/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */1/* kdc/realm_data.h */2/*3* Copyright (C) 2012 by the Massachusetts Institute of Technology.4* All rights reserved.5*6* Redistribution and use in source and binary forms, with or without7* modification, are permitted provided that the following conditions8* are met:9*10* * Redistributions of source code must retain the above copyright11* notice, this list of conditions and the following disclaimer.12*13* * Redistributions in binary form must reproduce the above copyright14* notice, this list of conditions and the following disclaimer in15* the documentation and/or other materials provided with the16* distribution.17*18* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS19* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT20* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS21* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE22* COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,23* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES24* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR25* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)26* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,27* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)28* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED29* OF THE POSSIBILITY OF SUCH DAMAGE.30*/3132#ifndef REALM_DATA_H33#define REALM_DATA_H3435typedef struct __kdc_realm_data {36/*37* General Kerberos per-realm data.38*/39char * realm_name; /* Realm name */40/* XXX the real context should go away once the db_context is done.41* The db_context is then associated with the realm keytab using42* krb5_ktkdb_resolv(). There should be nothing in the context which43* cannot span multiple realms -- proven */44krb5_context realm_context; /* Context to be used for realm */45krb5_keytab realm_keytab; /* keytab to be used for this realm */46char * realm_hostbased; /* referral services for NT-UNKNOWN */47char * realm_no_referral; /* non-referral services */48/*49* Database per-realm data.50*/51char * realm_stash; /* Stash file name for realm */52char * realm_mpname; /* Master principal name for realm */53krb5_principal realm_mprinc; /* Master principal for realm */54/*55* Note realm_mkey is mkey read from stash or keyboard and may not be the56* latest.57*/58krb5_keyblock realm_mkey; /* Master key for this realm */59/*60* TGS per-realm data.61*/62krb5_principal realm_tgsprinc; /* TGS principal for this realm */63/*64* Other per-realm data.65*/66char *realm_listen; /* Per-realm KDC UDP listen */67char *realm_tcp_listen; /* Per-realm KDC TCP listen */68/*69* Per-realm parameters.70*/71krb5_deltat realm_maxlife; /* Maximum ticket life for realm */72krb5_deltat realm_maxrlife; /* Maximum renewable life for realm */73krb5_boolean realm_reject_bad_transit; /* Accept unverifiable transited_realm ? */74krb5_boolean realm_restrict_anon; /* Anon to local TGT only */75krb5_boolean realm_disable_pac; /* Prevent issuance of PACs. */76} kdc_realm_t;7778struct server_handle {79kdc_realm_t **kdc_realmlist;80int kdc_numrealms;81krb5_context kdc_err_context;82};8384kdc_realm_t *find_realm_data(struct server_handle *, char *, krb5_ui_4);85kdc_realm_t *setup_server_realm(struct server_handle *, krb5_principal);8687#endif /* REALM_DATA_H */888990