summaryrefslogtreecommitdiffstats
path: root/src/include
diff options
context:
space:
mode:
authorGreg Hudson <ghudson@mit.edu>2009-10-25 16:55:12 +0000
committerGreg Hudson <ghudson@mit.edu>2009-10-25 16:55:12 +0000
commit8d31a9d396f5bea88def4db395ad12dca2ac2e9f (patch)
tree244f8f5b525432a2a2a280403f38d7b2fbdc0dfd /src/include
parentb82e46df9b6cbf663512985a99c6d79f2b0cb796 (diff)
downloadkrb5-8d31a9d396f5bea88def4db395ad12dca2ac2e9f.tar.gz
krb5-8d31a9d396f5bea88def4db395ad12dca2ac2e9f.tar.xz
krb5-8d31a9d396f5bea88def4db395ad12dca2ac2e9f.zip
Account lockout
Merge Luke's users/lhoward/lockout2 branch to trunk. Implements account lockout policies for preauth-using principals using existing principal metadata fields and new policy fields. The kadmin API version is bumped from 2 to 3 to compatibly extend the policy_ent_rec structure. ticket: 6577 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23038 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/include')
-rw-r--r--src/include/iprop.h6
-rw-r--r--src/include/iprop_hdr.h7
-rw-r--r--src/include/kdb.h12
3 files changed, 19 insertions, 6 deletions
diff --git a/src/include/iprop.h b/src/include/iprop.h
index 208f4dce0a..9cfbb30936 100644
--- a/src/include/iprop.h
+++ b/src/include/iprop.h
@@ -205,6 +205,9 @@ extern kdb_incr_result_t * iprop_get_updates_1_svc(kdb_last_t *, struct svc_req
#define IPROP_FULL_RESYNC 2
extern kdb_fullresync_result_t * iprop_full_resync_1(void *, CLIENT *);
extern kdb_fullresync_result_t * iprop_full_resync_1_svc(void *, struct svc_req *);
+#define IPROP_FULL_RESYNC_EXT 3
+extern kdb_fullresync_result_t * iprop_full_resync_ext_1(uint32_t *, CLIENT *);
+extern kdb_fullresync_result_t * iprop_full_resync_ext_1_svc(uint32_t *, struct svc_req *);
extern int krb5_iprop_prog_1_freeresult (SVCXPRT *, xdrproc_t, caddr_t);
#else /* K&R C */
@@ -217,6 +220,9 @@ extern kdb_incr_result_t * iprop_get_updates_1_svc();
#define IPROP_FULL_RESYNC 2
extern kdb_fullresync_result_t * iprop_full_resync_1();
extern kdb_fullresync_result_t * iprop_full_resync_1_svc();
+#define IPROP_FULL_RESYNC_EXT 3
+extern kdb_fullresync_result_t * iprop_full_resync_ext_1(uint32_t *, CLIENT *);
+extern kdb_fullresync_result_t * iprop_full_resync_ext_1_svc(uint32_t *, struct svc_req *);
extern int krb5_iprop_prog_1_freeresult ();
#endif /* K&R C */
diff --git a/src/include/iprop_hdr.h b/src/include/iprop_hdr.h
index d629542bbb..cd6d3b440b 100644
--- a/src/include/iprop_hdr.h
+++ b/src/include/iprop_hdr.h
@@ -35,6 +35,13 @@ enum iprop_role {
};
typedef enum iprop_role iprop_role;
+/*
+ * Full resync dump versioning
+ */
+#define IPROPX_VERSION_0 0
+#define IPROPX_VERSION_1 1
+#define IPROPX_VERSION IPROPX_VERSION_1
+
#ifdef __cplusplus
}
#endif
diff --git a/src/include/kdb.h b/src/include/kdb.h
index 8c0cd247a2..d74e3e3235 100644
--- a/src/include/kdb.h
+++ b/src/include/kdb.h
@@ -169,6 +169,10 @@ typedef struct _osa_policy_ent_t {
krb5_ui_4 pw_min_classes;
krb5_ui_4 pw_history_num;
krb5_ui_4 policy_refcnt;
+ /* Only valid if version > 1 */
+ krb5_ui_4 pw_max_fail; /* pwdMaxFailure */
+ krb5_ui_4 pw_failcnt_interval; /* pwdFailureCountInterval */
+ krb5_ui_4 pw_lockout_duration; /* pwdLockoutDuration */
} osa_policy_ent_rec, *osa_policy_ent_t;
typedef void (*osa_adb_iter_policy_func) (void *, osa_policy_ent_t);
@@ -180,7 +184,7 @@ typedef struct __krb5_key_salt_tuple {
#define KRB5_KDB_MAGIC_NUMBER 0xdbdbdbdb
#define KRB5_KDB_V1_BASE_LENGTH 38
-
+
#define KRB5_TL_LAST_PWD_CHANGE 0x0001
#define KRB5_TL_MOD_PRINC 0x0002
#define KRB5_TL_KADM_DATA 0x0003
@@ -479,11 +483,6 @@ krb5_dbe_update_mod_princ_data( krb5_context context,
krb5_timestamp mod_date,
krb5_const_principal mod_princ);
-krb5_error_code
-krb5_dbe_update_last_pwd_change( krb5_context context,
- krb5_db_entry * entry,
- krb5_timestamp stamp);
-
void *krb5_db_alloc( krb5_context kcontext,
void *ptr,
size_t size );
@@ -913,6 +912,7 @@ typedef struct _kdb_vftabl {
const krb5_data *req,
krb5_data *rep );
} kdb_vftabl;
+
#endif /* !defined(_WIN32) */
#endif /* KRB5_KDB5__ */
generated by cgit (git 2.34.1) at 2024-09-24 00:10:04 +0000