* Some module functions are mandatory for KDC operation; others are optional
* or apply only to administrative operations. If a function is optional, a
* module can leave the function pointer as NULL. Alternatively, modules can
- * return KRB5_KDB_DBTYPE_NOSUP when asked to perform an inapplicable action.
+ * return KRB5_PLUGIN_OP_NOTSUPP when asked to perform an inapplicable action.
*
* Some module functions have default implementations which will call back into
* the vtable interface. Leave these functions as NULL to use the default
*
* Used by the "kadmin lock" command, incremental propagation, and
* kdb5_util dump. Incremental propagation support requires shared locks
- * to operate. kdb5_util dump will work if the module returns
- * KRB5_PLUGIN_OP_NOTSUPP; note that this is *not* the usual "operation
- * not supported" error code.
+ * to operate. kdb5_util dump will continue unlocked if the module returns
+ * KRB5_PLUGIN_OP_NOTSUPP.
*/
krb5_error_code (*lock)(krb5_context kcontext, int mode);
* invokes this function when the load is complete, thus replacing the live
* database with no loss of read availability.
*
- * The default implementation returns KRB5_PLUGIN_OP_NOTSUPP (which is
- * *not* the usual "operation not supported" error code); kdb5_util dump
- * recognizes and ignores this error code.
+ * The default implementation returns KRB5_PLUGIN_OP_NOTSUPP; kdb5_util
+ * dump recognizes and ignores this error code.
*/
krb5_error_code (*promote_db)(krb5_context context, char *conf_section,
char **db_args);
/*
* Optional: Perform an operation on input data req with output stored in
- * rep. Return KRB5_KDB_DBTYPE_NOSUP if the module does not implement the
+ * rep. Return KRB5_PLUGIN_OP_NOTSUPP if the module does not implement the
* method. Defined methods are:
*
* KRB5_KDB_METHOD_SIGN_AUTH_DATA: req contains a krb5_sign_auth_data_req
* KRB5_KDB_METHOD_CHECK_TRANSITED_REALMS: req contains a
* kdb_check_transited_realms_req structure. Perform a policy check on
* a cross-realm ticket's transited field and return an error (other
- * than KRB5_KDB_DBTYPE_NOSUP) if the check fails. Leave rep alone.
+ * than KRB5_PLUGIN_OP_NOTSUPP) if the check fails. Leave rep alone.
*
* KRB5_KDB_METHOD_CHECK_POLICY_AS: req contains a kdb_check_policy_as_req
* structure. Perform a policy check on an AS request, in addition to
krb5_set_error_message(kcontext, KRB5_KDB_DBTYPE_NOTFOUND,
"Unable to find requested database type: %s",
lib_name);
- return KRB5_KDB_DBTYPE_NOSUP;
+ return KRB5_PLUGIN_OP_NOTSUPP;
}
lib = calloc(1, sizeof(*lib));
if (status)
goto clean_n_exit;
if (v->create == NULL) {
- status = KRB5_KDB_DBTYPE_NOSUP;
+ status = KRB5_PLUGIN_OP_NOTSUPP;
goto clean_n_exit;
}
status = v->create(kcontext, section, db_args);
if (status)
goto clean_n_exit;
if (v->destroy == NULL) {
- status = KRB5_KDB_DBTYPE_NOSUP;
+ status = KRB5_PLUGIN_OP_NOTSUPP;
goto clean_n_exit;
}
status = v->destroy(kcontext, section, db_args);
if (status)
return status;
if (v->get_age == NULL)
- return KRB5_KDB_DBTYPE_NOSUP;
+ return KRB5_PLUGIN_OP_NOTSUPP;
return v->get_age(kcontext, db_name, t);
}
if (status)
return status;
if (v->lock == NULL)
- return KRB5_KDB_DBTYPE_NOSUP;
+ return KRB5_PLUGIN_OP_NOTSUPP;
return v->lock(kcontext, lock_mode);
}
if (status)
return status;
if (v->unlock == NULL)
- return KRB5_KDB_DBTYPE_NOSUP;
+ return KRB5_PLUGIN_OP_NOTSUPP;
return v->unlock(kcontext);
}
if (status)
return status;
if (v->get_principal == NULL)
- return KRB5_KDB_DBTYPE_NOSUP;
+ return KRB5_PLUGIN_OP_NOTSUPP;
return v->get_principal(kcontext, search_for, 0, entries, nentries, more);
}
if (status)
return status;
if (v->get_principal == NULL)
- return KRB5_KDB_DBTYPE_NOSUP;
+ return KRB5_PLUGIN_OP_NOTSUPP;
return v->get_principal(kcontext, search_for, flags, entries, nentries,
more);
}
if (status)
return status;
if (v->put_principal == NULL)
- return KRB5_KDB_DBTYPE_NOSUP;
+ return KRB5_PLUGIN_OP_NOTSUPP;
status = extract_db_args_from_tl_data(kcontext, &entries->tl_data,
&entries->n_tl_data,
&db_args);
}
if (v->put_principal == NULL) {
- status = KRB5_KDB_DBTYPE_NOSUP;
+ status = KRB5_PLUGIN_OP_NOTSUPP;
goto err_lock;
}
if (status)
return status;
if (v->delete_principal == NULL)
- return KRB5_KDB_DBTYPE_NOSUP;
+ return KRB5_PLUGIN_OP_NOTSUPP;
return v->delete_principal(kcontext, search_for, nentries);
}
}
if (v->delete_principal == NULL)
- return KRB5_KDB_DBTYPE_NOSUP;
+ return KRB5_PLUGIN_OP_NOTSUPP;
status = v->delete_principal(kcontext, search_for, nentries);
if (status)
return status;
if (v->get_master_key_list == NULL)
- return KRB5_KDB_DBTYPE_NOSUP;
+ return KRB5_PLUGIN_OP_NOTSUPP;
return v->get_master_key_list(kcontext, keylist);
}
if (status)
return status;
if (v->store_master_key_list == NULL)
- return KRB5_KDB_DBTYPE_NOSUP;
+ return KRB5_PLUGIN_OP_NOTSUPP;
return v->store_master_key_list(kcontext, keyfile, mname, keylist,
master_pwd);
}
if (status)
return status;
if (v->create_policy == NULL)
- return KRB5_KDB_DBTYPE_NOSUP;
+ return KRB5_PLUGIN_OP_NOTSUPP;
return v->create_policy(kcontext, policy);
}
if (status)
return status;
if (v->get_policy == NULL)
- return KRB5_KDB_DBTYPE_NOSUP;
+ return KRB5_PLUGIN_OP_NOTSUPP;
return v->get_policy(kcontext, name, policy, cnt);
}
if (status)
return status;
if (v->put_policy == NULL)
- return KRB5_KDB_DBTYPE_NOSUP;
+ return KRB5_PLUGIN_OP_NOTSUPP;
return v->put_policy(kcontext, policy);
}
if (status)
return status;
if (v->delete_policy == NULL)
- return KRB5_KDB_DBTYPE_NOSUP;
+ return KRB5_PLUGIN_OP_NOTSUPP;
return v->delete_policy(kcontext, policy);
}
if (status)
return status;
if (v->invoke == NULL)
- return KRB5_KDB_DBTYPE_NOSUP;
+ return KRB5_PLUGIN_OP_NOTSUPP;
return v->invoke(kcontext, method, req, rep);
}