| blob | 47c8461860b5638680dfa622f60df00cad564253 |
1 -- $Id$
2 HDB DEFINITIONS ::=
3 BEGIN
5 IMPORTS EncryptionKey, KerberosTime, Principal FROM krb5;
7 HDB_DB_FORMAT INTEGER ::= 2 -- format of database,
8 -- update when making changes
10 -- these must have the same value as the pa-* counterparts
11 hdb-pw-salt INTEGER ::= 3
12 hdb-afs3-salt INTEGER ::= 10
14 Salt ::= SEQUENCE {
15 type[0] INTEGER (0..4294967295),
16 salt[1] OCTET STRING
17 }
19 Key ::= SEQUENCE {
20 mkvno[0] INTEGER (0..4294967295) OPTIONAL, -- master key version number
21 key[1] EncryptionKey,
22 salt[2] Salt OPTIONAL
23 }
25 Event ::= SEQUENCE {
26 time[0] KerberosTime,
27 principal[1] Principal OPTIONAL
28 }
30 HDBFlags ::= BIT STRING {
31 initial(0), -- require as-req
32 forwardable(1), -- may issue forwardable
33 proxiable(2), -- may issue proxiable
34 renewable(3), -- may issue renewable
35 postdate(4), -- may issue postdatable
36 server(5), -- may be server
37 client(6), -- may be client
38 invalid(7), -- entry is invalid
39 require-preauth(8), -- must use preauth
40 change-pw(9), -- change password service
41 require-hwauth(10), -- must use hwauth
42 ok-as-delegate(11), -- as in TicketFlags
43 user-to-user(12), -- may use user-to-user auth
44 immutable(13) -- may not be deleted
45 }
47 GENERATION ::= SEQUENCE {
48 time[0] KerberosTime, -- timestamp
49 usec[1] INTEGER (0..4294967295), -- microseconds
50 gen[2] INTEGER (0..4294967295) -- generation number
51 }
53 hdb_entry ::= SEQUENCE {
54 principal[0] Principal OPTIONAL, -- this is optional only
55 -- for compatibility with libkrb5
56 kvno[1] INTEGER (0..4294967295),
57 keys[2] SEQUENCE OF Key,
58 created-by[3] Event,
59 modified-by[4] Event OPTIONAL,
60 valid-start[5] KerberosTime OPTIONAL,
61 valid-end[6] KerberosTime OPTIONAL,
62 pw-end[7] KerberosTime OPTIONAL,
63 max-life[8] INTEGER (0..4294967295) OPTIONAL,
64 max-renew[9] INTEGER (0..4294967295) OPTIONAL,
65 flags[10] HDBFlags,
66 etypes[11] SEQUENCE OF INTEGER (0..4294967295) OPTIONAL,
67 generation[12] GENERATION OPTIONAL
68 }
70 END