2 * Copyright 2000, International Business Machines Corporation and others.
5 * This software has been released under the terms of the IBM Public
6 * License. For details, see the LICENSE file in the top-level source
7 * directory or online at http://www.openafs.org/dl/license10.html
10 /* for input byte sequences */
11 customized struct ka_CBS {
16 /* for in/out byte sequences */
17 customized struct ka_BBS {
23 const MAXKAKVNO = 127; /* The key version number must fit in a byte */
25 /* flags: zero is an illegal value */
26 const KAFNORMAL = 0x001; /* set for all user entries */
27 /* if the normal is off then one of these two MUST be set */
28 const KAFFREE = 0x002; /* set if in free list */
29 const KAFOLDKEYS = 0x010; /* if entry used to store old keys */
30 /* otherwise one of these may be set to define the usage of the misc field */
31 const KAFSPECIAL = 0x100; /* set if special AuthServer principal */
32 const KAFASSOCROOT = 0x200; /* set if root of associate tree */
33 const KAFASSOC = 0x400; /* set if entry is an associate */
34 /* These bits define special propertied of normal users. */
35 const KAFADMIN = 0x004; /* an administrator */
36 const KAFNOTGS = 0x008; /* ! allow principal to get or use TGT */
37 const KAFNOSEAL = 0x020; /* ! allow principal as server in GetTicket */
38 const KAFNOCPW = 0x040; /* ! allow principal to change its own key */
39 const KAFNEWASSOC = 0x080; /* allow user to create associates */
41 /* these flags are settable using SetFields */
42 %#define KAF_SETTABLE_FLAGS (KAFADMIN | KAFNOTGS | KAFNOSEAL | KAFNOCPW | KAFNEWASSOC)
44 /* This struction defines an encryption key that is bit level compatible with
45 * DES and ktc_encryptionKey but which will have to be cast to the appropriate
48 struct EncryptionKey {
52 /* These structures are returned by server RPC interface routines. To make
53 * future revisions easy to accomodate they are assigned a major and minor
54 * version number. Major version changes will require recompilation because of
55 * the structures have changed size. Minor version changes will be more or
56 * less upward compaitible. */
57 const KAMAJORVERSION = 5; /* as of 890301 */
58 const KAMINORVERSION = 2;
61 %#define NEVERDATE 037777777777 /* a date that will never come */
64 %#define Date afs_uint32
66 #define Date afs_uint32
67 /* We log to AuthLog and a dbm-based log file on most platforms.
68 * On NT & some HPs we only log to AuthLog
69 * For HPs, AUTH_DBM_LOG is defined in their respective Makefiles for
70 * platforms that can log using dbm.
71 * On Linux, dbm is not part of the standard installation, and we can't
72 * statically link it in. So, ignore it for now.
74 %#if !defined(AFS_HPUX_ENV) && !defined(AFS_NT40_ENV) && !defined(AFS_LINUX20_ENV)
78 #define MAXKANAMELEN 64 /* don't export: use MAXKTCNAMELEN */
79 typedef string kaname<MAXKANAMELEN>;
81 /* A structure for returning name and instance strings */
83 char name[MAXKANAMELEN]; /* user name */
84 char instance[MAXKANAMELEN]; /* group name */
87 /* A structure for returning entry information */
89 afs_int32 minor_version; /* the minor version of this struct */
90 afs_int32 flags; /* random flags */
91 Date user_expiration; /* user registration good till then */
92 Date modification_time; /* time of last update */
93 struct kaident modification_user; /* user name & inst last mod. entry */
94 Date change_password_time;/* time user changed own password */
95 afs_int32 max_ticket_lifetime; /* maximum lifetime for tickets */
96 afs_int32 key_version; /* verson number of this key */
97 EncryptionKey key; /* the key to use */
98 afs_uint32 keyCheckSum; /* crypto-cksum of key */
99 afs_uint32 misc_auth_bytes; /* expiry, plus more byte values */
100 afs_int32 reserved3; /* NOT Spare - used to hold pwsums[0] */
104 /* These are (static) statistics kept in the database header */
105 /* WARNING: Changing the size of this structure affects the on-disk database
106 * header, which will force it to be rebuilt. */
108 afs_int32 minor_version; /* the minor version of this struct */
109 afs_int32 allocs; /* total # of calls to AllocBlock */
110 afs_int32 frees; /* total # of calls to FreeBlock */
111 afs_int32 cpws; /* # of user change password cmds */
119 afs_int32 tv_sec; /* seconds */
120 afs_int32 tv_usec; /* and microseconds */
122 struct karpcstats {int requests; int aborts;};
123 #define declare_stat(n) struct karpcstats n
125 /* These are dynamic statistics kept in the each AuthServer process */
127 afs_int32 minor_version; /* the minor version of this struct */
128 afs_int32 host; /* host number */
129 Date start_time; /* time statistics were last cleared */
130 /* statistics that can be calculated upon request */
131 #if (KAMAJORVERSION>5)
132 struct katimeval utime;
133 struct katimeval stime;
138 afs_int32 hashTableUtilization; /* utilization of non-empty hash table
139 entries in parts per 10,000 */
140 /* count of requests and aborts for each RPC */
141 declare_stat (Authenticate);
142 declare_stat (ChangePassword);
143 declare_stat (GetTicket);
144 declare_stat (CreateUser);
145 declare_stat (SetPassword);
146 declare_stat (SetFields);
147 declare_stat (DeleteUser);
148 declare_stat (GetEntry);
149 declare_stat (ListEntry);
150 declare_stat (GetStats);
151 declare_stat (GetPassword);
152 declare_stat (GetRandomKey);
153 declare_stat (Debug);
154 declare_stat (UAuthenticate);
155 declare_stat (UGetTicket);
156 declare_stat (Unlock);
157 declare_stat (LockStatus);
158 afs_int32 string_checks; /* errors detected in name.inst strs */
165 /* This returns information about the state of the server for debugging
166 problems remotely. */
168 const KADEBUGKCINFOSIZE = 25;
178 struct ka_debugInfo {
179 afs_int32 minorVersion; /* the minor version of this struct */
180 afs_int32 host; /* host number */
181 Date startTime; /* time server was started */
182 #if (KAMAJORVERSION>5)
183 Date now; /* current server time */
185 int noAuth; /* running with authentication off */
187 Date lastTrans; /* time of last transation */
188 char lastOperation[16]; /* name of last operation */
189 char lastAuth[256]; /* last principal to authenticate */
190 char lastUAuth[256]; /* " authenticate via UDP */
191 char lastTGS[256]; /* " call ticket granting service */
192 char lastUTGS[256]; /* " call TGS via UDP */
193 char lastAdmin[256]; /* " call admin service */
194 char lastTGSServer[256]; /* last server a ticket was req for */
195 char lastUTGSServer[256]; /* " " " via UDP */
196 Date nextAutoCPW; /* time of next AutoCPW attempt */
197 int updatesRemaining; /* update necessary for next AutoCPW */
198 /* db header stuff */
199 Date dbHeaderRead; /* time cheader was last read in */
204 afs_int32 dbSpecialKeysVersion;
205 /* these are of type struct Lock */
206 afs_int32 cheader_lock;
207 afs_int32 keycache_lock;
209 /* key cache stuff */
213 struct ka_kcInfo kcInfo[KADEBUGKCINFOSIZE];
221 /* finally the procedural definitions */
227 proc Authenticate_old(
232 IN struct ka_CBS *request,
233 INOUT struct ka_BBS *answer
241 IN struct ka_CBS *request,
242 INOUT struct ka_BBS *answer
250 IN struct ka_CBS *request,
251 INOUT struct ka_BBS *answer
257 IN struct ka_CBS *arequest,
258 INOUT struct ka_BBS *oanswer
267 IN kaname auth_domain,
268 IN struct ka_CBS *aticket,
271 IN struct ka_CBS *atimes,
272 INOUT struct ka_BBS *oanswer
277 IN kaname auth_domain,
278 IN struct ka_CBS *aticket,
281 IN struct ka_CBS *atimes,
282 INOUT struct ka_BBS *oanswer
293 IN EncryptionKey password
300 IN Date user_expiration,
301 IN afs_int32 max_ticket_lifetime,
302 IN afs_int32 maxAssociates,
303 IN afs_uint32 misc_auth_bytes,
310 IN EncryptionKey password
321 IN afs_int32 major_version,
322 OUT struct kaentryinfo *entry
326 IN afs_int32 previous_index,
327 OUT afs_int32 *index,
328 OUT afs_int32 *count,
333 IN afs_int32 major_version,
334 OUT afs_int32 *admin_accounts,
335 OUT struct kasstats *statics,
336 OUT struct kadstats *dynamics
340 IN afs_int32 major_version,
342 OUT struct ka_debugInfo *info
347 OUT EncryptionKey *password
351 OUT EncryptionKey *password
366 OUT afs_int32 *lockeduntil,
git://git.openafs.org / openafs.git / blob