From f800e51b28c1fd8c1cf44906cb2984f68e5a6446 Mon Sep 17 00:00:00 2001
From: Greg Hudson <ghudson@mit.edu>
Date: Thu, 15 Jul 2010 03:12:57 +0000
Subject: Add refresh_config to the DAL with a corresponding libkdb5 API,
 replacing the REFRESH_POLICY method of db_invoke.

ticket: 6749
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24187 dc483132-0cff-0310-8789-dd5450dbe970
---
 src/include/kdb.h | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

(limited to 'src/include/kdb.h')

diff --git a/src/include/kdb.h b/src/include/kdb.h
index 977867b496..b09c4a3c3d 100644
--- a/src/include/kdb.h
+++ b/src/include/kdb.h
@@ -323,7 +323,6 @@ extern char *krb5_mkey_pwd_prompt2;
 #define KRB5_DB_LOCKMODE_PERMANENT    0x0008
 
 /* db_invoke methods */
-#define KRB5_KDB_METHOD_REFRESH_POLICY                  0x00000070
 #define KRB5_KDB_METHOD_CHECK_ALLOWED_TO_DELEGATE       0x00000080
 
 typedef struct _kdb_check_allowed_to_delegate_req {
@@ -619,6 +618,8 @@ void krb5_db_audit_as_req(krb5_context kcontext, krb5_kdc_req *request,
                           krb5_db_entry *client, krb5_db_entry *server,
                           krb5_timestamp authtime, krb5_error_code error_code);
 
+void krb5_db_refresh_config(krb5_context kcontext);
+
 krb5_error_code krb5_db_invoke ( krb5_context kcontext,
                                  unsigned int method,
                                  const krb5_data *req,
@@ -755,7 +756,7 @@ krb5_dbe_free_tl_data(krb5_context, krb5_tl_data *);
  * DAL.  It is passed to init_library to allow KDB modules to detect when
  * they are being loaded by an incompatible version of the KDC.
  */
-#define KRB5_KDB_DAL_VERSION 20100713
+#define KRB5_KDB_DAL_VERSION 20100714
 
 /*
  * A krb5_context can hold one database object.  Modules should use
@@ -1276,15 +1277,17 @@ typedef struct _kdb_vftabl {
 
     /* Note: there is currently no method for auditing TGS requests. */
 
+    /*
+     * Optional: This method informs the module of a request to reload
+     * configuration or other state (that is, the KDC received a SIGHUP).
+     */
+    void (*refresh_config)(krb5_context kcontext);
+
     /*
      * Optional: Perform an operation on input data req with output stored in
      * rep.  Return KRB5_PLUGIN_OP_NOTSUPP if the module does not implement the
      * method.  Defined methods are:
      *
-     * KRB5_KDB_METHOD_REFRESH_POLICY: req and rep are NULL.  Informs the
-     *     module that the KDC received a request to reload configuration
-     *     (that is, a SIGHUP).
-     *
      * KRB5_KDB_METHOD_CHECK_ALLOWED_TO_DELEGATE: req contains a
      *     kdb_check_allowed_to_delegate_req structure.  Perform a policy check
      *     on server being allowed to obtain tickets from client to proxy.
-- 
cgit