PasswordServerPrefsDefs.h   [plain text]

/*
 * Copyright (c) 2003 Apple Computer, Inc. All rights reserved.
 *
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */

#ifndef __PasswordServerPrefsDefs__
#define __PasswordServerPrefsDefs__

#ifdef __cplusplus
extern "C" {
#endif 

#include <stdbool.h>
#include <time.h>
#include <sasl/sasl.h>

#define kPWPrefsVersion				3

#define kPWExternalToolPath			"/usr/sbin/authserver/tools"
#define kPWPrefsFile				"/Library/Preferences/com.apple.passwordserver.plist"
#define kMaxListenerPorts			10
#define kMaxSASLPlugins				30
#define kKerberosCacheScaleLimit	95000	// the number of principals that can be stored in memory for replication

#define kPWPrefsKey_PassiveReplicationOnly		"PassiveReplicationOnly"
#define kPWPrefsKey_ProvideReplicationOnly		"ProvideReplicationOnly"
#define kPWPrefsKey_BadTrialDelay				"BadTrialDelay"
#define kPWPrefsKey_TimeSkewMaxSeconds			"TimeSkewMaxSeconds"
#define kPWPrefsKey_SyncInterval				"SyncInterval"
#define kPWPrefsKey_ListenerPorts				"ListenerPorts"

#define kPWPrefsKey_ListenerInterfaces			"ListenerInterfaces"
#define kPWPrefsValue_ListenerEnet				"Ethernet"
#define kPWPrefsValue_ListenerLocal				"Local"
#define kPWPrefsValue_ListenerUDSocket			"UNIX Domain Socket"

#define kPWPrefsKey_TestSpillBucket				"TestSpillBucket"
#define kPWPrefsKey_SASLRealm					"SASLRealm"
#define kPWPrefsKey_ExternalTool				"ExternalCommand"
#define kPWPrefsValue_ExternalToolNone			"Disabled"
#define kPWPrefsKey_KerberosCacheLimit			"KerberosCacheLimit"
#define kPWPrefsKey_SyncSASLPluginList			"SyncSASLPlugInList"
#define kPWPrefsKey_SASLPluginList				"SASLPluginStates"
#define kPWPrefsKey_DeleteWaitInMinutes			"DeleteWaitInMinutes"
#define kPWPrefsKey_PurgeInMinutes				"PurgeInMinutes"
#define kPWPrefsKey_PrefsVersion				"Preference File Version"

#define kPWPrefsKey_DebugLogOptions				"Debug Log Options"
#define kPWPrefsValue_LogChangeList				"Change List"
#define kPWPrefsValue_LogQuit					"Quit Command"

typedef enum ListenerTypes {
	kPWPrefsNoListeners			= 0x00,
	kPWPrefsEnet				= 0x01,
	kPWPrefsLocal				= 0x02,
	kPWPrefsUnixDomainSocket	= 0x04,
	
	// combinations
	kPWPrefsEnetAndLocal		= 0x03,
	kPWPrefsEnetAndUDS			= 0x05,
	kPWPrefsLocalAndUDS			= 0x06,
	kPWPrefsAll					= 0x07
} ListenerTypes;

typedef enum SASLPluginStatus {
	kSASLPluginStateUnlisted,
	kSASLPluginStateAllowed,
	kSASLPluginStateDisabled
} SASLPluginStatus;

typedef struct SASLPluginEntry {
	char name[SASL_MECHNAMEMAX + 1];
	SASLPluginStatus state;
} SASLPluginEntry;

typedef struct PWSDebugLogOptions {
	bool changeList;
	bool quit;
} PWSDebugLogOptions;

typedef struct PasswordServerPrefs {
	bool passiveReplicationOnly;							// server waits for another server to sync with it
	bool provideReplicationOnly;							// server provides sync data, but trusts no one
	unsigned long badTrialDelay;							// for a failed login attempt, sleep the session this long
	unsigned long timeSkewMaxSeconds;						// maximum time clock difference between two replicas
	unsigned long syncInterval;
	unsigned short listenerPort[kMaxListenerPorts + 1];
	ListenerTypes listenerTypeFlags;
	bool externalToolSet;
	char externalToolPath[256];
	bool testSpillBucket;
	bool realmSet;
	char realm[256];
	unsigned long kerberosCacheLimit;
	bool syncSASLPluginList;	
	time_t deleteWait;
	time_t purgeWait;
	SASLPluginEntry saslPluginState[kMaxSASLPlugins + 1];
	int prefsVersion;
	PWSDebugLogOptions logOptions;
} PasswordServerPrefs;

bool pwsf_SetSASLPluginState( const char *inMechName, bool enable );

#ifdef __cplusplus
};
#endif

#endif