Spaces:
Sleeping
Sleeping
| /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ | |
| /* | |
| * Copyright (C) 2017 by the Massachusetts Institute of Technology. | |
| * All rights reserved. | |
| * | |
| * Redistribution and use in source and binary forms, with or without | |
| * modification, are permitted provided that the following conditions | |
| * are met: | |
| * | |
| * * Redistributions of source code must retain the above copyright | |
| * notice, this list of conditions and the following disclaimer. | |
| * | |
| * * Redistributions in binary form must reproduce the above copyright | |
| * notice, this list of conditions and the following disclaimer in | |
| * the documentation and/or other materials provided with the | |
| * distribution. | |
| * | |
| * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | |
| * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | |
| * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS | |
| * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE | |
| * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, | |
| * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES | |
| * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR | |
| * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
| * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | |
| * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |
| * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | |
| * OF THE POSSIBILITY OF SUCH DAMAGE. | |
| */ | |
| /* | |
| * Declarations for kadm5_auth plugin module implementors. | |
| * | |
| * The kadm5_auth pluggable interface currently has only one supported major | |
| * version, which is 1. Major version 1 has a current minor version number of | |
| * 1. | |
| * | |
| * kadm5_auth plugin modules should define a function named | |
| * kadm5_auth_<modulename>_initvt, matching the signature: | |
| * | |
| * krb5_error_code | |
| * kadm5_auth_modname_initvt(krb5_context context, int maj_ver, int min_ver, | |
| * krb5_plugin_vtable vtable); | |
| * | |
| * The initvt function should: | |
| * | |
| * - Check that the supplied maj_ver number is supported by the module, or | |
| * return KRB5_PLUGIN_VER_NOTSUPP if it is not. | |
| * | |
| * - Cast the vtable pointer as appropriate for maj_ver: | |
| * maj_ver == 1: Cast to krb5_kadm5_auth_vtable | |
| * | |
| * - Initialize the methods of the vtable, stopping as appropriate for the | |
| * supplied min_ver. Optional methods may be left uninitialized. | |
| * | |
| * Memory for the vtable is allocated by the caller, not by the module. | |
| */ | |
| /* An abstract type for kadm5_auth module data. */ | |
| typedef struct kadm5_auth_moddata_st *kadm5_auth_moddata; | |
| /* | |
| * A module can optionally include <kadm5/admin.h> to inspect principal or | |
| * policy records from requests that add or modify principals or policies. | |
| * Note that fields of principal and policy structures are only valid if the | |
| * corresponding bit is set in the accompanying mask parameter. | |
| */ | |
| struct _kadm5_principal_ent_t; | |
| struct _kadm5_policy_ent_t; | |
| /* | |
| * A module can optionally generate restrictions when checking permissions for | |
| * adding or modifying a principal entry. Restriction fields will only be | |
| * honored if the corresponding mask bit is set. The operable mask bits are | |
| * defined in <kadmin/admin.h> and are: | |
| * | |
| * - KADM5_ATTRIBUTES for require_attrs, forbid_attrs | |
| * - KADM5_POLICY for policy | |
| * - KADM5_POLICY_CLR to require that policy be unset | |
| * - KADM5_PRINC_EXPIRE_TIME for princ_lifetime | |
| * - KADM5_PW_EXPIRATION for pw_lifetime | |
| * - KADM5_MAX_LIFE for max_life | |
| * - KADM5_MAX_RLIFE for max_renewable_life | |
| */ | |
| struct kadm5_auth_restrictions { | |
| long mask; | |
| krb5_flags require_attrs; | |
| krb5_flags forbid_attrs; | |
| krb5_deltat princ_lifetime; | |
| krb5_deltat pw_lifetime; | |
| krb5_deltat max_life; | |
| krb5_deltat max_renewable_life; | |
| char *policy; | |
| }; | |
| /*** Method type declarations ***/ | |
| /* | |
| * Optional: Initialize module data. acl_file is the realm's configured ACL | |
| * file, or NULL if none was configured. Return 0 on success, | |
| * KRB5_PLUGIN_NO_HANDLE if the module is inoperable (due to configuration, for | |
| * example), and any other error code to abort kadmind startup. Optionally set | |
| * *data_out to a module data object to be passed to future calls. | |
| */ | |
| typedef krb5_error_code | |
| (*kadm5_auth_init_fn)(krb5_context context, const char *acl_file, | |
| kadm5_auth_moddata *data_out); | |
| /* Optional: Release resources used by module data. */ | |
| typedef void | |
| (*kadm5_auth_fini_fn)(krb5_context context, kadm5_auth_moddata data); | |
| /* | |
| * Each check method below should return 0 to explicitly authorize the request, | |
| * KRB5_PLUGIN_NO_HANDLE to neither authorize nor deny the request, and any | |
| * other error code (such as EPERM) to explicitly deny the request. If a check | |
| * method is not defined, the module will neither authorize nor deny the | |
| * request. A request succeeds if at least one kadm5_auth module explicitly | |
| * authorizes the request and none of the modules explicitly deny it. | |
| */ | |
| /* Optional: authorize an add-principal operation, and optionally generate | |
| * restrictions. */ | |
| typedef krb5_error_code | |
| (*kadm5_auth_addprinc_fn)(krb5_context context, kadm5_auth_moddata data, | |
| krb5_const_principal client, | |
| krb5_const_principal target, | |
| const struct _kadm5_principal_ent_t *ent, long mask, | |
| struct kadm5_auth_restrictions **rs_out); | |
| /* Optional: authorize a modify-principal operation, and optionally generate | |
| * restrictions. */ | |
| typedef krb5_error_code | |
| (*kadm5_auth_modprinc_fn)(krb5_context context, kadm5_auth_moddata data, | |
| krb5_const_principal client, | |
| krb5_const_principal target, | |
| const struct _kadm5_principal_ent_t *ent, long mask, | |
| struct kadm5_auth_restrictions **rs_out); | |
| /* Optional: authorize a set-string operation. */ | |
| typedef krb5_error_code | |
| (*kadm5_auth_setstr_fn)(krb5_context context, kadm5_auth_moddata data, | |
| krb5_const_principal client, | |
| krb5_const_principal target, | |
| const char *key, const char *value); | |
| /* Optional: authorize a change-password operation. */ | |
| typedef krb5_error_code | |
| (*kadm5_auth_cpw_fn)(krb5_context context, kadm5_auth_moddata data, | |
| krb5_const_principal client, krb5_const_principal target); | |
| /* Optional: authorize a randomize-keys operation. */ | |
| typedef krb5_error_code | |
| (*kadm5_auth_chrand_fn)(krb5_context context, kadm5_auth_moddata data, | |
| krb5_const_principal client, | |
| krb5_const_principal target); | |
| /* Optional: authorize a set-key operation. */ | |
| typedef krb5_error_code | |
| (*kadm5_auth_setkey_fn)(krb5_context context, kadm5_auth_moddata data, | |
| krb5_const_principal client, | |
| krb5_const_principal target); | |
| /* Optional: authorize a purgekeys operation. */ | |
| typedef krb5_error_code | |
| (*kadm5_auth_purgekeys_fn)(krb5_context context, kadm5_auth_moddata data, | |
| krb5_const_principal client, | |
| krb5_const_principal target); | |
| /* Optional: authorize a delete-principal operation. */ | |
| typedef krb5_error_code | |
| (*kadm5_auth_delprinc_fn)(krb5_context context, kadm5_auth_moddata data, | |
| krb5_const_principal client, | |
| krb5_const_principal target); | |
| /* Optional: authorize a rename-principal operation. */ | |
| typedef krb5_error_code | |
| (*kadm5_auth_renprinc_fn)(krb5_context context, kadm5_auth_moddata data, | |
| krb5_const_principal client, | |
| krb5_const_principal src, | |
| krb5_const_principal dest); | |
| /* Optional: authorize a get-principal operation. */ | |
| typedef krb5_error_code | |
| (*kadm5_auth_getprinc_fn)(krb5_context context, kadm5_auth_moddata data, | |
| krb5_const_principal client, | |
| krb5_const_principal target); | |
| /* Optional: authorize a get-strings operation. */ | |
| typedef krb5_error_code | |
| (*kadm5_auth_getstrs_fn)(krb5_context context, kadm5_auth_moddata data, | |
| krb5_const_principal client, | |
| krb5_const_principal target); | |
| /* Optional: authorize an extract-keys operation. */ | |
| typedef krb5_error_code | |
| (*kadm5_auth_extract_fn)(krb5_context context, kadm5_auth_moddata data, | |
| krb5_const_principal client, | |
| krb5_const_principal target); | |
| /* Optional: authorize a list-principals operation. */ | |
| typedef krb5_error_code | |
| (*kadm5_auth_listprincs_fn)(krb5_context context, kadm5_auth_moddata data, | |
| krb5_const_principal client); | |
| /* Optional: authorize an add-policy operation. */ | |
| typedef krb5_error_code | |
| (*kadm5_auth_addpol_fn)(krb5_context context, kadm5_auth_moddata data, | |
| krb5_const_principal client, const char *policy, | |
| const struct _kadm5_policy_ent_t *ent, long mask); | |
| /* Optional: authorize a modify-policy operation. */ | |
| typedef krb5_error_code | |
| (*kadm5_auth_modpol_fn)(krb5_context context, kadm5_auth_moddata data, | |
| krb5_const_principal client, const char *policy, | |
| const struct _kadm5_policy_ent_t *ent, long mask); | |
| /* Optional: authorize a delete-policy operation. */ | |
| typedef krb5_error_code | |
| (*kadm5_auth_delpol_fn)(krb5_context context, kadm5_auth_moddata data, | |
| krb5_const_principal client, const char *policy); | |
| /* Optional: authorize a get-policy operation. client_policy is the client | |
| * principal's policy name, or NULL if it does not have one. */ | |
| typedef krb5_error_code | |
| (*kadm5_auth_getpol_fn)(krb5_context context, kadm5_auth_moddata data, | |
| krb5_const_principal client, const char *policy, | |
| const char *client_policy); | |
| /* Optional: authorize a list-policies operation. */ | |
| typedef krb5_error_code | |
| (*kadm5_auth_listpols_fn)(krb5_context context, kadm5_auth_moddata data, | |
| krb5_const_principal client); | |
| /* Optional: authorize an iprop operation. */ | |
| typedef krb5_error_code | |
| (*kadm5_auth_iprop_fn)(krb5_context context, kadm5_auth_moddata data, | |
| krb5_const_principal client); | |
| /* | |
| * Optional: receive a notification that the most recent authorized operation | |
| * has ended. If a kadm5_auth module is also a KDB module, it can assume that | |
| * all KDB methods invoked between a kadm5_auth authorization method invocation | |
| * and a kadm5_auth end invocation are performed as part of the authorized | |
| * operation. | |
| * | |
| * The end method may be invoked without a preceding authorization method in | |
| * some cases; the module must be prepared to ignore such calls. | |
| */ | |
| typedef void | |
| (*kadm5_auth_end_fn)(krb5_context context, kadm5_auth_moddata data); | |
| /* | |
| * Optional: free a restrictions object. This method does not need to be | |
| * defined if the module does not generate restrictions objects, or if it | |
| * returns aliases to restrictions objects contained from within the module | |
| * data. | |
| */ | |
| typedef void | |
| (*kadm5_auth_free_restrictions_fn)(krb5_context context, | |
| kadm5_auth_moddata data, | |
| struct kadm5_auth_restrictions *rs); | |
| /* kadm5_auth vtable for major version 1. */ | |
| typedef struct kadm5_auth_vtable_st { | |
| const char *name; /* Mandatory: name of module. */ | |
| kadm5_auth_init_fn init; | |
| kadm5_auth_fini_fn fini; | |
| kadm5_auth_addprinc_fn addprinc; | |
| kadm5_auth_modprinc_fn modprinc; | |
| kadm5_auth_setstr_fn setstr; | |
| kadm5_auth_cpw_fn cpw; | |
| kadm5_auth_chrand_fn chrand; | |
| kadm5_auth_setkey_fn setkey; | |
| kadm5_auth_purgekeys_fn purgekeys; | |
| kadm5_auth_delprinc_fn delprinc; | |
| kadm5_auth_renprinc_fn renprinc; | |
| kadm5_auth_getprinc_fn getprinc; | |
| kadm5_auth_getstrs_fn getstrs; | |
| kadm5_auth_extract_fn extract; | |
| kadm5_auth_listprincs_fn listprincs; | |
| kadm5_auth_addpol_fn addpol; | |
| kadm5_auth_modpol_fn modpol; | |
| kadm5_auth_delpol_fn delpol; | |
| kadm5_auth_getpol_fn getpol; | |
| kadm5_auth_listpols_fn listpols; | |
| kadm5_auth_iprop_fn iprop; | |
| kadm5_auth_end_fn end; | |
| kadm5_auth_free_restrictions_fn free_restrictions; | |
| /* Minor version 1 ends here. */ | |
| } *kadm5_auth_vtable; | |