source4/kdc/samba_kdc.h

   1 /*
   2    Unix SMB/CIFS implementation.
   3
   4    KDC structures
   5
   6    Copyright (C) Andrew Tridgell        2005
   7    Copyright (C) Andrew Bartlett <abartlet@samba.org> 2005
   8    Copyright (C) Simo Sorce <idra@samba.org> 2010
   9
  10    This program is free software; you can redistribute it and/or modify
  11    it under the terms of the GNU General Public License as published by
  12    the Free Software Foundation; either version 3 of the License, or
  13    (at your option) any later version.
  14
  15    This program is distributed in the hope that it will be useful,
  16    but WITHOUT ANY WARRANTY; without even the implied warranty of
  17    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  18    GNU General Public License for more details.
  19
  20    You should have received a copy of the GNU General Public License
  21    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  22 */
  23
  24 #ifndef _SAMBA_KDC_H_
  25 #define _SAMBA_KDC_H_
  26
  27 #include "lib/replace/replace.h"
  28 #include "system/time.h"
  29 #include "libcli/util/ntstatus.h"
  30
  31 struct samba_kdc_policy {
  32         time_t svc_tkt_lifetime;
  33         time_t usr_tkt_lifetime;
  34         time_t renewal_lifetime;
  35 };
  36
  37 struct samba_kdc_base_context {
  38         struct tevent_context *ev_ctx;
  39         struct loadparm_context *lp_ctx;
  40         struct imessaging_context *msg_ctx;
  41         struct ldb_context *samdb;
  42 };
  43
  44 struct samba_kdc_seq;
  45
  46 struct samba_kdc_db_context {
  47         struct tevent_context *ev_ctx;
  48         struct loadparm_context *lp_ctx;
  49         struct imessaging_context *msg_ctx;
  50         struct ldb_context *samdb;
  51         struct samba_kdc_seq *seq_ctx;
  52         bool rodc;
  53         unsigned int my_krbtgt_number;
  54         struct ldb_dn *krbtgt_dn;
  55         struct samba_kdc_policy policy;
  56 };
  57
  58 struct samba_kdc_entry {
  59         struct samba_kdc_db_context *kdc_db_ctx;
  60         const struct sdb_entry *db_entry; /* this is only temporarily valid */
  61         const void *kdc_entry; /* this is a reference to hdb_entry/krb5_db_entry */
  62         struct ldb_message *msg;
  63         struct ldb_dn *realm_dn;
  64         struct claims_data *claims_from_pac;
  65         struct claims_data *claims_from_db;
  66         const struct auth_user_info_dc *info_from_pac;
  67         const struct PAC_DOMAIN_GROUP_MEMBERSHIP *resource_groups_from_pac;
  68         const struct auth_user_info_dc *info_from_db;
  69         const struct authn_kerberos_client_policy *client_policy;
  70         const struct authn_server_policy *server_policy;
  71         uint32_t supported_enctypes;
  72         NTSTATUS reject_status;
  73         bool is_krbtgt : 1;
  74         bool is_rodc : 1;
  75         bool is_trust : 1;
  76         bool claims_from_pac_are_initialized : 1;
  77         bool claims_from_db_are_initialized : 1;
  78         bool group_managed_service_account : 1;
  79 };
  80
  81 extern struct hdb_method hdb_samba4_interface;
  82
  83 #define CHANGEPW_LIFETIME (60*2) /* 2 minutes */
  84
  85 #endif /* _SAMBA_KDC_H_ */