xref: /freebsd/crypto/krb5/src/kdc/kdc_audit.h (revision f1c4c3daccbaf3820f0e2224de53df12fc952fcc) 
1 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
2 /* include/kdc_audit.h - KDC-facing API for audit */
3 /*
4  * Copyright 2013 by the Massachusetts Institute of Technology.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  *
10  * * Redistributions of source code must retain the above copyright
11  *   notice, this list of conditions and the following disclaimer.
12  *
13  * * Redistributions in binary form must reproduce the above copyright
14  *   notice, this list of conditions and the following disclaimer in
15  *   the documentation and/or other materials provided with the
16  *   distribution.
17  *
18  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
19  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
20  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
21  * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
22  * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
23  * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
24  * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
25  * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
27  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
29  * OF THE POSSIBILITY OF SUCH DAMAGE.
30  */
31 
32 #ifndef KRB5_KDC_AUDIT__
33 #define KRB5_KDC_AUDIT__
34 
35 #include <krb5/krb5.h>
36 #include <net-server.h>
37 #include <krb5/audit_plugin.h>
38 
39 krb5_error_code load_audit_modules(krb5_context context);
40 void unload_audit_modules(krb5_context context);
41 
42 /* Utilities */
43 
44 krb5_error_code
45 kau_make_tkt_id(krb5_context context,
46                 const krb5_ticket *ticket, char **out);
47 
48 krb5_error_code
49 kau_init_kdc_req(krb5_context context, krb5_kdc_req *request,
50                  const struct sockaddr *from, krb5_audit_state **au_state);
51 
52 void kau_free_kdc_req(krb5_audit_state *state);
53 
54 /* KDC-facing audit API */
55 
56 void
57 kau_kdc_start(krb5_context context, const krb5_boolean ev_success);
58 
59 void
60 kau_kdc_stop(krb5_context context, const krb5_boolean ev_success);
61 
62 void
63 kau_as_req(krb5_context context, const krb5_boolean ev_success,
64           krb5_audit_state *state);
65 
66 void
67 kau_tgs_req(krb5_context context, const krb5_boolean ev_success,
68            krb5_audit_state *state);
69 
70 void
71 kau_s4u2self(krb5_context context, const krb5_boolean ev_success,
72              krb5_audit_state *state);
73 
74 void
75 kau_s4u2proxy(krb5_context context, const krb5_boolean ev_success,
76               krb5_audit_state *state);
77 
78 void
79 kau_u2u(krb5_context context, const krb5_boolean ev_success,
80         krb5_audit_state *state);
81 
82 #endif /* KRB5_KDC_AUDIT__ */
83