1 #ifndef _KRB5_KDB5_H_ 2 #define _KRB5_KDB5_H_ 3 4 #pragma ident "%Z%%M% %I% %E% SMI" 5 6 #if HAVE_UNISTD_H 7 #include <unistd.h> 8 #endif 9 10 #include <errno.h> 11 #include <utime.h> 12 #include <utime.h> 13 #include <k5-int.h> 14 #include "kdb.h" 15 16 #define KDB_MAX_DB_NAME 128 17 #define KDB_REALM_SECTION "realms" 18 #define KDB_MODULE_POINTER "database_module" 19 #define KDB_MODULE_DEF_SECTION "dbdefaults" 20 #define KDB_MODULE_SECTION "dbmodules" 21 #define KDB_LIB_POINTER "db_library" 22 #define KDB_DATABASE_CONF_FILE DEFAULT_SECURE_PROFILE_PATH 23 #define KDB_DATABASE_ENV_PROF KDC_PROFILE_ENV 24 25 #define KRB5_DB_GET_DB_CONTEXT(kcontext) (((kdb5_dal_handle*) (kcontext)->db_context)->db_context) 26 #define KRB5_DB_GET_PROFILE(kcontext) ((kcontext)->profile) 27 #define KRB5_DB_GET_REALM(kcontext) ((kcontext)->default_realm) 28 29 typedef struct _kdb_vftabl{ 30 short int maj_ver; 31 short int min_ver; 32 int iprop_supported; 33 34 krb5_error_code (*init_library)(); 35 krb5_error_code (*fini_library)(); 36 krb5_error_code (*init_module) (krb5_context kcontext, 37 char * conf_section, 38 char ** db_args, 39 int mode); 40 41 krb5_error_code (*fini_module) (krb5_context kcontext); 42 43 krb5_error_code (*db_create) (krb5_context kcontext, 44 char * conf_section, 45 char ** db_args); 46 47 krb5_error_code (*db_destroy) (krb5_context kcontext, 48 char *conf_section, 49 char ** db_args); 50 51 krb5_error_code (*db_get_age) (krb5_context kcontext, 52 char *db_name, 53 time_t *age); 54 55 krb5_error_code (*db_set_option) (krb5_context kcontext, 56 int option, 57 void *value); 58 59 krb5_error_code (*db_lock) (krb5_context kcontext, 60 int mode); 61 62 krb5_error_code (*db_unlock) (krb5_context kcontext); 63 64 krb5_error_code (*db_get_principal) (krb5_context kcontext, 65 krb5_const_principal search_for, 66 krb5_db_entry *entries, 67 int *nentries, 68 krb5_boolean *more); 69 70 krb5_error_code (*db_get_principal_nolock) (krb5_context kcontext, 71 krb5_const_principal search_for, 72 krb5_db_entry *entries, 73 int *nentries, 74 krb5_boolean *more); 75 76 krb5_error_code (*db_free_principal) (krb5_context kcontext, 77 krb5_db_entry *entry, 78 int count); 79 80 krb5_error_code (*db_put_principal) (krb5_context kcontext, 81 krb5_db_entry *entries, 82 int *nentries, 83 char **db_args); 84 85 krb5_error_code (*db_delete_principal) (krb5_context kcontext, 86 krb5_const_principal search_for, 87 int *nentries); 88 89 /* Solaris Kerberos: adding support for db_args */ 90 krb5_error_code (*db_iterate) (krb5_context kcontext, 91 char *match_entry, 92 int (*func) (krb5_pointer, krb5_db_entry *), 93 krb5_pointer func_arg, 94 char **db_args); 95 96 krb5_error_code (*db_create_policy) (krb5_context kcontext, 97 osa_policy_ent_t policy); 98 99 krb5_error_code (*db_get_policy) (krb5_context kcontext, 100 char *name, 101 osa_policy_ent_t *policy, 102 int *cnt); 103 104 krb5_error_code (*db_put_policy) (krb5_context kcontext, 105 osa_policy_ent_t policy); 106 107 krb5_error_code (*db_iter_policy) (krb5_context kcontext, 108 char *match_entry, 109 osa_adb_iter_policy_func func, 110 void *data); 111 112 113 krb5_error_code (*db_delete_policy) (krb5_context kcontext, 114 char *policy); 115 116 void (*db_free_policy) (krb5_context kcontext, 117 osa_policy_ent_t val); 118 119 krb5_error_code (*db_supported_realms) (krb5_context kcontext, 120 char **realms); 121 122 krb5_error_code (*db_free_supported_realms) (krb5_context kcontext, 123 char **realms); 124 125 126 const char * (*errcode_2_string) (krb5_context kcontext, 127 long err_code); 128 void (*release_errcode_string) (krb5_context kcontext, const char *msg); 129 130 void * (*db_alloc) (krb5_context kcontext, void *ptr, size_t size); 131 void (*db_free) (krb5_context kcontext, void *ptr); 132 133 134 135 /* optional functions */ 136 krb5_error_code (*set_master_key) (krb5_context kcontext, 137 char *pwd, 138 krb5_keyblock *key); 139 140 krb5_error_code (*get_master_key) (krb5_context kcontext, 141 krb5_keyblock **key); 142 143 144 krb5_error_code (*setup_master_key_name) (krb5_context kcontext, 145 char *keyname, 146 char *realm, 147 char **fullname, 148 krb5_principal *principal); 149 150 krb5_error_code (*store_master_key) (krb5_context kcontext, 151 char *db_arg, 152 krb5_principal mname, 153 krb5_keyblock *key, 154 char *master_pwd); 155 156 krb5_error_code (*fetch_master_key) (krb5_context kcontext, 157 krb5_principal mname, 158 krb5_keyblock *key, 159 int *kvno, 160 char *db_args); 161 162 krb5_error_code (*verify_master_key) (krb5_context kcontext, 163 krb5_principal mprinc, 164 krb5_keyblock *mkey); 165 166 krb5_error_code (*dbe_search_enctype) (krb5_context kcontext, 167 krb5_db_entry *dbentp, 168 krb5_int32 *start, 169 krb5_int32 ktype, 170 krb5_int32 stype, 171 krb5_int32 kvno, 172 krb5_key_data **kdatap); 173 174 175 krb5_error_code 176 (*db_change_pwd) (krb5_context context, 177 krb5_keyblock * master_key, 178 krb5_key_salt_tuple * ks_tuple, 179 int ks_tuple_count, 180 char * passwd, 181 int new_kvno, 182 krb5_boolean keepold, 183 krb5_db_entry * db_entry); 184 185 /* Promote a temporary database to be the live one. */ 186 krb5_error_code (*promote_db) (krb5_context context, 187 char *conf_section, 188 char **db_args); 189 190 } kdb_vftabl; 191 192 typedef struct _db_library { 193 char name[KDB_MAX_DB_NAME]; 194 int reference_cnt; 195 struct plugin_dir_handle dl_dir_handle; 196 kdb_vftabl vftabl; 197 struct _db_library *next, *prev; 198 } *db_library; 199 200 typedef struct _kdb5_dal_handle 201 { 202 /* Helps us to change db_library without affecting modules to some 203 extent. */ 204 void *db_context; 205 db_library lib_handle; 206 } kdb5_dal_handle; 207 208 #endif /* end of _KRB5_KDB5_H_ */ 209