1*7c478bd9Sstevel@tonic-gate /* 2*7c478bd9Sstevel@tonic-gate * Copyright 2002 Sun Microsystems, Inc. All rights reserved. 3*7c478bd9Sstevel@tonic-gate * Use is subject to license terms. 4*7c478bd9Sstevel@tonic-gate */ 5*7c478bd9Sstevel@tonic-gate 6*7c478bd9Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI" 7*7c478bd9Sstevel@tonic-gate 8*7c478bd9Sstevel@tonic-gate /* 9*7c478bd9Sstevel@tonic-gate * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING 10*7c478bd9Sstevel@tonic-gate * 11*7c478bd9Sstevel@tonic-gate * Openvision retains the copyright to derivative works of 12*7c478bd9Sstevel@tonic-gate * this source code. Do *NOT* create a derivative of this 13*7c478bd9Sstevel@tonic-gate * source code before consulting with your legal department. 14*7c478bd9Sstevel@tonic-gate * Do *NOT* integrate *ANY* of this source code into another 15*7c478bd9Sstevel@tonic-gate * product before consulting with your legal department. 16*7c478bd9Sstevel@tonic-gate * 17*7c478bd9Sstevel@tonic-gate * For further information, read the top-level Openvision 18*7c478bd9Sstevel@tonic-gate * copyright which is contained in the top-level MIT Kerberos 19*7c478bd9Sstevel@tonic-gate * copyright. 20*7c478bd9Sstevel@tonic-gate * 21*7c478bd9Sstevel@tonic-gate * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING 22*7c478bd9Sstevel@tonic-gate * 23*7c478bd9Sstevel@tonic-gate */ 24*7c478bd9Sstevel@tonic-gate 25*7c478bd9Sstevel@tonic-gate 26*7c478bd9Sstevel@tonic-gate /* 27*7c478bd9Sstevel@tonic-gate * Data Types for policys, and principal information that 28*7c478bd9Sstevel@tonic-gate * exist in the respective databases. 29*7c478bd9Sstevel@tonic-gate * 30*7c478bd9Sstevel@tonic-gate * $Header: /cvs/krbdev/krb5/src/lib/kadm5/adb.h,v 1.21 1998/02/14 02:34:09 tlyu Exp $ 31*7c478bd9Sstevel@tonic-gate * 32*7c478bd9Sstevel@tonic-gate * This file was originally created with rpcgen. 33*7c478bd9Sstevel@tonic-gate * It has been hacked up since then. 34*7c478bd9Sstevel@tonic-gate */ 35*7c478bd9Sstevel@tonic-gate 36*7c478bd9Sstevel@tonic-gate #ifndef __ADB_H__ 37*7c478bd9Sstevel@tonic-gate #define __ADB_H__ 38*7c478bd9Sstevel@tonic-gate #include <sys/types.h> 39*7c478bd9Sstevel@tonic-gate #include <rpc/types.h> /* SUNWresync121 - no need to change to gssrpc/ */ 40*7c478bd9Sstevel@tonic-gate #include "k5-int.h" 41*7c478bd9Sstevel@tonic-gate #include <krb5/kdb.h> 42*7c478bd9Sstevel@tonic-gate #include <db.h> 43*7c478bd9Sstevel@tonic-gate #include <kadm5/admin.h> 44*7c478bd9Sstevel@tonic-gate #include <kadm5/adb_err.h> 45*7c478bd9Sstevel@tonic-gate #include <com_err.h> 46*7c478bd9Sstevel@tonic-gate 47*7c478bd9Sstevel@tonic-gate typedef long osa_adb_ret_t; 48*7c478bd9Sstevel@tonic-gate 49*7c478bd9Sstevel@tonic-gate #define OSA_ADB_POLICY_DB_MAGIC 0x12345A00 50*7c478bd9Sstevel@tonic-gate #define OSA_ADB_PRINC_DB_MAGIC 0x12345B00 51*7c478bd9Sstevel@tonic-gate 52*7c478bd9Sstevel@tonic-gate #define OSA_ADB_SHARED 0x7001 53*7c478bd9Sstevel@tonic-gate #define OSA_ADB_EXCLUSIVE 0x7002 54*7c478bd9Sstevel@tonic-gate #define OSA_ADB_PERMANENT 0x7003 55*7c478bd9Sstevel@tonic-gate 56*7c478bd9Sstevel@tonic-gate #define OSA_ADB_PRINC_VERSION_MASK 0x12345C00 57*7c478bd9Sstevel@tonic-gate #define OSA_ADB_PRINC_VERSION_1 0x12345C01 58*7c478bd9Sstevel@tonic-gate #define OSA_ADB_POLICY_VERSION_MASK 0x12345D00 59*7c478bd9Sstevel@tonic-gate #define OSA_ADB_POLICY_VERSION_1 0x12345D01 60*7c478bd9Sstevel@tonic-gate 61*7c478bd9Sstevel@tonic-gate typedef struct _osa_adb_db_lock_ent_t { 62*7c478bd9Sstevel@tonic-gate FILE *lockfile; 63*7c478bd9Sstevel@tonic-gate char *filename; 64*7c478bd9Sstevel@tonic-gate int refcnt, lockmode, lockcnt; 65*7c478bd9Sstevel@tonic-gate krb5_context context; 66*7c478bd9Sstevel@tonic-gate } osa_adb_lock_ent, *osa_adb_lock_t; 67*7c478bd9Sstevel@tonic-gate 68*7c478bd9Sstevel@tonic-gate typedef struct _osa_adb_db_ent_t { 69*7c478bd9Sstevel@tonic-gate int magic; 70*7c478bd9Sstevel@tonic-gate DB *db; 71*7c478bd9Sstevel@tonic-gate HASHINFO info; 72*7c478bd9Sstevel@tonic-gate char *filename; 73*7c478bd9Sstevel@tonic-gate osa_adb_lock_t lock; 74*7c478bd9Sstevel@tonic-gate } osa_adb_db_ent, *osa_adb_db_t, *osa_adb_princ_t, *osa_adb_policy_t; 75*7c478bd9Sstevel@tonic-gate 76*7c478bd9Sstevel@tonic-gate /* an osa_pw_hist_ent stores all the key_datas for a single password */ 77*7c478bd9Sstevel@tonic-gate typedef struct _osa_pw_hist_t { 78*7c478bd9Sstevel@tonic-gate int n_key_data; 79*7c478bd9Sstevel@tonic-gate krb5_key_data *key_data; 80*7c478bd9Sstevel@tonic-gate } osa_pw_hist_ent, *osa_pw_hist_t; 81*7c478bd9Sstevel@tonic-gate 82*7c478bd9Sstevel@tonic-gate typedef struct _osa_princ_ent_t { 83*7c478bd9Sstevel@tonic-gate int version; 84*7c478bd9Sstevel@tonic-gate char *policy; 85*7c478bd9Sstevel@tonic-gate long aux_attributes; 86*7c478bd9Sstevel@tonic-gate unsigned int old_key_len; 87*7c478bd9Sstevel@tonic-gate unsigned int old_key_next; 88*7c478bd9Sstevel@tonic-gate krb5_kvno admin_history_kvno; 89*7c478bd9Sstevel@tonic-gate osa_pw_hist_ent *old_keys; 90*7c478bd9Sstevel@tonic-gate } osa_princ_ent_rec, *osa_princ_ent_t; 91*7c478bd9Sstevel@tonic-gate 92*7c478bd9Sstevel@tonic-gate typedef struct _osa_policy_ent_t { 93*7c478bd9Sstevel@tonic-gate int version; 94*7c478bd9Sstevel@tonic-gate char *name; 95*7c478bd9Sstevel@tonic-gate rpc_u_int32 pw_min_life; 96*7c478bd9Sstevel@tonic-gate rpc_u_int32 pw_max_life; 97*7c478bd9Sstevel@tonic-gate rpc_u_int32 pw_min_length; 98*7c478bd9Sstevel@tonic-gate rpc_u_int32 pw_min_classes; 99*7c478bd9Sstevel@tonic-gate rpc_u_int32 pw_history_num; 100*7c478bd9Sstevel@tonic-gate rpc_u_int32 policy_refcnt; 101*7c478bd9Sstevel@tonic-gate } osa_policy_ent_rec, *osa_policy_ent_t; 102*7c478bd9Sstevel@tonic-gate 103*7c478bd9Sstevel@tonic-gate typedef void (*osa_adb_iter_princ_func) (void *, osa_princ_ent_t); 104*7c478bd9Sstevel@tonic-gate typedef void (*osa_adb_iter_policy_func) (void *, osa_policy_ent_t); 105*7c478bd9Sstevel@tonic-gate 106*7c478bd9Sstevel@tonic-gate 107*7c478bd9Sstevel@tonic-gate /* 108*7c478bd9Sstevel@tonic-gate * Return Code (the rest are in adb_err.h) 109*7c478bd9Sstevel@tonic-gate */ 110*7c478bd9Sstevel@tonic-gate 111*7c478bd9Sstevel@tonic-gate #define OSA_ADB_OK 0 112*7c478bd9Sstevel@tonic-gate 113*7c478bd9Sstevel@tonic-gate /* 114*7c478bd9Sstevel@tonic-gate * xdr functions 115*7c478bd9Sstevel@tonic-gate */ 116*7c478bd9Sstevel@tonic-gate bool_t xdr_osa_princ_ent_rec(XDR *xdrs, osa_princ_ent_t objp); 117*7c478bd9Sstevel@tonic-gate bool_t xdr_osa_policy_ent_rec(XDR *xdrs, osa_policy_ent_t objp); 118*7c478bd9Sstevel@tonic-gate 119*7c478bd9Sstevel@tonic-gate /* 120*7c478bd9Sstevel@tonic-gate * Functions 121*7c478bd9Sstevel@tonic-gate */ 122*7c478bd9Sstevel@tonic-gate 123*7c478bd9Sstevel@tonic-gate osa_adb_ret_t osa_adb_create_db(char *filename, char *lockfile, int magic); 124*7c478bd9Sstevel@tonic-gate osa_adb_ret_t osa_adb_destroy_db(char *filename, char *lockfile, int magic); 125*7c478bd9Sstevel@tonic-gate osa_adb_ret_t osa_adb_init_db(osa_adb_db_t *dbp, char *filename, 126*7c478bd9Sstevel@tonic-gate char *lockfile, int magic); 127*7c478bd9Sstevel@tonic-gate osa_adb_ret_t osa_adb_fini_db(osa_adb_db_t db, int magic); 128*7c478bd9Sstevel@tonic-gate osa_adb_ret_t osa_adb_get_lock(osa_adb_db_t db, int mode); 129*7c478bd9Sstevel@tonic-gate osa_adb_ret_t osa_adb_release_lock(osa_adb_db_t db); 130*7c478bd9Sstevel@tonic-gate osa_adb_ret_t osa_adb_open_and_lock(osa_adb_princ_t db, int locktype); 131*7c478bd9Sstevel@tonic-gate osa_adb_ret_t osa_adb_close_and_unlock(osa_adb_princ_t db); 132*7c478bd9Sstevel@tonic-gate 133*7c478bd9Sstevel@tonic-gate osa_adb_ret_t osa_adb_create_policy_db(kadm5_config_params *params); 134*7c478bd9Sstevel@tonic-gate osa_adb_ret_t osa_adb_destroy_policy_db(kadm5_config_params *params); 135*7c478bd9Sstevel@tonic-gate osa_adb_ret_t osa_adb_open_princ(osa_adb_princ_t *db, char *filename); 136*7c478bd9Sstevel@tonic-gate osa_adb_ret_t osa_adb_open_policy(osa_adb_policy_t *db, 137*7c478bd9Sstevel@tonic-gate kadm5_config_params *rparams); 138*7c478bd9Sstevel@tonic-gate osa_adb_ret_t osa_adb_close_princ(osa_adb_princ_t db); 139*7c478bd9Sstevel@tonic-gate osa_adb_ret_t osa_adb_close_policy(osa_adb_policy_t db); 140*7c478bd9Sstevel@tonic-gate osa_adb_ret_t osa_adb_create_princ(osa_adb_princ_t db, 141*7c478bd9Sstevel@tonic-gate osa_princ_ent_t entry); 142*7c478bd9Sstevel@tonic-gate osa_adb_ret_t osa_adb_create_policy(osa_adb_policy_t db, 143*7c478bd9Sstevel@tonic-gate osa_policy_ent_t entry); 144*7c478bd9Sstevel@tonic-gate osa_adb_ret_t osa_adb_destroy_princ(osa_adb_princ_t db, 145*7c478bd9Sstevel@tonic-gate kadm5_princ_t name); 146*7c478bd9Sstevel@tonic-gate osa_adb_ret_t osa_adb_destroy_policy(osa_adb_policy_t db, 147*7c478bd9Sstevel@tonic-gate kadm5_policy_t name); 148*7c478bd9Sstevel@tonic-gate osa_adb_ret_t osa_adb_get_princ(osa_adb_princ_t db, 149*7c478bd9Sstevel@tonic-gate kadm5_princ_t name, 150*7c478bd9Sstevel@tonic-gate osa_princ_ent_t *entry); 151*7c478bd9Sstevel@tonic-gate osa_adb_ret_t osa_adb_get_policy(osa_adb_policy_t db, 152*7c478bd9Sstevel@tonic-gate kadm5_policy_t name, 153*7c478bd9Sstevel@tonic-gate osa_policy_ent_t *entry); 154*7c478bd9Sstevel@tonic-gate osa_adb_ret_t osa_adb_put_princ(osa_adb_princ_t db, 155*7c478bd9Sstevel@tonic-gate osa_princ_ent_t entry); 156*7c478bd9Sstevel@tonic-gate osa_adb_ret_t osa_adb_put_policy(osa_adb_policy_t db, 157*7c478bd9Sstevel@tonic-gate osa_policy_ent_t entry); 158*7c478bd9Sstevel@tonic-gate osa_adb_ret_t osa_adb_iter_policy(osa_adb_policy_t db, 159*7c478bd9Sstevel@tonic-gate osa_adb_iter_policy_func func, 160*7c478bd9Sstevel@tonic-gate void * data); 161*7c478bd9Sstevel@tonic-gate osa_adb_ret_t osa_adb_iter_princ(osa_adb_princ_t db, 162*7c478bd9Sstevel@tonic-gate osa_adb_iter_princ_func func, 163*7c478bd9Sstevel@tonic-gate void *data); 164*7c478bd9Sstevel@tonic-gate void osa_free_policy_ent(osa_policy_ent_t val); 165*7c478bd9Sstevel@tonic-gate void osa_free_princ_ent(osa_princ_ent_t val); 166*7c478bd9Sstevel@tonic-gate #endif /* __ADB_H__ */ 167