1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
|
#ifndef _KRB5_KDB5_H_
#define _KRB5_KDB5_H_
#if HAVE_UNISTD_H
#include <unistd.h>
#endif
#include <errno.h>
#include <utime.h>
#include <utime.h>
#include <k5-int.h>
#include "kdb.h"
#define KDB_MAX_DB_NAME 128
#define KDB_REALM_SECTION "realms"
#define KDB_MODULE_POINTER "database_module"
#define KDB_MODULE_DEF_SECTION "dbdefaults"
#define KDB_MODULE_SECTION "dbmodules"
#define KDB_LIB_POINTER "db_library"
#define KDB_DATABASE_CONF_FILE DEFAULT_SECURE_PROFILE_PATH
#define KDB_DATABASE_ENV_PROF KDC_PROFILE_ENV
#define KRB5_KDB_OPEN_RW 0
#define KRB5_KDB_OPEN_RO 1
#ifndef KRB5_KDB_SRV_TYPE_KDC
#define KRB5_KDB_SRV_TYPE_KDC 0x0100
#endif
#ifndef KRB5_KDB_SRV_TYPE_ADMIN
#define KRB5_KDB_SRV_TYPE_ADMIN 0x0200
#endif
#ifndef KRB5_KDB_SRV_TYPE_PASSWD
#define KRB5_KDB_SRV_TYPE_PASSWD 0x0300
#endif
#ifndef KRB5_KDB_SRV_TYPE_OTHER
#define KRB5_KDB_SRV_TYPE_OTHER 0x0400
#endif
#define KRB5_KDB_OPT_SET_DB_NAME 0
#define KRB5_KDB_OPT_SET_LOCK_MODE 1
#define KRB5_DB_GET_DB_CONTEXT(kcontext) ( ((kdb5_dal_handle*) (kcontext)->db_context)->db_context )
#define KRB5_DB_GET_PROFILE(kcontext) ( (kcontext)->profile )
#define KRB5_DB_GET_REALM(kcontext) ( (kcontext)->default_realm )
#ifndef KRB5_DB_LOCKMODE_SHARED
#define KRB5_DB_LOCKMODE_SHARED 0x0001
#endif
#ifndef KRB5_DB_LOCKMODE_EXCLUSIVE
#define KRB5_DB_LOCKMODE_EXCLUSIVE 0x0002
#endif
#ifndef KRB5_DB_LOCKMODE_DONTBLOCK
#define KRB5_DB_LOCKMODE_DONTBLOCK 0x0004
#endif
#ifndef KRB5_DB_LOCKMODE_PERMANENT
#define KRB5_DB_LOCKMODE_PERMANENT 0x0008
#endif
typedef struct _kdb_vftabl{
short int maj_ver;
short int min_ver;
krb5_error_code (*init_library)();
krb5_error_code (*fini_library)();
krb5_error_code (*init_module) ( krb5_context kcontext,
char * conf_section,
char ** db_args,
int mode );
krb5_error_code (*fini_module) ( krb5_context kcontext );
krb5_error_code (*db_create) ( krb5_context kcontext,
char * conf_section,
char ** db_args );
krb5_error_code (*db_destroy) ( krb5_context kcontext,
char *conf_section,
char ** db_args );
krb5_error_code (*db_get_age) ( krb5_context kcontext,
char *db_name,
time_t *age );
krb5_error_code (*db_set_option) ( krb5_context kcontext,
int option,
void *value );
krb5_error_code (*db_lock) ( krb5_context kcontext,
int mode );
krb5_error_code (*db_unlock) ( krb5_context kcontext);
krb5_error_code (*db_get_principal) ( krb5_context kcontext,
krb5_const_principal search_for,
krb5_db_entry *entries,
int *nentries,
krb5_boolean *more );
krb5_error_code (*db_free_principal) ( krb5_context kcontext,
krb5_db_entry *entry,
int count );
krb5_error_code (*db_put_principal) ( krb5_context kcontext,
krb5_db_entry *entries,
int *nentries,
char **db_args);
krb5_error_code (*db_delete_principal) ( krb5_context kcontext,
krb5_const_principal search_for,
int *nentries );
krb5_error_code (*db_iterate) ( krb5_context kcontext,
char *match_entry,
int (*func) (krb5_pointer, krb5_db_entry *),
krb5_pointer func_arg );
krb5_error_code (*db_create_policy) ( krb5_context kcontext,
osa_policy_ent_t policy );
krb5_error_code (*db_get_policy) ( krb5_context kcontext,
char *name,
osa_policy_ent_t *policy,
int *cnt);
krb5_error_code (*db_put_policy) ( krb5_context kcontext,
osa_policy_ent_t policy );
krb5_error_code (*db_iter_policy) ( krb5_context kcontext,
char *match_entry,
osa_adb_iter_policy_func func,
void *data );
krb5_error_code (*db_delete_policy) ( krb5_context kcontext,
char *policy );
void (*db_free_policy) ( krb5_context kcontext,
osa_policy_ent_t val );
krb5_error_code (*db_supported_realms) ( krb5_context kcontext,
char **realms );
krb5_error_code (*db_free_supported_realms) ( krb5_context kcontext,
char **realms );
const char * (*errcode_2_string) ( krb5_context kcontext,
long err_code );
void * (*db_alloc) (krb5_context kcontext, void *ptr, size_t size);
void (*db_free) (krb5_context kcontext, void *ptr);
/* optional functions */
krb5_error_code (*set_master_key) ( krb5_context kcontext,
char *pwd,
krb5_keyblock *key);
krb5_error_code (*get_master_key) ( krb5_context kcontext,
krb5_keyblock **key);
krb5_error_code (*setup_master_key_name) ( krb5_context kcontext,
char *keyname,
char *realm,
char **fullname,
krb5_principal *principal);
krb5_error_code (*store_master_key) ( krb5_context kcontext,
char *db_arg,
krb5_principal mname,
krb5_keyblock *key,
char *master_pwd);
krb5_error_code (*fetch_master_key) ( krb5_context kcontext,
krb5_principal mname,
krb5_keyblock *key,
int *kvno,
char *db_args);
krb5_error_code (*verify_master_key) ( krb5_context kcontext,
krb5_principal mprinc,
krb5_keyblock *mkey );
krb5_error_code (*dbe_search_enctype) ( krb5_context kcontext,
krb5_db_entry *dbentp,
krb5_int32 *start,
krb5_int32 ktype,
krb5_int32 stype,
krb5_int32 kvno,
krb5_key_data **kdatap);
krb5_error_code
(*db_change_pwd) ( krb5_context context,
krb5_keyblock * master_key,
krb5_key_salt_tuple * ks_tuple,
int ks_tuple_count,
char * passwd,
int new_kvno,
krb5_boolean keepold,
krb5_db_entry * db_entry);
} kdb_vftabl;
typedef struct _db_library {
char name[KDB_MAX_DB_NAME];
int reference_cnt;
void *dl_handle;
kdb_vftabl vftabl;
struct _db_library *next, *prev;
} *db_library;
typedef struct _kdb5_dal_handle
{
void *db_context; /* helps us to change db_library without affecting modules to some extend */
db_library lib_handle;
} kdb5_dal_handle;
#endif /* end of _KRB5_KDB5_H_ */
|
