/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/* plugins/kdb/db2/kdb_db2.h */
/*
* Copyright 1997 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* Export of this software from the United States of America may
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
*
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
* notice appear in all copies and that both that copyright notice and
* this permission notice appear in supporting documentation, and that
* the name of M.I.T. not be used in advertising or publicity pertaining
* to distribution of the software without specific, written prior
* permission. Furthermore if you modify this software you must label
* your software as modified software and not distribute it in such a
* fashion that it might be confused with the original M.I.T. software.
* M.I.T. makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
*/
/*
*
* KDC Database backend definitions for Berkely DB.
*/
#ifndef KRB5_KDB_DB2_H
#define KRB5_KDB_DB2_H
#include "policy_db.h"
typedef struct _krb5_db2_context {
krb5_boolean db_inited; /* Context initialized */
char * db_name; /* Name of database */
DB * db; /* DB handle */
krb5_boolean hashfirst; /* Try hash database type first */
char * db_lf_name; /* Name of lock file */
int db_lf_file; /* File descriptor of lock file */
int db_locks_held; /* Number of times locked */
int db_lock_mode; /* Last lock mode, e.g. greatest*/
krb5_boolean db_nb_locks; /* [Non]Blocking lock modes */
osa_adb_policy_t policy_db;
krb5_boolean tempdb;
krb5_boolean disable_last_success;
krb5_boolean disable_lockout;
krb5_boolean unlockiter;
} krb5_db2_context;
krb5_error_code krb5_db2_init(krb5_context);
krb5_error_code krb5_db2_fini(krb5_context);
krb5_error_code krb5_db2_get_age(krb5_context, char *, time_t *);
krb5_error_code krb5_db2_get_principal(krb5_context, krb5_const_principal,
unsigned int, krb5_db_entry **);
krb5_error_code krb5_db2_put_principal(krb5_context, krb5_db_entry *,
char **db_args);
krb5_error_code krb5_db2_iterate(krb5_context, char *,
krb5_error_code (*)(krb5_pointer,
krb5_db_entry *),
krb5_pointer, krb5_flags);
krb5_error_code krb5_db2_set_nonblocking(krb5_context, krb5_boolean,
krb5_boolean *);
krb5_boolean krb5_db2_set_lockmode(krb5_context, krb5_boolean);
krb5_error_code krb5_db2_open_database(krb5_context);
krb5_error_code krb5_db2_close_database(krb5_context);
krb5_error_code
krb5_db2_delete_principal(krb5_context context,
krb5_const_principal searchfor);
krb5_error_code krb5_db2_lib_init(void);
krb5_error_code krb5_db2_lib_cleanup(void);
krb5_error_code krb5_db2_unlock(krb5_context);
krb5_error_code
krb5_db2_promote_db(krb5_context kcontext, char *conf_section, char **db_args);
krb5_error_code
krb5_db2_lock(krb5_context context, int in_mode);
krb5_error_code
krb5_db2_open(krb5_context kcontext, char *conf_section, char **db_args,
int mode);
krb5_error_code krb5_db2_create(krb5_context kcontext, char *conf_section,
char **db_args);
krb5_error_code krb5_db2_destroy(krb5_context kcontext, char *conf_section,
char **db_args);
const char *krb5_db2_err2str(krb5_context kcontext, long err_code);
/* policy management functions */
krb5_error_code
krb5_db2_create_policy(krb5_context context, osa_policy_ent_t entry);
krb5_error_code krb5_db2_get_policy(krb5_context kcontext,
char *name, osa_policy_ent_t *policy);
krb5_error_code krb5_db2_put_policy(krb5_context kcontext,
osa_policy_ent_t policy);
krb5_error_code krb5_db2_iter_policy(krb5_context kcontext, char *match_entry,
osa_adb_iter_policy_func func,
void *data);
krb5_error_code krb5_db2_delete_policy(krb5_context kcontext, char *policy);
/* Thread-safety wrapper slapped on top of original implementation. */
extern k5_mutex_t *krb5_db2_mutex;
/* lockout */
krb5_error_code
krb5_db2_lockout_check_policy(krb5_context context,
krb5_db_entry *entry,
krb5_timestamp stamp);
krb5_error_code
krb5_db2_lockout_audit(krb5_context context,
krb5_db_entry *entry,
krb5_timestamp stamp,
krb5_error_code status);
krb5_error_code
krb5_db2_check_policy_as(krb5_context kcontext, krb5_kdc_req *request,
krb5_db_entry *client, krb5_db_entry *server,
krb5_timestamp kdc_time, const char **status,
krb5_pa_data ***e_data);
void
krb5_db2_audit_as_req(krb5_context kcontext, krb5_kdc_req *request,
const krb5_address *local_addr,
const krb5_address *remote_addr,
krb5_db_entry *client, krb5_db_entry *server,
krb5_timestamp authtime,
krb5_error_code error_code);
#endif /* KRB5_KDB_DB2_H */