Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/crypto/krb5/src/plugins/kdb/db2/kdb_db2.h
34914 views
1
/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */

2
/* plugins/kdb/db2/kdb_db2.h */

3
/*

4
 * Copyright 1997 by the Massachusetts Institute of Technology.

5
 * All Rights Reserved.

6
 *

7
 * Export of this software from the United States of America may

8
 *   require a specific license from the United States Government.

9
 *   It is the responsibility of any person or organization contemplating

10
 *   export to obtain such a license before exporting.

11
 *

12
 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and

13
 * distribute this software and its documentation for any purpose and

14
 * without fee is hereby granted, provided that the above copyright

15
 * notice appear in all copies and that both that copyright notice and

16
 * this permission notice appear in supporting documentation, and that

17
 * the name of M.I.T. not be used in advertising or publicity pertaining

18
 * to distribution of the software without specific, written prior

19
 * permission.  Furthermore if you modify this software you must label

20
 * your software as modified software and not distribute it in such a

21
 * fashion that it might be confused with the original M.I.T. software.

22
 * M.I.T. makes no representations about the suitability of

23
 * this software for any purpose.  It is provided "as is" without express

24
 * or implied warranty.

25
 */

26


27
/*

28
 *

29
 * KDC Database backend definitions for Berkely DB.

30
 */

31
#ifndef KRB5_KDB_DB2_H

32
#define KRB5_KDB_DB2_H

33


34
#include "policy_db.h"

35


36
typedef struct _krb5_db2_context {

37
    krb5_boolean        db_inited;      /* Context initialized          */

38
    char *              db_name;        /* Name of database             */

39
    DB *                db;             /* DB handle                    */

40
    krb5_boolean        hashfirst;      /* Try hash database type first */

41
    char *              db_lf_name;     /* Name of lock file            */

42
    int                 db_lf_file;     /* File descriptor of lock file */

43
    int                 db_locks_held;  /* Number of times locked       */

44
    int                 db_lock_mode;   /* Last lock mode, e.g. greatest*/

45
    krb5_boolean        db_nb_locks;    /* [Non]Blocking lock modes     */

46
    osa_adb_policy_t    policy_db;

47
    krb5_boolean        tempdb;

48
    krb5_boolean        disable_last_success;

49
    krb5_boolean        disable_lockout;

50
    krb5_boolean        unlockiter;

51
} krb5_db2_context;

52


53
krb5_error_code krb5_db2_init(krb5_context);

54
krb5_error_code krb5_db2_fini(krb5_context);

55
krb5_error_code krb5_db2_get_age(krb5_context, char *, time_t *);

56
krb5_error_code krb5_db2_get_principal(krb5_context, krb5_const_principal,

57
                                       unsigned int, krb5_db_entry **);

58
krb5_error_code krb5_db2_put_principal(krb5_context, krb5_db_entry *,

59
                                       char **db_args);

60
krb5_error_code krb5_db2_iterate(krb5_context, char *,

61
                                 krb5_error_code (*)(krb5_pointer,

62
                                                     krb5_db_entry *),

63
                                 krb5_pointer, krb5_flags);

64
krb5_error_code krb5_db2_set_nonblocking(krb5_context, krb5_boolean,

65
                                         krb5_boolean *);

66
krb5_boolean krb5_db2_set_lockmode(krb5_context, krb5_boolean);

67
krb5_error_code krb5_db2_open_database(krb5_context);

68
krb5_error_code krb5_db2_close_database(krb5_context);

69


70
krb5_error_code

71
krb5_db2_delete_principal(krb5_context context,

72
                          krb5_const_principal searchfor);

73


74
krb5_error_code krb5_db2_lib_init(void);

75
krb5_error_code krb5_db2_lib_cleanup(void);

76
krb5_error_code krb5_db2_unlock(krb5_context);

77


78
krb5_error_code

79
krb5_db2_promote_db(krb5_context kcontext, char *conf_section, char **db_args);

80


81
krb5_error_code

82
krb5_db2_lock(krb5_context context, int in_mode);

83


84
krb5_error_code

85
krb5_db2_open(krb5_context kcontext, char *conf_section, char **db_args,

86
              int mode);

87


88
krb5_error_code krb5_db2_create(krb5_context kcontext, char *conf_section,

89
                                char **db_args);

90


91
krb5_error_code krb5_db2_destroy(krb5_context kcontext, char *conf_section,

92
                                 char **db_args);

93


94
const char *krb5_db2_err2str(krb5_context kcontext, long err_code);

95


96


97
/* policy management functions */

98
krb5_error_code

99
krb5_db2_create_policy(krb5_context context, osa_policy_ent_t entry);

100


101
krb5_error_code krb5_db2_get_policy(krb5_context kcontext,

102
                                    char *name, osa_policy_ent_t *policy);

103


104
krb5_error_code krb5_db2_put_policy(krb5_context kcontext,

105
                                    osa_policy_ent_t policy);

106


107
krb5_error_code krb5_db2_iter_policy(krb5_context kcontext, char *match_entry,

108
                                     osa_adb_iter_policy_func func,

109
                                     void *data);

110


111
krb5_error_code krb5_db2_delete_policy(krb5_context kcontext, char *policy);

112


113


114
/* Thread-safety wrapper slapped on top of original implementation.  */

115
extern k5_mutex_t *krb5_db2_mutex;

116


117
/* lockout */

118
krb5_error_code

119
krb5_db2_lockout_check_policy(krb5_context context,

120
                              krb5_db_entry *entry,

121
                              krb5_timestamp stamp);

122


123
krb5_error_code

124
krb5_db2_lockout_audit(krb5_context context,

125
                       krb5_db_entry *entry,

126
                       krb5_timestamp stamp,

127
                       krb5_error_code status);

128


129
krb5_error_code

130
krb5_db2_check_policy_as(krb5_context kcontext, krb5_kdc_req *request,

131
                         krb5_db_entry *client, krb5_db_entry *server,

132
                         krb5_timestamp kdc_time, const char **status,

133
                         krb5_pa_data ***e_data);

134


135
void

136
krb5_db2_audit_as_req(krb5_context kcontext, krb5_kdc_req *request,

137
                      const krb5_address *local_addr,

138
                      const krb5_address *remote_addr,

139
                      krb5_db_entry *client, krb5_db_entry *server,

140
                      krb5_timestamp authtime,

141
                      krb5_error_code error_code);

142


143
#endif /* KRB5_KDB_DB2_H */

144


145