1 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ 2 /* plugins/kdb/lmdb/klmdb-int.h - internal declarations for LMDB KDB module */ 3 /* 4 * Copyright (C) 2018 by the Massachusetts Institute of Technology. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 11 * * Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 14 * * Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in 16 * the documentation and/or other materials provided with the 17 * distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 22 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 23 * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, 24 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 25 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 26 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 28 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 30 * OF THE POSSIBILITY OF SUCH DAMAGE. 31 */ 32 33 #ifndef LMDB_INT_H 34 #define LMDB_INT_H 35 36 /* Length of a principal lockout record (three 32-bit fields) */ 37 #define LOCKOUT_RECORD_LEN 12 38 39 krb5_error_code klmdb_encode_princ(krb5_context context, 40 const krb5_db_entry *entry, 41 uint8_t **enc_out, size_t *len_out); 42 void klmdb_encode_princ_lockout(krb5_context context, 43 const krb5_db_entry *entry, 44 uint8_t buf[LOCKOUT_RECORD_LEN]); 45 krb5_error_code klmdb_encode_policy(krb5_context context, 46 const osa_policy_ent_rec *pol, 47 uint8_t **enc_out, size_t *len_out); 48 49 krb5_error_code klmdb_decode_princ(krb5_context context, 50 const void *key, size_t key_len, 51 const void *enc, size_t enc_len, 52 krb5_db_entry **entry_out); 53 void klmdb_decode_princ_lockout(krb5_context context, krb5_db_entry *entry, 54 const uint8_t buf[LOCKOUT_RECORD_LEN]); 55 krb5_error_code klmdb_decode_policy(krb5_context context, 56 const void *key, size_t key_len, 57 const void *enc, size_t enc_len, 58 osa_policy_ent_t *pol_out); 59 60 krb5_error_code klmdb_lockout_check_policy(krb5_context context, 61 krb5_db_entry *entry, 62 krb5_timestamp stamp); 63 krb5_error_code klmdb_lockout_audit(krb5_context context, krb5_db_entry *entry, 64 krb5_timestamp stamp, 65 krb5_error_code status, 66 krb5_boolean disable_last_success, 67 krb5_boolean disable_lockout); 68 krb5_error_code klmdb_update_lockout(krb5_context context, 69 krb5_db_entry *entry, 70 krb5_timestamp stamp, 71 krb5_boolean zero_fail_count, 72 krb5_boolean set_last_success, 73 krb5_boolean set_last_failure); 74 75 krb5_error_code klmdb_get_policy(krb5_context context, char *name, 76 osa_policy_ent_t *policy); 77 78 #endif /* LMDB_INT_H */ 79