rxkad-increase-token-ticket-sizes-20040401

[openafs.git] / src / rxkad / rxkad.p.h

diff --git a/src/rxkad/rxkad.p.h b/src/rxkad/rxkad.p.h
index be8d8cf..1b33fb9 100644 (file)
--- a/src/rxkad/rxkad.p.h
+++ b/src/rxkad/rxkad.p.h
@@ -16,14 +16,14 @@
                /* no ticket good for longer than 30 days */
 #define MAXKTCTICKETLIFETIME (30*24*3600)
 #define MINKTCTICKETLEN              32
-#define        MAXKTCTICKETLEN       344
+#define        MAXKTCTICKETLEN       4096  /* was 344 */
 #define        MAXKTCNAMELEN         64        /* name & inst should be 256 */
 #define MAXKTCREALMLEN       64        /* should be 256 */
 #define KTC_TIME_UNCERTAINTY (15*60)   /* max skew bet. machines' clocks */
 
-#define MAXRANDOMNAMELEN 16            /* length of random generated 
-                                          usernames used by afslog for high 
-                                          security must be < MAXKTCNAMELEN */
+#define MAXRANDOMNAMELEN 16    /* length of random generated 
+                                * usernames used by afslog for high 
+                                * security must be < MAXKTCNAMELEN */
 #define LOGON_OPTION_INTEGRATED 1
 #define LOGON_OPTION_HIGHSECURITY 2
 
@@ -38,7 +38,7 @@
 #define RXKAD_TKT_TYPE_KERBEROS_V5             256
 #define RXKAD_TKT_TYPE_KERBEROS_V5_ENCPART_ONLY        213
 
-#define MAXKRB5TICKETLEN                       1024
+#define MAXKRB5TICKETLEN                       4096
 
 /*
  * The AFS/DFS translator may also make use of additional ticket types in
@@ -68,13 +68,13 @@ struct ktc_principal {
 #define round_up_to_ebs(v) (((v) + 7) & (~7))
 
 typedef char rxkad_type;
-#define rxkad_client 1                 /* bits definitions */
+#define rxkad_client 1         /* bits definitions */
 #define rxkad_server 2
 
 typedef char rxkad_level;
-#define rxkad_clear 0                  /* send packets in the clear */
-#define rxkad_auth 1                   /* send encrypted sequence numbers */
-#define rxkad_crypt 2                  /* encrypt packet data */
+#define rxkad_clear 0          /* send packets in the clear */
+#define rxkad_auth 1           /* send encrypted sequence numbers */
+#define rxkad_crypt 2          /* encrypt packet data */
 
 /* many stats are kept per type and per level.  These are encoded into an index
  * from 0 to 5 by the StatIndex macro. */
@@ -97,7 +97,7 @@ struct rxkad_stats {
     afs_uint32 expired;                /* server packets rejected */
     afs_uint32 challengesSent; /* server challenges sent */
     afs_uint32 challenges[3];  /* challenges seen by client */
-    afs_uint32 responses[3];           /* responses seen by server */
+    afs_uint32 responses[3];   /* responses seen by server */
     afs_uint32 preparePackets[6];
     afs_uint32 checkPackets[6];
     afs_uint32 bytesEncrypted[2];      /* index just by type */
@@ -106,7 +106,7 @@ struct rxkad_stats {
     afs_uint32 fc_key_scheds;  /* key schedule creations */
     afs_uint32 des_encrypts[2];        /* DECRYPT==0, ENCRYPT==1 */
     afs_uint32 des_key_scheds; /* key schedule creations */
-    afs_uint32 des_randoms;            /* random blocks generated */
+    afs_uint32 des_randoms;    /* random blocks generated */
     long spares[10];
 };
 
@@ -134,7 +134,7 @@ extern pthread_mutex_t rxkad_stats_mutex;
 #define rxkad_stats_clientObjects (rxkad_stats.spares[0])
 #define rxkad_stats_serverObjects (rxkad_stats.spares[1])
 
-extern int rxkad_EpochWasSet;          /* TRUE => we called rx_SetEpoch */
+extern int rxkad_EpochWasSet;  /* TRUE => we called rx_SetEpoch */
 
 #include "rxkad_prototypes.h"