#ifndef __AuthDBFileDefs__
#define __AuthDBFileDefs__
#define kNominalLockInterval 250 // 1/4 second
#define kOneSecondLockInterval 1000 // 1 second
#define kLongerLockInterval 15000 // 15 seconds
#define kKerberosRecordScaleLimit 128
#define kFixedDESChunk 8
#define kMaxWriteSuspendTime 2 // seconds
#define kPWUserIDSize (4 * sizeof(uint32_t))
#define kPWMoreDataPrefix "+MORE "
#define AUTHFILE_ID_STRING "SSH PRIVATE KEY FILE FORMAT 1.1\n"
#define PWRecIsZero(A) (((A).time == 0) && ((A).rnd == 0) && ((A).sequenceNumber == 0) && ((A).slot == 0))
enum {
kAuthOK = 0,
kAuthFail = -1,
kAuthUserDisabled = -2,
kAuthNeedAdminPrivs = -3,
kAuthUserNotSet = -4,
kAuthUserNotAuthenticated = -5,
kAuthPasswordExpired = -6,
kAuthPasswordNeedsChange = -7,
kAuthPasswordNotChangeable = -8,
kAuthPasswordTooShort = -9,
kAuthPasswordTooLong = -10,
kAuthPasswordNeedsAlpha = -11,
kAuthPasswordNeedsDecimal = -12,
kAuthMethodTooWeak = -13,
kAuthPasswordNeedsMixedCase = -14,
kAuthPasswordHasGuessablePattern = -15,
kAuthPasswordCannotBeUsername = -16,
kAuthPasswordNeedsSymbol = -17
};
typedef enum SyncStatus {
kSyncStatusNoErr = 0,
kSyncStatusFail = -1,
kSyncStatusIncompatibleDatabases = -2,
kSyncStatusServerDatabaseBusy = -3,
kSyncStatusKerberosLocked = -4
} SyncStatus;
typedef enum OverflowAction {
kOverflowActionRequireNewPassword,
kOverflowActionDoNotRequireNewPassword,
kOverflowActionGetFromName,
kOverflowActionGetFromPrincipal,
kOverflowActionDumpRecords,
kOverflowActionPurgeDeadSlots,
kOverflowActionKerberizeOrNewPassword
} OverflowAction;
typedef enum ReplicationRecordType {
kDBTypeLastSyncTime,
kDBTypeHeader,
kDBTypeSlot,
kDBTypeKerberosPrincipal
} ReplicationRecordType;
typedef enum SyncPriority {
kSyncPriorityNormal,
kSyncPriorityDirty,
kSyncPriorityForce
} SyncPriority;
#endif