Merge from branch sun-iprop

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20465 dc483132-0cff-0310-8789-dd5450dbe970

6 files changed, 446 insertions, 3 deletions

diff --git a/src/include/iprop.h b/src/include/iprop.h
new file mode 100644
index 0000000000..208f4dce0a
--- /dev/null
+++ b/src/include/iprop.h
@@ -0,0 +1,269 @@
+/*
+ * Please do not edit this file.
+ * It was generated using rpcgen.
+ */
+
+#ifndef _IPROP_H_RPCGEN
+#define _IPROP_H_RPCGEN
+
+#include <gssrpc/rpc.h>
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+
+typedef struct {
+	u_int utf8str_t_len;
+	char *utf8str_t_val;
+} utf8str_t;
+
+typedef uint32_t kdb_sno_t;
+
+struct kdbe_time_t {
+	uint32_t seconds;
+	uint32_t useconds;
+};
+typedef struct kdbe_time_t kdbe_time_t;
+
+struct kdbe_key_t {
+	int32_t k_ver;
+	int32_t k_kvno;
+	struct {
+		u_int k_enctype_len;
+		int32_t *k_enctype_val;
+	} k_enctype;
+	struct {
+		u_int k_contents_len;
+		utf8str_t *k_contents_val;
+	} k_contents;
+};
+typedef struct kdbe_key_t kdbe_key_t;
+
+struct kdbe_data_t {
+	int32_t k_magic;
+	utf8str_t k_data;
+};
+typedef struct kdbe_data_t kdbe_data_t;
+
+struct kdbe_princ_t {
+	utf8str_t k_realm;
+	struct {
+		u_int k_components_len;
+		kdbe_data_t *k_components_val;
+	} k_components;
+	int32_t k_nametype;
+};
+typedef struct kdbe_princ_t kdbe_princ_t;
+
+struct kdbe_tl_t {
+	int16_t tl_type;
+	struct {
+		u_int tl_data_len;
+		char *tl_data_val;
+	} tl_data;
+};
+typedef struct kdbe_tl_t kdbe_tl_t;
+
+typedef struct {
+	u_int kdbe_pw_hist_t_len;
+	kdbe_key_t *kdbe_pw_hist_t_val;
+} kdbe_pw_hist_t;
+
+enum kdbe_attr_type_t {
+	AT_ATTRFLAGS = 0,
+	AT_MAX_LIFE = 1,
+	AT_MAX_RENEW_LIFE = 2,
+	AT_EXP = 3,
+	AT_PW_EXP = 4,
+	AT_LAST_SUCCESS = 5,
+	AT_LAST_FAILED = 6,
+	AT_FAIL_AUTH_COUNT = 7,
+	AT_PRINC = 8,
+	AT_KEYDATA = 9,
+	AT_TL_DATA = 10,
+	AT_LEN = 11,
+	AT_MOD_PRINC = 12,
+	AT_MOD_TIME = 13,
+	AT_MOD_WHERE = 14,
+	AT_PW_LAST_CHANGE = 15,
+	AT_PW_POLICY = 16,
+	AT_PW_POLICY_SWITCH = 17,
+	AT_PW_HIST_KVNO = 18,
+	AT_PW_HIST = 19,
+};
+typedef enum kdbe_attr_type_t kdbe_attr_type_t;
+
+struct kdbe_val_t {
+	kdbe_attr_type_t av_type;
+	union {
+		uint32_t av_attrflags;
+		uint32_t av_max_life;
+		uint32_t av_max_renew_life;
+		uint32_t av_exp;
+		uint32_t av_pw_exp;
+		uint32_t av_last_success;
+		uint32_t av_last_failed;
+		uint32_t av_fail_auth_count;
+		kdbe_princ_t av_princ;
+		struct {
+			u_int av_keydata_len;
+			kdbe_key_t *av_keydata_val;
+		} av_keydata;
+		struct {
+			u_int av_tldata_len;
+			kdbe_tl_t *av_tldata_val;
+		} av_tldata;
+		int16_t av_len;
+		uint32_t av_pw_last_change;
+		kdbe_princ_t av_mod_princ;
+		uint32_t av_mod_time;
+		utf8str_t av_mod_where;
+		utf8str_t av_pw_policy;
+		bool_t av_pw_policy_switch;
+		uint32_t av_pw_hist_kvno;
+		struct {
+			u_int av_pw_hist_len;
+			kdbe_pw_hist_t *av_pw_hist_val;
+		} av_pw_hist;
+		struct {
+			u_int av_extension_len;
+			char *av_extension_val;
+		} av_extension;
+	} kdbe_val_t_u;
+};
+typedef struct kdbe_val_t kdbe_val_t;
+
+typedef struct {
+	u_int kdbe_t_len;
+	kdbe_val_t *kdbe_t_val;
+} kdbe_t;
+
+struct kdb_incr_update_t {
+	utf8str_t kdb_princ_name;
+	kdb_sno_t kdb_entry_sno;
+	kdbe_time_t kdb_time;
+	kdbe_t kdb_update;
+	bool_t kdb_deleted;
+	bool_t kdb_commit;
+	struct {
+		u_int kdb_kdcs_seen_by_len;
+		utf8str_t *kdb_kdcs_seen_by_val;
+	} kdb_kdcs_seen_by;
+	struct {
+		u_int kdb_futures_len;
+		char *kdb_futures_val;
+	} kdb_futures;
+};
+typedef struct kdb_incr_update_t kdb_incr_update_t;
+
+typedef struct {
+	u_int kdb_ulog_t_len;
+	kdb_incr_update_t *kdb_ulog_t_val;
+} kdb_ulog_t;
+
+enum update_status_t {
+	UPDATE_OK = 0,
+	UPDATE_ERROR = 1,
+	UPDATE_FULL_RESYNC_NEEDED = 2,
+	UPDATE_BUSY = 3,
+	UPDATE_NIL = 4,
+	UPDATE_PERM_DENIED = 5,
+};
+typedef enum update_status_t update_status_t;
+
+struct kdb_last_t {
+	kdb_sno_t last_sno;
+	kdbe_time_t last_time;
+};
+typedef struct kdb_last_t kdb_last_t;
+
+struct kdb_incr_result_t {
+	kdb_last_t lastentry;
+	kdb_ulog_t updates;
+	update_status_t ret;
+};
+typedef struct kdb_incr_result_t kdb_incr_result_t;
+
+struct kdb_fullresync_result_t {
+	kdb_last_t lastentry;
+	update_status_t ret;
+};
+typedef struct kdb_fullresync_result_t kdb_fullresync_result_t;
+
+#define KRB5_IPROP_PROG 100423
+#define KRB5_IPROP_VERS 1
+
+#if defined(__STDC__) || defined(__cplusplus)
+#define IPROP_NULL 0
+extern  void * iprop_null_1(void *, CLIENT *);
+extern  void * iprop_null_1_svc(void *, struct svc_req *);
+#define IPROP_GET_UPDATES 1
+extern  kdb_incr_result_t * iprop_get_updates_1(kdb_last_t *, CLIENT *);
+extern  kdb_incr_result_t * iprop_get_updates_1_svc(kdb_last_t *, struct svc_req *);
+#define IPROP_FULL_RESYNC 2
+extern  kdb_fullresync_result_t * iprop_full_resync_1(void *, CLIENT *);
+extern  kdb_fullresync_result_t * iprop_full_resync_1_svc(void *, struct svc_req *);
+extern int krb5_iprop_prog_1_freeresult (SVCXPRT *, xdrproc_t, caddr_t);
+
+#else /* K&R C */
+#define IPROP_NULL 0
+extern  void * iprop_null_1();
+extern  void * iprop_null_1_svc();
+#define IPROP_GET_UPDATES 1
+extern  kdb_incr_result_t * iprop_get_updates_1();
+extern  kdb_incr_result_t * iprop_get_updates_1_svc();
+#define IPROP_FULL_RESYNC 2
+extern  kdb_fullresync_result_t * iprop_full_resync_1();
+extern  kdb_fullresync_result_t * iprop_full_resync_1_svc();
+extern int krb5_iprop_prog_1_freeresult ();
+#endif /* K&R C */
+
+/* the xdr functions */
+
+#if defined(__STDC__) || defined(__cplusplus)
+extern  bool_t xdr_utf8str_t (XDR *, utf8str_t*);
+extern  bool_t xdr_kdb_sno_t (XDR *, kdb_sno_t*);
+extern  bool_t xdr_kdbe_time_t (XDR *, kdbe_time_t*);
+extern  bool_t xdr_kdbe_key_t (XDR *, kdbe_key_t*);
+extern  bool_t xdr_kdbe_data_t (XDR *, kdbe_data_t*);
+extern  bool_t xdr_kdbe_princ_t (XDR *, kdbe_princ_t*);
+extern  bool_t xdr_kdbe_tl_t (XDR *, kdbe_tl_t*);
+extern  bool_t xdr_kdbe_pw_hist_t (XDR *, kdbe_pw_hist_t*);
+extern  bool_t xdr_kdbe_attr_type_t (XDR *, kdbe_attr_type_t*);
+extern  bool_t xdr_kdbe_val_t (XDR *, kdbe_val_t*);
+extern  bool_t xdr_kdbe_t (XDR *, kdbe_t*);
+extern  bool_t xdr_kdb_incr_update_t (XDR *, kdb_incr_update_t*);
+extern  bool_t xdr_kdb_ulog_t (XDR *, kdb_ulog_t*);
+extern  bool_t xdr_update_status_t (XDR *, update_status_t*);
+extern  bool_t xdr_kdb_last_t (XDR *, kdb_last_t*);
+extern  bool_t xdr_kdb_incr_result_t (XDR *, kdb_incr_result_t*);
+extern  bool_t xdr_kdb_fullresync_result_t (XDR *, kdb_fullresync_result_t*);
+
+#else /* K&R C */
+extern bool_t xdr_utf8str_t ();
+extern bool_t xdr_kdb_sno_t ();
+extern bool_t xdr_kdbe_time_t ();
+extern bool_t xdr_kdbe_key_t ();
+extern bool_t xdr_kdbe_data_t ();
+extern bool_t xdr_kdbe_princ_t ();
+extern bool_t xdr_kdbe_tl_t ();
+extern bool_t xdr_kdbe_pw_hist_t ();
+extern bool_t xdr_kdbe_attr_type_t ();
+extern bool_t xdr_kdbe_val_t ();
+extern bool_t xdr_kdbe_t ();
+extern bool_t xdr_kdb_incr_update_t ();
+extern bool_t xdr_kdb_ulog_t ();
+extern bool_t xdr_update_status_t ();
+extern bool_t xdr_kdb_last_t ();
+extern bool_t xdr_kdb_incr_result_t ();
+extern bool_t xdr_kdb_fullresync_result_t ();
+
+#endif /* K&R C */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* !_IPROP_H_RPCGEN */
diff --git a/src/include/iprop_hdr.h b/src/include/iprop_hdr.h
new file mode 100644
index 0000000000..d629542bbb
--- /dev/null
+++ b/src/include/iprop_hdr.h
@@ -0,0 +1,42 @@
+/*
+ * Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
+ * Use is subject to license terms.
+ */
+
+
+#ifndef	_IPROP_HDR_H
+#define	_IPROP_HDR_H
+
+/* #pragma ident	"@(#)iprop_hdr.h	1.1	04/02/20 SMI" */
+
+#ifdef	__cplusplus
+extern "C" {
+#endif
+
+/*
+ * This file has some defines common to the iprop client and
+ * server routines.
+ */
+
+/*
+ * Maximum size for each ulog entry is 2KB and maximum
+ * possible attribute-value pairs for each ulog entry is 20
+ */
+#define	MAXENTRY_SIZE	2048
+#define	MAXATTRS_SIZE	20
+
+#define	KIPROP_SVC_NAME	"kiprop"
+#define	MAX_BACKOFF	300	/* Backoff for a maximum for 5 mts */
+
+enum iprop_role {
+	IPROP_NULL = 0,
+	IPROP_MASTER = 1,
+	IPROP_SLAVE = 2
+};
+typedef enum iprop_role iprop_role;
+
+#ifdef	__cplusplus
+}
+#endif
+
+#endif /* !_IPROP_HDR_H */
diff --git a/src/include/k5-int.h b/src/include/k5-int.h
index 5e1fd113a3..3763399d97 100644
--- a/src/include/k5-int.h
+++ b/src/include/k5-int.h
@@ -1127,6 +1127,7 @@ void KRB5_CALLCONV krb5_free_pa_enc_ts
 
 struct _kdb5_dal_handle;	/* private, in kdb5.h */
 typedef struct _kdb5_dal_handle kdb5_dal_handle;
+struct _kdb_log_context;
 struct _krb5_context {
 	krb5_magic	magic;
 	krb5_enctype	*in_tkt_ktypes;
@@ -1172,6 +1173,9 @@ struct _krb5_context {
 
     /* error detail info */
     struct errinfo err;
+
+    /* For Sun iprop code; does this really have to be here?  */
+    struct _kdb_log_context *kdblog_context;
 };
 
 /* could be used in a table to find an etype and initialize a block */
diff --git a/src/include/k5-platform.h b/src/include/k5-platform.h
index c9bcb8a52c..2a4463a204 100644
--- a/src/include/k5-platform.h
+++ b/src/include/k5-platform.h
@@ -1,7 +1,7 @@
 /*
  * k5-platform.h
  *
- * Copyright 2003, 2004, 2005, 2007 Massachusetts Institute of Technology.
+ * Copyright 2003, 2004, 2005, 2007, 2008 Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
  * Export of this software from the United States of America may
@@ -980,6 +980,9 @@ extern int krb5int_mkstemp(char *);
 #define mkstemp krb5int_mkstemp
 #endif
 
-
+/* Fudge for future adoption of gettext or the like.  */
+#ifndef _
+#define _(X) (X)
+#endif
 
 #endif /* K5_PLATFORM_H */
diff --git a/src/include/kdb_log.h b/src/include/kdb_log.h
new file mode 100644
index 0000000000..804b7328a5
--- /dev/null
+++ b/src/include/kdb_log.h
@@ -0,0 +1,124 @@
+/*
+ * Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
+ * Use is subject to license terms.
+ */
+
+#ifndef	_KDB_LOG_H
+#define	_KDB_LOG_H
+
+/* #pragma ident	"@(#)kdb_log.h	1.3	04/02/23 SMI" */
+
+#include <iprop_hdr.h>
+#include <iprop.h>
+#include <limits.h>
+#include "kdb.h"
+
+#ifdef	__cplusplus
+extern "C" {
+#endif
+
+/*
+ * DB macros
+ */
+#define	INDEX(ulogaddr, i) ((unsigned long) ulogaddr + sizeof (kdb_hlog_t) + \
+	(i*ulog->kdb_block))
+
+/*
+ * Current DB version #
+ */
+#define	KDB_VERSION	1
+
+/*
+ * DB log states
+ */
+#define	KDB_STABLE	1
+#define	KDB_UNSTABLE	2
+#define	KDB_CORRUPT	3
+
+/*
+ * DB log constants
+ */
+#define	KDB_ULOG_MAGIC		0x6661212
+#define	KDB_ULOG_HDR_MAGIC	0x6662323
+
+/*
+ * DB Flags
+ */
+#define	FKADMIND	1
+#define	FKPROPLOG	2
+#define	FKPROPD		3
+#define	FKCOMMAND	4	/* Includes kadmin.local and kdb5_util */
+
+/*
+ * Default ulog file attributes
+ */
+#define	MAX_ULOGENTRIES	2500
+#define	DEF_ULOGENTRIES	1000
+#define	ULOG_IDLE_TIME	10		/* in seconds */
+/*
+ * Max size of update entry + update header
+ * We make this large since resizing can be costly.
+ */
+#define	ULOG_BLOCK	2048		/* Default size of principal record */
+
+#define	MAXLOGLEN	0x10000000	/* 256 MB log file */
+
+/*
+ * Prototype declarations
+ */
+extern krb5_error_code ulog_map(krb5_context context,
+				const char *logname, uint32_t entries,
+				int caller,
+				char **db_args);
+extern krb5_error_code ulog_add_update(krb5_context context,
+	kdb_incr_update_t *upd);
+extern krb5_error_code ulog_delete_update(krb5_context context,
+	kdb_incr_update_t *upd);
+extern krb5_error_code ulog_finish_update(krb5_context context,
+	kdb_incr_update_t *upd);
+extern krb5_error_code ulog_get_entries(krb5_context context, kdb_last_t last,
+	kdb_incr_result_t *ulog_handle);
+extern krb5_error_code ulog_replay(krb5_context context,
+				   kdb_incr_result_t *incr_ret, char **db_args);
+extern krb5_error_code ulog_conv_2logentry(krb5_context context,
+	krb5_db_entry *entries, kdb_incr_update_t *updates, int nentries);
+extern krb5_error_code ulog_conv_2dbentry(krb5_context context,
+	krb5_db_entry *entries, kdb_incr_update_t *updates, int nentries);
+extern void ulog_free_entries(kdb_incr_update_t *updates, int no_of_updates);
+extern krb5_error_code ulog_set_role(krb5_context ctx, iprop_role role);
+
+extern krb5_error_code ulog_lock(krb5_context ctx, int mode);
+
+typedef struct kdb_hlog {
+	uint32_t	kdb_hmagic;	/* Log header magic # */
+	uint16_t	db_version_num;	/* Kerberos database version no. */
+	uint32_t	kdb_num;	/* # of updates in log */
+	kdbe_time_t	kdb_first_time;	/* Timestamp of first update */
+	kdbe_time_t	kdb_last_time;	/* Timestamp of last update */
+	kdb_sno_t	kdb_first_sno;	/* First serial # in the update log */
+	kdb_sno_t	kdb_last_sno;	/* Last serial # in the update log */
+	uint16_t	kdb_state;	/* State of update log */
+	uint16_t	kdb_block;	/* Block size of each element */
+} kdb_hlog_t;
+
+typedef struct kdb_ent_header {
+	uint32_t	kdb_umagic;	/* Update entry magic # */
+	kdb_sno_t	kdb_entry_sno;	/* Serial # of entry */
+	kdbe_time_t	kdb_time;	/* Timestamp of update */
+	bool_t		kdb_commit;	/* Is the entry committed or not */
+	uint32_t	kdb_entry_size;	/* Size of update entry */
+	uint8_t		entry_data[4];	/* Address of kdb_incr_update_t */
+} kdb_ent_header_t;
+
+typedef struct _kdb_log_context {
+	iprop_role	iproprole;
+	kdb_hlog_t	*ulog;
+	uint32_t	ulogentries;
+	int		ulogfd;
+} kdb_log_context;
+
+#ifdef	__cplusplus
+}
+#endif
+
+#endif	/* !_KDB_LOG_H */
diff --git a/src/include/osconf.hin b/src/include/osconf.hin
index 48bf8b1f97..11e721b371 100644
--- a/src/include/osconf.hin
+++ b/src/include/osconf.hin
@@ -1,7 +1,7 @@
 /* -*- c -*-
  * include/krb5/stock/osconf.h
  *
- * Copyright 1990,1991 by the Massachusetts Institute of Technology.
+ * Copyright 1990,1991,2008 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
  * Export of this software from the United States of America may
@@ -133,6 +133,7 @@
 #define KPROPD_DEFAULT_FILE "@LOCALSTATEDIR/krb5kdc/from_master"
 #define KPROPD_DEFAULT_KDB5_UTIL "@SBINDIR/kdb5_util"
 #define KPROPD_DEFAULT_KDB5_EDIT "@SBINDIR/kdb5_edit"
+#define KPROPD_DEFAULT_KPROP "@SBINDIR/kprop"
 #define KPROPD_DEFAULT_KRB_DB DEFAULT_KDB_FILE
 #define KPROPD_ACL_FILE "@LOCALSTATEDIR/krb5kdc/kpropd.acl"