xref: /illumos-gate/usr/src/lib/krb5/kdb/kdb5.h (revision 012e6ce759c490003aed29439cc47d3d73a99ad3)
1 #ifndef _KRB5_KDB5_H_
2 #define _KRB5_KDB5_H_
3 
4 #if HAVE_UNISTD_H
5 #include <unistd.h>
6 #endif
7 
8 #include <errno.h>
9 #include <utime.h>
10 #include <utime.h>
11 #include <k5-int.h>
12 #include "kdb.h"
13 
14 #define KDB_MAX_DB_NAME 128
15 #define KDB_REALM_SECTION  "realms"
16 #define KDB_MODULE_POINTER "database_module"
17 #define KDB_MODULE_DEF_SECTION "dbdefaults"
18 #define KDB_MODULE_SECTION "dbmodules"
19 #define KDB_LIB_POINTER    "db_library"
20 #define KDB_DATABASE_CONF_FILE  DEFAULT_SECURE_PROFILE_PATH
21 #define KDB_DATABASE_ENV_PROF KDC_PROFILE_ENV
22 
23 #define KRB5_DB_GET_DB_CONTEXT(kcontext) (((kdb5_dal_handle*) (kcontext)->db_context)->db_context)
24 #define KRB5_DB_GET_PROFILE(kcontext)  ((kcontext)->profile)
25 #define KRB5_DB_GET_REALM(kcontext)    ((kcontext)->default_realm)
26 
27 typedef struct _kdb_vftabl{
28     short int maj_ver;
29     short int min_ver;
30     int       iprop_supported;
31 
32     krb5_error_code (*init_library)();
33     krb5_error_code (*fini_library)();
34     krb5_error_code (*init_module) (krb5_context kcontext,
35 				    char * conf_section,
36 				    char ** db_args,
37 				    int mode);
38 
39     krb5_error_code (*fini_module) (krb5_context kcontext);
40 
41     krb5_error_code (*db_create) (krb5_context kcontext,
42 				  char * conf_section,
43 				  char ** db_args);
44 
45     krb5_error_code (*db_destroy) (krb5_context kcontext,
46 				   char *conf_section,
47 				   char ** db_args);
48 
49     krb5_error_code (*db_get_age) (krb5_context kcontext,
50 				   char *db_name,
51 				   time_t *age);
52 
53     krb5_error_code (*db_set_option) (krb5_context kcontext,
54 				      int option,
55 				      void *value);
56 
57     krb5_error_code (*db_lock) (krb5_context kcontext,
58 				int mode);
59 
60     krb5_error_code (*db_unlock) (krb5_context kcontext);
61 
62     krb5_error_code (*db_get_principal) (krb5_context kcontext,
63 					 krb5_const_principal search_for,
64 					 krb5_db_entry *entries,
65 					 int *nentries,
66 					 krb5_boolean *more);
67 
68     krb5_error_code (*db_get_principal_nolock) (krb5_context kcontext,
69 					 krb5_const_principal search_for,
70 					 krb5_db_entry *entries,
71 					 int *nentries,
72 					 krb5_boolean *more);
73 
74     krb5_error_code (*db_free_principal) (krb5_context kcontext,
75 					  krb5_db_entry *entry,
76 					  int count);
77 
78     krb5_error_code (*db_put_principal) (krb5_context kcontext,
79 					 krb5_db_entry *entries,
80 					 int *nentries,
81 					 char **db_args);
82 
83     krb5_error_code (*db_delete_principal) (krb5_context kcontext,
84 					    krb5_const_principal search_for,
85 					    int *nentries);
86 
87     /* Solaris Kerberos: adding support for db_args */
88     krb5_error_code (*db_iterate) (krb5_context kcontext,
89 				   char *match_entry,
90 				   int (*func) (krb5_pointer, krb5_db_entry *),
91 				   krb5_pointer func_arg,
92 				   char **db_args);
93 
94     krb5_error_code (*db_create_policy) (krb5_context kcontext,
95 					 osa_policy_ent_t policy);
96 
97     krb5_error_code (*db_get_policy) (krb5_context kcontext,
98 				      char *name,
99 				      osa_policy_ent_t *policy,
100 				      int *cnt);
101 
102     krb5_error_code (*db_put_policy) (krb5_context kcontext,
103 				      osa_policy_ent_t policy);
104 
105     krb5_error_code (*db_iter_policy) (krb5_context kcontext,
106 				       char *match_entry,
107 				       osa_adb_iter_policy_func func,
108 				       void *data);
109 
110 
111     krb5_error_code (*db_delete_policy) (krb5_context kcontext,
112 					 char *policy);
113 
114     void (*db_free_policy) (krb5_context kcontext,
115 			    osa_policy_ent_t val);
116 
117     krb5_error_code (*db_supported_realms) (krb5_context kcontext,
118 					    char **realms);
119 
120     krb5_error_code (*db_free_supported_realms) (krb5_context kcontext,
121 						 char **realms);
122 
123 
124     const char * (*errcode_2_string) (krb5_context kcontext,
125 				      long err_code);
126     void (*release_errcode_string) (krb5_context kcontext, const char *msg);
127 
128     void * (*db_alloc) (krb5_context kcontext, void *ptr, size_t size);
129     void   (*db_free)  (krb5_context kcontext, void *ptr);
130 
131 
132 
133     /* optional functions */
134     krb5_error_code (*set_master_key) (krb5_context kcontext,
135 				       char *pwd,
136 				       krb5_keyblock *key);
137 
138     krb5_error_code (*get_master_key) (krb5_context kcontext,
139 				       krb5_keyblock **key);
140 
141 
142     krb5_error_code (*setup_master_key_name) (krb5_context kcontext,
143 					      char *keyname,
144 					      char *realm,
145 					      char **fullname,
146 					      krb5_principal  *principal);
147 
148     krb5_error_code (*store_master_key) (krb5_context kcontext,
149 					 char *db_arg,
150 					 krb5_principal mname,
151 					 krb5_keyblock *key,
152 					 char *master_pwd);
153 
154     krb5_error_code (*fetch_master_key) (krb5_context kcontext,
155 					 krb5_principal mname,
156 					 krb5_keyblock *key,
157 					 int *kvno,
158 					 char *db_args);
159 
160     krb5_error_code (*verify_master_key) (krb5_context kcontext,
161 					  krb5_principal mprinc,
162 					  krb5_keyblock *mkey);
163 
164     krb5_error_code (*dbe_search_enctype) (krb5_context kcontext,
165 					   krb5_db_entry *dbentp,
166 					   krb5_int32 *start,
167 					   krb5_int32 ktype,
168 					   krb5_int32 stype,
169 					   krb5_int32 kvno,
170 					   krb5_key_data **kdatap);
171 
172 
173     krb5_error_code
174     (*db_change_pwd) (krb5_context	  context,
175 		      krb5_keyblock     * master_key,
176 		      krb5_key_salt_tuple * ks_tuple,
177 		      int		  ks_tuple_count,
178 		      char 		* passwd,
179 		      int		  new_kvno,
180 		      krb5_boolean	  keepold,
181 		      krb5_db_entry	* db_entry);
182 
183     /* Promote a temporary database to be the live one.  */
184     krb5_error_code (*promote_db) (krb5_context context,
185 				   char *conf_section,
186 				   char **db_args);
187 
188 } kdb_vftabl;
189 
190 typedef struct _db_library {
191     char name[KDB_MAX_DB_NAME];
192     int reference_cnt;
193     struct plugin_dir_handle dl_dir_handle;
194     kdb_vftabl vftabl;
195     struct _db_library *next, *prev;
196 } *db_library;
197 
198 typedef struct _kdb5_dal_handle
199 {
200     /* Helps us to change db_library without affecting modules to some
201        extent.  */
202     void *db_context;
203     db_library lib_handle;
204 } kdb5_dal_handle;
205 
206 #endif  /* end of _KRB5_KDB5_H_ */
207