * License.  For details, see the LICENSE file in the top-level source
 * directory or online at http://www.openafs.org/dl/license10.html
 */

/*
 * adkint.xg -- interface definition for AFS/DFS DCE KDC ticket service.
 */

package ADK_
statindex 5

/*
 * For our simplified Kerberos V5 ticket granting service, we add
 * another service to the file service port (rather than having to risk
 * using yet another public port).
 */
const ADK_PORT = 7000;
const ADK_SERVICE = 2;

typedef opaque adk_code<2000>;  /* Encoded byte strings */
typedef string adk_string<2000>;/* Normal, null terminated strings */

/*
 * This structure is returned on a DCE error, since the local system
 * has no hope of interpreting the error code otherwise.
 */
struct adk_error {
    afs_int32 code;             /* Both the call error code AND this must be checked */
    adk_string data;    /* Interpreted error code string */
};

struct adk_reply {
    afs_int32 unix_id;  /* DCE Id of user (info only; not secured) */
    adk_string salt;    /* Salt to use for string_to_key on password */
    afs_int32 tktype;   /* Ticket type, from rxkad.p.h */
    adk_code ticket;    /* The Kerberos V5 PAC-less ticket */
    adk_code private;   /* Secured reply information from DCE KTC. Decrypt
                           this with key derived from user password and salt */
};

/*
 * Can only pass pointers to structures, if they need to be deallocated.
 * This is an rxgen restriction.
 */
typedef struct adk_reply *adk_reply_ptr;
typedef struct adk_error *adk_error_ptr;

GetTicket
    (IN adk_string name,
     afs_int32 nonce,
     afs_int32 lifetime,
     OUT adk_error_ptr *error_p,        /* Not if there is a reply */
     OUT adk_reply_ptr *reply_p) = 1;   /* Only if no error */