Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/crypto/krb5/src/include/kcm.h
34878 views
1
/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */

2
/* include/kcm.h - Kerberos cache manager protocol declarations */

3
/*

4
 * Copyright (C) 2014 by the Massachusetts Institute of Technology.

5
 * All rights reserved.

6
 *

7
 * Redistribution and use in source and binary forms, with or without

8
 * modification, are permitted provided that the following conditions

9
 * are met:

10
 *

11
 * * Redistributions of source code must retain the above copyright

12
 *   notice, this list of conditions and the following disclaimer.

13
 *

14
 * * Redistributions in binary form must reproduce the above copyright

15
 *   notice, this list of conditions and the following disclaimer in

16
 *   the documentation and/or other materials provided with the

17
 *   distribution.

18
 *

19
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS

20
 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT

21
 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS

22
 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE

23
 * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,

24
 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES

25
 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR

26
 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

27
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,

28
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

29
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED

30
 * OF THE POSSIBILITY OF SUCH DAMAGE.

31
 */

32


33
#ifndef KCM_H

34
#define KCM_H

35


36
#define KCM_PROTOCOL_VERSION_MAJOR 2

37
#define KCM_PROTOCOL_VERSION_MINOR 0

38


39
#define KCM_UUID_LEN 16

40


41
/* This should ideally be in RUNSTATEDIR, but Heimdal uses a hardcoded

42
 * /var/run, and we need to use the same default path. */

43
#define DEFAULT_KCM_SOCKET_PATH "/var/run/.heim_org.h5l.kcm-socket"

44
#define DEFAULT_KCM_MACH_SERVICE "org.h5l.kcm"

45


46
/*

47
 * All requests begin with:

48
 *   major version (1 bytes)

49
 *   minor version (1 bytes)

50
 *   opcode (16-bit big-endian)

51
 *

52
 * All replies begin with a 32-bit big-endian reply code.

53
 *

54
 * Parameters are appended to the request or reply with no delimiters.  Flags,

55
 * time offsets, and lengths are stored as 32-bit big-endian integers.  Names

56
 * are marshalled as zero-terminated strings.  Principals and credentials are

57
 * marshalled in the v4 FILE ccache format.  UUIDs are 16 bytes.  UUID lists

58
 * are not delimited, so nothing can come after them.

59
 *

60
 * Flag words must use Heimdal flag values, which are not the same as MIT krb5

61
 * values for KRB5_GC and KRB5_TC constants.  The same flag word may contain

62
 * both kinds of flags in Heimdal, but not in MIT krb5.  Defines for the

63
 * applicable Heimdal flag values are given below using KCM_GC and KCM_TC

64
 * prefixes.

65
 */

66


67
#define KCM_GC_CACHED                   (1U << 0)

68


69
#define KCM_TC_DONT_MATCH_REALM         (1U << 31)

70
#define KCM_TC_MATCH_KEYTYPE            (1U << 30)

71
#define KCM_TC_MATCH_SRV_NAMEONLY       (1U << 29)

72
#define KCM_TC_MATCH_FLAGS_EXACT        (1U << 28)

73
#define KCM_TC_MATCH_FLAGS              (1U << 27)

74
#define KCM_TC_MATCH_TIMES_EXACT        (1U << 26)

75
#define KCM_TC_MATCH_TIMES              (1U << 25)

76
#define KCM_TC_MATCH_AUTHDATA           (1U << 24)

77
#define KCM_TC_MATCH_2ND_TKT            (1U << 23)

78
#define KCM_TC_MATCH_IS_SKEY            (1U << 22)

79


80
/* Opcodes without comments are currently unused in the MIT client

81
 * implementation. */

82
typedef enum kcm_opcode {

83
    KCM_OP_NOOP,

84
    KCM_OP_GET_NAME,

85
    KCM_OP_RESOLVE,

86
    KCM_OP_GEN_NEW,             /*                     () -> (name)      */

87
    KCM_OP_INITIALIZE,          /*          (name, princ) -> ()          */

88
    KCM_OP_DESTROY,             /*                 (name) -> ()          */

89
    KCM_OP_STORE,               /*           (name, cred) -> ()          */

90
    KCM_OP_RETRIEVE,            /* (name, flags, credtag) -> (cred)      */

91
    KCM_OP_GET_PRINCIPAL,       /*                 (name) -> (princ)     */

92
    KCM_OP_GET_CRED_UUID_LIST,  /*                 (name) -> (uuid, ...) */

93
    KCM_OP_GET_CRED_BY_UUID,    /*           (name, uuid) -> (cred)      */

94
    KCM_OP_REMOVE_CRED,         /* (name, flags, credtag) -> ()          */

95
    KCM_OP_SET_FLAGS,

96
    KCM_OP_CHOWN,

97
    KCM_OP_CHMOD,

98
    KCM_OP_GET_INITIAL_TICKET,

99
    KCM_OP_GET_TICKET,

100
    KCM_OP_MOVE_CACHE,

101
    KCM_OP_GET_CACHE_UUID_LIST, /*                     () -> (uuid, ...) */

102
    KCM_OP_GET_CACHE_BY_UUID,   /*                 (uuid) -> (name)      */

103
    KCM_OP_GET_DEFAULT_CACHE,   /*                     () -> (name)      */

104
    KCM_OP_SET_DEFAULT_CACHE,   /*                 (name) -> ()          */

105
    KCM_OP_GET_KDC_OFFSET,      /*                 (name) -> (offset)    */

106
    KCM_OP_SET_KDC_OFFSET,      /*         (name, offset) -> ()          */

107
    KCM_OP_ADD_NTLM_CRED,

108
    KCM_OP_HAVE_NTLM_CRED,

109
    KCM_OP_DEL_NTLM_CRED,

110
    KCM_OP_DO_NTLM_AUTH,

111
    KCM_OP_GET_NTLM_USER_LIST,

112


113
    /* MIT extensions */

114
    KCM_OP_MIT_EXTENSION_BASE = 13000,

115
    KCM_OP_GET_CRED_LIST,       /* (name) -> (count, count*{len, cred}) */

116
    KCM_OP_REPLACE,             /* (name, offset, princ,

117
                                 *  count, count*{len, cred}) -> () */

118
} kcm_opcode;

119


120
#endif /* KCM_H */

121


122