2N/A/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
2N/A/*
2N/A * Copyright 2006 by the Massachusetts Institute of Technology.
2N/A * All Rights Reserved.
2N/A *
2N/A * Export of this software from the United States of America may
2N/A * require a specific license from the United States Government.
2N/A * It is the responsibility of any person or organization contemplating
2N/A * export to obtain such a license before exporting.
2N/A *
2N/A * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
2N/A * distribute this software and its documentation for any purpose and
2N/A * without fee is hereby granted, provided that the above copyright
2N/A * notice appear in all copies and that both that copyright notice and
2N/A * this permission notice appear in supporting documentation, and that
2N/A * the name of M.I.T. not be used in advertising or publicity pertaining
2N/A * to distribution of the software without specific, written prior
2N/A * permission. Furthermore if you modify this software you must label
2N/A * your software as modified software and not distribute it in such a
2N/A * fashion that it might be confused with the original M.I.T. software.
2N/A * M.I.T. makes no representations about the suitability of
2N/A * this software for any purpose. It is provided "as is" without express
2N/A * or implied warranty.
2N/A */
2N/A
2N/A/**********************************************************************
2N/A *
2N/A * C %name: db2_exp.c %
2N/A * Instance: idc_sec_2
2N/A * Description:
2N/A * %created_by: spradeep %
2N/A * %date_created: Tue Apr 5 11:44:00 2005 %
2N/A *
2N/A **********************************************************************/
2N/A
2N/A/*
2N/A * Copyright (c) 2007, 2012, Oracle and/or its affiliates. All rights reserved.
2N/A */
2N/A
2N/A#ifndef lint
2N/Astatic char *_csrc = "@(#) %filespec: db2_exp.c~5 % (%full_filespec: db2_exp.c~5:csrc:idc_sec#2 %)";
2N/A#endif
2N/A
2N/A#include "k5-int.h"
2N/A
2N/A#if HAVE_UNISTD_H
2N/A#include <unistd.h>
2N/A#endif
2N/A
2N/A#include <db.h>
2N/A#include <stdio.h>
2N/A#include <errno.h>
2N/A#include <utime.h>
2N/A#include "kdb5.h"
2N/A#include "kdb_db2.h"
2N/A#include "kdb_xdr.h"
2N/A#include "policy_db.h"
2N/A
2N/A/* Quick and dirty wrapper functions to provide for thread safety
2N/A within the plugin, instead of making the kdb5 library do it. Eventually
2N/A these should be integrated into the real functions.
2N/A
2N/A Some of the functions wrapped here are also called directly from
2N/A within this library (e.g., create calls open), so simply dropping
2N/A locking code into the top and bottom of each referenced function
2N/A won't do. (We aren't doing recursive locks, currently.) */
2N/A
2N/Ak5_mutex_t *krb5_db2_mutex;
2N/A
2N/A#define WRAP(NAME,TYPE,ARGLIST,ARGNAMES,ERROR_RESULT) \
2N/A static TYPE wrap_##NAME ARGLIST \
2N/A { \
2N/A TYPE result; \
2N/A int code = k5_mutex_lock (krb5_db2_mutex); \
2N/A if (code) { return ERROR_RESULT; } \
2N/A result = NAME ARGNAMES; \
2N/A k5_mutex_unlock (krb5_db2_mutex); \
2N/A return result; \
2N/A } \
2N/A /* hack: decl to allow a following ";" */ \
2N/A static TYPE wrap_##NAME ()
2N/A
2N/A/* Two special cases: void (can't assign result), and krb5_error_code
2N/A (return error from locking code). */
2N/A
2N/A#define WRAP_VOID(NAME,ARGLIST,ARGNAMES) \
2N/A static void wrap_##NAME ARGLIST \
2N/A { \
2N/A int code = k5_mutex_lock (krb5_db2_mutex); \
2N/A if (code) { return; } \
2N/A NAME ARGNAMES; \
2N/A k5_mutex_unlock (krb5_db2_mutex); \
2N/A } \
2N/A /* hack: decl to allow a following ";" */ \
2N/A static void wrap_##NAME ()
2N/A
2N/A#define WRAP_K(NAME,ARGLIST,ARGNAMES) \
2N/A WRAP(NAME,krb5_error_code,ARGLIST,ARGNAMES,code)
2N/A
2N/AWRAP_K (krb5_db2_open,
2N/A ( krb5_context kcontext,
2N/A char *conf_section,
2N/A char **db_args,
2N/A int mode ),
2N/A (kcontext, conf_section, db_args, mode));
2N/AWRAP_K (krb5_db2_db_fini, (krb5_context ctx), (ctx));
2N/AWRAP_K (krb5_db2_create,
2N/A ( krb5_context kcontext, char *conf_section, char **db_args ),
2N/A (kcontext, conf_section, db_args));
2N/AWRAP_K (krb5_db2_destroy,
2N/A ( krb5_context kcontext, char *conf_section, char **db_args ),
2N/A (kcontext, conf_section, db_args));
2N/AWRAP_K (krb5_db2_db_get_age,
2N/A (krb5_context ctx,
2N/A char *s,
2N/A time_t *t),
2N/A (ctx, s, t));
2N/AWRAP_K (krb5_db2_db_set_option,
2N/A ( krb5_context kcontext,
2N/A int option,
2N/A void *value ),
2N/A (kcontext, option, value));
2N/A
2N/AWRAP_K (krb5_db2_db_lock,
2N/A ( krb5_context context,
2N/A int in_mode),
2N/A (context, in_mode));
2N/AWRAP_K (krb5_db2_db_unlock, (krb5_context ctx), (ctx));
2N/A
2N/AWRAP_K (krb5_db2_db_get_principal,
2N/A (krb5_context ctx,
2N/A krb5_const_principal p,
2N/A unsigned int flags,
2N/A krb5_db_entry *d,
2N/A int * i,
2N/A krb5_boolean *b),
2N/A (ctx, p, d, i, b));
2N/AWRAP_K (krb5_db2_db_free_principal,
2N/A (krb5_context ctx,
2N/A krb5_db_entry *d,
2N/A int i),
2N/A (ctx, d, i));
2N/AWRAP_K (krb5_db2_db_put_principal,
2N/A (krb5_context ctx,
2N/A krb5_db_entry *d,
2N/A int *i,
2N/A char **db_args),
2N/A (ctx, d, i, db_args));
2N/AWRAP_K (krb5_db2_db_delete_principal,
2N/A (krb5_context context,
2N/A krb5_const_principal searchfor,
2N/A int *nentries),
2N/A (context, searchfor, nentries));
2N/A
2N/A/* Solaris Kerberos: adding support for db_args */
2N/AWRAP_K (krb5_db2_db_iterate,
2N/A (krb5_context ctx, char *s,
2N/A krb5_error_code (*f) (krb5_pointer,
2N/A krb5_db_entry *),
2N/A krb5_pointer p,
2N/A char **db_args),
2N/A (ctx, s, f, p, db_args));
2N/A
2N/AWRAP_K (krb5_db2_create_policy,
2N/A (krb5_context context, osa_policy_ent_t entry),
2N/A (context, entry));
2N/AWRAP_K (krb5_db2_get_policy,
2N/A ( krb5_context kcontext,
2N/A char *name,
2N/A osa_policy_ent_t *policy,
2N/A int *cnt),
2N/A (kcontext, name, policy, cnt));
2N/AWRAP_K (krb5_db2_put_policy,
2N/A ( krb5_context kcontext, osa_policy_ent_t policy ),
2N/A (kcontext, policy));
2N/AWRAP_K (krb5_db2_iter_policy,
2N/A ( krb5_context kcontext,
2N/A char *match_entry,
2N/A osa_adb_iter_policy_func func,
2N/A void *data ),
2N/A (kcontext, match_entry, func, data));
2N/AWRAP_K (krb5_db2_delete_policy,
2N/A ( krb5_context kcontext, char *policy ),
2N/A (kcontext, policy));
2N/AWRAP_VOID (krb5_db2_free_policy,
2N/A ( krb5_context kcontext, osa_policy_ent_t entry ),
2N/A (kcontext, entry));
2N/A
2N/AWRAP_K (krb5_db2_set_master_key_ext,
2N/A ( krb5_context kcontext, char *pwd, krb5_keyblock *key),
2N/A (kcontext, pwd, key));
2N/AWRAP_K (krb5_db2_db_get_mkey,
2N/A ( krb5_context context, krb5_keyblock **key),
2N/A (context, key));
2N/A
2N/AWRAP_K (krb5_db2_promote_db,
2N/A ( krb5_context kcontext, char *conf_section, char **db_args ),
2N/A (kcontext, conf_section, db_args));
2N/A
2N/AWRAP_K (krb5_db2_invoke,
2N/A (krb5_context kcontext,
2N/A unsigned int method,
2N/A const krb5_data *request,
2N/A krb5_data *response),
2N/A (kcontext, method, request, response));
2N/A
2N/Astatic krb5_error_code
2N/Ahack_init ()
2N/A{
2N/A krb5_error_code c;
2N/A c = krb5int_mutex_alloc (&krb5_db2_mutex);
2N/A if (c)
2N/A return c;
2N/A return krb5_db2_lib_init ();
2N/A}
2N/A
2N/Astatic krb5_error_code
2N/Ahack_cleanup (void)
2N/A{
2N/A krb5int_mutex_free (krb5_db2_mutex);
2N/A krb5_db2_mutex = NULL;
2N/A return krb5_db2_lib_cleanup();
2N/A}
2N/A
2N/A
2N/A/*
2N/A * Exposed API
2N/A */
2N/A
2N/Akdb_vftabl PLUGIN_SYMBOL_NAME(krb5_db2, kdb_function_table) = {
2N/A 1, /* major version number 1 */
2N/A 0, /* minor version number 0 */
2N/A /* init_library */ hack_init,
2N/A /* fini_library */ hack_cleanup,
2N/A /* init_module */ wrap_krb5_db2_open,
2N/A /* fini_module */ wrap_krb5_db2_db_fini,
2N/A /* db_create */ wrap_krb5_db2_create,
2N/A /* db_destroy */ wrap_krb5_db2_destroy,
2N/A /* db_get_age */ wrap_krb5_db2_db_get_age,
2N/A /* db_set_option */ wrap_krb5_db2_db_set_option,
2N/A /* db_lock */ wrap_krb5_db2_db_lock,
2N/A /* db_unlock */ wrap_krb5_db2_db_unlock,
2N/A /* db_get_principal */ wrap_krb5_db2_db_get_principal,
2N/A /* db_free_principal */ wrap_krb5_db2_db_free_principal,
2N/A /* db_put_principal */ wrap_krb5_db2_db_put_principal,
2N/A /* db_delete_principal */ wrap_krb5_db2_db_delete_principal,
2N/A /* db_iterate */ wrap_krb5_db2_db_iterate,
2N/A /* db_create_policy */ wrap_krb5_db2_create_policy,
2N/A /* db_get_policy */ wrap_krb5_db2_get_policy,
2N/A /* db_put_policy */ wrap_krb5_db2_put_policy,
2N/A /* db_iter_policy */ wrap_krb5_db2_iter_policy,
2N/A /* db_delete_policy */ wrap_krb5_db2_delete_policy,
2N/A /* db_free_policy */ wrap_krb5_db2_free_policy,
2N/A /* db_supported_realms */ NULL,
2N/A /* db_free_supported_realms */ NULL,
2N/A /* errcode_2_string */ NULL,
2N/A /* release_errcode_string */ NULL,
2N/A /* db_alloc */ krb5_db2_alloc,
2N/A /* db_free */ krb5_db2_free,
2N/A /* set_master_key */ wrap_krb5_db2_set_master_key_ext,
2N/A /* get_master_key */ wrap_krb5_db2_db_get_mkey,
2N/A /* blah blah blah */ 0,0,0,0,0,0,0,0,
2N/A /* promote_db */ wrap_krb5_db2_promote_db,
2N/A 0, 0,
2N/A /* invoke */ wrap_krb5_db2_invoke
2N/A};