xref: /illumos-gate/usr/src/lib/krb5/plugins/kdb/db2/db2_exp.c (revision 0ebf3797ed9aceba2a3b361cf14badb82ac13478)
1 /*
2  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
3  * Use is subject to license terms.
4  */
5 
6 #pragma ident	"%Z%%M%	%I%	%E% SMI"
7 
8 /*
9  * Copyright 2006 by the Massachusetts Institute of Technology.
10  * All Rights Reserved.
11  *
12  * Export of this software from the United States of America may
13  *   require a specific license from the United States Government.
14  *   It is the responsibility of any person or organization contemplating
15  *   export to obtain such a license before exporting.
16  *
17  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
18  * distribute this software and its documentation for any purpose and
19  * without fee is hereby granted, provided that the above copyright
20  * notice appear in all copies and that both that copyright notice and
21  * this permission notice appear in supporting documentation, and that
22  * the name of M.I.T. not be used in advertising or publicity pertaining
23  * to distribution of the software without specific, written prior
24  * permission.  Furthermore if you modify this software you must label
25  * your software as modified software and not distribute it in such a
26  * fashion that it might be confused with the original M.I.T. software.
27  * M.I.T. makes no representations about the suitability of
28  * this software for any purpose.  It is provided "as is" without express
29  * or implied warranty.
30  */
31 
32 /**********************************************************************
33 *
34 *	C %name:		db2_exp.c %
35 *	Instance:		idc_sec_2
36 *	Description:
37 *	%created_by:	spradeep %
38 *	%date_created:	Tue Apr  5 11:44:00 2005 %
39 *
40 **********************************************************************/
41 #ifndef lint
42 static char *_csrc = "@(#) %filespec: db2_exp.c~5 %  (%full_filespec: db2_exp.c~5:csrc:idc_sec#2 %)";
43 #endif
44 
45 #include "k5-int.h"
46 
47 #if HAVE_UNISTD_H
48 #include <unistd.h>
49 #endif
50 
51 #include <db.h>
52 #include <stdio.h>
53 #include <errno.h>
54 #include <utime.h>
55 #include <kdb/kdb5.h>
56 #include "kdb_db2.h"
57 #include "kdb_xdr.h"
58 #include "policy_db.h"
59 
60 /* Quick and dirty wrapper functions to provide for thread safety
61    within the plugin, instead of making the kdb5 library do it.  Eventually
62    these should be integrated into the real functions.
63 
64    Some of the functions wrapped here are also called directly from
65    within this library (e.g., create calls open), so simply dropping
66    locking code into the top and bottom of each referenced function
67    won't do.  (We aren't doing recursive locks, currently.)  */
68 
69 static k5_mutex_t *krb5_db2_mutex;
70 
71 #define WRAP(NAME,TYPE,ARGLIST,ARGNAMES,ERROR_RESULT)	\
72 	static TYPE wrap_##NAME ARGLIST			\
73 	{						\
74 	    TYPE result;				\
75 	    int code = k5_mutex_lock (krb5_db2_mutex);	\
76 	    if (code) { return ERROR_RESULT; }		\
77 	    result = NAME ARGNAMES;			\
78 	    k5_mutex_unlock (krb5_db2_mutex);		\
79 	    return result;				\
80 	}						\
81 	/* hack: decl to allow a following ";" */	\
82 	static TYPE wrap_##NAME ()
83 
84 /* Two special cases: void (can't assign result), and krb5_error_code
85    (return error from locking code).  */
86 
87 #define WRAP_VOID(NAME,ARGLIST,ARGNAMES)		\
88 	static void wrap_##NAME ARGLIST			\
89 	{						\
90 	    int code = k5_mutex_lock (krb5_db2_mutex);	\
91 	    if (code) { return; }			\
92 	    NAME ARGNAMES;				\
93 	    k5_mutex_unlock (krb5_db2_mutex);		\
94 	}						\
95 	/* hack: decl to allow a following ";" */	\
96 	static void wrap_##NAME ()
97 
98 #define WRAP_K(NAME,ARGLIST,ARGNAMES)			\
99 	WRAP(NAME,krb5_error_code,ARGLIST,ARGNAMES,code)
100 
101 WRAP_K (krb5_db2_open,
102 	( krb5_context kcontext,
103 	  char *conf_section,
104 	  char **db_args,
105 	  int mode ),
106 	(kcontext, conf_section, db_args, mode));
107 WRAP_K (krb5_db2_db_fini, (krb5_context ctx), (ctx));
108 WRAP_K (krb5_db2_create,
109 	( krb5_context kcontext, char *conf_section, char **db_args ),
110 	(kcontext, conf_section, db_args));
111 WRAP_K (krb5_db2_destroy,
112 	( krb5_context kcontext, char *conf_section, char **db_args ),
113 	(kcontext, conf_section, db_args));
114 WRAP_K (krb5_db2_db_get_age,
115 	(krb5_context ctx,
116 		   char *s,
117 	 time_t *t),
118 	(ctx, s, t));
119 WRAP_K (krb5_db2_db_set_option,
120 	( krb5_context kcontext,
121 	  int option,
122 	  void *value ),
123 	(kcontext, option, value));
124 
125 WRAP_K (krb5_db2_db_lock,
126 	( krb5_context 	  context,
127 	  int 	 	  in_mode),
128 	(context, in_mode));
129 WRAP_K (krb5_db2_db_unlock, (krb5_context ctx), (ctx));
130 
131 WRAP_K (krb5_db2_db_get_principal,
132 	(krb5_context ctx,
133 		   krb5_const_principal p,
134 		   krb5_db_entry *d,
135 		   int * i,
136 	 krb5_boolean *b),
137 	(ctx, p, d, i, b));
138 WRAP_K (krb5_db2_db_free_principal,
139 	(krb5_context ctx,
140 		   krb5_db_entry *d,
141 	 int i),
142 	(ctx, d, i));
143 WRAP_K (krb5_db2_db_put_principal,
144 	(krb5_context ctx,
145 	 krb5_db_entry *d,
146 	 int *i,
147 	 char **db_args),
148 	(ctx, d, i, db_args));
149 WRAP_K (krb5_db2_db_delete_principal,
150 	(krb5_context context,
151 	 krb5_const_principal searchfor,
152 	 int *nentries),
153 	(context, searchfor, nentries));
154 
155 /* Solaris Kerberos: adding support for db_args */
156 WRAP_K (krb5_db2_db_iterate,
157 	(krb5_context ctx, char *s,
158 	 krb5_error_code (*f) (krb5_pointer,
159 			      krb5_db_entry *),
160 	 krb5_pointer p,
161 	 char **db_args),
162 	(ctx, s, f, p, db_args));
163 
164 WRAP_K (krb5_db2_create_policy,
165 	(krb5_context context, osa_policy_ent_t entry),
166 	(context, entry));
167 WRAP_K (krb5_db2_get_policy,
168 	( krb5_context kcontext,
169 	  char *name,
170 	  osa_policy_ent_t *policy,
171 	  int *cnt),
172 	(kcontext, name, policy, cnt));
173 WRAP_K (krb5_db2_put_policy,
174 	( krb5_context kcontext, osa_policy_ent_t policy ),
175 	(kcontext, policy));
176 WRAP_K (krb5_db2_iter_policy,
177 	( krb5_context kcontext,
178 	  char *match_entry,
179 	  osa_adb_iter_policy_func func,
180 	  void *data ),
181 	(kcontext, match_entry, func, data));
182 WRAP_K (krb5_db2_delete_policy,
183 	( krb5_context kcontext, char *policy ),
184 	(kcontext, policy));
185 WRAP_VOID (krb5_db2_free_policy,
186 	   ( krb5_context kcontext, osa_policy_ent_t entry ),
187 	   (kcontext, entry));
188 
189 WRAP (krb5_db2_alloc, void *,
190       ( krb5_context kcontext,
191 	void *ptr,
192 	size_t size ),
193       (kcontext, ptr, size), NULL);
194 WRAP_VOID (krb5_db2_free,
195 	   ( krb5_context kcontext, void *ptr ),
196 	   (kcontext, ptr));
197 
198 WRAP_K (krb5_db2_set_master_key_ext,
199 	( krb5_context kcontext, char *pwd, krb5_keyblock *key),
200 	(kcontext, pwd, key));
201 WRAP_K (krb5_db2_db_get_mkey,
202 	( krb5_context context, krb5_keyblock **key),
203 	(context, key));
204 WRAP_K (krb5_db2_promote_db,
205 	( krb5_context kcontext, char *conf_section, char **db_args ),
206 	(kcontext, conf_section, db_args));
207 
208 static krb5_error_code
209 hack_init ()
210 {
211     krb5_error_code c;
212     c = krb5int_mutex_alloc (&krb5_db2_mutex);
213     if (c)
214 	return c;
215     return krb5_db2_lib_init ();
216 }
217 
218 static krb5_error_code
219 hack_cleanup (void)
220 {
221     krb5int_mutex_free (krb5_db2_mutex);
222     krb5_db2_mutex = NULL;
223     return krb5_db2_lib_cleanup();
224 }
225 
226 
227 /*
228  *      Exposed API
229  */
230 
231 kdb_vftabl kdb_function_table = {
232   /* major version number 1 */		       1,
233   /* minor version number 0 */		       0,
234   /* Solaris Kerberos: iprop support */
235   /* iprop_supported, yes for db2 */	       1,
236   /* init_library */			       hack_init,
237   /* fini_library */			       hack_cleanup,
238   /* init_module */			       wrap_krb5_db2_open,
239   /* fini_module */			       wrap_krb5_db2_db_fini,
240   /* db_create */			       wrap_krb5_db2_create,
241   /* db_destroy */			       wrap_krb5_db2_destroy,
242   /* db_get_age */                             wrap_krb5_db2_db_get_age,
243   /* db_set_option */			       wrap_krb5_db2_db_set_option,
244   /* db_lock */				       wrap_krb5_db2_db_lock,
245   /* db_unlock */			       wrap_krb5_db2_db_unlock,
246   /* db_get_principal */		       wrap_krb5_db2_db_get_principal,
247   /* Solaris Kerberos: need a nolock for iprop */
248   /* db_get_principal_nolock */		       krb5_db2_db_get_principal,
249   /* db_free_principal */		       wrap_krb5_db2_db_free_principal,
250   /* db_put_principal */		       wrap_krb5_db2_db_put_principal,
251   /* db_delete_principal */		       wrap_krb5_db2_db_delete_principal,
252   /* db_iterate */			       wrap_krb5_db2_db_iterate,
253   /* db_create_policy */                       wrap_krb5_db2_create_policy,
254   /* db_get_policy */                          wrap_krb5_db2_get_policy,
255   /* db_put_policy */                          wrap_krb5_db2_put_policy,
256   /* db_iter_policy */                         wrap_krb5_db2_iter_policy,
257   /* db_delete_policy */                       wrap_krb5_db2_delete_policy,
258   /* db_free_policy */                         wrap_krb5_db2_free_policy,
259   /* db_supported_realms */		       NULL,
260   /* db_free_supported_realms */	       NULL,
261   /* errcode_2_string */                       krb5_db2_errcode_2_string,
262   /* release_errcode_string */		       krb5_db2_release_errcode_string,
263   /* db_alloc */                               wrap_krb5_db2_alloc,
264   /* db_free */                                wrap_krb5_db2_free,
265   /* set_master_key */			       wrap_krb5_db2_set_master_key_ext,
266   /* get_master_key */			       wrap_krb5_db2_db_get_mkey,
267   /* blah blah blah */			       0,0,0,0,0,0,
268   /* promote_db */			       wrap_krb5_db2_promote_db,
269 };
270