usr/src/lib/krb5/plugins/kdb/db2/db2_exp.c

   1 /*
   2  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
   3  * Use is subject to license terms.
   4  */
   5
   6
   7 /*
   8  * Copyright 2006 by the Massachusetts Institute of Technology.
   9  * All Rights Reserved.
  10  *
  11  * Export of this software from the United States of America may
  12  *   require a specific license from the United States Government.
  13  *   It is the responsibility of any person or organization contemplating
  14  *   export to obtain such a license before exporting.
  15  *
  16  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
  17  * distribute this software and its documentation for any purpose and
  18  * without fee is hereby granted, provided that the above copyright
  19  * notice appear in all copies and that both that copyright notice and
  20  * this permission notice appear in supporting documentation, and that
  21  * the name of M.I.T. not be used in advertising or publicity pertaining
  22  * to distribution of the software without specific, written prior
  23  * permission.  Furthermore if you modify this software you must label
  24  * your software as modified software and not distribute it in such a
  25  * fashion that it might be confused with the original M.I.T. software.
  26  * M.I.T. makes no representations about the suitability of
  27  * this software for any purpose.  It is provided "as is" without express
  28  * or implied warranty.
  29  */
  30
  31 /**********************************************************************
  32 *
  33 *       C %name:                db2_exp.c %
  34 *       Instance:               idc_sec_2
  35 *       Description:
  36 *       %created_by:    spradeep %
  37 *       %date_created:  Tue Apr  5 11:44:00 2005 %
  38 *
  39 **********************************************************************/
  40 static char *_csrc = "@(#) %filespec: db2_exp.c~5 %  (%full_filespec: db2_exp.c~5:csrc:idc_sec#2 %)";
  41
  42 #include "k5-int.h"
  43
  44 #if HAVE_UNISTD_H
  45 #include <unistd.h>
  46 #endif
  47
  48 #include <db.h>
  49 #include <stdio.h>
  50 #include <errno.h>
  51 #include <utime.h>
  52 #include <kdb/kdb5.h>
  53 #include "kdb_db2.h"
  54 #include "kdb_xdr.h"
  55 #include "policy_db.h"
  56
  57 /* Quick and dirty wrapper functions to provide for thread safety
  58    within the plugin, instead of making the kdb5 library do it.  Eventually
  59    these should be integrated into the real functions.
  60
  61    Some of the functions wrapped here are also called directly from
  62    within this library (e.g., create calls open), so simply dropping
  63    locking code into the top and bottom of each referenced function
  64    won't do.  (We aren't doing recursive locks, currently.)  */
  65
  66 static k5_mutex_t *krb5_db2_mutex;
  67
  68 #define WRAP(NAME,TYPE,ARGLIST,ARGNAMES,ERROR_RESULT)   \
  69         static TYPE wrap_##NAME ARGLIST                 \
  70         {                                               \
  71             TYPE result;                                \
  72             int code = k5_mutex_lock (krb5_db2_mutex);  \
  73             if (code) { return ERROR_RESULT; }          \
  74             result = NAME ARGNAMES;                     \
  75             k5_mutex_unlock (krb5_db2_mutex);           \
  76             return result;                              \
  77         }                                               \
  78         /* hack: decl to allow a following ";" */       \
  79         static TYPE wrap_##NAME ()
  80
  81 /* Two special cases: void (can't assign result), and krb5_error_code
  82    (return error from locking code).  */
  83
  84 #define WRAP_VOID(NAME,ARGLIST,ARGNAMES)                \
  85         static void wrap_##NAME ARGLIST                 \
  86         {                                               \
  87             int code = k5_mutex_lock (krb5_db2_mutex);  \
  88             if (code) { return; }                       \
  89             NAME ARGNAMES;                              \
  90             k5_mutex_unlock (krb5_db2_mutex);           \
  91         }                                               \
  92         /* hack: decl to allow a following ";" */       \
  93         static void wrap_##NAME ()
  94
  95 #define WRAP_K(NAME,ARGLIST,ARGNAMES)                   \
  96         WRAP(NAME,krb5_error_code,ARGLIST,ARGNAMES,code)
  97
  98 WRAP_K (krb5_db2_open,
  99         ( krb5_context kcontext,
 100           char *conf_section,
 101           char **db_args,
 102           int mode ),
 103         (kcontext, conf_section, db_args, mode));
 104 WRAP_K (krb5_db2_db_fini, (krb5_context ctx), (ctx));
 105 WRAP_K (krb5_db2_create,
 106         ( krb5_context kcontext, char *conf_section, char **db_args ),
 107         (kcontext, conf_section, db_args));
 108 WRAP_K (krb5_db2_destroy,
 109         ( krb5_context kcontext, char *conf_section, char **db_args ),
 110         (kcontext, conf_section, db_args));
 111 WRAP_K (krb5_db2_db_get_age,
 112         (krb5_context ctx,
 113                    char *s,
 114          time_t *t),
 115         (ctx, s, t));
 116 WRAP_K (krb5_db2_db_set_option,
 117         ( krb5_context kcontext,
 118           int option,
 119           void *value ),
 120         (kcontext, option, value));
 121
 122 WRAP_K (krb5_db2_db_lock,
 123         ( krb5_context    context,
 124           int             in_mode),
 125         (context, in_mode));
 126 WRAP_K (krb5_db2_db_unlock, (krb5_context ctx), (ctx));
 127
 128 WRAP_K (krb5_db2_db_get_principal,
 129         (krb5_context ctx,
 130                    krb5_const_principal p,
 131                    krb5_db_entry *d,
 132                    int * i,
 133          krb5_boolean *b),
 134         (ctx, p, d, i, b));
 135 WRAP_K (krb5_db2_db_free_principal,
 136         (krb5_context ctx,
 137                    krb5_db_entry *d,
 138          int i),
 139         (ctx, d, i));
 140 WRAP_K (krb5_db2_db_put_principal,
 141         (krb5_context ctx,
 142          krb5_db_entry *d,
 143          int *i,
 144          char **db_args),
 145         (ctx, d, i, db_args));
 146 WRAP_K (krb5_db2_db_delete_principal,
 147         (krb5_context context,
 148          krb5_const_principal searchfor,
 149          int *nentries),
 150         (context, searchfor, nentries));
 151
 152 /* Solaris Kerberos: adding support for db_args */
 153 WRAP_K (krb5_db2_db_iterate,
 154         (krb5_context ctx, char *s,
 155          krb5_error_code (*f) (krb5_pointer,
 156                               krb5_db_entry *),
 157          krb5_pointer p,
 158          char **db_args),
 159         (ctx, s, f, p, db_args));
 160
 161 WRAP_K (krb5_db2_create_policy,
 162         (krb5_context context, osa_policy_ent_t entry),
 163         (context, entry));
 164 WRAP_K (krb5_db2_get_policy,
 165         ( krb5_context kcontext,
 166           char *name,
 167           osa_policy_ent_t *policy,
 168           int *cnt),
 169         (kcontext, name, policy, cnt));
 170 WRAP_K (krb5_db2_put_policy,
 171         ( krb5_context kcontext, osa_policy_ent_t policy ),
 172         (kcontext, policy));
 173 WRAP_K (krb5_db2_iter_policy,
 174         ( krb5_context kcontext,
 175           char *match_entry,
 176           osa_adb_iter_policy_func func,
 177           void *data ),
 178         (kcontext, match_entry, func, data));
 179 WRAP_K (krb5_db2_delete_policy,
 180         ( krb5_context kcontext, char *policy ),
 181         (kcontext, policy));
 182 WRAP_VOID (krb5_db2_free_policy,
 183            ( krb5_context kcontext, osa_policy_ent_t entry ),
 184            (kcontext, entry));
 185
 186 WRAP (krb5_db2_alloc, void *,
 187       ( krb5_context kcontext,
 188         void *ptr,
 189         size_t size ),
 190       (kcontext, ptr, size), NULL);
 191 WRAP_VOID (krb5_db2_free,
 192            ( krb5_context kcontext, void *ptr ),
 193            (kcontext, ptr));
 194
 195 WRAP_K (krb5_db2_set_master_key_ext,
 196         ( krb5_context kcontext, char *pwd, krb5_keyblock *key),
 197         (kcontext, pwd, key));
 198 WRAP_K (krb5_db2_db_get_mkey,
 199         ( krb5_context context, krb5_keyblock **key),
 200         (context, key));
 201 WRAP_K (krb5_db2_promote_db,
 202         ( krb5_context kcontext, char *conf_section, char **db_args ),
 203         (kcontext, conf_section, db_args));
 204
 205 static krb5_error_code
 206 hack_init ()
 207 {
 208     krb5_error_code c;
 209     c = krb5int_mutex_alloc (&krb5_db2_mutex);
 210     if (c)
 211         return c;
 212     return krb5_db2_lib_init ();
 213 }
 214
 215 static krb5_error_code
 216 hack_cleanup (void)
 217 {
 218     krb5int_mutex_free (krb5_db2_mutex);
 219     krb5_db2_mutex = NULL;
 220     return krb5_db2_lib_cleanup();
 221 }
 222
 223
 224 /*
 225  *      Exposed API
 226  */
 227
 228 kdb_vftabl kdb_function_table = {
 229   /* major version number 1 */                 1,
 230   /* minor version number 0 */                 0,
 231   /* Solaris Kerberos: iprop support */
 232   /* iprop_supported, yes for db2 */           1,
 233   /* init_library */                           hack_init,
 234   /* fini_library */                           hack_cleanup,
 235   /* init_module */                            wrap_krb5_db2_open,
 236   /* fini_module */                            wrap_krb5_db2_db_fini,
 237   /* db_create */                              wrap_krb5_db2_create,
 238   /* db_destroy */                             wrap_krb5_db2_destroy,
 239   /* db_get_age */                             wrap_krb5_db2_db_get_age,
 240   /* db_set_option */                          wrap_krb5_db2_db_set_option,
 241   /* db_lock */                                wrap_krb5_db2_db_lock,
 242   /* db_unlock */                              wrap_krb5_db2_db_unlock,
 243   /* db_get_principal */                       wrap_krb5_db2_db_get_principal,
 244   /* Solaris Kerberos: need a nolock for iprop */
 245   /* db_get_principal_nolock */                krb5_db2_db_get_principal,
 246   /* db_free_principal */                      wrap_krb5_db2_db_free_principal,
 247   /* db_put_principal */                       wrap_krb5_db2_db_put_principal,
 248   /* db_delete_principal */                    wrap_krb5_db2_db_delete_principal,
 249   /* db_iterate */                             wrap_krb5_db2_db_iterate,
 250   /* db_create_policy */                       wrap_krb5_db2_create_policy,
 251   /* db_get_policy */                          wrap_krb5_db2_get_policy,
 252   /* db_put_policy */                          wrap_krb5_db2_put_policy,
 253   /* db_iter_policy */                         wrap_krb5_db2_iter_policy,
 254   /* db_delete_policy */                       wrap_krb5_db2_delete_policy,
 255   /* db_free_policy */                         wrap_krb5_db2_free_policy,
 256   /* db_supported_realms */                    NULL,
 257   /* db_free_supported_realms */               NULL,
 258   /* errcode_2_string */                       krb5_db2_errcode_2_string,
 259   /* release_errcode_string */                 krb5_db2_release_errcode_string,
 260   /* db_alloc */                               wrap_krb5_db2_alloc,
 261   /* db_free */                                wrap_krb5_db2_free,
 262   /* set_master_key */                         wrap_krb5_db2_set_master_key_ext,
 263   /* get_master_key */                         wrap_krb5_db2_db_get_mkey,
 264   /* blah blah blah */ 0,0,0,0,0,0,
 265   /* promote_db */                             wrap_krb5_db2_promote_db,
 266 };