/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/* lib/krb5/os/os-proto.h */
/*
 * Copyright 1990,1991,2009 by the Massachusetts Institute of Technology.
 * All Rights Reserved.
 *
 * Export of this software from the United States of America may
 *   require a specific license from the United States Government.
 *   It is the responsibility of any person or organization contemplating
 *   export to obtain such a license before exporting.
 *
 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
 * distribute this software and its documentation for any purpose and
 * without fee is hereby granted, provided that the above copyright
 * notice appear in all copies and that both that copyright notice and
 * this permission notice appear in supporting documentation, and that
 * the name of M.I.T. not be used in advertising or publicity pertaining
 * to distribution of the software without specific, written prior
 * permission.  Furthermore if you modify this software you must label
 * your software as modified software and not distribute it in such a
 * fashion that it might be confused with the original M.I.T. software.
 * M.I.T. makes no representations about the suitability of
 * this software for any purpose.  It is provided "as is" without express
 * or implied warranty.
 */

/*
 *
 * LIBOS internal function prototypes.
 */

#ifndef KRB5_LIBOS_INT_PROTO__
#define KRB5_LIBOS_INT_PROTO__

#ifdef HAVE_SYS_TIME_H
#include <sys/time.h>
#endif

#include <krb5/locate_plugin.h>

typedef enum {
    TCP_OR_UDP = 0,
    TCP,
    UDP,
    HTTPS,
    UNIXSOCK,
} k5_transport;

typedef enum {
    UDP_FIRST = 0,
    UDP_LAST,
    NO_UDP,
    ONLY_UDP
} k5_transport_strategy;

/* A single server hostname or address. */
struct server_entry {
    char *hostname;             /* NULL -> use addrlen/addr instead */
    int port;                   /* Used only if hostname set */
    k5_transport transport;     /* May be 0 for UDP/TCP if hostname set */
    char *uri_path;             /* Used only if transport is HTTPS */
    int family;                 /* May be 0 (aka AF_UNSPEC) if hostname set */
    int primary;                /* True, false, or -1 for unknown. */
    size_t addrlen;
    struct sockaddr_storage addr;
};

/* A list of server hostnames/addresses. */
struct serverlist {
    struct server_entry *servers;
    size_t nservers;
};
#define SERVERLIST_INIT { NULL, 0 }

struct kdclist;

struct remote_address {
    k5_transport transport;
    int family;
    socklen_t len;
    struct sockaddr_storage saddr;
};

struct sendto_callback_info {
    int (*pfn_callback)(SOCKET fd, void *data, krb5_data *message);
    void (*pfn_cleanup)(void *data, krb5_data *message);
    void *data;
};

/*
 * Initialize with all zeros except for princ.  Set no_hostrealm to disable
 * host-to-realm lookup, which ordinarily happens during fallback processing
 * after canonicalizing the host part.  Set subst_defrealm to substitute the
 * default realm for the referral realm after realm lookup.  Do not set both
 * flags.  Free with free_canonprinc() when done.
 *
 * no_hostrealm only applies if fallback processing is in use
 * (dns_canonicalize_hostname = fallback).  It will not remove the realm if
 * krb5_sname_to_principal() already canonicalized the hostname and looked up a
 * realm.  subst_defrealm applies whether or not fallback processing is in use.
 */
struct canonprinc {
    krb5_const_principal princ;
    krb5_boolean no_hostrealm;
    krb5_boolean subst_defrealm;
    int step;
    char *canonhost;
    char *realm;
    krb5_principal_data copy;
    krb5_data components[2];
};

/* Yield one or two candidate canonical principal names for iter, then NULL.
 * Output names are valid for one iteration and must not be freed. */
krb5_error_code k5_canonprinc(krb5_context context, struct canonprinc *iter,
                              krb5_const_principal *princ_out);

static inline void
free_canonprinc(struct canonprinc *iter)
{
    free(iter->canonhost);
    free(iter->realm);
}

krb5_error_code k5_expand_hostname(krb5_context context, const char *host,
                                   krb5_boolean is_fallback,
                                   char **canonhost_out);

krb5_error_code k5_locate_server(krb5_context, const krb5_data *realm,
                                 struct serverlist *serverlist,
                                 enum locate_service_type svc,
                                 krb5_boolean no_udp);

krb5_error_code k5_locate_kdc(krb5_context context, const krb5_data *realm,
                              struct serverlist *serverlist,
                              krb5_boolean get_primaries, krb5_boolean no_udp);

void k5_free_serverlist(struct serverlist *);

/* Create an object for remembering a history of KDCs contacted during an
 * exchange. */
krb5_error_code k5_kdclist_create(struct kdclist **kdcs_out);

/* Add a server entry to kdcs.  Transfer ownership of memory from *server and
 * zero it. */
krb5_error_code k5_kdclist_add(struct kdclist *kdcs, const krb5_data *realm,
                               struct server_entry *server);

/* Return true if any KDC entries in kdcs are replicas, looking up realms'
 * primary KDCs as necessary. */
krb5_boolean k5_kdclist_any_replicas(krb5_context context,
                                     struct kdclist *kdcs);

void k5_kdclist_free(struct kdclist *kdcs);

#ifdef HAVE_NETINET_IN_H
krb5_error_code krb5_unpack_full_ipaddr(krb5_context,
                                        const krb5_address *,
                                        krb5_int32 *,
                                        krb5_int16 *);

krb5_error_code krb5_make_full_ipaddr(krb5_context,
                                      krb5_int32,
                                      int,   /* unsigned short promotes to signed int */
                                      krb5_address **);

#endif /* HAVE_NETINET_IN_H */

struct srv_dns_entry {
    struct srv_dns_entry *next;
    int priority;
    int weight;
    unsigned short port;
    char *host;
};

krb5_error_code
krb5int_make_srv_query_realm(krb5_context context, const krb5_data *realm,
                             const char *service, const char *protocol,
                             const char *sitename,
                             struct srv_dns_entry **answers);

void krb5int_free_srv_dns_data(struct srv_dns_entry *);

krb5_error_code
k5_make_uri_query(krb5_context context, const krb5_data *realm,
                  const char *service, const char *sitename,
                  struct srv_dns_entry **answers);

krb5_error_code k5_try_realm_txt_rr(krb5_context context, const char *prefix,
                                    const char *name, char **realm);

char *k5_primary_domain(void);

int _krb5_use_dns_realm (krb5_context);
int _krb5_use_dns_kdc (krb5_context);
int _krb5_conf_boolean (const char *);

krb5_error_code k5_sendto(krb5_context context, const krb5_data *message,
                          const krb5_data *realm,
                          const struct serverlist *addrs,
                          k5_transport_strategy strategy,
                          struct sendto_callback_info *callback_info,
                          krb5_data *reply, struct sockaddr *remoteaddr,
                          socklen_t *remoteaddrlen, int *server_used,
                          int (*msg_handler)(krb5_context, const krb5_data *,
                                             void *),
                          void *msg_handler_data);

krb5_error_code k5_sendto_kdc(krb5_context context, const krb5_data *message,
                              const krb5_data *realm, krb5_boolean use_primary,
                              krb5_boolean no_udp, krb5_data *reply_out,
                              struct kdclist *hist);

krb5_error_code krb5int_get_fq_local_hostname(char **);

/* The io vector is *not* const here, unlike writev()!  */
int krb5int_net_writev (krb5_context, int, sg_buf *, int);

int k5_getcurtime(struct timeval *tvp);

krb5_error_code k5_expand_path_tokens(krb5_context context,
                                      const char *path_in, char **path_out);
krb5_error_code k5_expand_path_tokens_extra(krb5_context context,
                                            const char *path_in,
                                            char **path_out, ...);

krb5_error_code k5_create_secure_file(krb5_context, const char * pathname);
krb5_error_code k5_sync_disk_file(krb5_context, FILE *fp);
krb5_error_code k5_os_init_context(krb5_context context, profile_t profile,
                                   krb5_flags flags);
void k5_os_free_context(krb5_context);
krb5_error_code k5_os_hostaddr(krb5_context, const char *, krb5_address ***);
krb5_error_code k5_time_with_offset(krb5_timestamp offset,
                                    krb5_int32 offset_usec,
                                    krb5_timestamp *time_out,
                                    krb5_int32 *usec_out);
void k5_set_prompt_types(krb5_context, krb5_prompt_type *);
krb5_boolean k5_is_numeric_address(const char *name);
krb5_error_code k5_make_realmlist(const char *realm, char ***realms_out);
krb5_error_code k5_kt_client_default_name(krb5_context context,
                                          char **name_out);
krb5_error_code k5_write_messages(krb5_context, krb5_pointer, krb5_data *,
                                  int);
void k5_init_trace(krb5_context context);

#include "k5-thread.h"
extern k5_mutex_t krb5int_us_time_mutex;

extern unsigned int krb5_max_skdc_timeout;
extern unsigned int krb5_skdc_timeout_shift;
extern unsigned int krb5_skdc_timeout_1;

void k5_hostrealm_free_context(krb5_context);
krb5_error_code hostrealm_profile_initvt(krb5_context context, int maj_ver,
                                         int min_ver,
                                         krb5_plugin_vtable vtable);
krb5_error_code hostrealm_registry_initvt(krb5_context context, int maj_ver,
                                          int min_ver,
                                          krb5_plugin_vtable vtable);
krb5_error_code hostrealm_dns_initvt(krb5_context context, int maj_ver,
                                     int min_ver, krb5_plugin_vtable vtable);
krb5_error_code hostrealm_domain_initvt(krb5_context context, int maj_ver,
                                        int min_ver,
                                        krb5_plugin_vtable vtable);

void k5_localauth_free_context(krb5_context);
krb5_error_code localauth_names_initvt(krb5_context context, int maj_ver,
                                       int min_ver, krb5_plugin_vtable vtable);
krb5_error_code localauth_rule_initvt(krb5_context context, int maj_ver,
                                      int min_ver, krb5_plugin_vtable vtable);
krb5_error_code localauth_k5login_initvt(krb5_context context, int maj_ver,
                                         int min_ver,
                                         krb5_plugin_vtable vtable);
krb5_error_code localauth_an2ln_initvt(krb5_context context, int maj_ver,
                                       int min_ver, krb5_plugin_vtable vtable);

#endif /* KRB5_LIBOS_INT_PROTO__ */