/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/* plugins/kdb/lmdb/klmdb-int.h - internal declarations for LMDB KDB module */
/*
* Copyright (C) 2018 by the Massachusetts Institute of Technology.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* * Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* * Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef LMDB_INT_H
#define LMDB_INT_H
/* Length of a principal lockout record (three 32-bit fields) */
#define LOCKOUT_RECORD_LEN 12
krb5_error_code klmdb_encode_princ(krb5_context context,
const krb5_db_entry *entry,
uint8_t **enc_out, size_t *len_out);
void klmdb_encode_princ_lockout(krb5_context context,
const krb5_db_entry *entry,
uint8_t buf[LOCKOUT_RECORD_LEN]);
krb5_error_code klmdb_encode_policy(krb5_context context,
const osa_policy_ent_rec *pol,
uint8_t **enc_out, size_t *len_out);
krb5_error_code klmdb_decode_princ(krb5_context context,
const void *key, size_t key_len,
const void *enc, size_t enc_len,
krb5_db_entry **entry_out);
void klmdb_decode_princ_lockout(krb5_context context, krb5_db_entry *entry,
const uint8_t buf[LOCKOUT_RECORD_LEN]);
krb5_error_code klmdb_decode_policy(krb5_context context,
const void *key, size_t key_len,
const void *enc, size_t enc_len,
osa_policy_ent_t *pol_out);
krb5_error_code klmdb_lockout_check_policy(krb5_context context,
krb5_db_entry *entry,
krb5_timestamp stamp);
krb5_error_code klmdb_lockout_audit(krb5_context context, krb5_db_entry *entry,
krb5_timestamp stamp,
krb5_error_code status,
krb5_boolean disable_last_success,
krb5_boolean disable_lockout);
krb5_error_code klmdb_update_lockout(krb5_context context,
krb5_db_entry *entry,
krb5_timestamp stamp,
krb5_boolean zero_fail_count,
krb5_boolean set_last_success,
krb5_boolean set_last_failure);
krb5_error_code klmdb_get_policy(krb5_context context, char *name,
osa_policy_ent_t *policy);
#endif /* LMDB_INT_H */