OpenAFS
OpenAFS distributed network file system
/cygdrive/c/src/openafs/openafs.git/repo/src/kauth/kaserver.h
00001 /*
00002  * Copyright 2000, International Business Machines Corporation and others.
00003  * All Rights Reserved.
00004  *
00005  * This software has been released under the terms of the IBM Public
00006  * License.  For details, see the LICENSE file in the top-level source
00007  * directory or online at http://www.openafs.org/dl/license10.html
00008  */
00009 
00010 /*
00011  * Revision 2.1  1990/08/07  19:11:33
00012  * Start with clean version to sync test and dev trees.
00013  *
00014  * Revision 1.11  89/02/10  11:56:23
00015  * Added union to kaentry structure which allows overloading several
00016  *   fields depending on which type of user it is.
00017  *
00018  * Revision 1.10  89/02/02  14:24:22
00019  * Removed calls to gethostid() which doesn't return IP address on Suns.
00020  *
00021  * Revision 1.9  88/12/22  14:43:48
00022  * COUNT_REQ remembers name of last operation.
00023  *
00024  * Revision 1.8  88/12/09  14:42:00
00025  * Greatly improved the external key version number management code.
00026  * Added new entry type called kaOldKeys.
00027  *
00028  * Revision 1.7  88/11/22  09:30:40
00029  * Change RPC statistics to be more robust.
00030  *
00031  * Revision 1.6  88/11/18  09:21:09
00032  * Conversion to Rx and the new RxGen.
00033  * Key version number is now a long.
00034  * Conversion to use of <afs/auth.h> include file.
00035  * Changed macros for statistics code since opcode hacking was punted.
00036  *
00037  * Revision 1.5  88/10/12  16:26:34
00038  * Added much better (working) support of key version number maintenance.
00039  *
00040  * Revision 1.4  88/09/20  11:53:12
00041  * Added IBM Copyright
00042  *
00043  * Revision 1.3  88/08/29  12:46:39
00044  * This checks in several new modules and many updates.  The AuthServer
00045  *   at this point works more or less as described in the NAFS document
00046  *   released in at the Aug 23-24 1988 workshop.
00047  * Tickets are as described in the kerberos.ticket file.
00048  * Intergrated w/ MIT's des implementation and the Andrew one-way password
00049  *   encryption.  Uses bcrypt for RSECURE connections.  Uses R not Rx.
00050  *
00051  * Revision 1.2  88/07/19  16:20:33
00052  * Added GetEntry and ListEntry; other internal changes.
00053  *  */
00054 
00055 #ifndef KADBVERSION
00056 #define KADBVERSION     5       /* the database version */
00057 #endif /* KADBVERSION */
00058 
00059 #define HASHSIZE        8191    /* pick a prime for the length */
00060 
00061 #define NULLO           0
00062 
00063 /* all fields are stored in network (sun or rt) byte order */
00064 struct kaheader {
00065     afs_int32 version;          /* database version number */
00066     afs_int32 headerSize;       /* bytes in header, for skipping in bad times */
00067     afs_int32 freePtr;          /* first (if any) free entry in freelist */
00068     afs_int32 eofPtr;           /* first free byte in file */
00069     afs_int32 kvnoPtr;          /* first special name old keys entry */
00070     struct kasstats stats;      /* track interesting statistics */
00071     afs_int32 admin_accounts;   /* total number of users w/ admin flag set */
00072     afs_int32 specialKeysVersion;       /* inc if special name gets new key */
00073     afs_int32 hashsize;         /* allocated size of nameHash */
00074 #if (KADBVERSION > 5)
00075     afs_int32 spare[10];        /* allocate some spares next time */
00076 #endif
00077     afs_int32 nameHash[HASHSIZE];       /* hash table for names */
00078     afs_int32 checkVersion;     /* database version number, same as first field */
00079 };
00080 
00081 #define ENTRYSIZE               200
00082 #define KA_NPWSUMS              (ENTRYSIZE - sizeof(kaident) - sizeof(struct ktc_encryptionKey)  - 11*4)
00083 
00084 /* all fields are stored in network byte order */
00085 struct kaentry {
00086     afs_int32 flags;            /* random flags */
00087     afs_int32 next;             /* next block same entry (or freelist) */
00088     Date user_expiration;       /* user registration good till then */
00089     Date modification_time;     /* time of last update */
00090     afs_int32 modification_id;  /* identity of user doing update */
00091     Date change_password_time;  /* time user last changed own password */
00092     afs_int32 max_ticket_lifetime;      /* maximum lifetime for tickets */
00093     afs_int32 key_version;      /* verson number of this key */
00094     union {                     /* overload several miscellaneous fields */
00095         struct {
00096             afs_int32 nOldKeys; /* number of outstanding old keys */
00097             afs_int32 oldKeys;  /* block containing old keys */
00098         } asServer;             /* for principals that are part of the AuthServer itself */
00099         struct {
00100             afs_int32 maxAssociates;    /* associates this user can create */
00101             afs_int32 nInstances;       /* number of instances user's created */
00102         } assocRoot;            /* for principals at root of associate tree */
00103         struct {
00104             afs_int32 root;     /* identity of this instance's root */
00105             afs_int32 spare;
00106         } associate;            /* associate instance */
00107     } misc;
00108     /* put the strings last to simplify alignment calculations */
00109     struct kaident userID;      /* user and instance names */
00110     struct ktc_encryptionKey key;       /* the key to use */
00111     unsigned char misc_auth_bytes[4];   /* expires, spare, attempts, locktime */
00112     unsigned char pwsums[KA_NPWSUMS];   /* pad to 200 bytes */
00113 };
00114 typedef struct kaentry kaentry;
00115 
00116 #define EXPIRES 0
00117 #define REUSEFLAGS 1
00118 #define ATTEMPTS 2
00119 #define LOCKTIME 3
00120 
00121 struct kaOldKey {               /* each old key still remembered */
00122     Date superseded;            /* time this key replaced, or zero */
00123     afs_int32 version;          /* key's version */
00124     struct ktc_encryptionKey key;
00125 };
00126 #define NOLDKEYS ((ENTRYSIZE-3*sizeof(afs_int32))/sizeof(struct kaOldKey))
00127 
00128 struct kaOldKeys {
00129     afs_int32 flags;            /* random flags */
00130     afs_int32 next;             /* next block of old keys for all entries (or freelist) */
00131     afs_int32 entry;            /* corresponding user entry */
00132     struct kaOldKey keys[NOLDKEYS];     /* each old key */
00133     char padding[ENTRYSIZE -
00134                  ((NOLDKEYS * sizeof(struct kaOldKey)) +
00135                   3 * sizeof(afs_int32))];
00136 };
00137 
00138 #define COUNT_REQ(op) int *this_op = &dynamic_statistics.op.aborts; dynamic_statistics.op.requests++; lastOperation = # op
00139 #define COUNT_ABO (*this_op)++
00140 
00141 /* given the disk offset of a structure, the memory address of the structure
00142    and the address of an item within the structure, compute the disk address of
00143    this last item. */
00144 #define DOFFSET(abase,astr,aitem) ((abase)+(((char *)(aitem)) - ((char *)(astr))))
00145 
00146 /* given an index for an entry return its disk address */
00147 #define IOFFSET(idx) (sizeof(kaentry)*(idx) + sizeof(cheader))
00148 
00149 extern struct kaheader cheader;
00150 extern struct kadstats dynamic_statistics;
00151 extern afs_uint32 myHost;
00152 
00153 extern int kaux_opendb(char *path);
00154 
00155 extern void kaux_closedb(void
00156     );
00157 
00158 extern int kaux_read(afs_int32 to, unsigned int *nfailures,
00159                      afs_uint32 * lasttime);
00160 
00161 extern int kaux_write(afs_int32 to, unsigned int nfailures,
00162                       afs_uint32 lasttime);
00163 
00164 extern void kaux_inc(afs_int32 to, afs_uint32 locktime);
00165 
00166 extern int kaux_islocked(afs_int32 to, u_int attempts, u_int locktime);
00167 
00168 extern afs_int32 krb4_cross;
00169 
00170 extern afs_int32 es_Report(char *fmt, ...)
00171     AFS_ATTRIBUTE_FORMAT(__printf__, 1, 2);
00172 
00173 #define LOCKPW
 All Data Structures Files Functions Variables