Mercurial > repos > rliterman > csp2

annotate CSP2/CSP2_env/env-d9b9114564458d9d-741b3de822f2aaca6c6caa4325c4afce/include/krb5/kadm5_auth_plugin.h @ 69:33d812a61356

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
planemo upload commit 2e9511a184a1ca667c7be0c6321a36dc4e3d116d
author jpayne
date Tue, 18 Mar 2025 17:55:14 -0400
parents
children
rev   line source
jpayne@69 1 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
jpayne@69 2 /*
jpayne@69 3 * Copyright (C) 2017 by the Massachusetts Institute of Technology.
jpayne@69 4 * All rights reserved.
jpayne@69 5 *
jpayne@69 6 * Redistribution and use in source and binary forms, with or without
jpayne@69 7 * modification, are permitted provided that the following conditions
jpayne@69 8 * are met:
jpayne@69 9 *
jpayne@69 10 * * Redistributions of source code must retain the above copyright
jpayne@69 11 * notice, this list of conditions and the following disclaimer.
jpayne@69 12 *
jpayne@69 13 * * Redistributions in binary form must reproduce the above copyright
jpayne@69 14 * notice, this list of conditions and the following disclaimer in
jpayne@69 15 * the documentation and/or other materials provided with the
jpayne@69 16 * distribution.
jpayne@69 17 *
jpayne@69 18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
jpayne@69 19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
jpayne@69 20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
jpayne@69 21 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
jpayne@69 22 * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
jpayne@69 23 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
jpayne@69 24 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
jpayne@69 25 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
jpayne@69 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
jpayne@69 27 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
jpayne@69 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
jpayne@69 29 * OF THE POSSIBILITY OF SUCH DAMAGE.
jpayne@69 30 */
jpayne@69 31
jpayne@69 32 /*
jpayne@69 33 * Declarations for kadm5_auth plugin module implementors.
jpayne@69 34 *
jpayne@69 35 * The kadm5_auth pluggable interface currently has only one supported major
jpayne@69 36 * version, which is 1. Major version 1 has a current minor version number of
jpayne@69 37 * 1.
jpayne@69 38 *
jpayne@69 39 * kadm5_auth plugin modules should define a function named
jpayne@69 40 * kadm5_auth_<modulename>_initvt, matching the signature:
jpayne@69 41 *
jpayne@69 42 * krb5_error_code
jpayne@69 43 * kadm5_auth_modname_initvt(krb5_context context, int maj_ver, int min_ver,
jpayne@69 44 * krb5_plugin_vtable vtable);
jpayne@69 45 *
jpayne@69 46 * The initvt function should:
jpayne@69 47 *
jpayne@69 48 * - Check that the supplied maj_ver number is supported by the module, or
jpayne@69 49 * return KRB5_PLUGIN_VER_NOTSUPP if it is not.
jpayne@69 50 *
jpayne@69 51 * - Cast the vtable pointer as appropriate for maj_ver:
jpayne@69 52 * maj_ver == 1: Cast to krb5_kadm5_auth_vtable
jpayne@69 53 *
jpayne@69 54 * - Initialize the methods of the vtable, stopping as appropriate for the
jpayne@69 55 * supplied min_ver. Optional methods may be left uninitialized.
jpayne@69 56 *
jpayne@69 57 * Memory for the vtable is allocated by the caller, not by the module.
jpayne@69 58 */
jpayne@69 59
jpayne@69 60 #ifndef KRB5_KADM5_AUTH_PLUGIN_H
jpayne@69 61 #define KRB5_KADM5_AUTH_PLUGIN_H
jpayne@69 62
jpayne@69 63 #include <krb5/krb5.h>
jpayne@69 64 #include <krb5/plugin.h>
jpayne@69 65
jpayne@69 66 /* An abstract type for kadm5_auth module data. */
jpayne@69 67 typedef struct kadm5_auth_moddata_st *kadm5_auth_moddata;
jpayne@69 68
jpayne@69 69 /*
jpayne@69 70 * A module can optionally include <kadm5/admin.h> to inspect principal or
jpayne@69 71 * policy records from requests that add or modify principals or policies.
jpayne@69 72 * Note that fields of principal and policy structures are only valid if the
jpayne@69 73 * corresponding bit is set in the accompanying mask parameter.
jpayne@69 74 */
jpayne@69 75 struct _kadm5_principal_ent_t;
jpayne@69 76 struct _kadm5_policy_ent_t;
jpayne@69 77
jpayne@69 78 /*
jpayne@69 79 * A module can optionally generate restrictions when checking permissions for
jpayne@69 80 * adding or modifying a principal entry. Restriction fields will only be
jpayne@69 81 * honored if the corresponding mask bit is set. The operable mask bits are
jpayne@69 82 * defined in <kadmin/admin.h> and are:
jpayne@69 83 *
jpayne@69 84 * - KADM5_ATTRIBUTES for require_attrs, forbid_attrs
jpayne@69 85 * - KADM5_POLICY for policy
jpayne@69 86 * - KADM5_POLICY_CLR to require that policy be unset
jpayne@69 87 * - KADM5_PRINC_EXPIRE_TIME for princ_lifetime
jpayne@69 88 * - KADM5_PW_EXPIRATION for pw_lifetime
jpayne@69 89 * - KADM5_MAX_LIFE for max_life
jpayne@69 90 * - KADM5_MAX_RLIFE for max_renewable_life
jpayne@69 91 */
jpayne@69 92 struct kadm5_auth_restrictions {
jpayne@69 93 long mask;
jpayne@69 94 krb5_flags require_attrs;
jpayne@69 95 krb5_flags forbid_attrs;
jpayne@69 96 krb5_deltat princ_lifetime;
jpayne@69 97 krb5_deltat pw_lifetime;
jpayne@69 98 krb5_deltat max_life;
jpayne@69 99 krb5_deltat max_renewable_life;
jpayne@69 100 char *policy;
jpayne@69 101 };
jpayne@69 102
jpayne@69 103 /*** Method type declarations ***/
jpayne@69 104
jpayne@69 105 /*
jpayne@69 106 * Optional: Initialize module data. acl_file is the realm's configured ACL
jpayne@69 107 * file, or NULL if none was configured. Return 0 on success,
jpayne@69 108 * KRB5_PLUGIN_NO_HANDLE if the module is inoperable (due to configuration, for
jpayne@69 109 * example), and any other error code to abort kadmind startup. Optionally set
jpayne@69 110 * *data_out to a module data object to be passed to future calls.
jpayne@69 111 */
jpayne@69 112 typedef krb5_error_code
jpayne@69 113 (*kadm5_auth_init_fn)(krb5_context context, const char *acl_file,
jpayne@69 114 kadm5_auth_moddata *data_out);
jpayne@69 115
jpayne@69 116 /* Optional: Release resources used by module data. */
jpayne@69 117 typedef void
jpayne@69 118 (*kadm5_auth_fini_fn)(krb5_context context, kadm5_auth_moddata data);
jpayne@69 119
jpayne@69 120 /*
jpayne@69 121 * Each check method below should return 0 to explicitly authorize the request,
jpayne@69 122 * KRB5_PLUGIN_NO_HANDLE to neither authorize nor deny the request, and any
jpayne@69 123 * other error code (such as EPERM) to explicitly deny the request. If a check
jpayne@69 124 * method is not defined, the module will neither authorize nor deny the
jpayne@69 125 * request. A request succeeds if at least one kadm5_auth module explicitly
jpayne@69 126 * authorizes the request and none of the modules explicitly deny it.
jpayne@69 127 */
jpayne@69 128
jpayne@69 129 /* Optional: authorize an add-principal operation, and optionally generate
jpayne@69 130 * restrictions. */
jpayne@69 131 typedef krb5_error_code
jpayne@69 132 (*kadm5_auth_addprinc_fn)(krb5_context context, kadm5_auth_moddata data,
jpayne@69 133 krb5_const_principal client,
jpayne@69 134 krb5_const_principal target,
jpayne@69 135 const struct _kadm5_principal_ent_t *ent, long mask,
jpayne@69 136 struct kadm5_auth_restrictions **rs_out);
jpayne@69 137
jpayne@69 138 /* Optional: authorize a modify-principal operation, and optionally generate
jpayne@69 139 * restrictions. */
jpayne@69 140 typedef krb5_error_code
jpayne@69 141 (*kadm5_auth_modprinc_fn)(krb5_context context, kadm5_auth_moddata data,
jpayne@69 142 krb5_const_principal client,
jpayne@69 143 krb5_const_principal target,
jpayne@69 144 const struct _kadm5_principal_ent_t *ent, long mask,
jpayne@69 145 struct kadm5_auth_restrictions **rs_out);
jpayne@69 146
jpayne@69 147 /* Optional: authorize a set-string operation. */
jpayne@69 148 typedef krb5_error_code
jpayne@69 149 (*kadm5_auth_setstr_fn)(krb5_context context, kadm5_auth_moddata data,
jpayne@69 150 krb5_const_principal client,
jpayne@69 151 krb5_const_principal target,
jpayne@69 152 const char *key, const char *value);
jpayne@69 153
jpayne@69 154 /* Optional: authorize a change-password operation. */
jpayne@69 155 typedef krb5_error_code
jpayne@69 156 (*kadm5_auth_cpw_fn)(krb5_context context, kadm5_auth_moddata data,
jpayne@69 157 krb5_const_principal client, krb5_const_principal target);
jpayne@69 158
jpayne@69 159 /* Optional: authorize a randomize-keys operation. */
jpayne@69 160 typedef krb5_error_code
jpayne@69 161 (*kadm5_auth_chrand_fn)(krb5_context context, kadm5_auth_moddata data,
jpayne@69 162 krb5_const_principal client,
jpayne@69 163 krb5_const_principal target);
jpayne@69 164
jpayne@69 165 /* Optional: authorize a set-key operation. */
jpayne@69 166 typedef krb5_error_code
jpayne@69 167 (*kadm5_auth_setkey_fn)(krb5_context context, kadm5_auth_moddata data,
jpayne@69 168 krb5_const_principal client,
jpayne@69 169 krb5_const_principal target);
jpayne@69 170
jpayne@69 171 /* Optional: authorize a purgekeys operation. */
jpayne@69 172 typedef krb5_error_code
jpayne@69 173 (*kadm5_auth_purgekeys_fn)(krb5_context context, kadm5_auth_moddata data,
jpayne@69 174 krb5_const_principal client,
jpayne@69 175 krb5_const_principal target);
jpayne@69 176
jpayne@69 177 /* Optional: authorize a delete-principal operation. */
jpayne@69 178 typedef krb5_error_code
jpayne@69 179 (*kadm5_auth_delprinc_fn)(krb5_context context, kadm5_auth_moddata data,
jpayne@69 180 krb5_const_principal client,
jpayne@69 181 krb5_const_principal target);
jpayne@69 182
jpayne@69 183 /* Optional: authorize a rename-principal operation. */
jpayne@69 184 typedef krb5_error_code
jpayne@69 185 (*kadm5_auth_renprinc_fn)(krb5_context context, kadm5_auth_moddata data,
jpayne@69 186 krb5_const_principal client,
jpayne@69 187 krb5_const_principal src,
jpayne@69 188 krb5_const_principal dest);
jpayne@69 189
jpayne@69 190 /* Optional: authorize a get-principal operation. */
jpayne@69 191 typedef krb5_error_code
jpayne@69 192 (*kadm5_auth_getprinc_fn)(krb5_context context, kadm5_auth_moddata data,
jpayne@69 193 krb5_const_principal client,
jpayne@69 194 krb5_const_principal target);
jpayne@69 195
jpayne@69 196 /* Optional: authorize a get-strings operation. */
jpayne@69 197 typedef krb5_error_code
jpayne@69 198 (*kadm5_auth_getstrs_fn)(krb5_context context, kadm5_auth_moddata data,
jpayne@69 199 krb5_const_principal client,
jpayne@69 200 krb5_const_principal target);
jpayne@69 201
jpayne@69 202 /* Optional: authorize an extract-keys operation. */
jpayne@69 203 typedef krb5_error_code
jpayne@69 204 (*kadm5_auth_extract_fn)(krb5_context context, kadm5_auth_moddata data,
jpayne@69 205 krb5_const_principal client,
jpayne@69 206 krb5_const_principal target);
jpayne@69 207
jpayne@69 208 /* Optional: authorize a list-principals operation. */
jpayne@69 209 typedef krb5_error_code
jpayne@69 210 (*kadm5_auth_listprincs_fn)(krb5_context context, kadm5_auth_moddata data,
jpayne@69 211 krb5_const_principal client);
jpayne@69 212
jpayne@69 213 /* Optional: authorize an add-policy operation. */
jpayne@69 214 typedef krb5_error_code
jpayne@69 215 (*kadm5_auth_addpol_fn)(krb5_context context, kadm5_auth_moddata data,
jpayne@69 216 krb5_const_principal client, const char *policy,
jpayne@69 217 const struct _kadm5_policy_ent_t *ent, long mask);
jpayne@69 218
jpayne@69 219 /* Optional: authorize a modify-policy operation. */
jpayne@69 220 typedef krb5_error_code
jpayne@69 221 (*kadm5_auth_modpol_fn)(krb5_context context, kadm5_auth_moddata data,
jpayne@69 222 krb5_const_principal client, const char *policy,
jpayne@69 223 const struct _kadm5_policy_ent_t *ent, long mask);
jpayne@69 224
jpayne@69 225 /* Optional: authorize a delete-policy operation. */
jpayne@69 226 typedef krb5_error_code
jpayne@69 227 (*kadm5_auth_delpol_fn)(krb5_context context, kadm5_auth_moddata data,
jpayne@69 228 krb5_const_principal client, const char *policy);
jpayne@69 229
jpayne@69 230 /* Optional: authorize a get-policy operation. client_policy is the client
jpayne@69 231 * principal's policy name, or NULL if it does not have one. */
jpayne@69 232 typedef krb5_error_code
jpayne@69 233 (*kadm5_auth_getpol_fn)(krb5_context context, kadm5_auth_moddata data,
jpayne@69 234 krb5_const_principal client, const char *policy,
jpayne@69 235 const char *client_policy);
jpayne@69 236
jpayne@69 237 /* Optional: authorize a list-policies operation. */
jpayne@69 238 typedef krb5_error_code
jpayne@69 239 (*kadm5_auth_listpols_fn)(krb5_context context, kadm5_auth_moddata data,
jpayne@69 240 krb5_const_principal client);
jpayne@69 241
jpayne@69 242 /* Optional: authorize an iprop operation. */
jpayne@69 243 typedef krb5_error_code
jpayne@69 244 (*kadm5_auth_iprop_fn)(krb5_context context, kadm5_auth_moddata data,
jpayne@69 245 krb5_const_principal client);
jpayne@69 246
jpayne@69 247 /*
jpayne@69 248 * Optional: receive a notification that the most recent authorized operation
jpayne@69 249 * has ended. If a kadm5_auth module is also a KDB module, it can assume that
jpayne@69 250 * all KDB methods invoked between a kadm5_auth authorization method invocation
jpayne@69 251 * and a kadm5_auth end invocation are performed as part of the authorized
jpayne@69 252 * operation.
jpayne@69 253 *
jpayne@69 254 * The end method may be invoked without a preceding authorization method in
jpayne@69 255 * some cases; the module must be prepared to ignore such calls.
jpayne@69 256 */
jpayne@69 257 typedef void
jpayne@69 258 (*kadm5_auth_end_fn)(krb5_context context, kadm5_auth_moddata data);
jpayne@69 259
jpayne@69 260 /*
jpayne@69 261 * Optional: free a restrictions object. This method does not need to be
jpayne@69 262 * defined if the module does not generate restrictions objects, or if it
jpayne@69 263 * returns aliases to restrictions objects contained from within the module
jpayne@69 264 * data.
jpayne@69 265 */
jpayne@69 266 typedef void
jpayne@69 267 (*kadm5_auth_free_restrictions_fn)(krb5_context context,
jpayne@69 268 kadm5_auth_moddata data,
jpayne@69 269 struct kadm5_auth_restrictions *rs);
jpayne@69 270
jpayne@69 271 /* kadm5_auth vtable for major version 1. */
jpayne@69 272 typedef struct kadm5_auth_vtable_st {
jpayne@69 273 const char *name; /* Mandatory: name of module. */
jpayne@69 274 kadm5_auth_init_fn init;
jpayne@69 275 kadm5_auth_fini_fn fini;
jpayne@69 276
jpayne@69 277 kadm5_auth_addprinc_fn addprinc;
jpayne@69 278 kadm5_auth_modprinc_fn modprinc;
jpayne@69 279 kadm5_auth_setstr_fn setstr;
jpayne@69 280 kadm5_auth_cpw_fn cpw;
jpayne@69 281 kadm5_auth_chrand_fn chrand;
jpayne@69 282 kadm5_auth_setkey_fn setkey;
jpayne@69 283 kadm5_auth_purgekeys_fn purgekeys;
jpayne@69 284 kadm5_auth_delprinc_fn delprinc;
jpayne@69 285 kadm5_auth_renprinc_fn renprinc;
jpayne@69 286
jpayne@69 287 kadm5_auth_getprinc_fn getprinc;
jpayne@69 288 kadm5_auth_getstrs_fn getstrs;
jpayne@69 289 kadm5_auth_extract_fn extract;
jpayne@69 290 kadm5_auth_listprincs_fn listprincs;
jpayne@69 291
jpayne@69 292 kadm5_auth_addpol_fn addpol;
jpayne@69 293 kadm5_auth_modpol_fn modpol;
jpayne@69 294 kadm5_auth_delpol_fn delpol;
jpayne@69 295 kadm5_auth_getpol_fn getpol;
jpayne@69 296 kadm5_auth_listpols_fn listpols;
jpayne@69 297
jpayne@69 298 kadm5_auth_iprop_fn iprop;
jpayne@69 299
jpayne@69 300 kadm5_auth_end_fn end;
jpayne@69 301
jpayne@69 302 kadm5_auth_free_restrictions_fn free_restrictions;
jpayne@69 303 /* Minor version 1 ends here. */
jpayne@69 304 } *kadm5_auth_vtable;
jpayne@69 305
jpayne@69 306 #endif /* KRB5_KADM5_AUTH_PLUGIN_H */