xref: /illumos-gate/usr/src/cmd/krb5/iprop/iprop.x (revision 20a7641f9918de8574b8b3b47dbe35c4bfc78df1)
1 /*
2  * Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
3  * Use is subject to license terms.
4  */
5 
6 #ifdef RPC_XDR
7 %#include "iprop.h"
8 #endif /* RPC_XDR */
9 
10 /*
11  * Initial declarations
12  */
13 
14 #ifndef RPC_HDR
15 typedef short int16_t;
16 typedef unsigned short uint16_t;
17 typedef int int32_t;
18 typedef unsigned int uint32_t;
19 typedef hyper int64_t;
20 typedef unsigned hyper uint64_t;
21 #endif  /* !RPC_HDR */
22 
23 typedef opaque	 utf8str_t<>;
24 
25 /*
26  * Transaction log serial no.
27  */
28 typedef uint32_t	kdb_sno_t;
29 
30 /* Timestamp */
31 struct kdbe_time_t {
32 	uint32_t	seconds;
33 	uint32_t	useconds;
34 };
35 
36 /* Key Data */
37 struct kdbe_key_t {
38 	int32_t		k_ver;	/* Version */
39 	int32_t		k_kvno;	/* Key version no. */
40 	int32_t		k_enctype<>;
41 	utf8str_t	k_contents<>;
42 };
43 
44 /* Content data */
45 struct kdbe_data_t {
46 	int32_t		k_magic;
47 	utf8str_t	k_data;
48 };
49 
50 /* Principal Data */
51 struct kdbe_princ_t {
52 	utf8str_t	k_realm;
53 	kdbe_data_t	k_components<>;
54 	int32_t		k_nametype;
55 };
56 
57 /* TL data (pre-auth specific data) */
58 struct kdbe_tl_t {
59 	int16_t		tl_type;
60 	opaque		tl_data<>;
61 };
62 
63 /* Structure to store pwd history */
64 typedef kdbe_key_t kdbe_pw_hist_t<>;
65 
66 /* Basic KDB entry attributes */
67 enum kdbe_attr_type_t {
68 	AT_ATTRFLAGS = 0,
69 	AT_MAX_LIFE = 1,
70 	AT_MAX_RENEW_LIFE = 2,
71 	AT_EXP = 3,
72 	AT_PW_EXP = 4,
73 	AT_LAST_SUCCESS = 5,
74 	AT_LAST_FAILED = 6,
75 	AT_FAIL_AUTH_COUNT = 7,
76 	AT_PRINC = 8,
77 	AT_KEYDATA = 9,
78 	AT_TL_DATA = 10,
79 	AT_LEN = 11,
80 	AT_MOD_PRINC = 12,
81 	AT_MOD_TIME = 13,
82 	AT_MOD_WHERE = 14,
83 	AT_PW_LAST_CHANGE = 15,
84 	AT_PW_POLICY = 16,
85 	AT_PW_POLICY_SWITCH = 17,
86 	AT_PW_HIST_KVNO = 18,
87 	AT_PW_HIST = 19
88 };
89 
90 /* KDB entry, Attribute=value */
91 union kdbe_val_t switch (kdbe_attr_type_t av_type) {
92 case AT_ATTRFLAGS:
93 	uint32_t	av_attrflags;
94 case AT_MAX_LIFE:
95 	uint32_t	av_max_life;
96 case AT_MAX_RENEW_LIFE:
97 	uint32_t	av_max_renew_life;
98 case AT_EXP:
99 	uint32_t	av_exp;
100 case AT_PW_EXP:
101 	uint32_t	av_pw_exp;
102 case AT_LAST_SUCCESS:
103 	uint32_t	av_last_success;
104 case AT_LAST_FAILED:
105 	uint32_t	av_last_failed;
106 case AT_FAIL_AUTH_COUNT:
107 	uint32_t	av_fail_auth_count;
108 case AT_PRINC:
109 	kdbe_princ_t	av_princ;
110 case AT_KEYDATA:
111 	kdbe_key_t	av_keydata<>;	/* array of keys */
112 case AT_TL_DATA:
113 	kdbe_tl_t	av_tldata<>;	/* array of TL data */
114 case AT_LEN:
115 	int16_t		av_len;
116 case AT_PW_LAST_CHANGE:
117 	uint32_t	av_pw_last_change;
118 case AT_MOD_PRINC:
119 	kdbe_princ_t	av_mod_princ;
120 case AT_MOD_TIME:
121 	uint32_t	av_mod_time;
122 case AT_MOD_WHERE:
123 	utf8str_t	av_mod_where;
124 case AT_PW_POLICY:
125 	utf8str_t	av_pw_policy;
126 case AT_PW_POLICY_SWITCH:
127 	bool		av_pw_policy_switch;
128 case AT_PW_HIST_KVNO:
129 	uint32_t	av_pw_hist_kvno;
130 case AT_PW_HIST:
131 	kdbe_pw_hist_t	av_pw_hist<>;	/* array of pw history */
132 default:
133 	opaque		av_extension<>;	/* futures */
134 };
135 
136 typedef kdbe_val_t kdbe_t<>;	    /* Array of attr/val makes a KDB entry */
137 
138 /*
139  * Incremental update
140  */
141 struct kdb_incr_update_t {
142 	utf8str_t	kdb_princ_name;	/* Principal name */
143 	kdb_sno_t	kdb_entry_sno;	/* Serial # of entry */
144 	kdbe_time_t	kdb_time;	/* Timestamp of update */
145 	kdbe_t		kdb_update; 	/* Attributes modified */
146 	bool		kdb_deleted;	/* Is this update a DELETION ? */
147 	bool		kdb_commit;	/* Is the entry committed or not ? */
148 	utf8str_t	kdb_kdcs_seen_by<>; /* Names of slaves that have */
149 					    /* seen this update - for */
150 					    /* future use */
151 	opaque		kdb_futures<>;	/* futures */
152 };
153 
154 /*
155  * Update log body
156  */
157 typedef kdb_incr_update_t kdb_ulog_t<>;
158 
159 enum update_status_t {
160 	UPDATE_OK = 0,
161 	UPDATE_ERROR = 1,
162 	UPDATE_FULL_RESYNC_NEEDED = 2,
163 	UPDATE_BUSY = 3,
164 	UPDATE_NIL = 4,
165 	UPDATE_PERM_DENIED = 5
166 };
167 
168 struct kdb_last_t {
169 	kdb_sno_t	last_sno;
170 	kdbe_time_t	last_time;
171 };
172 
173 struct kdb_incr_result_t {
174 	kdb_last_t		lastentry;
175 	kdb_ulog_t		updates;
176 	update_status_t		ret;
177 };
178 
179 struct kdb_fullresync_result_t {
180 	kdb_last_t		lastentry;
181 	update_status_t 	ret;
182 };
183 
184 program KRB5_IPROP_PROG {
185 	version KRB5_IPROP_VERS {
186 		/*
187 		 * NULL procedure
188 		 */
189 		void
190 		IPROP_NULL(void) = 0;
191 
192 		/*
193 		 * Keep waiting for and get next incremental update(s)
194 		 *
195 		 * Will return latest kdb_vers on the master (if different),
196 		 * alongwith return value and affected db entries.
197 		 */
198 		kdb_incr_result_t
199 		IPROP_GET_UPDATES(kdb_last_t) = 1;
200 
201 		/*
202 		 * We need to do the full-resync of the db, since the
203 		 * serial nos./timestamps are way out-of-whack
204 		 */
205 		kdb_fullresync_result_t
206 		IPROP_FULL_RESYNC(void) = 2;
207 	} = 1;
208 } = 100423;
209