1*0Sstevel@tonic-gate /* 2*0Sstevel@tonic-gate * Copyright 2004 Sun Microsystems, Inc. All rights reserved. 3*0Sstevel@tonic-gate * Use is subject to license terms. 4*0Sstevel@tonic-gate */ 5*0Sstevel@tonic-gate 6*0Sstevel@tonic-gate %#pragma ident "%Z%%M% %I% %E% SMI" 7*0Sstevel@tonic-gate 8*0Sstevel@tonic-gate #ifdef RPC_XDR 9*0Sstevel@tonic-gate %#include "iprop.h" 10*0Sstevel@tonic-gate #endif /* RPC_XDR */ 11*0Sstevel@tonic-gate 12*0Sstevel@tonic-gate /* 13*0Sstevel@tonic-gate * Initial declarations 14*0Sstevel@tonic-gate */ 15*0Sstevel@tonic-gate 16*0Sstevel@tonic-gate #ifndef RPC_HDR 17*0Sstevel@tonic-gate typedef short int16_t; 18*0Sstevel@tonic-gate typedef unsigned short uint16_t; 19*0Sstevel@tonic-gate typedef int int32_t; 20*0Sstevel@tonic-gate typedef unsigned int uint32_t; 21*0Sstevel@tonic-gate typedef hyper int64_t; 22*0Sstevel@tonic-gate typedef unsigned hyper uint64_t; 23*0Sstevel@tonic-gate #endif /* !RPC_HDR */ 24*0Sstevel@tonic-gate 25*0Sstevel@tonic-gate typedef opaque utf8str_t<>; 26*0Sstevel@tonic-gate 27*0Sstevel@tonic-gate /* 28*0Sstevel@tonic-gate * Transaction log serial no. 29*0Sstevel@tonic-gate */ 30*0Sstevel@tonic-gate typedef uint32_t kdb_sno_t; 31*0Sstevel@tonic-gate 32*0Sstevel@tonic-gate /* Timestamp */ 33*0Sstevel@tonic-gate struct kdbe_time_t { 34*0Sstevel@tonic-gate uint32_t seconds; 35*0Sstevel@tonic-gate uint32_t useconds; 36*0Sstevel@tonic-gate }; 37*0Sstevel@tonic-gate 38*0Sstevel@tonic-gate /* Key Data */ 39*0Sstevel@tonic-gate struct kdbe_key_t { 40*0Sstevel@tonic-gate int32_t k_ver; /* Version */ 41*0Sstevel@tonic-gate int32_t k_kvno; /* Key version no. */ 42*0Sstevel@tonic-gate int32_t k_enctype<>; 43*0Sstevel@tonic-gate utf8str_t k_contents<>; 44*0Sstevel@tonic-gate }; 45*0Sstevel@tonic-gate 46*0Sstevel@tonic-gate /* Content data */ 47*0Sstevel@tonic-gate struct kdbe_data_t { 48*0Sstevel@tonic-gate int32_t k_magic; 49*0Sstevel@tonic-gate utf8str_t k_data; 50*0Sstevel@tonic-gate }; 51*0Sstevel@tonic-gate 52*0Sstevel@tonic-gate /* Principal Data */ 53*0Sstevel@tonic-gate struct kdbe_princ_t { 54*0Sstevel@tonic-gate utf8str_t k_realm; 55*0Sstevel@tonic-gate kdbe_data_t k_components<>; 56*0Sstevel@tonic-gate int32_t k_nametype; 57*0Sstevel@tonic-gate }; 58*0Sstevel@tonic-gate 59*0Sstevel@tonic-gate /* TL data (pre-auth specific data) */ 60*0Sstevel@tonic-gate struct kdbe_tl_t { 61*0Sstevel@tonic-gate int16_t tl_type; 62*0Sstevel@tonic-gate opaque tl_data<>; 63*0Sstevel@tonic-gate }; 64*0Sstevel@tonic-gate 65*0Sstevel@tonic-gate /* Structure to store pwd history */ 66*0Sstevel@tonic-gate typedef kdbe_key_t kdbe_pw_hist_t<>; 67*0Sstevel@tonic-gate 68*0Sstevel@tonic-gate /* Basic KDB entry attributes */ 69*0Sstevel@tonic-gate enum kdbe_attr_type_t { 70*0Sstevel@tonic-gate AT_ATTRFLAGS = 0, 71*0Sstevel@tonic-gate AT_MAX_LIFE = 1, 72*0Sstevel@tonic-gate AT_MAX_RENEW_LIFE = 2, 73*0Sstevel@tonic-gate AT_EXP = 3, 74*0Sstevel@tonic-gate AT_PW_EXP = 4, 75*0Sstevel@tonic-gate AT_LAST_SUCCESS = 5, 76*0Sstevel@tonic-gate AT_LAST_FAILED = 6, 77*0Sstevel@tonic-gate AT_FAIL_AUTH_COUNT = 7, 78*0Sstevel@tonic-gate AT_PRINC = 8, 79*0Sstevel@tonic-gate AT_KEYDATA = 9, 80*0Sstevel@tonic-gate AT_TL_DATA = 10, 81*0Sstevel@tonic-gate AT_LEN = 11, 82*0Sstevel@tonic-gate AT_MOD_PRINC = 12, 83*0Sstevel@tonic-gate AT_MOD_TIME = 13, 84*0Sstevel@tonic-gate AT_MOD_WHERE = 14, 85*0Sstevel@tonic-gate AT_PW_LAST_CHANGE = 15, 86*0Sstevel@tonic-gate AT_PW_POLICY = 16, 87*0Sstevel@tonic-gate AT_PW_POLICY_SWITCH = 17, 88*0Sstevel@tonic-gate AT_PW_HIST_KVNO = 18, 89*0Sstevel@tonic-gate AT_PW_HIST = 19 90*0Sstevel@tonic-gate }; 91*0Sstevel@tonic-gate 92*0Sstevel@tonic-gate /* KDB entry, Attribute=value */ 93*0Sstevel@tonic-gate union kdbe_val_t switch (kdbe_attr_type_t av_type) { 94*0Sstevel@tonic-gate case AT_ATTRFLAGS: 95*0Sstevel@tonic-gate uint32_t av_attrflags; 96*0Sstevel@tonic-gate case AT_MAX_LIFE: 97*0Sstevel@tonic-gate uint32_t av_max_life; 98*0Sstevel@tonic-gate case AT_MAX_RENEW_LIFE: 99*0Sstevel@tonic-gate uint32_t av_max_renew_life; 100*0Sstevel@tonic-gate case AT_EXP: 101*0Sstevel@tonic-gate uint32_t av_exp; 102*0Sstevel@tonic-gate case AT_PW_EXP: 103*0Sstevel@tonic-gate uint32_t av_pw_exp; 104*0Sstevel@tonic-gate case AT_LAST_SUCCESS: 105*0Sstevel@tonic-gate uint32_t av_last_success; 106*0Sstevel@tonic-gate case AT_LAST_FAILED: 107*0Sstevel@tonic-gate uint32_t av_last_failed; 108*0Sstevel@tonic-gate case AT_FAIL_AUTH_COUNT: 109*0Sstevel@tonic-gate uint32_t av_fail_auth_count; 110*0Sstevel@tonic-gate case AT_PRINC: 111*0Sstevel@tonic-gate kdbe_princ_t av_princ; 112*0Sstevel@tonic-gate case AT_KEYDATA: 113*0Sstevel@tonic-gate kdbe_key_t av_keydata<>; /* array of keys */ 114*0Sstevel@tonic-gate case AT_TL_DATA: 115*0Sstevel@tonic-gate kdbe_tl_t av_tldata<>; /* array of TL data */ 116*0Sstevel@tonic-gate case AT_LEN: 117*0Sstevel@tonic-gate int16_t av_len; 118*0Sstevel@tonic-gate case AT_PW_LAST_CHANGE: 119*0Sstevel@tonic-gate uint32_t av_pw_last_change; 120*0Sstevel@tonic-gate case AT_MOD_PRINC: 121*0Sstevel@tonic-gate kdbe_princ_t av_mod_princ; 122*0Sstevel@tonic-gate case AT_MOD_TIME: 123*0Sstevel@tonic-gate uint32_t av_mod_time; 124*0Sstevel@tonic-gate case AT_MOD_WHERE: 125*0Sstevel@tonic-gate utf8str_t av_mod_where; 126*0Sstevel@tonic-gate case AT_PW_POLICY: 127*0Sstevel@tonic-gate utf8str_t av_pw_policy; 128*0Sstevel@tonic-gate case AT_PW_POLICY_SWITCH: 129*0Sstevel@tonic-gate bool av_pw_policy_switch; 130*0Sstevel@tonic-gate case AT_PW_HIST_KVNO: 131*0Sstevel@tonic-gate uint32_t av_pw_hist_kvno; 132*0Sstevel@tonic-gate case AT_PW_HIST: 133*0Sstevel@tonic-gate kdbe_pw_hist_t av_pw_hist<>; /* array of pw history */ 134*0Sstevel@tonic-gate default: 135*0Sstevel@tonic-gate opaque av_extension<>; /* futures */ 136*0Sstevel@tonic-gate }; 137*0Sstevel@tonic-gate 138*0Sstevel@tonic-gate typedef kdbe_val_t kdbe_t<>; /* Array of attr/val makes a KDB entry */ 139*0Sstevel@tonic-gate 140*0Sstevel@tonic-gate /* 141*0Sstevel@tonic-gate * Incremental update 142*0Sstevel@tonic-gate */ 143*0Sstevel@tonic-gate struct kdb_incr_update_t { 144*0Sstevel@tonic-gate utf8str_t kdb_princ_name; /* Principal name */ 145*0Sstevel@tonic-gate kdb_sno_t kdb_entry_sno; /* Serial # of entry */ 146*0Sstevel@tonic-gate kdbe_time_t kdb_time; /* Timestamp of update */ 147*0Sstevel@tonic-gate kdbe_t kdb_update; /* Attributes modified */ 148*0Sstevel@tonic-gate bool kdb_deleted; /* Is this update a DELETION ? */ 149*0Sstevel@tonic-gate bool kdb_commit; /* Is the entry committed or not ? */ 150*0Sstevel@tonic-gate utf8str_t kdb_kdcs_seen_by<>; /* Names of slaves that have */ 151*0Sstevel@tonic-gate /* seen this update - for */ 152*0Sstevel@tonic-gate /* future use */ 153*0Sstevel@tonic-gate opaque kdb_futures<>; /* futures */ 154*0Sstevel@tonic-gate }; 155*0Sstevel@tonic-gate 156*0Sstevel@tonic-gate /* 157*0Sstevel@tonic-gate * Update log body 158*0Sstevel@tonic-gate */ 159*0Sstevel@tonic-gate typedef kdb_incr_update_t kdb_ulog_t<>; 160*0Sstevel@tonic-gate 161*0Sstevel@tonic-gate enum update_status_t { 162*0Sstevel@tonic-gate UPDATE_OK = 0, 163*0Sstevel@tonic-gate UPDATE_ERROR = 1, 164*0Sstevel@tonic-gate UPDATE_FULL_RESYNC_NEEDED = 2, 165*0Sstevel@tonic-gate UPDATE_BUSY = 3, 166*0Sstevel@tonic-gate UPDATE_NIL = 4, 167*0Sstevel@tonic-gate UPDATE_PERM_DENIED = 5 168*0Sstevel@tonic-gate }; 169*0Sstevel@tonic-gate 170*0Sstevel@tonic-gate struct kdb_last_t { 171*0Sstevel@tonic-gate kdb_sno_t last_sno; 172*0Sstevel@tonic-gate kdbe_time_t last_time; 173*0Sstevel@tonic-gate }; 174*0Sstevel@tonic-gate 175*0Sstevel@tonic-gate struct kdb_incr_result_t { 176*0Sstevel@tonic-gate kdb_last_t lastentry; 177*0Sstevel@tonic-gate kdb_ulog_t updates; 178*0Sstevel@tonic-gate update_status_t ret; 179*0Sstevel@tonic-gate }; 180*0Sstevel@tonic-gate 181*0Sstevel@tonic-gate struct kdb_fullresync_result_t { 182*0Sstevel@tonic-gate kdb_last_t lastentry; 183*0Sstevel@tonic-gate update_status_t ret; 184*0Sstevel@tonic-gate }; 185*0Sstevel@tonic-gate 186*0Sstevel@tonic-gate program KRB5_IPROP_PROG { 187*0Sstevel@tonic-gate version KRB5_IPROP_VERS { 188*0Sstevel@tonic-gate /* 189*0Sstevel@tonic-gate * NULL procedure 190*0Sstevel@tonic-gate */ 191*0Sstevel@tonic-gate void 192*0Sstevel@tonic-gate IPROP_NULL(void) = 0; 193*0Sstevel@tonic-gate 194*0Sstevel@tonic-gate /* 195*0Sstevel@tonic-gate * Keep waiting for and get next incremental update(s) 196*0Sstevel@tonic-gate * 197*0Sstevel@tonic-gate * Will return latest kdb_vers on the master (if different), 198*0Sstevel@tonic-gate * alongwith return value and affected db entries. 199*0Sstevel@tonic-gate */ 200*0Sstevel@tonic-gate kdb_incr_result_t 201*0Sstevel@tonic-gate IPROP_GET_UPDATES(kdb_last_t) = 1; 202*0Sstevel@tonic-gate 203*0Sstevel@tonic-gate /* 204*0Sstevel@tonic-gate * We need to do the full-resync of the db, since the 205*0Sstevel@tonic-gate * serial nos./timestamps are way out-of-whack 206*0Sstevel@tonic-gate */ 207*0Sstevel@tonic-gate kdb_fullresync_result_t 208*0Sstevel@tonic-gate IPROP_FULL_RESYNC(void) = 2; 209*0Sstevel@tonic-gate } = 1; 210*0Sstevel@tonic-gate } = 100423; 211