kadmin

package

v0.0.0-...-6ee07a3 Latest Latest Go to latest Published: Mar 22, 2022 License: MIT Imports: 6 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/Mellywins/gokrb5-kdc-wrapper

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
type AddPrincipalAttributes
- func CreateAddPrincipalAttributes() *AddPrincipalAttributes
type AddPrincipalType
- func AddPrincipal(atts AddPrincipalAttributes) *AddPrincipalType
type Executable
type ExecutorSpec
type ExecutorSpecBuilder
- func NewExecutorSpecBuilder() *ExecutorSpecBuilder

Constants ¶

View Source

const (
	Disallow int = iota // Value of 0 -> Translated to - in the kadmin flag
	Allow               // Value of 1 -> Translated to + in the kadmin flag
)

Variables ¶

View Source

var IntToSymbolMap = map[int]string{0: "-", 1: "+"}

Functions ¶

This section is empty.

Types ¶

type AddPrincipalAttributes ¶

type AddPrincipalAttributes struct {
	CommandString string // String containing the commands progressively built with the available Builders
	// contains filtered or unexported fields
}

Attributes holder for the different options provided by Kerberos MIT.

func CreateAddPrincipalAttributes ¶

func CreateAddPrincipalAttributes() *AddPrincipalAttributes

func (*AddPrincipalAttributes) SetDupKey ¶

func (apatts *AddPrincipalAttributes) SetDupKey(n int) *AddPrincipalAttributes

SetDupKey -allow_dup_skey(0) disables user-to-user authentication for this principal by prohibiting this principal from obtaining a session key for another user. +allow_dup_skey (1) clears this flag.

func (*AddPrincipalAttributes) SetForwardable ¶

func (apatts *AddPrincipalAttributes) SetForwardable(n int) *AddPrincipalAttributes

SetForwardable -allow_forwardable(0) prohibits this principal from obtaining forwardable tickets. +allow_forwardable (1) clears this flag.

func (*AddPrincipalAttributes) SetHwAuth ¶

func (apatts *AddPrincipalAttributes) SetHwAuth(n int) *AddPrincipalAttributes

SetHwAuth +requires_hwauth(1) requires this principal to preauthenticate using a hardware device before being allowed to kinit. -requires_hwauth(0) clears this flag. When +requires_hwauth is set on a service principal, the KDC will only issue service tickets for that service principal if the client’s initial authentication was performed using a hardware device to preauthenticate.

func (*AddPrincipalAttributes) SetNeedChange ¶

func (apatts *AddPrincipalAttributes) SetNeedChange(n int) *AddPrincipalAttributes

SetNeedChange +needchange(1) forces a password change on the next initial authentication to this principal. -needchange(0) clears this flag.

func (*AddPrincipalAttributes) SetNoAuthDataRequired ¶

func (apatts *AddPrincipalAttributes) SetNoAuthDataRequired() *AddPrincipalAttributes

SetNoAuthDataRequired +no_auth_data_required prevents PAC or AD-SIGNEDPATH data from being added to service tickets for the principal.

func (*AddPrincipalAttributes) SetOkAsDelegate ¶

func (apatts *AddPrincipalAttributes) SetOkAsDelegate(n int) *AddPrincipalAttributes

SetOkAsDelegate +ok_as_delegate(1) sets the okay as delegate flag on tickets issued with this principal as the service. Clients may use this flag as a hint that credentials should be delegated when authenticating to the service. -ok_as_delegate(0) clears this flag.

func (*AddPrincipalAttributes) SetOkToAuthAsDelegate ¶

func (apatts *AddPrincipalAttributes) SetOkToAuthAsDelegate() *AddPrincipalAttributes

SetOkToAuthAsDelegate +ok_to_auth_as_delegate allows this principal to acquire forwardable tickets to itself from arbitrary users, for use with constrained delegation.

func (*AddPrincipalAttributes) SetPasswordChangingService ¶

func (apatts *AddPrincipalAttributes) SetPasswordChangingService() *AddPrincipalAttributes

SetPasswordChangingService +password_changing_service(1) marks this principal as a password change service principal.

func (*AddPrincipalAttributes) SetPostdated ¶

func (apatts *AddPrincipalAttributes) SetPostdated(n int) *AddPrincipalAttributes

SetPostdated -allow_postdated(0) prohibits this principal from obtaining postdated tickets. +allow_postdated(1) clears this flag.

func (*AddPrincipalAttributes) SetPreAuth ¶

func (apatts *AddPrincipalAttributes) SetPreAuth(n int) *AddPrincipalAttributes

SetPreAuth +requires_preauth(1) requires this principal to preauthenticate before being allowed to kinit. -requires_preauth(0) clears this flag. When +requires_preauth is set on a service principal, the KDC will only issue service tickets for that service principal if the client’s initial authentication was performed using preauthentication.

func (*AddPrincipalAttributes) SetProxiable ¶

func (apatts *AddPrincipalAttributes) SetProxiable(n int) *AddPrincipalAttributes

SetProxiable -allow_proxiable(0) prohibits this principal from obtaining proxiable tickets. +allow_proxiable(1) clears this flag.

func (*AddPrincipalAttributes) SetRenewable ¶

func (apatts *AddPrincipalAttributes) SetRenewable(n int) *AddPrincipalAttributes

SetRenewable -allow_renewable(0) prohibits this principal from obtaining renewable tickets. +allow_renewable(1) clears this flag.

func (*AddPrincipalAttributes) SetSvr ¶

func (apatts *AddPrincipalAttributes) SetSvr(n int) *AddPrincipalAttributes

SetSvr -allow_svr(0) prohibits the issuance of service tickets for this principal. +allow_svr clears this flag(1).

func (*AddPrincipalAttributes) SetTgsReq ¶

func (apatts *AddPrincipalAttributes) SetTgsReq(n int) *AddPrincipalAttributes

SetTgsReq -allow_tgs_req(0) specifies that a Ticket-Granting Service (TGS) request for a service ticket for this principal is not permitted. +allow_tgs_req(1) clears this flag.

func (*AddPrincipalAttributes) SetTix ¶

func (apatts *AddPrincipalAttributes) SetTix(n int) *AddPrincipalAttributes

SetTix -allow_tix(0) forbids the issuance of any tickets for this principal. +allow_tix (1) clears this flag.

type AddPrincipalType ¶

type AddPrincipalType struct {
	CommandString string // String containing the commands progressively built with the available Builders
	// contains filtered or unexported fields
}

func AddPrincipal ¶

func AddPrincipal(atts AddPrincipalAttributes) *AddPrincipalType

Instantiate a new Add_Principal command runner. Not setting a flag to a value of your chooseing implies that the KDC command will use its default value.

func (*AddPrincipalType) Exec ¶

func (apt *AddPrincipalType) Exec() string

func (*AddPrincipalType) ParseCommand ¶

func (apt *AddPrincipalType) ParseCommand() *AddPrincipalType

func (*AddPrincipalType) SetVerbosity ¶

func (aptt *AddPrincipalType) SetVerbosity(b bool) *AddPrincipalType

func (*AddPrincipalType) WithAttributes ¶

func (apt *AddPrincipalType) WithAttributes(atts AddPrincipalAttributes) *AddPrincipalType

func (*AddPrincipalType) WithClearPolicy ¶

func (apt *AddPrincipalType) WithClearPolicy() *AddPrincipalType

func (*AddPrincipalType) WithExpDate ¶

func (apt *AddPrincipalType) WithExpDate(date string) *AddPrincipalType

func (*AddPrincipalType) WithKvno ¶

func (apt *AddPrincipalType) WithKvno(kvno int) *AddPrincipalType

func (*AddPrincipalType) WithMaxLife ¶

func (apt *AddPrincipalType) WithMaxLife(max_life_date string) *AddPrincipalType

func (*AddPrincipalType) WithNoKey ¶

func (apt *AddPrincipalType) WithNoKey() *AddPrincipalType

func (*AddPrincipalType) WithPassword ¶

func (apt *AddPrincipalType) WithPassword(pw string) *AddPrincipalType

WithPassword Sets the password of the principal to the specified string and does not prompt for a password. Note: using this option in a shell script may expose the password to other users on the system via the process list.

func (*AddPrincipalType) WithPolicy ¶

func (apt *AddPrincipalType) WithPolicy(policy string) *AddPrincipalType

The password policy used by this principal. If not specified, the policy default is used if it exists (unless -clearpolicy is specified).

func (*AddPrincipalType) WithPrincipal ¶

func (apt *AddPrincipalType) WithPrincipal(name string) *AddPrincipalType

func (*AddPrincipalType) WithPwExpDate ¶

func (apt *AddPrincipalType) WithPwExpDate(date string) *AddPrincipalType

func (*AddPrincipalType) WithRandKey ¶

func (apt *AddPrincipalType) WithRandKey() *AddPrincipalType

type Executable ¶

type Executable interface {
	ParseCommand()
	Exec()
}

type ExecutorSpec ¶

type ExecutorSpec struct {
	Local     bool
	Realm     string // Defaults to the KDC server default realm.
	Principal string
	UseKeytab bool

	CredentialsCache string

	Dbname             string
	AdminServer        string // admin_server[:port]
	Salt               string // TODO
	AuthGssapi         bool
	AuthGssapiFallback bool
	Verbose            bool
	// contains filtered or unexported fields
}

func (*ExecutorSpec) Execute ¶

func (b *ExecutorSpec) Execute(command types.Query) *exec.Cmd

Execute Accepts a type of interface Query. It will then formulate the shell script that will be run on the KDC and run it.

func (*ExecutorSpec) NewKadminExecutor ¶

func (ex *ExecutorSpec) NewKadminExecutor() *ExecutorSpec

func (*ExecutorSpec) ProbeLiveliness ¶

func (ex *ExecutorSpec) ProbeLiveliness() *ExecutorSpec

ProbeLiveliness TODO

type ExecutorSpecBuilder ¶

type ExecutorSpecBuilder struct {
	// contains filtered or unexported fields
}

ExecutorSpecBuilder builder pattern code

func NewExecutorSpecBuilder ¶

func NewExecutorSpecBuilder() *ExecutorSpecBuilder

NewExecutorSpecBuilder Incrementation creation of the kadmin Executor

func (*ExecutorSpecBuilder) AdminServer ¶

func (b *ExecutorSpecBuilder) AdminServer(adminServer string) *ExecutorSpecBuilder

func (*ExecutorSpecBuilder) AuthGssapi ¶

func (b *ExecutorSpecBuilder) AuthGssapi(authGssapi bool) *ExecutorSpecBuilder

func (*ExecutorSpecBuilder) AuthGssapiFallback ¶

func (b *ExecutorSpecBuilder) AuthGssapiFallback(authGssapiFallback bool) *ExecutorSpecBuilder

func (*ExecutorSpecBuilder) Build ¶

func (b *ExecutorSpecBuilder) Build() (*ExecutorSpec, error)

Build returns a reference to the ExecutorSpec, and error if it occurs

func (*ExecutorSpecBuilder) CredentialsCache ¶

func (b *ExecutorSpecBuilder) CredentialsCache(credentialsCache string) *ExecutorSpecBuilder

func (*ExecutorSpecBuilder) Dbname ¶

func (b *ExecutorSpecBuilder) Dbname(dbname string) *ExecutorSpecBuilder

func (*ExecutorSpecBuilder) Local ¶

func (b *ExecutorSpecBuilder) Local(local bool) *ExecutorSpecBuilder

Local runs the Queries with the kadmin.local.

func (*ExecutorSpecBuilder) MakeVerbose ¶

func (b *ExecutorSpecBuilder) MakeVerbose(verb bool) *ExecutorSpecBuilder

MakeVerbose Enable the logging of the commands to the console. TODO: Hide sensitive DATA

func (*ExecutorSpecBuilder) Principal ¶

func (b *ExecutorSpecBuilder) Principal(principal string) *ExecutorSpecBuilder

func (*ExecutorSpecBuilder) Realm ¶

func (b *ExecutorSpecBuilder) Realm(realm string) *ExecutorSpecBuilder

func (*ExecutorSpecBuilder) Salt ¶

func (b *ExecutorSpecBuilder) Salt(salt string) *ExecutorSpecBuilder

func (*ExecutorSpecBuilder) UseKeytab ¶

func (b *ExecutorSpecBuilder) UseKeytab(useKeytab bool) *ExecutorSpecBuilder

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL