1 /* 2 * Copyright 2004 Sun Microsystems, Inc. All rights reserved. 3 * Use is subject to license terms. 4 */ 5 6 /* %#pragma ident "@(#)iprop.x 1.2 04/02/20 SMI" */ 7 8 /* 9 * Main source: 10 * lib/kdb/iprop.x 11 * 12 * Generated files: 13 * lib/kdb/iprop_xdr.c 14 * include/iprop.h 15 * kprop/kpropd_rpc.c (clnt) 16 * 17 * Derived files: 18 * kadmin/server/ipropd_svc.c 19 */ 20 21 /* 22 * This file gets fed through the preprocessor to handle RPC_* 23 * symbols, but we don't want it to chew on __GNUC__ in this phase. 24 */ 25 #undef __GNUC__ 26 27 #ifdef RPC_XDR 28 /* 29 * Sloppy rpcgen code declares "buf" and rarely uses it. As it's 30 * generated code, and not presented to code building against the 31 * Kerberos code, it's not a problem we need to fix, so suppress the 32 * complaint. 33 */ 34 %#ifdef __GNUC__ 35 %#pragma GCC diagnostic ignored "-Wunused-variable" 36 %#endif 37 #endif /* RPC_XDR */ 38 39 /* 40 * Initial declarations 41 */ 42 43 #ifndef RPC_HDR 44 typedef short int16_t; 45 typedef unsigned short uint16_t; 46 typedef int int32_t; 47 typedef unsigned int uint32_t; 48 /*typedef hyper int64_t;*/ 49 /*typedef unsigned hyper uint64_t;*/ 50 #endif /* !RPC_HDR */ 51 52 typedef opaque utf8str_t<>; 53 54 /* 55 * Transaction log serial no. 56 */ 57 typedef uint32_t kdb_sno_t; 58 59 /* Timestamp */ 60 struct kdbe_time_t { 61 uint32_t seconds; 62 uint32_t useconds; 63 }; 64 65 /* Key Data */ 66 struct kdbe_key_t { 67 int32_t k_ver; /* Version */ 68 int32_t k_kvno; /* Key version no. */ 69 int32_t k_enctype<>; 70 utf8str_t k_contents<>; 71 }; 72 73 /* Content data */ 74 struct kdbe_data_t { 75 int32_t k_magic; 76 utf8str_t k_data; 77 }; 78 79 /* Principal Data */ 80 struct kdbe_princ_t { 81 utf8str_t k_realm; 82 kdbe_data_t k_components<>; 83 int32_t k_nametype; 84 }; 85 86 /* TL data (pre-auth specific data) */ 87 struct kdbe_tl_t { 88 int16_t tl_type; 89 opaque tl_data<>; 90 }; 91 92 /* Structure to store pwd history */ 93 typedef kdbe_key_t kdbe_pw_hist_t<>; 94 95 /* Basic KDB entry attributes */ 96 enum kdbe_attr_type_t { 97 AT_ATTRFLAGS = 0, 98 AT_MAX_LIFE = 1, 99 AT_MAX_RENEW_LIFE = 2, 100 AT_EXP = 3, 101 AT_PW_EXP = 4, 102 AT_LAST_SUCCESS = 5, 103 AT_LAST_FAILED = 6, 104 AT_FAIL_AUTH_COUNT = 7, 105 AT_PRINC = 8, 106 AT_KEYDATA = 9, 107 AT_TL_DATA = 10, 108 AT_LEN = 11, 109 AT_MOD_PRINC = 12, 110 AT_MOD_TIME = 13, 111 AT_MOD_WHERE = 14, 112 AT_PW_LAST_CHANGE = 15, 113 AT_PW_POLICY = 16, 114 AT_PW_POLICY_SWITCH = 17, 115 AT_PW_HIST_KVNO = 18, 116 AT_PW_HIST = 19 117 }; 118 119 /* KDB entry, Attribute=value */ 120 union kdbe_val_t switch (kdbe_attr_type_t av_type) { 121 case AT_ATTRFLAGS: 122 uint32_t av_attrflags; 123 case AT_MAX_LIFE: 124 uint32_t av_max_life; 125 case AT_MAX_RENEW_LIFE: 126 uint32_t av_max_renew_life; 127 case AT_EXP: 128 uint32_t av_exp; 129 case AT_PW_EXP: 130 uint32_t av_pw_exp; 131 case AT_LAST_SUCCESS: 132 uint32_t av_last_success; 133 case AT_LAST_FAILED: 134 uint32_t av_last_failed; 135 case AT_FAIL_AUTH_COUNT: 136 uint32_t av_fail_auth_count; 137 case AT_PRINC: 138 kdbe_princ_t av_princ; 139 case AT_KEYDATA: 140 kdbe_key_t av_keydata<>; /* array of keys */ 141 case AT_TL_DATA: 142 kdbe_tl_t av_tldata<>; /* array of TL data */ 143 case AT_LEN: 144 int16_t av_len; 145 case AT_PW_LAST_CHANGE: 146 uint32_t av_pw_last_change; 147 case AT_MOD_PRINC: 148 kdbe_princ_t av_mod_princ; 149 case AT_MOD_TIME: 150 uint32_t av_mod_time; 151 case AT_MOD_WHERE: 152 utf8str_t av_mod_where; 153 case AT_PW_POLICY: 154 utf8str_t av_pw_policy; 155 case AT_PW_POLICY_SWITCH: 156 bool av_pw_policy_switch; 157 case AT_PW_HIST_KVNO: 158 uint32_t av_pw_hist_kvno; 159 case AT_PW_HIST: 160 kdbe_pw_hist_t av_pw_hist<>; /* array of pw history */ 161 default: 162 opaque av_extension<>; /* futures */ 163 }; 164 165 typedef kdbe_val_t kdbe_t<>; /* Array of attr/val makes a KDB entry */ 166 167 /* 168 * Incremental update 169 */ 170 struct kdb_incr_update_t { 171 utf8str_t kdb_princ_name; /* Principal name */ 172 kdb_sno_t kdb_entry_sno; /* Serial # of entry */ 173 kdbe_time_t kdb_time; /* Timestamp of update */ 174 kdbe_t kdb_update; /* Attributes modified */ 175 bool kdb_deleted; /* Is this update a DELETION ? */ 176 bool kdb_commit; /* Is the entry committed or not ? */ 177 utf8str_t kdb_kdcs_seen_by<>; /* Names of replicass that have */ 178 /* seen this update - for */ 179 /* future use */ 180 opaque kdb_futures<>; /* futures */ 181 }; 182 183 /* 184 * Update log body 185 */ 186 typedef kdb_incr_update_t kdb_ulog_t<>; 187 188 enum update_status_t { 189 UPDATE_OK = 0, 190 UPDATE_ERROR = 1, 191 UPDATE_FULL_RESYNC_NEEDED = 2, 192 UPDATE_BUSY = 3, 193 UPDATE_NIL = 4, 194 UPDATE_PERM_DENIED = 5 195 }; 196 197 struct kdb_last_t { 198 kdb_sno_t last_sno; 199 kdbe_time_t last_time; 200 }; 201 202 struct kdb_incr_result_t { 203 kdb_last_t lastentry; 204 kdb_ulog_t updates; 205 update_status_t ret; 206 }; 207 208 struct kdb_fullresync_result_t { 209 kdb_last_t lastentry; 210 update_status_t ret; 211 }; 212 213 program KRB5_IPROP_PROG { 214 version KRB5_IPROP_VERS { 215 /* 216 * NULL procedure 217 */ 218 void 219 IPROP_NULL(void) = 0; 220 221 /* 222 * Keep waiting for and get next incremental update(s) 223 * 224 * Will return latest kdb_vers on the master (if different), 225 * alongwith return value and affected db entries. 226 */ 227 kdb_incr_result_t 228 IPROP_GET_UPDATES(kdb_last_t) = 1; 229 230 /* 231 * We need to do the full-resync of the db, since the 232 * serial nos./timestamps are way out-of-whack 233 */ 234 kdb_fullresync_result_t 235 IPROP_FULL_RESYNC(void) = 2; 236 237 /* 238 * Full resync with version marker 239 */ 240 kdb_fullresync_result_t 241 IPROP_FULL_RESYNC_EXT(uint32_t) = 3; 242 } = 1; 243 } = 100423; 244