2009-12-23 23:17:16 +03:00
/*
2009-07-27 07:48:45 +04:00
Unix SMB / CIFS implementation .
KDC structures
Copyright ( C ) Andrew Tridgell 2005
Copyright ( C ) Andrew Bartlett < abartlet @ samba . org > 2005
2010-01-28 08:19:59 +03:00
Copyright ( C ) Simo Sorce < idra @ samba . org > 2010
2009-12-23 23:17:16 +03:00
2009-07-27 07:48:45 +04:00
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation ; either version 3 of the License , or
( at your option ) any later version .
2009-12-23 23:17:16 +03:00
2009-07-27 07:48:45 +04:00
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
2009-12-23 23:17:16 +03:00
2009-07-27 07:48:45 +04:00
You should have received a copy of the GNU General Public License
along with this program . If not , see < http : //www.gnu.org/licenses/>.
*/
2011-03-19 02:43:50 +03:00
# ifndef _SAMBA_KDC_H_
# define _SAMBA_KDC_H_
2023-05-08 04:16:10 +03:00
# include "lib/replace/replace.h"
# include "system/time.h"
# include "libcli/util/ntstatus.h"
2012-04-20 01:54:57 +04:00
struct samba_kdc_policy {
time_t svc_tkt_lifetime ;
time_t usr_tkt_lifetime ;
time_t renewal_lifetime ;
} ;
2010-01-28 08:08:36 +03:00
struct samba_kdc_base_context {
2009-07-27 10:09:25 +04:00
struct tevent_context * ev_ctx ;
struct loadparm_context * lp_ctx ;
2017-02-21 04:07:54 +03:00
struct imessaging_context * msg_ctx ;
2023-12-19 05:58:49 +03:00
struct ldb_context * samdb ;
2024-05-28 03:53:19 +03:00
/*
* If we are under Heimdal , this will be updated at each
* packet to be the same time as the KDC process uses and will
* be set into dsdb_gmsa_set_current_time ( ) ( otherwise NULL )
*/
unsigned long long * current_nttime_ull ;
2009-07-27 10:09:25 +04:00
} ;
2010-01-28 08:08:36 +03:00
struct samba_kdc_seq ;
struct samba_kdc_db_context {
struct tevent_context * ev_ctx ;
struct loadparm_context * lp_ctx ;
2017-02-21 04:07:54 +03:00
struct imessaging_context * msg_ctx ;
2010-01-28 08:08:36 +03:00
struct ldb_context * samdb ;
2010-01-28 09:27:11 +03:00
struct samba_kdc_seq * seq_ctx ;
2010-09-28 07:05:37 +04:00
bool rodc ;
unsigned int my_krbtgt_number ;
struct ldb_dn * krbtgt_dn ;
2012-04-20 01:54:57 +04:00
struct samba_kdc_policy policy ;
2024-05-28 03:53:19 +03:00
/*
* Copied from the base_context when this is created
*/
unsigned long long * current_nttime_ull ;
2010-01-28 08:08:36 +03:00
} ;
2010-01-28 08:19:59 +03:00
struct samba_kdc_entry {
struct samba_kdc_db_context * kdc_db_ctx ;
2023-07-11 07:52:25 +03:00
const struct sdb_entry * db_entry ; /* this is only temporarily valid */
2022-03-22 19:04:22 +03:00
const void * kdc_entry ; /* this is a reference to hdb_entry/krb5_db_entry */
2009-07-27 07:48:45 +04:00
struct ldb_message * msg ;
struct ldb_dn * realm_dn ;
2023-10-05 05:33:42 +03:00
struct claims_data * claims_from_pac ;
struct claims_data * claims_from_db ;
2023-10-12 03:40:21 +03:00
const struct auth_user_info_dc * info_from_pac ;
const struct PAC_DOMAIN_GROUP_MEMBERSHIP * resource_groups_from_pac ;
const struct auth_user_info_dc * info_from_db ;
2023-05-04 06:06:40 +03:00
const struct authn_kerberos_client_policy * client_policy ;
const struct authn_server_policy * server_policy ;
2021-12-24 06:59:12 +03:00
uint32_t supported_enctypes ;
2022-03-16 11:21:03 +03:00
NTSTATUS reject_status ;
2023-10-03 04:33:48 +03:00
bool is_krbtgt : 1 ;
bool is_rodc : 1 ;
bool is_trust : 1 ;
2023-10-05 05:33:42 +03:00
bool claims_from_pac_are_initialized : 1 ;
bool claims_from_db_are_initialized : 1 ;
2023-12-22 02:09:45 +03:00
bool group_managed_service_account : 1 ;
2024-05-28 03:53:19 +03:00
NTTIME current_nttime ;
2024-05-21 02:14:50 +03:00
int64_t enforced_tgt_lifetime_nt_ticks ;
2009-07-27 07:48:45 +04:00
} ;
2011-03-19 02:43:50 +03:00
2011-11-30 00:45:25 +04:00
extern struct hdb_method hdb_samba4_interface ;
2023-07-21 03:55:24 +03:00
# define CHANGEPW_LIFETIME (60*2) /* 2 minutes */
2022-05-24 08:53:49 +03:00
2011-03-19 02:43:50 +03:00
# endif /* _SAMBA_KDC_H_ */