2010-01-28 09:27:11 +03:00
/*
Unix SMB / CIFS implementation .
Database Glue between Samba and the KDC
Copyright ( C ) Andrew Bartlett < abartlet @ samba . org > 2005 - 2009
Copyright ( C ) Simo Sorce < idra @ samba . org > 2010
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation ; either version 3 of the License , or
( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
You should have received a copy of the GNU General Public License
along with this program . If not , see < http : //www.gnu.org/licenses/>.
*/
2022-03-22 20:09:33 +03:00
struct sdb_keys ;
2022-03-23 05:43:25 +03:00
struct sdb_entry ;
2014-05-08 19:13:04 +04:00
2022-03-08 12:49:31 +03:00
struct samba_kdc_base_context ;
struct samba_kdc_db_context ;
struct samba_kdc_entry ;
enum samba_kdc_ent_type {
SAMBA_KDC_ENT_TYPE_CLIENT ,
SAMBA_KDC_ENT_TYPE_SERVER ,
SAMBA_KDC_ENT_TYPE_KRBTGT ,
SAMBA_KDC_ENT_TYPE_TRUST ,
SAMBA_KDC_ENT_TYPE_ANY
} ;
/*
* This allows DSDB to parse Kerberos keys without duplicating this
* difficulty
*/
krb5_error_code samba_kdc_message2entry_keys ( krb5_context context ,
TALLOC_CTX * mem_ctx ,
const struct ldb_message * msg ,
bool is_krbtgt ,
bool is_rodc ,
uint32_t userAccountControl ,
enum samba_kdc_ent_type ent_type ,
unsigned flags ,
krb5_kvno requested_kvno ,
struct sdb_entry * entry ,
const uint32_t supported_enctypes_in ,
uint32_t * supported_enctypes_out ) ;
2018-09-20 05:24:11 +03:00
int samba_kdc_set_fixed_keys ( krb5_context context ,
const struct ldb_val * secretbuffer ,
2022-03-22 23:47:53 +03:00
uint32_t supported_enctypes ,
2022-03-22 20:09:33 +03:00
struct sdb_keys * keys ) ;
2018-09-20 05:24:11 +03:00
2010-01-28 09:27:11 +03:00
krb5_error_code samba_kdc_fetch ( krb5_context context ,
struct samba_kdc_db_context * kdc_db_ctx ,
krb5_const_principal principal ,
unsigned flags ,
2010-12-04 01:06:53 +03:00
krb5_kvno kvno ,
2022-03-23 05:43:25 +03:00
struct sdb_entry * entry ) ;
2010-01-28 09:27:11 +03:00
krb5_error_code samba_kdc_firstkey ( krb5_context context ,
struct samba_kdc_db_context * kdc_db_ctx ,
2022-03-23 05:43:25 +03:00
struct sdb_entry * entry ) ;
2010-01-28 09:27:11 +03:00
krb5_error_code samba_kdc_nextkey ( krb5_context context ,
struct samba_kdc_db_context * kdc_db_ctx ,
2022-03-23 05:43:25 +03:00
struct sdb_entry * entry ) ;
2010-01-28 09:27:11 +03:00
krb5_error_code
2016-01-08 04:08:18 +03:00
samba_kdc_check_client_matches_target_service ( krb5_context context ,
2021-10-07 22:29:51 +03:00
struct samba_kdc_entry * skdc_entry_client ,
struct samba_kdc_entry * skdc_entry_server_target ) ;
2010-01-28 09:27:11 +03:00
krb5_error_code
samba_kdc_check_pkinit_ms_upn_match ( krb5_context context ,
struct samba_kdc_db_context * kdc_db_ctx ,
2014-05-09 16:56:22 +04:00
struct samba_kdc_entry * skdc_entry ,
2010-01-28 09:27:11 +03:00
krb5_const_principal certificate_principal ) ;
2010-09-28 07:05:37 +04:00
2011-04-07 13:16:55 +04:00
krb5_error_code
samba_kdc_check_s4u2proxy ( krb5_context context ,
struct samba_kdc_db_context * kdc_db_ctx ,
2014-05-09 16:58:08 +04:00
struct samba_kdc_entry * skdc_entry ,
2011-04-07 13:16:55 +04:00
krb5_const_principal target_principal ) ;
2021-12-14 13:16:12 +03:00
krb5_error_code samba_kdc_check_s4u2proxy_rbcd (
krb5_context context ,
struct samba_kdc_db_context * kdc_db_ctx ,
krb5_const_principal client_principal ,
krb5_const_principal server_principal ,
2022-11-07 04:14:18 +03:00
krb5_const_pac header_pac ,
2021-12-14 13:16:12 +03:00
struct samba_kdc_entry * proxy_skdc_entry ) ;
2010-09-28 07:05:37 +04:00
NTSTATUS samba_kdc_setup_db_ctx ( TALLOC_CTX * mem_ctx , struct samba_kdc_base_context * base_ctx ,
struct samba_kdc_db_context * * kdc_db_ctx_out ) ;
2022-05-18 11:12:36 +03:00
krb5_error_code dsdb_extract_aes_256_key ( krb5_context context ,
TALLOC_CTX * mem_ctx ,
const struct ldb_message * msg ,
uint32_t user_account_control ,
const uint32_t * kvno ,
uint32_t * kvno_out ,
DATA_BLOB * aes_256_key ,
DATA_BLOB * salt ) ;