diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2005-11-06 14:15:34 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:45:50 -0500 |
| commit | fb2394d309f33bdccde3a4e17f6fd994d452b425 (patch) | |
| tree | f1caf0a70e1fb2729b15f03564d1b68dbaa412e3 /source4/heimdal/lib/hdb/hdb.h | |
| parent | df5b70db2c228bd781d8472440858dcdf502f9f9 (diff) | |
| download | samba-fb2394d309f33bdccde3a4e17f6fd994d452b425.tar.gz samba-fb2394d309f33bdccde3a4e17f6fd994d452b425.tar.bz2 samba-fb2394d309f33bdccde3a4e17f6fd994d452b425.zip | |
r11536: Add a hook for client-principal access control to hdb-ldb, re-using
the code in auth/auth_sam.c for consistancy. This will also allow us
to have one place for a backend directory hook.
I will use a very similar hook to add the PAC.
Andrew Bartlett
(This used to be commit 4315836cd8c94eb8340c4050804face4d0066810)
Diffstat (limited to 'source4/heimdal/lib/hdb/hdb.h')
| -rw-r--r-- | source4/heimdal/lib/hdb/hdb.h | 21 |
1 files changed, 20 insertions, 1 deletions
diff --git a/source4/heimdal/lib/hdb/hdb.h b/source4/heimdal/lib/hdb/hdb.h index fe86f0ae72..41cc03cf36 100644 --- a/source4/heimdal/lib/hdb/hdb.h +++ b/source4/heimdal/lib/hdb/hdb.h @@ -54,6 +54,23 @@ enum hdb_ent_type{ HDB_ENT_TYPE_CLIENT, HDB_ENT_TYPE_SERVER, HDB_ENT_TYPE_ANY }; typedef struct hdb_master_key_data *hdb_master_key; +typedef struct hdb_entry_ex { + struct hdb_entry entry; + void *private; + + krb5_error_code (*free_private)(krb5_context, struct hdb_entry_ex *); + krb5_error_code (*check_client_access)(krb5_context, struct hdb_entry_ex *, HostAddresses *); + krb5_error_code (*authz_data_as_req)(krb5_context, struct hdb_entry_ex *, + AuthorizationData *in, + EncryptionKey *tgtkey, + AuthorizationData *out); + krb5_error_code (*authz_data_tgs_req)(krb5_context, struct hdb_entry_ex *, + AuthorizationData *in, + EncryptionKey *tgtkey, + EncryptionKey *servicekey, + AuthorizationData *out); +} hdb_entry_ex; + typedef struct HDB{ void *hdb_db; void *hdb_dbc; @@ -66,6 +83,8 @@ typedef struct HDB{ krb5_error_code (*hdb_close)(krb5_context, struct HDB*); krb5_error_code (*hdb_fetch)(krb5_context,struct HDB*,unsigned hdb_flags, krb5_const_principal principal, enum hdb_ent_type ent_type, hdb_entry*); + krb5_error_code (*hdb_fetch_ex)(krb5_context,struct HDB*,unsigned hdb_flags, krb5_const_principal principal, + enum hdb_ent_type ent_type, hdb_entry_ex*); krb5_error_code (*hdb_store)(krb5_context,struct HDB*,unsigned,hdb_entry*); krb5_error_code (*hdb_remove)(krb5_context, struct HDB*, hdb_entry*); krb5_error_code (*hdb_firstkey)(krb5_context, struct HDB*, @@ -82,7 +101,7 @@ typedef struct HDB{ krb5_error_code (*hdb_destroy)(krb5_context, struct HDB*); }HDB; -#define HDB_INTERFACE_VERSION 2 +#define HDB_INTERFACE_VERSION 3 struct hdb_so_method { int version; |