diff options
author | cvs2svn <cvs2svn@FreeBSD.org> | 2000-09-25 21:57:54 +0000 |
---|---|---|
committer | cvs2svn <cvs2svn@FreeBSD.org> | 2000-09-25 21:57:54 +0000 |
commit | ba94d0cea3d853d19732f64a17cd6207dc85ad5f (patch) | |
tree | 38b022cfba11bdd4a90667961e31cfc475ffc7c3 /crypto/heimdal/lib/kadm5 | |
parent | 2641b0c407077fa8c3032d87d15ac6a103b0ed1b (diff) |
Diffstat (limited to 'crypto/heimdal/lib/kadm5')
52 files changed, 0 insertions, 9007 deletions
diff --git a/crypto/heimdal/lib/kadm5/ChangeLog b/crypto/heimdal/lib/kadm5/ChangeLog deleted file mode 100644 index f5a6ee4907a1c..0000000000000 --- a/crypto/heimdal/lib/kadm5/ChangeLog +++ /dev/null @@ -1,315 +0,0 @@ -2000-02-07 Assar Westerlund <assar@sics.se> - - * Makefile.am (libkadm5clnt_la_LDFLAGS): set version to 4:2:0 - -2000-01-28 Assar Westerlund <assar@sics.se> - - * init_c.c (get_new_cache): make sure to request non-forwardable, - non-proxiable - -2000-01-06 Assar Westerlund <assar@sics.se> - - * Makefile.am (libkadm5srv.la): bump version to 5:1:0 - - * context_s.c (_kadm5_s_init_context): handle params == NULL - -1999-12-26 Assar Westerlund <assar@sics.se> - - * get_s.c (kadm5_s_get_principal): handle modified_by->principal - == NULL - -1999-12-20 Assar Westerlund <assar@sics.se> - - * Makefile.am (libkadm5clnt_la_LDFLAGS): bump version to 4:1:0 - - * init_c.c (_kadm5_c_init_context): handle getting back port - number from admin host - (kadm5_c_init_with_context): remove `proto/' part before doing - getaddrinfo() - -1999-12-06 Assar Westerlund <assar@sics.se> - - * Makefile.am: bump version to 5:0:0 and 4:0:0 - - * init_c.c (kadm5_c_init_with_context): don't use unitialized - stuff - -1999-12-04 Assar Westerlund <assar@sics.se> - - * replay_log.c: adapt to changed kadm5_log_foreach - - * log.c (kadm5_log_foreach): change to take a - `kadm5_server_context' - - * init_c.c: use krb5_warn{,x} - - * dump_log.c: adapt to changed kadm5_log_foreach - - * init_c.c: re-write to use getaddrinfo - * Makefile.am (install-build-headers): add dependency - -1999-12-03 Johan Danielsson <joda@pdc.kth.se> - - * log.c (kadm5_log_foreach): pass context - - * dump_log.c: print more interesting things - -1999-12-02 Johan Danielsson <joda@pdc.kth.se> - - * ipropd_master.c (process_msg): check for short reads - -1999-11-25 Assar Westerlund <assar@sics.se> - - * modify_s.c (kadm5_s_modify_principal): support key_data - (kadm5_s_modify_principal_with_key): remove - - * admin.h (kadm5_s_modify_principal_with_key): remove - -1999-11-20 Assar Westerlund <assar@sics.se> - - * context_s.c (find_db_spec): ugly cast work-around. - -1999-11-14 Assar Westerlund <assar@sics.se> - - * context_s.c (_kadm5_s_init_context): call krb5_add_et_list so - that we aren't dependent on the layout of krb5_context_data - * init_c.c (_kadm5_c_init_context): call krb5_add_et_list so that - we aren't dependent on the layout of krb5_context_data - -1999-11-13 Assar Westerlund <assar@sics.se> - - * password_quality.c (kadm5_setup_passwd_quality_check): use - correct types for function pointers - -1999-11-09 Johan Danielsson <joda@pdc.kth.se> - - * randkey_s.c: always bail out if the fetch fails - - * admin.h (kadm5_config_params): remove fields we're not using - - * ipropd_slave.c: allow passing a realm - - * ipropd_master.c: allow passing a realm - - * dump_log.c: allow passing a realm - - * acl.c: correctly get acl file - - * private.h (kadm5_server_context): add config_params struct and - remove acl_file; bump protocol version number - - * marshall.c: marshalling of config parameters - - * init_c.c (kadm5_c_init_with_context): try to cope with old - servers - - * init_s.c (kadm5_s_init_with_context): actually use some passed - values - - * context_s.c (_kadm5_s_init_context): get dbname, acl_file, and - stash_file from the config parameters, try to figure out these if - they're not provided - -1999-11-05 Assar Westerlund <assar@sics.se> - - * Makefile.am (install-build-headers): use `cp' instead of - INSTALL_DATA - -1999-11-04 Assar Westerlund <assar@sics.se> - - * Makefile.am: bump version to 4:0:0 and 3:0:0 (they access fields - directly in libkrb5's context - bad functions) - - * set_keys.c (_kadm5_set_keys_randomly): set enctypes correctly in - the copied keys - -1999-10-20 Assar Westerlund <assar@sics.se> - - * Makefile.am: set version of kadm5srv to 3:0:2 (new password - quality functions). - set version of kdam5clnt to 2:1:1 (no interface changes) - - * Makefile.am (LDADD): add $(LIB_dlopen) - -1999-10-17 Assar Westerlund <assar@sics.se> - - * randkey_s.c (kadm5_s_randkey_principal): use - _kadm5_set_keys_randomly - - * set_keys.c (free_keys): free more memory - (_kadm5_set_keys): a little bit more generic - (_kadm5_set_keys_randomly): new function for setting random keys. - -1999-10-14 Assar Westerlund <assar@sics.se> - - * set_keys.c (_kadm5_set_keys): ignore old keys when setting new - ones and always add 3 DES keys and one 3DES key - -1999-10-03 Assar Westerlund <assar@sics.se> - - * init_c.c (_kadm5_c_init_context): use `krb5_get_krb_admin_hst'. - check return value from strdup - -1999-09-26 Assar Westerlund <assar@sics.se> - - * acl.c (_kadm5_privs_to_string): forgot one strcpy_truncate -> - strlcpy - -1999-09-24 Johan Danielsson <joda@pdc.kth.se> - - * dump_log.c: remove unused `optind' - - * replay_log.c: remove unused `optind' - -1999-09-13 Assar Westerlund <assar@sics.se> - - * chpass_c.c (kadm5_c_chpass_principal): new _kadm5_client_recv - - * send_recv.c (_kadm5_client_recv): return result in a `krb5_data' - so that we avoid copying it and don't need to dimension in - advance. change all callers. - -1999-09-10 Assar Westerlund <assar@sics.se> - - * password_quality.c: new file - - * admin.h - (kadm5_setup_passwd_quality_check,kadm5_check_password_quality): - add prototypes - - * Makefile.am (S_SOURCES): add password_quality.c - -1999-07-26 Assar Westerlund <assar@sics.se> - - * Makefile.am: update versions to 2:0:1 - -1999-07-24 Assar Westerlund <assar@sics.se> - - * ent_setup.c (_kadm5_setup_entry): make princ_expire_time == 0 - and pw_expiration == 0 mean never - -1999-07-22 Assar Westerlund <assar@sics.se> - - * log.c (kadm5_log_flush): extra cast - -1999-07-07 Assar Westerlund <assar@sics.se> - - * marshall.c (store_principal_ent): encoding princ_expire_time and - pw_expiration in correct order - -1999-06-28 Assar Westerlund <assar@sics.se> - - * randkey_s.c (kadm5_s_randkey_principal): nuke old mkvno, - otherwise hdb will think that the new random keys are already - encrypted which will cause lots of confusion later. - -1999-06-23 Assar Westerlund <assar@sics.se> - - * ent_setup.c (_kadm5_setup_entry): handle 0 == unlimited - correctly. From Michal Vocu <michal@karlin.mff.cuni.cz> - -1999-06-15 Assar Westerlund <assar@sics.se> - - * init_c.c (get_cred_cache): use get_default_username - -1999-05-23 Assar Westerlund <assar@sics.se> - - * create_s.c (create_principal): if there's no default entry the - mask should be zero. - -1999-05-21 Assar Westerlund <assar@sics.se> - - * init_c.c (get_cred_cache): use $USERNAME - -1999-05-17 Johan Danielsson <joda@pdc.kth.se> - - * init_c.c (get_cred_cache): figure out principal - -1999-05-05 Johan Danielsson <joda@pdc.kth.se> - - * send_recv.c: cleanup _kadm5_client_{send,recv} - -1999-05-04 Assar Westerlund <assar@sics.se> - - * set_keys.c (_kadm5_set_keys2): don't check the recently created - memory for NULL pointers - - * private.h (_kadm5_setup_entry): change prototype - - * modify_s.c: call new _kadm5_setup_entry - - * ent_setup.c (_kadm5_setup_entry): change so that it takes three - masks, one for what bits to set and one for each of principal and - def containing the bits that are set there. - - * create_s.c: call new _kadm5_setup_entry - - * create_s.c (get_default): check return value - (create_principal): send wider mask to _kadm5_setup_entry - -1999-05-04 Johan Danielsson <joda@pdc.kth.se> - - * send_recv.c (_kadm5_client_recv): handle arbitrarily sized - packets, check for errors - - * get_c.c: check for failure from _kadm5_client_{send,recv} - -1999-05-04 Assar Westerlund <assar@sics.se> - - * init_c.c (get_new_cache): don't abort when interrupted from - password prompt - - * destroy_c.c (kadm5_c_destroy): check if we should destroy the - auth context - -1999-05-03 Johan Danielsson <joda@pdc.kth.se> - - * chpass_s.c: fix arguments to _kadm5_set_keys2 - - * private.h: proto - - * set_keys.c: clear mkvno - - * rename_s.c: add flags to fetch and store; seal keys before - logging - - * randkey_s.c: add flags to fetch and store; seal keys before - logging - - * modify_s.c: add flags to fetch and store; seal keys before - logging - - * log.c: add flags to fetch and store; seal keys before logging - - * get_s.c: add flags to fetch and store; seal keys before logging - - * get_princs_s.c: add flags to fetch and store; seal keys before - logging - - * delete_s.c: add flags to fetch and store; seal keys before - logging - - * create_s.c: add flags to fetch and store; seal keys before - logging - - * chpass_s.c: add flags to fetch and store; seal keys before - logging - - * Makefile.am: remove server.c - - * admin.h: add prototypes - - * ent_setup.c (_kadm5_setup_entry): set key_data - - * set_keys.c: add _kadm5_set_keys2 to sey keys from key_data - - * modify_s.c: add kadm5_s_modify_principal_with_key - - * create_s.c: add kadm5_s_create_principal_with_key - - * chpass_s.c: add kadm5_s_chpass_principal_with_key - - * kadm5_locl.h: move stuff to private.h - - * private.h: move stuff from kadm5_locl.h -
\ No newline at end of file diff --git a/crypto/heimdal/lib/kadm5/Makefile.am b/crypto/heimdal/lib/kadm5/Makefile.am deleted file mode 100644 index 89399d45a49fe..0000000000000 --- a/crypto/heimdal/lib/kadm5/Makefile.am +++ /dev/null @@ -1,110 +0,0 @@ -# $Id: Makefile.am,v 1.33 2000/02/07 03:37:27 assar Exp $ - -include $(top_srcdir)/Makefile.am.common - -lib_LTLIBRARIES = libkadm5srv.la libkadm5clnt.la -libkadm5srv_la_LDFLAGS = -version-info 5:1:0 -libkadm5clnt_la_LDFLAGS = -version-info 4:2:0 -sbin_PROGRAMS = dump_log replay_log - -libexec_PROGRAMS = ipropd-master ipropd-slave - -kadm5includedir = $(includedir)/kadm5 -buildkadm5include = $(buildinclude)/kadm5 - -kadm5include_HEADERS = kadm5_err.h admin.h private.h - -install-build-headers:: $(kadm5include_HEADERS) - @foo='$(kadm5include_HEADERS)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildkadm5include)/$$f 2> /dev/null ; then \ - : ; else \ - echo "cp $$file $(buildkadm5include)/$$f";\ - cp $$file $(buildkadm5include)/$$f; \ - fi ; \ - done - -C_SOURCES = \ - admin.h \ - chpass_c.c \ - common_glue.c \ - create_c.c \ - delete_c.c \ - destroy_c.c \ - flush_c.c \ - free.c \ - get_c.c \ - get_princs_c.c \ - init_c.c \ - kadm5_err.c \ - kadm5_locl.h \ - marshall.c \ - modify_c.c \ - private.h \ - privs_c.c \ - randkey_c.c \ - rename_c.c \ - send_recv.c - -S_SOURCES = \ - acl.c \ - admin.h \ - chpass_s.c \ - common_glue.c \ - context_s.c \ - create_s.c \ - delete_s.c \ - destroy_s.c \ - ent_setup.c \ - error.c \ - flush_s.c \ - free.c \ - get_princs_s.c \ - get_s.c \ - init_s.c \ - kadm5_err.c \ - kadm5_locl.h \ - log.c \ - marshall.c \ - modify_s.c \ - private.h \ - privs_s.c \ - randkey_s.c \ - rename_s.c \ - set_keys.c \ - set_modifier.c \ - password_quality.c - -libkadm5srv_la_SOURCES = $(S_SOURCES) server_glue.c -libkadm5clnt_la_SOURCES = $(C_SOURCES) client_glue.c - -dump_log_SOURCES = dump_log.c kadm5_locl.h - -replay_log_SOURCES = replay_log.c kadm5_locl.h - -ipropd_master_SOURCES = ipropd_master.c iprop.h kadm5_locl.h - -ipropd_slave_SOURCES = ipropd_slave.c iprop.h kadm5_locl.h - -LDADD = \ - libkadm5srv.la \ - $(top_builddir)/lib/hdb/libhdb.la \ - $(top_builddir)/lib/krb5/libkrb5.la \ - $(top_builddir)/lib/asn1/libasn1.la \ - $(top_builddir)/lib/des/libdes.la \ - $(LIB_roken) \ - $(DBLIB) \ - $(LIB_dlopen) - -CLEANFILES = kadm5_err.c kadm5_err.h - -$(libkadm5srv_la_OBJECTS): kadm5_err.h - -client_glue.lo server_glue.lo: $(srcdir)/common_glue.c - -# to help stupid solaris make - -kadm5_err.h: kadm5_err.et diff --git a/crypto/heimdal/lib/kadm5/Makefile.in b/crypto/heimdal/lib/kadm5/Makefile.in deleted file mode 100644 index 233ef9db98668..0000000000000 --- a/crypto/heimdal/lib/kadm5/Makefile.in +++ /dev/null @@ -1,812 +0,0 @@ -# Makefile.in generated automatically by automake 1.4 from Makefile.am - -# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -# $Id: Makefile.am,v 1.33 2000/02/07 03:37:27 assar Exp $ - - -# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ - - -# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ - - -SHELL = @SHELL@ - -srcdir = @srcdir@ -top_srcdir = @top_srcdir@ -VPATH = @srcdir@ -prefix = @prefix@ -exec_prefix = @exec_prefix@ - -bindir = @bindir@ -sbindir = @sbindir@ -libexecdir = @libexecdir@ -datadir = @datadir@ -sysconfdir = @sysconfdir@ -sharedstatedir = @sharedstatedir@ -localstatedir = @localstatedir@ -libdir = @libdir@ -infodir = @infodir@ -mandir = @mandir@ -includedir = @includedir@ -oldincludedir = /usr/include - -DESTDIR = - -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ - -top_builddir = ../.. - -ACLOCAL = @ACLOCAL@ -AUTOCONF = @AUTOCONF@ -AUTOMAKE = @AUTOMAKE@ -AUTOHEADER = @AUTOHEADER@ - -INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -transform = @program_transform_name@ - -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -host_alias = @host_alias@ -host_triplet = @host@ -AFS_EXTRA_LD = @AFS_EXTRA_LD@ -AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AWK = @AWK@ -CANONICAL_HOST = @CANONICAL_HOST@ -CATMAN = @CATMAN@ -CATMANEXT = @CATMANEXT@ -CC = @CC@ -DBLIB = @DBLIB@ -EXEEXT = @EXEEXT@ -EXTRA_LIB45 = @EXTRA_LIB45@ -GROFF = @GROFF@ -INCLUDE_ = @INCLUDE_@ -LD = @LD@ -LEX = @LEX@ -LIBOBJS = @LIBOBJS@ -LIBTOOL = @LIBTOOL@ -LIB_ = @LIB_@ -LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ -LIB_kdb = @LIB_kdb@ -LIB_otp = @LIB_otp@ -LIB_roken = @LIB_roken@ -LIB_security = @LIB_security@ -LN_S = @LN_S@ -LTLIBOBJS = @LTLIBOBJS@ -MAKEINFO = @MAKEINFO@ -MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@ -MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@ -MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@ -NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ -NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ -NM = @NM@ -NROFF = @NROFF@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -RANLIB = @RANLIB@ -VERSION = @VERSION@ -VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ -WFLAGS = @WFLAGS@ -WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ -WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ -YACC = @YACC@ - -AUTOMAKE_OPTIONS = foreign no-dependencies - -SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x - -INCLUDES = -I$(top_builddir)/include - -AM_CFLAGS = $(WFLAGS) - -COMPILE_ET = $(top_builddir)/lib/com_err/compile_et - -buildinclude = $(top_builddir)/include - -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_crypt = @LIB_crypt@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_el_init = @LIB_el_init@ -LIB_getattr = @LIB_getattr@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_readline = @LIB_readline@ -LIB_res_search = @LIB_res_search@ -LIB_setpcred = @LIB_setpcred@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ - -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -LIB_hesiod = @LIB_hesiod@ - -INCLUDE_krb4 = @INCLUDE_krb4@ -LIB_krb4 = @LIB_krb4@ - -INCLUDE_readline = @INCLUDE_readline@ - -LEXLIB = @LEXLIB@ - -cat1dir = $(mandir)/cat1 -cat3dir = $(mandir)/cat3 -cat5dir = $(mandir)/cat5 -cat8dir = $(mandir)/cat8 - -MANRX = \(.*\)\.\([0-9]\) -CATSUFFIX = @CATSUFFIX@ - -NROFF_MAN = groff -mandoc -Tascii - -@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) - -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la - -CHECK_LOCAL = $(PROGRAMS) - -lib_LTLIBRARIES = libkadm5srv.la libkadm5clnt.la -libkadm5srv_la_LDFLAGS = -version-info 5:1:0 -libkadm5clnt_la_LDFLAGS = -version-info 4:2:0 -sbin_PROGRAMS = dump_log replay_log - -libexec_PROGRAMS = ipropd-master ipropd-slave - -kadm5includedir = $(includedir)/kadm5 -buildkadm5include = $(buildinclude)/kadm5 - -kadm5include_HEADERS = kadm5_err.h admin.h private.h - -C_SOURCES = admin.h chpass_c.c common_glue.c create_c.c delete_c.c destroy_c.c flush_c.c free.c get_c.c get_princs_c.c init_c.c kadm5_err.c kadm5_locl.h marshall.c modify_c.c private.h privs_c.c randkey_c.c rename_c.c send_recv.c - - -S_SOURCES = acl.c admin.h chpass_s.c common_glue.c context_s.c create_s.c delete_s.c destroy_s.c ent_setup.c error.c flush_s.c free.c get_princs_s.c get_s.c init_s.c kadm5_err.c kadm5_locl.h log.c marshall.c modify_s.c private.h privs_s.c randkey_s.c rename_s.c set_keys.c set_modifier.c password_quality.c - - -libkadm5srv_la_SOURCES = $(S_SOURCES) server_glue.c -libkadm5clnt_la_SOURCES = $(C_SOURCES) client_glue.c - -dump_log_SOURCES = dump_log.c kadm5_locl.h - -replay_log_SOURCES = replay_log.c kadm5_locl.h - -ipropd_master_SOURCES = ipropd_master.c iprop.h kadm5_locl.h - -ipropd_slave_SOURCES = ipropd_slave.c iprop.h kadm5_locl.h - -LDADD = libkadm5srv.la $(top_builddir)/lib/hdb/libhdb.la $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la $(top_builddir)/lib/des/libdes.la $(LIB_roken) $(DBLIB) $(LIB_dlopen) - - -CLEANFILES = kadm5_err.c kadm5_err.h -mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs -CONFIG_HEADER = ../../include/config.h -CONFIG_CLEAN_FILES = -LTLIBRARIES = $(lib_LTLIBRARIES) - - -DEFS = @DEFS@ -I. -I$(srcdir) -I../../include -CPPFLAGS = @CPPFLAGS@ -LDFLAGS = @LDFLAGS@ -LIBS = @LIBS@ -X_CFLAGS = @X_CFLAGS@ -X_LIBS = @X_LIBS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -libkadm5srv_la_LIBADD = -libkadm5srv_la_OBJECTS = acl.lo chpass_s.lo common_glue.lo context_s.lo \ -create_s.lo delete_s.lo destroy_s.lo ent_setup.lo error.lo flush_s.lo \ -free.lo get_princs_s.lo get_s.lo init_s.lo kadm5_err.lo log.lo \ -marshall.lo modify_s.lo privs_s.lo randkey_s.lo rename_s.lo set_keys.lo \ -set_modifier.lo password_quality.lo server_glue.lo -libkadm5clnt_la_LIBADD = -libkadm5clnt_la_OBJECTS = chpass_c.lo common_glue.lo create_c.lo \ -delete_c.lo destroy_c.lo flush_c.lo free.lo get_c.lo get_princs_c.lo \ -init_c.lo kadm5_err.lo marshall.lo modify_c.lo privs_c.lo randkey_c.lo \ -rename_c.lo send_recv.lo client_glue.lo -libexec_PROGRAMS = ipropd-master$(EXEEXT) ipropd-slave$(EXEEXT) -sbin_PROGRAMS = dump_log$(EXEEXT) replay_log$(EXEEXT) -PROGRAMS = $(libexec_PROGRAMS) $(sbin_PROGRAMS) - -ipropd_master_OBJECTS = ipropd_master.$(OBJEXT) -ipropd_master_LDADD = $(LDADD) -ipropd_master_DEPENDENCIES = libkadm5srv.la \ -$(top_builddir)/lib/hdb/libhdb.la $(top_builddir)/lib/krb5/libkrb5.la \ -$(top_builddir)/lib/asn1/libasn1.la $(top_builddir)/lib/des/libdes.la -ipropd_master_LDFLAGS = -ipropd_slave_OBJECTS = ipropd_slave.$(OBJEXT) -ipropd_slave_LDADD = $(LDADD) -ipropd_slave_DEPENDENCIES = libkadm5srv.la \ -$(top_builddir)/lib/hdb/libhdb.la $(top_builddir)/lib/krb5/libkrb5.la \ -$(top_builddir)/lib/asn1/libasn1.la $(top_builddir)/lib/des/libdes.la -ipropd_slave_LDFLAGS = -dump_log_OBJECTS = dump_log.$(OBJEXT) -dump_log_LDADD = $(LDADD) -dump_log_DEPENDENCIES = libkadm5srv.la \ -$(top_builddir)/lib/hdb/libhdb.la $(top_builddir)/lib/krb5/libkrb5.la \ -$(top_builddir)/lib/asn1/libasn1.la $(top_builddir)/lib/des/libdes.la -dump_log_LDFLAGS = -replay_log_OBJECTS = replay_log.$(OBJEXT) -replay_log_LDADD = $(LDADD) -replay_log_DEPENDENCIES = libkadm5srv.la \ -$(top_builddir)/lib/hdb/libhdb.la $(top_builddir)/lib/krb5/libkrb5.la \ -$(top_builddir)/lib/asn1/libasn1.la $(top_builddir)/lib/des/libdes.la -replay_log_LDFLAGS = -CFLAGS = @CFLAGS@ -COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ -HEADERS = $(kadm5include_HEADERS) - -DIST_COMMON = ChangeLog Makefile.am Makefile.in - - -DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) - -TAR = tar -GZIP_ENV = --best -SOURCES = $(libkadm5srv_la_SOURCES) $(libkadm5clnt_la_SOURCES) $(ipropd_master_SOURCES) $(ipropd_slave_SOURCES) $(dump_log_SOURCES) $(replay_log_SOURCES) -OBJECTS = $(libkadm5srv_la_OBJECTS) $(libkadm5clnt_la_OBJECTS) $(ipropd_master_OBJECTS) $(ipropd_slave_OBJECTS) $(dump_log_OBJECTS) $(replay_log_OBJECTS) - -all: all-redirect -.SUFFIXES: -.SUFFIXES: .1 .3 .5 .8 .S .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .s .x -$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common - cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/kadm5/Makefile - -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - cd $(top_builddir) \ - && CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status - - -mostlyclean-libLTLIBRARIES: - -clean-libLTLIBRARIES: - -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES) - -distclean-libLTLIBRARIES: - -maintainer-clean-libLTLIBRARIES: - -install-libLTLIBRARIES: $(lib_LTLIBRARIES) - @$(NORMAL_INSTALL) - $(mkinstalldirs) $(DESTDIR)$(libdir) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - if test -f $$p; then \ - echo "$(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p"; \ - $(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p; \ - else :; fi; \ - done - -uninstall-libLTLIBRARIES: - @$(NORMAL_UNINSTALL) - list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p; \ - done - -.c.o: - $(COMPILE) -c $< - -# FIXME: We should only use cygpath when building on Windows, -# and only if it is available. -.c.obj: - $(COMPILE) -c `cygpath -w $<` - -.s.o: - $(COMPILE) -c $< - -.S.o: - $(COMPILE) -c $< - -mostlyclean-compile: - -rm -f *.o core *.core - -rm -f *.$(OBJEXT) - -clean-compile: - -distclean-compile: - -rm -f *.tab.c - -maintainer-clean-compile: - -.c.lo: - $(LIBTOOL) --mode=compile $(COMPILE) -c $< - -.s.lo: - $(LIBTOOL) --mode=compile $(COMPILE) -c $< - -.S.lo: - $(LIBTOOL) --mode=compile $(COMPILE) -c $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs - -distclean-libtool: - -maintainer-clean-libtool: - -libkadm5srv.la: $(libkadm5srv_la_OBJECTS) $(libkadm5srv_la_DEPENDENCIES) - $(LINK) -rpath $(libdir) $(libkadm5srv_la_LDFLAGS) $(libkadm5srv_la_OBJECTS) $(libkadm5srv_la_LIBADD) $(LIBS) - -libkadm5clnt.la: $(libkadm5clnt_la_OBJECTS) $(libkadm5clnt_la_DEPENDENCIES) - $(LINK) -rpath $(libdir) $(libkadm5clnt_la_LDFLAGS) $(libkadm5clnt_la_OBJECTS) $(libkadm5clnt_la_LIBADD) $(LIBS) - -mostlyclean-libexecPROGRAMS: - -clean-libexecPROGRAMS: - -test -z "$(libexec_PROGRAMS)" || rm -f $(libexec_PROGRAMS) - -distclean-libexecPROGRAMS: - -maintainer-clean-libexecPROGRAMS: - -install-libexecPROGRAMS: $(libexec_PROGRAMS) - @$(NORMAL_INSTALL) - $(mkinstalldirs) $(DESTDIR)$(libexecdir) - @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - if test -f $$p; then \ - echo " $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(libexecdir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`"; \ - $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(libexecdir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \ - else :; fi; \ - done - -uninstall-libexecPROGRAMS: - @$(NORMAL_UNINSTALL) - list='$(libexec_PROGRAMS)'; for p in $$list; do \ - rm -f $(DESTDIR)$(libexecdir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \ - done - -mostlyclean-sbinPROGRAMS: - -clean-sbinPROGRAMS: - -test -z "$(sbin_PROGRAMS)" || rm -f $(sbin_PROGRAMS) - -distclean-sbinPROGRAMS: - -maintainer-clean-sbinPROGRAMS: - -install-sbinPROGRAMS: $(sbin_PROGRAMS) - @$(NORMAL_INSTALL) - $(mkinstalldirs) $(DESTDIR)$(sbindir) - @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - if test -f $$p; then \ - echo " $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(sbindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`"; \ - $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(sbindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \ - else :; fi; \ - done - -uninstall-sbinPROGRAMS: - @$(NORMAL_UNINSTALL) - list='$(sbin_PROGRAMS)'; for p in $$list; do \ - rm -f $(DESTDIR)$(sbindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \ - done - -ipropd-master$(EXEEXT): $(ipropd_master_OBJECTS) $(ipropd_master_DEPENDENCIES) - @rm -f ipropd-master$(EXEEXT) - $(LINK) $(ipropd_master_LDFLAGS) $(ipropd_master_OBJECTS) $(ipropd_master_LDADD) $(LIBS) - -ipropd-slave$(EXEEXT): $(ipropd_slave_OBJECTS) $(ipropd_slave_DEPENDENCIES) - @rm -f ipropd-slave$(EXEEXT) - $(LINK) $(ipropd_slave_LDFLAGS) $(ipropd_slave_OBJECTS) $(ipropd_slave_LDADD) $(LIBS) - -dump_log$(EXEEXT): $(dump_log_OBJECTS) $(dump_log_DEPENDENCIES) - @rm -f dump_log$(EXEEXT) - $(LINK) $(dump_log_LDFLAGS) $(dump_log_OBJECTS) $(dump_log_LDADD) $(LIBS) - -replay_log$(EXEEXT): $(replay_log_OBJECTS) $(replay_log_DEPENDENCIES) - @rm -f replay_log$(EXEEXT) - $(LINK) $(replay_log_LDFLAGS) $(replay_log_OBJECTS) $(replay_log_LDADD) $(LIBS) - -install-kadm5includeHEADERS: $(kadm5include_HEADERS) - @$(NORMAL_INSTALL) - $(mkinstalldirs) $(DESTDIR)$(kadm5includedir) - @list='$(kadm5include_HEADERS)'; for p in $$list; do \ - if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \ - echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(kadm5includedir)/$$p"; \ - $(INSTALL_DATA) $$d$$p $(DESTDIR)$(kadm5includedir)/$$p; \ - done - -uninstall-kadm5includeHEADERS: - @$(NORMAL_UNINSTALL) - list='$(kadm5include_HEADERS)'; for p in $$list; do \ - rm -f $(DESTDIR)$(kadm5includedir)/$$p; \ - done - -tags: TAGS - -ID: $(HEADERS) $(SOURCES) $(LISP) - list='$(SOURCES) $(HEADERS)'; \ - unique=`for i in $$list; do echo $$i; done | \ - awk ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - here=`pwd` && cd $(srcdir) \ - && mkid -f$$here/ID $$unique $(LISP) - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS)'; \ - unique=`for i in $$list; do echo $$i; done | \ - awk ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \ - || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS) - -mostlyclean-tags: - -clean-tags: - -distclean-tags: - -rm -f TAGS ID - -maintainer-clean-tags: - -distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) - -subdir = lib/kadm5 - -distdir: $(DISTFILES) - @for file in $(DISTFILES); do \ - d=$(srcdir); \ - if test -d $$d/$$file; then \ - cp -pr $$/$$file $(distdir)/$$file; \ - else \ - test -f $(distdir)/$$file \ - || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ - || cp -p $$d/$$file $(distdir)/$$file || :; \ - fi; \ - done - $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook -info-am: -info: info-am -dvi-am: -dvi: dvi-am -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-local -check: check-am -installcheck-am: -installcheck: installcheck-am -install-exec-am: install-libLTLIBRARIES install-libexecPROGRAMS \ - install-sbinPROGRAMS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook -install-exec: install-exec-am - -install-data-am: install-kadm5includeHEADERS install-data-local -install-data: install-data-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am -install: install-am -uninstall-am: uninstall-libLTLIBRARIES uninstall-libexecPROGRAMS \ - uninstall-sbinPROGRAMS uninstall-kadm5includeHEADERS -uninstall: uninstall-am -all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(HEADERS) all-local -all-redirect: all-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install -installdirs: - $(mkinstalldirs) $(DESTDIR)$(libdir) $(DESTDIR)$(libexecdir) \ - $(DESTDIR)$(sbindir) $(DESTDIR)$(kadm5includedir) - - -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -rm -f Makefile $(CONFIG_CLEAN_FILES) - -rm -f config.cache config.log stamp-h stamp-h[0-9]* - -maintainer-clean-generic: -mostlyclean-am: mostlyclean-libLTLIBRARIES mostlyclean-compile \ - mostlyclean-libtool mostlyclean-libexecPROGRAMS \ - mostlyclean-sbinPROGRAMS mostlyclean-tags \ - mostlyclean-generic - -mostlyclean: mostlyclean-am - -clean-am: clean-libLTLIBRARIES clean-compile clean-libtool \ - clean-libexecPROGRAMS clean-sbinPROGRAMS clean-tags \ - clean-generic mostlyclean-am - -clean: clean-am - -distclean-am: distclean-libLTLIBRARIES distclean-compile \ - distclean-libtool distclean-libexecPROGRAMS \ - distclean-sbinPROGRAMS distclean-tags distclean-generic \ - clean-am - -rm -f libtool - -distclean: distclean-am - -maintainer-clean-am: maintainer-clean-libLTLIBRARIES \ - maintainer-clean-compile maintainer-clean-libtool \ - maintainer-clean-libexecPROGRAMS \ - maintainer-clean-sbinPROGRAMS maintainer-clean-tags \ - maintainer-clean-generic distclean-am - @echo "This command is intended for maintainers to use;" - @echo "it deletes files that may require special tools to rebuild." - -maintainer-clean: maintainer-clean-am - -.PHONY: mostlyclean-libLTLIBRARIES distclean-libLTLIBRARIES \ -clean-libLTLIBRARIES maintainer-clean-libLTLIBRARIES \ -uninstall-libLTLIBRARIES install-libLTLIBRARIES mostlyclean-compile \ -distclean-compile clean-compile maintainer-clean-compile \ -mostlyclean-libtool distclean-libtool clean-libtool \ -maintainer-clean-libtool mostlyclean-libexecPROGRAMS \ -distclean-libexecPROGRAMS clean-libexecPROGRAMS \ -maintainer-clean-libexecPROGRAMS uninstall-libexecPROGRAMS \ -install-libexecPROGRAMS mostlyclean-sbinPROGRAMS distclean-sbinPROGRAMS \ -clean-sbinPROGRAMS maintainer-clean-sbinPROGRAMS uninstall-sbinPROGRAMS \ -install-sbinPROGRAMS uninstall-kadm5includeHEADERS \ -install-kadm5includeHEADERS tags mostlyclean-tags distclean-tags \ -clean-tags maintainer-clean-tags distdir info-am info dvi-am dvi \ -check-local check check-am installcheck-am installcheck install-exec-am \ -install-exec install-data-local install-data-am install-data install-am \ -install uninstall-am uninstall all-local all-redirect all-am all \ -installdirs mostlyclean-generic distclean-generic clean-generic \ -maintainer-clean-generic clean mostlyclean distclean maintainer-clean - - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - chmod 0 $$x; fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(build_HEADERZ) - @foo='$(include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " cp $$file $(buildinclude)/$$f"; \ - cp $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat1-mans: - @ext=1;\ - foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat3-mans: - @ext=3;\ - foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat5-mans: - @ext=5;\ - foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat8-mans: - @ext=8;\ - foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans - -install-data-local: install-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ - -check-local:: - @foo='$(CHECK_LOCAL)'; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if ./$$i --version > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0; \ - fi - -install-build-headers:: $(kadm5include_HEADERS) - @foo='$(kadm5include_HEADERS)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildkadm5include)/$$f 2> /dev/null ; then \ - : ; else \ - echo "cp $$file $(buildkadm5include)/$$f";\ - cp $$file $(buildkadm5include)/$$f; \ - fi ; \ - done - -$(libkadm5srv_la_OBJECTS): kadm5_err.h - -client_glue.lo server_glue.lo: $(srcdir)/common_glue.c - -# to help stupid solaris make - -kadm5_err.h: kadm5_err.et - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/crypto/heimdal/lib/kadm5/acl.c b/crypto/heimdal/lib/kadm5/acl.c deleted file mode 100644 index 3f42c60d77391..0000000000000 --- a/crypto/heimdal/lib/kadm5/acl.c +++ /dev/null @@ -1,138 +0,0 @@ -/* - * Copyright (c) 1997, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: acl.c,v 1.10 1999/12/02 17:05:05 joda Exp $"); - -static struct units acl_units[] = { - { "all", KADM5_PRIV_ALL }, - { "change-password",KADM5_PRIV_CPW }, - { "cpw", KADM5_PRIV_CPW }, - { "list", KADM5_PRIV_LIST }, - { "delete", KADM5_PRIV_DELETE }, - { "modify", KADM5_PRIV_MODIFY }, - { "add", KADM5_PRIV_ADD }, - { "get", KADM5_PRIV_GET }, - { NULL } -}; - -kadm5_ret_t -_kadm5_string_to_privs(const char *s, u_int32_t* privs) -{ - int flags; - flags = parse_flags(s, acl_units, 0); - if(flags < 0) - return KADM5_FAILURE; - *privs = flags; - return 0; -} - -kadm5_ret_t -_kadm5_privs_to_string(u_int32_t privs, char *string, size_t len) -{ - if(privs == 0) - strlcpy(string, "none", len); - else - unparse_flags(privs, acl_units + 1, string, len); - return 0; -} - -kadm5_ret_t -_kadm5_acl_init(kadm5_server_context *context) -{ - FILE *f; - char buf[128]; - krb5_principal princ; - int flags; - krb5_error_code ret; - - krb5_parse_name(context->context, KADM5_ADMIN_SERVICE, &princ); - ret = krb5_principal_compare(context->context, context->caller, princ); - krb5_free_principal(context->context, princ); - if(ret != 0){ - context->acl_flags = KADM5_PRIV_ALL; - return 0; - } - - flags = -1; - f = fopen(context->config.acl_file, "r"); - if(f){ - while(fgets(buf, sizeof(buf), f)){ - char *foo = NULL, *p; - p = strtok_r(buf, " \t\n", &foo); - if(p == NULL) - continue; - ret = krb5_parse_name(context->context, p, &princ); - if(ret) - continue; - if(!krb5_principal_compare(context->context, - context->caller, princ)){ - krb5_free_principal(context->context, princ); - continue; - } - krb5_free_principal(context->context, princ); - p = strtok_r(NULL, "\n", &foo); - if(p == NULL) - continue; - ret = _kadm5_string_to_privs(p, &flags); - break; - } - fclose(f); - } - if(flags == -1) - flags = 0; - context->acl_flags = flags; - return 0; -} - -kadm5_ret_t -_kadm5_acl_check_permission(kadm5_server_context *context, unsigned op) -{ - unsigned res = ~context->acl_flags & op; - if(res & KADM5_PRIV_GET) - return KADM5_AUTH_GET; - if(res & KADM5_PRIV_ADD) - return KADM5_AUTH_ADD; - if(res & KADM5_PRIV_MODIFY) - return KADM5_AUTH_MODIFY; - if(res & KADM5_PRIV_DELETE) - return KADM5_AUTH_DELETE; - if(res & KADM5_PRIV_CPW) - return KADM5_AUTH_CHANGEPW; - if(res & KADM5_PRIV_LIST) - return KADM5_AUTH_LIST; - if(res) - return KADM5_AUTH_INSUFFICIENT; - return 0; -} diff --git a/crypto/heimdal/lib/kadm5/admin.h b/crypto/heimdal/lib/kadm5/admin.h deleted file mode 100644 index 6cb08a3739638..0000000000000 --- a/crypto/heimdal/lib/kadm5/admin.h +++ /dev/null @@ -1,698 +0,0 @@ -/* - * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ -/* $Id: admin.h,v 1.15 1999/12/02 17:05:05 joda Exp $ */ - -#ifndef __KADM5_ADMIN_H__ -#define __KADM5_ADMIN_H__ - -#define KADM5_API_VERSION_1 1 -#define KADM5_API_VERSION_2 2 - -#ifndef USE_KADM5_API_VERSION -#define USE_KADM5_API_VERSION KADM5_API_VERSION_2 -#endif - -#if USE_KADM5_API_VERSION != KADM5_API_VERSION_2 -#error No support for API versions other than 2 -#endif - -#define KADM5_STRUCT_VERSION 0 - -#include <krb5.h> - -#define KRB5_KDB_DISALLOW_POSTDATED 0x00000001 -#define KRB5_KDB_DISALLOW_FORWARDABLE 0x00000002 -#define KRB5_KDB_DISALLOW_TGT_BASED 0x00000004 -#define KRB5_KDB_DISALLOW_RENEWABLE 0x00000008 -#define KRB5_KDB_DISALLOW_PROXIABLE 0x00000010 -#define KRB5_KDB_DISALLOW_DUP_SKEY 0x00000020 -#define KRB5_KDB_DISALLOW_ALL_TIX 0x00000040 -#define KRB5_KDB_REQUIRES_PRE_AUTH 0x00000080 -#define KRB5_KDB_REQUIRES_HW_AUTH 0x00000100 -#define KRB5_KDB_REQUIRES_PWCHANGE 0x00000200 -#define KRB5_KDB_DISALLOW_SVR 0x00001000 -#define KRB5_KDB_PWCHANGE_SERVICE 0x00002000 -#define KRB5_KDB_SUPPORT_DESMD5 0x00004000 -#define KRB5_KDB_NEW_PRINC 0x00008000 - -#define KADM5_PRINCIPAL 0x000001 -#define KADM5_PRINC_EXPIRE_TIME 0x000002 -#define KADM5_PW_EXPIRATION 0x000004 -#define KADM5_LAST_PWD_CHANGE 0x000008 -#define KADM5_ATTRIBUTES 0x000010 -#define KADM5_MAX_LIFE 0x000020 -#define KADM5_MOD_TIME 0x000040 -#define KADM5_MOD_NAME 0x000080 -#define KADM5_KVNO 0x000100 -#define KADM5_MKVNO 0x000200 -#define KADM5_AUX_ATTRIBUTES 0x000400 -#define KADM5_POLICY 0x000800 -#define KADM5_POLICY_CLR 0x001000 -#define KADM5_MAX_RLIFE 0x002000 -#define KADM5_LAST_SUCCESS 0x004000 -#define KADM5_LAST_FAILED 0x008000 -#define KADM5_FAIL_AUTH_COUNT 0x010000 -#define KADM5_KEY_DATA 0x020000 -#define KADM5_TL_DATA 0x040000 - -#define KADM5_PRINCIPAL_NORMAL_MASK (~(KADM5_KEY_DATA | KADM5_TL_DATA)) - -#define KADM5_PW_MAX_LIFE 0x004000 -#define KADM5_PW_MIN_LIFE 0x008000 -#define KADM5_PW_MIN_LENGTH 0x010000 -#define KADM5_PW_MIN_CLASSES 0x020000 -#define KADM5_PW_HISTORY_NUM 0x040000 -#define KADM5_REF_COUNT 0x080000 - -#define KADM5_POLICY_NORMAL_MASK (~0) - -#define KADM5_ADMIN_SERVICE "kadmin/admin" -#define KADM5_HIST_PRINCIPAL "kadmin/history" -#define KADM5_CHANGEPW_SERVICE "kadmin/changepw" - -typedef struct _krb5_key_data { - int16_t key_data_ver; /* Version */ - int16_t key_data_kvno; /* Key Version */ - int16_t key_data_type[2]; /* Array of types */ - int16_t key_data_length[2]; /* Array of lengths */ - void** key_data_contents[2];/* Array of pointers */ -} krb5_key_data; - -typedef struct _krb5_tl_data { - struct _krb5_tl_data* tl_data_next; - int16_t tl_data_type; - int16_t tl_data_length; - void **tl_data_contents; -} krb5_tl_data; - -typedef struct _kadm5_principal_ent_t { - krb5_principal principal; - - krb5_timestamp princ_expire_time; - krb5_timestamp last_pwd_change; - krb5_timestamp pw_expiration; - krb5_deltat max_life; - krb5_principal mod_name; - krb5_timestamp mod_date; - krb5_flags attributes; - krb5_kvno kvno; - krb5_kvno mkvno; - - char * policy; - u_int32_t aux_attributes; - - krb5_deltat max_renewable_life; - krb5_timestamp last_success; - krb5_timestamp last_failed; - krb5_kvno fail_auth_count; - int16_t n_key_data; - int16_t n_tl_data; - krb5_tl_data *tl_data; - krb5_key_data *key_data; -} kadm5_principal_ent_rec, *kadm5_principal_ent_t; - -typedef struct _kadm5_policy_ent_t { - char *policy; - - u_int32_t pw_min_life; - u_int32_t pw_max_life; - u_int32_t pw_min_length; - u_int32_t pw_min_classes; - u_int32_t pw_history_num; - u_int32_t policy_refcnt; -} kadm5_policy_ent_rec, *kadm5_policy_ent_t; - -#define KADM5_CONFIG_REALM (1 << 0) -#define KADM5_CONFIG_PROFILE (1 << 1) -#define KADM5_CONFIG_KADMIND_PORT (1 << 2) -#define KADM5_CONFIG_ADMIN_SERVER (1 << 3) -#define KADM5_CONFIG_DBNAME (1 << 4) -#define KADM5_CONFIG_ADBNAME (1 << 5) -#define KADM5_CONFIG_ADB_LOCKFILE (1 << 6) -#define KADM5_CONFIG_ACL_FILE (1 << 7) -#define KADM5_CONFIG_DICT_FILE (1 << 8) -#define KADM5_CONFIG_ADMIN_KEYTAB (1 << 9) -#define KADM5_CONFIG_MKEY_FROM_KEYBOARD (1 << 10) -#define KADM5_CONFIG_STASH_FILE (1 << 11) -#define KADM5_CONFIG_MKEY_NAME (1 << 12) -#define KADM5_CONFIG_ENCTYPE (1 << 13) -#define KADM5_CONFIG_MAX_LIFE (1 << 14) -#define KADM5_CONFIG_MAX_RLIFE (1 << 15) -#define KADM5_CONFIG_EXPIRATION (1 << 16) -#define KADM5_CONFIG_FLAGS (1 << 17) -#define KADM5_CONFIG_ENCTYPES (1 << 18) - -#define KADM5_PRIV_GET (1 << 0) -#define KADM5_PRIV_ADD (1 << 1) -#define KADM5_PRIV_MODIFY (1 << 2) -#define KADM5_PRIV_DELETE (1 << 3) -#define KADM5_PRIV_LIST (1 << 4) -#define KADM5_PRIV_CPW (1 << 5) -#define KADM5_PRIV_ALL (KADM5_PRIV_GET | KADM5_PRIV_ADD | KADM5_PRIV_MODIFY | KADM5_PRIV_DELETE | KADM5_PRIV_LIST | KADM5_PRIV_CPW) - -typedef struct { - int XXX; -}krb5_key_salt_tuple; - -typedef struct _kadm5_config_params { - u_int32_t mask; - - /* Client and server fields */ - char *realm; - int kadmind_port; - - /* client fields */ - char *admin_server; - - /* server fields */ - char *dbname; - char *acl_file; - - /* server library (database) fields */ - char *stash_file; -} kadm5_config_params; - -typedef krb5_error_code kadm5_ret_t; - -kadm5_ret_t -kadm5_c_chpass_principal __P(( - void *server_handle, - krb5_principal princ, - char *password)); - -kadm5_ret_t -kadm5_c_create_principal __P(( - void *server_handle, - kadm5_principal_ent_t princ, - u_int32_t mask, - char *password)); - -kadm5_ret_t -kadm5_c_delete_principal __P(( - void *server_handle, - krb5_principal princ)); - -kadm5_ret_t -kadm5_c_destroy __P((void *server_handle)); - -kadm5_ret_t -kadm5_c_flush __P((void *server_handle)); - -kadm5_ret_t -kadm5_c_get_principal __P(( - void *server_handle, - krb5_principal princ, - kadm5_principal_ent_t out, - u_int32_t mask)); - -kadm5_ret_t -kadm5_c_get_principals __P(( - void *server_handle, - const char *exp, - char ***princs, - int *count)); - -kadm5_ret_t -kadm5_c_get_privs __P(( - void *server_handle, - u_int32_t *privs)); - -kadm5_ret_t -kadm5_c_init_with_creds __P(( - const char *client_name, - krb5_ccache ccache, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle)); - -kadm5_ret_t -kadm5_c_init_with_creds_ctx __P(( - krb5_context context, - const char *client_name, - krb5_ccache ccache, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle)); - -kadm5_ret_t -kadm5_c_init_with_password __P(( - const char *client_name, - const char *password, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle)); - -kadm5_ret_t -kadm5_c_init_with_password_ctx __P(( - krb5_context context, - const char *client_name, - const char *password, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle)); - -kadm5_ret_t -kadm5_c_init_with_skey __P(( - const char *client_name, - const char *keytab, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle)); - -kadm5_ret_t -kadm5_c_init_with_skey_ctx __P(( - krb5_context context, - const char *client_name, - const char *keytab, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle)); - -kadm5_ret_t -kadm5_c_modify_principal __P(( - void *server_handle, - kadm5_principal_ent_t princ, - u_int32_t mask)); - -kadm5_ret_t -kadm5_c_randkey_principal __P(( - void *server_handle, - krb5_principal princ, - krb5_keyblock **new_keys, - int *n_keys)); - -kadm5_ret_t -kadm5_c_rename_principal __P(( - void *server_handle, - krb5_principal source, - krb5_principal target)); - -kadm5_ret_t -kadm5_chpass_principal __P(( - void *server_handle, - krb5_principal princ, - char *password)); - -kadm5_ret_t -kadm5_create_principal __P(( - void *server_handle, - kadm5_principal_ent_t princ, - u_int32_t mask, - char *password)); - -kadm5_ret_t -kadm5_delete_principal __P(( - void *server_handle, - krb5_principal princ)); - -kadm5_ret_t -kadm5_destroy __P((void *server_handle)); - -kadm5_ret_t -kadm5_flush __P((void *server_handle)); - -void -kadm5_free_key_data __P(( - void *server_handle, - int16_t *n_key_data, - krb5_key_data *key_data)); - -void -kadm5_free_name_list __P(( - void *server_handle, - char **names, - int *count)); - -void -kadm5_free_principal_ent __P(( - void *server_handle, - kadm5_principal_ent_t princ)); - -kadm5_ret_t -kadm5_get_principal __P(( - void *server_handle, - krb5_principal princ, - kadm5_principal_ent_t out, - u_int32_t mask)); - -kadm5_ret_t -kadm5_get_principals __P(( - void *server_handle, - const char *exp, - char ***princs, - int *count)); - -kadm5_ret_t -kadm5_get_privs __P(( - void *server_handle, - u_int32_t *privs)); - -kadm5_ret_t -kadm5_init_with_creds __P(( - const char *client_name, - krb5_ccache ccache, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle)); - -kadm5_ret_t -kadm5_init_with_creds_ctx __P(( - krb5_context context, - const char *client_name, - krb5_ccache ccache, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle)); - -kadm5_ret_t -kadm5_init_with_password __P(( - const char *client_name, - const char *password, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle)); - -kadm5_ret_t -kadm5_init_with_password_ctx __P(( - krb5_context context, - const char *client_name, - const char *password, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle)); - -kadm5_ret_t -kadm5_init_with_skey __P(( - const char *client_name, - const char *keytab, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle)); - -kadm5_ret_t -kadm5_init_with_skey_ctx __P(( - krb5_context context, - const char *client_name, - const char *keytab, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle)); - -kadm5_ret_t -kadm5_modify_principal __P(( - void *server_handle, - kadm5_principal_ent_t princ, - u_int32_t mask)); - -kadm5_ret_t -kadm5_randkey_principal __P(( - void *server_handle, - krb5_principal princ, - krb5_keyblock **new_keys, - int *n_keys)); - -kadm5_ret_t -kadm5_rename_principal __P(( - void *server_handle, - krb5_principal source, - krb5_principal target)); - -kadm5_ret_t -kadm5_ret_key_data __P(( - krb5_storage *sp, - krb5_key_data *key)); - -kadm5_ret_t -kadm5_ret_principal_ent __P(( - krb5_storage *sp, - kadm5_principal_ent_t princ)); - -kadm5_ret_t -kadm5_ret_principal_ent_mask __P(( - krb5_storage *sp, - kadm5_principal_ent_t princ, - u_int32_t *mask)); - -kadm5_ret_t -kadm5_ret_tl_data __P(( - krb5_storage *sp, - krb5_tl_data *tl)); - -kadm5_ret_t -kadm5_s_chpass_principal __P(( - void *server_handle, - krb5_principal princ, - char *password)); - -kadm5_ret_t -kadm5_s_chpass_principal_with_key __P(( - void *server_handle, - krb5_principal princ, - int n_key_data, - krb5_key_data *key_data)); - -kadm5_ret_t -kadm5_s_create_principal __P(( - void *server_handle, - kadm5_principal_ent_t princ, - u_int32_t mask, - char *password)); - -kadm5_ret_t -kadm5_s_create_principal_with_key __P(( - void *server_handle, - kadm5_principal_ent_t princ, - u_int32_t mask)); - -kadm5_ret_t -kadm5_s_delete_principal __P(( - void *server_handle, - krb5_principal princ)); - -kadm5_ret_t -kadm5_s_destroy __P((void *server_handle)); - -kadm5_ret_t -kadm5_s_flush __P((void *server_handle)); - -kadm5_ret_t -kadm5_s_get_principal __P(( - void *server_handle, - krb5_principal princ, - kadm5_principal_ent_t out, - u_int32_t mask)); - -kadm5_ret_t -kadm5_s_get_principals __P(( - void *server_handle, - const char *exp, - char ***princs, - int *count)); - -kadm5_ret_t -kadm5_s_get_privs __P(( - void *server_handle, - u_int32_t *privs)); - -kadm5_ret_t -kadm5_s_init_with_creds __P(( - const char *client_name, - krb5_ccache ccache, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle)); - -kadm5_ret_t -kadm5_s_init_with_creds_ctx __P(( - krb5_context context, - const char *client_name, - krb5_ccache ccache, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle)); - -kadm5_ret_t -kadm5_s_init_with_password __P(( - const char *client_name, - const char *password, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle)); - -kadm5_ret_t -kadm5_s_init_with_password_ctx __P(( - krb5_context context, - const char *client_name, - const char *password, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle)); - -kadm5_ret_t -kadm5_s_init_with_skey __P(( - const char *client_name, - const char *keytab, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle)); - -kadm5_ret_t -kadm5_s_init_with_skey_ctx __P(( - krb5_context context, - const char *client_name, - const char *keytab, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle)); - -kadm5_ret_t -kadm5_s_modify_principal __P(( - void *server_handle, - kadm5_principal_ent_t princ, - u_int32_t mask)); - -kadm5_ret_t -kadm5_s_randkey_principal __P(( - void *server_handle, - krb5_principal princ, - krb5_keyblock **new_keys, - int *n_keys)); - -kadm5_ret_t -kadm5_s_rename_principal __P(( - void *server_handle, - krb5_principal source, - krb5_principal target)); - -kadm5_ret_t -kadm5_store_key_data __P(( - krb5_storage *sp, - krb5_key_data *key)); - -kadm5_ret_t -kadm5_store_principal_ent __P(( - krb5_storage *sp, - kadm5_principal_ent_t princ)); - -kadm5_ret_t -kadm5_store_principal_ent_mask __P(( - krb5_storage *sp, - kadm5_principal_ent_t princ, - u_int32_t mask)); - -kadm5_ret_t -kadm5_store_tl_data __P(( - krb5_storage *sp, - krb5_tl_data *tl)); - -void -kadm5_setup_passwd_quality_check(krb5_context context, - const char *check_library, - const char *check_function); - -const char * -kadm5_check_password_quality (krb5_context context, - krb5_principal principal, - krb5_data *pwd_data); - -#if 0 -/* unimplemented functions */ -kadm5_ret_t -kadm5_decrypt_key(void *server_handle, - kadm5_principal_ent_t entry, int32_t - ktype, int32_t stype, int32_t - kvno, krb5_keyblock *keyblock, - krb5_keysalt *keysalt, int *kvnop); - -kadm5_ret_t -kadm5_create_policy(void *server_handle, - kadm5_policy_ent_t policy, u_int32_t mask); - -kadm5_ret_t -kadm5_delete_policy(void *server_handle, char *policy); - - -kadm5_ret_t -kadm5_modify_policy(void *server_handle, - kadm5_policy_ent_t policy, - u_int32_t mask); - -kadm5_ret_t -kadm5_get_policy(void *server_handle, char *policy, kadm5_policy_ent_t ent); - -kadm5_ret_t -kadm5_get_policies(void *server_handle, char *exp, - char ***pols, int *count); - -void -kadm5_free_policy_ent(kadm5_policy_ent_t policy); - -#endif - -#endif /* __KADM5_ADMIN_H__ */ diff --git a/crypto/heimdal/lib/kadm5/chpass_c.c b/crypto/heimdal/lib/kadm5/chpass_c.c deleted file mode 100644 index aaec48f65d62e..0000000000000 --- a/crypto/heimdal/lib/kadm5/chpass_c.c +++ /dev/null @@ -1,70 +0,0 @@ -/* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: chpass_c.c,v 1.3 1999/12/02 17:05:05 joda Exp $"); - -kadm5_ret_t -kadm5_c_chpass_principal(void *server_handle, - krb5_principal princ, - char *password) -{ - kadm5_client_context *context = server_handle; - kadm5_ret_t ret; - krb5_storage *sp; - unsigned char buf[1024]; - int32_t tmp; - krb5_data reply; - - sp = krb5_storage_from_mem(buf, sizeof(buf)); - if (sp == NULL) - return ENOMEM; - krb5_store_int32(sp, kadm_chpass); - krb5_store_principal(sp, princ); - krb5_store_string(sp, password); - ret = _kadm5_client_send(context, sp); - krb5_storage_free(sp); - ret = _kadm5_client_recv(context, &reply); - if(ret) - return ret; - sp = krb5_storage_from_data (&reply); - if (sp == NULL) { - krb5_data_free (&reply); - return ENOMEM; - } - krb5_ret_int32(sp, &tmp); - krb5_storage_free(sp); - krb5_data_free (&reply); - return tmp; -} diff --git a/crypto/heimdal/lib/kadm5/chpass_s.c b/crypto/heimdal/lib/kadm5/chpass_s.c deleted file mode 100644 index e915124e6e599..0000000000000 --- a/crypto/heimdal/lib/kadm5/chpass_s.c +++ /dev/null @@ -1,114 +0,0 @@ -/* - * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: chpass_s.c,v 1.8 1999/12/02 17:05:05 joda Exp $"); - -kadm5_ret_t -kadm5_s_chpass_principal(void *server_handle, - krb5_principal princ, - char *password) -{ - kadm5_server_context *context = server_handle; - hdb_entry ent; - kadm5_ret_t ret; - ent.principal = princ; - ret = context->db->open(context->context, context->db, O_RDWR, 0); - if(ret) - return ret; - ret = context->db->fetch(context->context, context->db, - 0, &ent); - if(ret == HDB_ERR_NOENTRY) - goto out; - ret = _kadm5_set_keys(context, &ent, password); - if(ret) - goto out2; - ret = _kadm5_set_modifier(context, &ent); - if(ret) - goto out2; - - hdb_seal_keys(context->db, &ent); - - kadm5_log_modify (context, - &ent, - KADM5_PRINCIPAL | KADM5_MOD_NAME | KADM5_MOD_TIME | - KADM5_KEY_DATA | KADM5_KVNO); - - ret = context->db->store(context->context, context->db, - HDB_F_REPLACE, &ent); -out2: - hdb_free_entry(context->context, &ent); -out: - context->db->close(context->context, context->db); - return _kadm5_error_code(ret); -} - -kadm5_ret_t -kadm5_s_chpass_principal_with_key(void *server_handle, - krb5_principal princ, - int n_key_data, - krb5_key_data *key_data) -{ - kadm5_server_context *context = server_handle; - hdb_entry ent; - kadm5_ret_t ret; - ent.principal = princ; - ret = context->db->open(context->context, context->db, O_RDWR, 0); - if(ret) - return ret; - ret = context->db->fetch(context->context, context->db, 0, &ent); - if(ret == HDB_ERR_NOENTRY) - goto out; - ret = _kadm5_set_keys2(&ent, n_key_data, key_data); - if(ret) - goto out2; - ret = _kadm5_set_modifier(context, &ent); - if(ret) - goto out2; - - hdb_seal_keys(context->db, &ent); - - kadm5_log_modify (context, - &ent, - KADM5_PRINCIPAL | KADM5_MOD_NAME | KADM5_MOD_TIME | - KADM5_KEY_DATA | KADM5_KVNO); - - ret = context->db->store(context->context, context->db, - HDB_F_REPLACE, &ent); -out2: - hdb_free_entry(context->context, &ent); -out: - context->db->close(context->context, context->db); - return _kadm5_error_code(ret); -} diff --git a/crypto/heimdal/lib/kadm5/client_glue.c b/crypto/heimdal/lib/kadm5/client_glue.c deleted file mode 100644 index 395577ddb3039..0000000000000 --- a/crypto/heimdal/lib/kadm5/client_glue.c +++ /dev/null @@ -1,150 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: client_glue.c,v 1.5 1999/12/02 17:05:05 joda Exp $"); - -kadm5_ret_t -kadm5_init_with_password(const char *client_name, - const char *password, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return kadm5_c_init_with_password(client_name, - password, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - -kadm5_ret_t -kadm5_init_with_password_ctx(krb5_context context, - const char *client_name, - const char *password, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return kadm5_c_init_with_password_ctx(context, - client_name, - password, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - -kadm5_ret_t -kadm5_init_with_skey(const char *client_name, - const char *keytab, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return kadm5_c_init_with_skey(client_name, - keytab, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - -kadm5_ret_t -kadm5_init_with_skey_ctx(krb5_context context, - const char *client_name, - const char *keytab, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return kadm5_c_init_with_skey_ctx(context, - client_name, - keytab, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - -kadm5_ret_t -kadm5_init_with_creds(const char *client_name, - krb5_ccache ccache, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return kadm5_c_init_with_creds(client_name, - ccache, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - -kadm5_ret_t -kadm5_init_with_creds_ctx(krb5_context context, - const char *client_name, - krb5_ccache ccache, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return kadm5_c_init_with_creds_ctx(context, - client_name, - ccache, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} diff --git a/crypto/heimdal/lib/kadm5/common_glue.c b/crypto/heimdal/lib/kadm5/common_glue.c deleted file mode 100644 index 38c551c29e7ab..0000000000000 --- a/crypto/heimdal/lib/kadm5/common_glue.c +++ /dev/null @@ -1,124 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: common_glue.c,v 1.4 1999/12/02 17:05:05 joda Exp $"); - -#define __CALL(F, P) (*((kadm5_common_context*)server_handle)->funcs.F)P; - -kadm5_ret_t -kadm5_chpass_principal(void *server_handle, - krb5_principal princ, - char *password) -{ - return __CALL(chpass_principal, (server_handle, princ, password)); -} - -kadm5_ret_t -kadm5_create_principal(void *server_handle, - kadm5_principal_ent_t princ, - u_int32_t mask, - char *password) -{ - return __CALL(create_principal, (server_handle, princ, mask, password)); -} - -kadm5_ret_t -kadm5_delete_principal(void *server_handle, - krb5_principal princ) -{ - return __CALL(delete_principal, (server_handle, princ)); -} - -kadm5_ret_t -kadm5_destroy (void *server_handle) -{ - return __CALL(destroy, (server_handle)); -} - -kadm5_ret_t -kadm5_flush (void *server_handle) -{ - return __CALL(flush, (server_handle)); -} - -kadm5_ret_t -kadm5_get_principal(void *server_handle, - krb5_principal princ, - kadm5_principal_ent_t out, - u_int32_t mask) -{ - return __CALL(get_principal, (server_handle, princ, out, mask)); -} - -kadm5_ret_t -kadm5_modify_principal(void *server_handle, - kadm5_principal_ent_t princ, - u_int32_t mask) -{ - return __CALL(modify_principal, (server_handle, princ, mask)); -} - -kadm5_ret_t -kadm5_randkey_principal(void *server_handle, - krb5_principal princ, - krb5_keyblock **new_keys, - int *n_keys) -{ - return __CALL(randkey_principal, (server_handle, princ, new_keys, n_keys)); -} - -kadm5_ret_t -kadm5_rename_principal(void *server_handle, - krb5_principal source, - krb5_principal target) -{ - return __CALL(rename_principal, (server_handle, source, target)); -} - -kadm5_ret_t -kadm5_get_principals(void *server_handle, - const char *exp, - char ***princs, - int *count) -{ - return __CALL(get_principals, (server_handle, exp, princs, count)); -} - -kadm5_ret_t -kadm5_get_privs(void *server_handle, - u_int32_t *privs) -{ - return __CALL(get_privs, (server_handle, privs)); -} diff --git a/crypto/heimdal/lib/kadm5/context_s.c b/crypto/heimdal/lib/kadm5/context_s.c deleted file mode 100644 index fc525767e9d26..0000000000000 --- a/crypto/heimdal/lib/kadm5/context_s.c +++ /dev/null @@ -1,221 +0,0 @@ -/* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: context_s.c,v 1.13 2000/01/06 21:40:08 assar Exp $"); - -static void -set_funcs(kadm5_server_context *c) -{ -#define SET(C, F) (C)->funcs.F = kadm5_s_ ## F - SET(c, chpass_principal); - SET(c, chpass_principal); - SET(c, create_principal); - SET(c, delete_principal); - SET(c, destroy); - SET(c, flush); - SET(c, get_principal); - SET(c, get_principals); - SET(c, get_privs); - SET(c, modify_principal); - SET(c, randkey_principal); - SET(c, rename_principal); -} - -struct database_spec { - char *dbpath; - char *logfile; - char *mkeyfile; - char *aclfile; -}; - -static void -set_field(krb5_context context, krb5_config_binding *binding, - const char *dbname, const char *name, const char *ext, - char **variable) -{ - const char *p; - p = krb5_config_get_string(context, binding, name, NULL); - if(p) - *variable = strdup(p); - else { - p = strrchr(dbname, '.'); - if(p == NULL) - asprintf(variable, "%s.%s", dbname, ext); - else - asprintf(variable, "%.*s.%s", (int)(p - dbname), dbname, ext); - } -} - -static void -set_socket_name(const char *dbname, struct sockaddr_un *un) -{ - const char *p; - memset(un, 0, sizeof(*un)); - un->sun_family = AF_UNIX; - p = strrchr(dbname, '.'); - if(p == NULL) - snprintf(un->sun_path, sizeof(un->sun_path), "%s.signal", - dbname); - else - snprintf(un->sun_path, sizeof(un->sun_path), "%.*s.signal", - (int)(p - dbname), dbname); -} - -static void -set_config(kadm5_server_context *ctx, - krb5_config_binding *binding) -{ - const char *p; - if(ctx->config.dbname == NULL) { - p = krb5_config_get_string(ctx->context, binding, "dbname", NULL); - if(p) - ctx->config.dbname = strdup(p); - else - ctx->config.dbname = strdup(HDB_DEFAULT_DB); - } - if(ctx->log_context.log_file == NULL) - set_field(ctx->context, binding, ctx->config.dbname, - "log_file", "log", &ctx->log_context.log_file); - set_socket_name(ctx->config.dbname, &ctx->log_context.socket_name); - if(ctx->config.acl_file == NULL) - set_field(ctx->context, binding, ctx->config.dbname, - "acl_file", "acl", &ctx->config.acl_file); - /* XXX calling a file a `stash file' isn't very clever */ - if(ctx->config.stash_file == NULL) - set_field(ctx->context, binding, ctx->config.dbname, - "mkey_file", "mkey", &ctx->config.stash_file); -} - -static kadm5_ret_t -find_db_spec(kadm5_server_context *ctx) -{ - krb5_config_binding *top_binding = NULL; - krb5_config_binding *db_binding; - krb5_config_binding *default_binding = NULL; - krb5_context context = ctx->context; - - while((db_binding = (krb5_config_binding *) - krb5_config_get_next(context, - NULL, &top_binding, - krb5_config_list, - "kdc", - "database", - NULL))) { - const char *p; - p = krb5_config_get_string(context, db_binding, "realm", NULL); - if(p == NULL) { - if(default_binding) { - krb5_warnx(context, "WARNING: more than one realm-less " - "database specification"); - krb5_warnx(context, "WARNING: using the first encountered"); - } else - default_binding = db_binding; - continue; - } - if(strcmp(ctx->config.realm, p) != 0) - continue; - - set_config(ctx, db_binding); - return 0; - } - if(default_binding) - set_config(ctx, default_binding); - else { - ctx->config.dbname = strdup(HDB_DEFAULT_DB); - ctx->config.acl_file = HDB_DB_DIR "/kadmind.acl"; - ctx->config.stash_file = HDB_DB_DIR "/m-key"; - ctx->log_context.log_file = HDB_DB_DIR "/log"; - memset(&ctx->log_context.socket_name, 0, - sizeof(ctx->log_context.socket_name)); - ctx->log_context.socket_name.sun_family = AF_UNIX; - strlcpy(ctx->log_context.socket_name.sun_path, - KADM5_LOG_SIGNAL, - sizeof(ctx->log_context.socket_name.sun_path)); - } - return 0; -} - -kadm5_ret_t -_kadm5_s_init_context(kadm5_server_context **ctx, - kadm5_config_params *params, - krb5_context context) -{ - *ctx = malloc(sizeof(**ctx)); - if(*ctx == NULL) - return ENOMEM; - memset(*ctx, 0, sizeof(**ctx)); - set_funcs(*ctx); - (*ctx)->context = context; - krb5_add_et_list (context, initialize_kadm5_error_table_r); -#define is_set(M) (params && params->mask & KADM5_CONFIG_ ## M) - if(is_set(REALM)) - (*ctx)->config.realm = strdup(params->realm); - else - krb5_get_default_realm(context, &(*ctx)->config.realm); - if(is_set(DBNAME)) - (*ctx)->config.dbname = strdup(params->dbname); - if(is_set(ACL_FILE)) - (*ctx)->config.acl_file = strdup(params->acl_file); - if(is_set(STASH_FILE)) - (*ctx)->config.stash_file = strdup(params->stash_file); - - find_db_spec(*ctx); - - /* PROFILE can't be specified for now */ - /* KADMIND_PORT is supposed to be used on the server also, - but this doesn't make sense */ - /* ADMIN_SERVER is client only */ - /* ADNAME is not used at all (as far as I can tell) */ - /* ADB_LOCKFILE ditto */ - /* DICT_FILE */ - /* ADMIN_KEYTAB */ - /* MKEY_FROM_KEYBOARD is not supported */ - /* MKEY_NAME neither */ - /* ENCTYPE */ - /* MAX_LIFE */ - /* MAX_RLIFE */ - /* EXPIRATION */ - /* FLAGS */ - /* ENCTYPES */ - - return 0; -} - -HDB * -_kadm5_s_get_db(void *server_handle) -{ - kadm5_server_context *context = server_handle; - return context->db; -} diff --git a/crypto/heimdal/lib/kadm5/create_c.c b/crypto/heimdal/lib/kadm5/create_c.c deleted file mode 100644 index 45eb3e2123457..0000000000000 --- a/crypto/heimdal/lib/kadm5/create_c.c +++ /dev/null @@ -1,73 +0,0 @@ -/* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: create_c.c,v 1.3 1999/12/02 17:05:05 joda Exp $"); - -kadm5_ret_t -kadm5_c_create_principal(void *server_handle, - kadm5_principal_ent_t princ, - u_int32_t mask, - char *password) -{ - kadm5_client_context *context = server_handle; - kadm5_ret_t ret; - krb5_storage *sp; - unsigned char buf[1024]; - int32_t tmp; - krb5_data reply; - - sp = krb5_storage_from_mem(buf, sizeof(buf)); - if (sp == NULL) - return ENOMEM; - krb5_store_int32(sp, kadm_create); - kadm5_store_principal_ent(sp, princ); - krb5_store_int32(sp, mask); - krb5_store_string(sp, password); - ret = _kadm5_client_send(context, sp); - krb5_storage_free(sp); - ret = _kadm5_client_recv(context, &reply); - if(ret) - return ret; - sp = krb5_storage_from_data (&reply); - if (sp == NULL) { - krb5_data_free (&reply); - return ENOMEM; - } - krb5_ret_int32(sp, &tmp); - krb5_storage_free(sp); - krb5_data_free (&reply); - return tmp; -} - diff --git a/crypto/heimdal/lib/kadm5/create_s.c b/crypto/heimdal/lib/kadm5/create_s.c deleted file mode 100644 index 6e352f6b9f553..0000000000000 --- a/crypto/heimdal/lib/kadm5/create_s.c +++ /dev/null @@ -1,191 +0,0 @@ -/* - * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: create_s.c,v 1.16 1999/12/02 17:05:05 joda Exp $"); - -static kadm5_ret_t -get_default(kadm5_server_context *context, krb5_principal princ, - kadm5_principal_ent_t def) -{ - kadm5_ret_t ret; - krb5_principal def_principal; - krb5_realm *realm = krb5_princ_realm(context->context, princ); - - ret = krb5_make_principal(context->context, &def_principal, - *realm, "default", NULL); - if (ret) - return ret; - ret = kadm5_s_get_principal(context, def_principal, def, - KADM5_PRINCIPAL_NORMAL_MASK); - krb5_free_principal (context->context, def_principal); - return ret; -} - -static kadm5_ret_t -create_principal(kadm5_server_context *context, - kadm5_principal_ent_t princ, - u_int32_t mask, - hdb_entry *ent, - u_int32_t required_mask, - u_int32_t forbidden_mask) -{ - kadm5_ret_t ret; - kadm5_principal_ent_rec defrec, *defent; - u_int32_t def_mask; - - if((mask & required_mask) != required_mask) - return KADM5_BAD_MASK; - if((mask & forbidden_mask)) - return KADM5_BAD_MASK; - if((mask & KADM5_POLICY) && strcmp(princ->policy, "default")) - /* XXX no real policies for now */ - return KADM5_UNK_POLICY; - memset(ent, 0, sizeof(*ent)); - ret = krb5_copy_principal(context->context, princ->principal, - &ent->principal); - if(ret) - return ret; - - defent = &defrec; - ret = get_default(context, princ->principal, defent); - if(ret) { - defent = NULL; - def_mask = 0; - } else { - def_mask = KADM5_ATTRIBUTES | KADM5_MAX_LIFE | KADM5_MAX_RLIFE; - } - - ret = _kadm5_setup_entry(ent, mask | def_mask, - princ, mask, - defent, def_mask); - if(defent) - kadm5_free_principal_ent(context, defent); - - ent->created_by.time = time(NULL); - ret = krb5_copy_principal(context->context, context->caller, - &ent->created_by.principal); - - return ret; -} - -kadm5_ret_t -kadm5_s_create_principal_with_key(void *server_handle, - kadm5_principal_ent_t princ, - u_int32_t mask) -{ - kadm5_ret_t ret; - hdb_entry ent; - kadm5_server_context *context = server_handle; - - ret = create_principal(context, princ, mask, &ent, - KADM5_PRINCIPAL | KADM5_KEY_DATA, - KADM5_LAST_PWD_CHANGE | KADM5_MOD_TIME - | KADM5_MOD_NAME | KADM5_MKVNO - | KADM5_AUX_ATTRIBUTES - | KADM5_POLICY_CLR | KADM5_LAST_SUCCESS - | KADM5_LAST_FAILED | KADM5_FAIL_AUTH_COUNT); - if(ret) - goto out; - - ret = _kadm5_set_keys2(&ent, princ->n_key_data, princ->key_data); - if(ret) - goto out; - - hdb_seal_keys(context->db, &ent); - - kadm5_log_create (context, &ent); - - ret = context->db->open(context->context, context->db, O_RDWR, 0); - if(ret) - goto out; - ret = context->db->store(context->context, context->db, 0, &ent); - context->db->close(context->context, context->db); -out: - hdb_free_entry(context->context, &ent); - return _kadm5_error_code(ret); -} - - -kadm5_ret_t -kadm5_s_create_principal(void *server_handle, - kadm5_principal_ent_t princ, - u_int32_t mask, - char *password) -{ - kadm5_ret_t ret; - hdb_entry ent; - kadm5_server_context *context = server_handle; - - ret = create_principal(context, princ, mask, &ent, - KADM5_PRINCIPAL, - KADM5_LAST_PWD_CHANGE | KADM5_MOD_TIME - | KADM5_MOD_NAME | KADM5_MKVNO - | KADM5_AUX_ATTRIBUTES | KADM5_KEY_DATA - | KADM5_POLICY_CLR | KADM5_LAST_SUCCESS - | KADM5_LAST_FAILED | KADM5_FAIL_AUTH_COUNT); - if(ret) - goto out; - - /* XXX this should be fixed */ - ent.keys.len = 4; - ent.keys.val = calloc(ent.keys.len, sizeof(*ent.keys.val)); - ent.keys.val[0].key.keytype = ETYPE_DES_CBC_CRC; - /* flag as version 4 compatible salt; ignored by _kadm5_set_keys - if we don't want to be compatible */ - ent.keys.val[0].salt = calloc(1, sizeof(*ent.keys.val[0].salt)); - ent.keys.val[0].salt->type = hdb_pw_salt; - ent.keys.val[1].key.keytype = ETYPE_DES_CBC_MD4; - ent.keys.val[1].salt = calloc(1, sizeof(*ent.keys.val[1].salt)); - ent.keys.val[1].salt->type = hdb_pw_salt; - ent.keys.val[2].key.keytype = ETYPE_DES_CBC_MD5; - ent.keys.val[2].salt = calloc(1, sizeof(*ent.keys.val[2].salt)); - ent.keys.val[2].salt->type = hdb_pw_salt; - ent.keys.val[3].key.keytype = ETYPE_DES3_CBC_SHA1; - ret = _kadm5_set_keys(context, &ent, password); - - hdb_seal_keys(context->db, &ent); - - kadm5_log_create (context, &ent); - - ret = context->db->open(context->context, context->db, O_RDWR, 0); - if(ret) - goto out; - ret = context->db->store(context->context, context->db, 0, &ent); - context->db->close(context->context, context->db); -out: - hdb_free_entry(context->context, &ent); - return _kadm5_error_code(ret); -} - diff --git a/crypto/heimdal/lib/kadm5/delete_c.c b/crypto/heimdal/lib/kadm5/delete_c.c deleted file mode 100644 index 71a3cf0f90122..0000000000000 --- a/crypto/heimdal/lib/kadm5/delete_c.c +++ /dev/null @@ -1,69 +0,0 @@ -/* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: delete_c.c,v 1.3 1999/12/02 17:05:05 joda Exp $"); - -kadm5_ret_t -kadm5_c_delete_principal(void *server_handle, krb5_principal princ) -{ - kadm5_client_context *context = server_handle; - kadm5_ret_t ret; - krb5_storage *sp; - unsigned char buf[1024]; - int32_t tmp; - krb5_data reply; - - sp = krb5_storage_from_mem(buf, sizeof(buf)); - if (sp == NULL) - return ENOMEM; - krb5_store_int32(sp, kadm_delete); - krb5_store_principal(sp, princ); - ret = _kadm5_client_send(context, sp); - krb5_storage_free(sp); - if (ret) - return ret; - ret = _kadm5_client_recv(context, &reply); - if (ret) - return ret; - sp = krb5_storage_from_data (&reply); - if(sp == NULL) { - krb5_data_free (&reply); - return ENOMEM; - } - krb5_ret_int32(sp, &tmp); - krb5_storage_free(sp); - krb5_data_free (&reply); - return tmp; -} diff --git a/crypto/heimdal/lib/kadm5/delete_s.c b/crypto/heimdal/lib/kadm5/delete_s.c deleted file mode 100644 index ef326587bf025..0000000000000 --- a/crypto/heimdal/lib/kadm5/delete_s.c +++ /dev/null @@ -1,70 +0,0 @@ -/* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: delete_s.c,v 1.7 1999/12/02 17:05:05 joda Exp $"); - -kadm5_ret_t -kadm5_s_delete_principal(void *server_handle, krb5_principal princ) -{ - kadm5_server_context *context = server_handle; - kadm5_ret_t ret; - hdb_entry ent; - - ent.principal = princ; - ret = context->db->open(context->context, context->db, O_RDWR, 0); - if(ret) { - krb5_warn(context->context, ret, "opening database"); - return ret; - } - ret = context->db->fetch(context->context, context->db, - HDB_F_DECRYPT, &ent); - if(ret == HDB_ERR_NOENTRY) - goto out2; - if(ent.flags.immutable) { - ret = KADM5_PROTECT_PRINCIPAL; - goto out; - } - - hdb_seal_keys(context->db, &ent); - - kadm5_log_delete (context, princ); - - ret = context->db->remove(context->context, context->db, &ent); -out: - hdb_free_entry(context->context, &ent); -out2: - context->db->close(context->context, context->db); - return _kadm5_error_code(ret); -} diff --git a/crypto/heimdal/lib/kadm5/destroy_c.c b/crypto/heimdal/lib/kadm5/destroy_c.c deleted file mode 100644 index b42c84ce796ab..0000000000000 --- a/crypto/heimdal/lib/kadm5/destroy_c.c +++ /dev/null @@ -1,51 +0,0 @@ -/* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: destroy_c.c,v 1.3 1999/12/02 17:05:05 joda Exp $"); - -kadm5_ret_t -kadm5_c_destroy(void *server_handle) -{ - kadm5_client_context *context = server_handle; - - free(context->realm); - free(context->admin_server); - close(context->sock); - if (context->ac != NULL) - krb5_auth_con_free(context->context, context->ac); - if(context->my_context) - krb5_free_context(context->context); - return 0; -} diff --git a/crypto/heimdal/lib/kadm5/destroy_s.c b/crypto/heimdal/lib/kadm5/destroy_s.c deleted file mode 100644 index 22158d0fa8e5b..0000000000000 --- a/crypto/heimdal/lib/kadm5/destroy_s.c +++ /dev/null @@ -1,50 +0,0 @@ -/* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: destroy_s.c,v 1.5 1999/12/02 17:05:05 joda Exp $"); - -kadm5_ret_t -kadm5_s_destroy(void *server_handle) -{ - kadm5_ret_t ret; - kadm5_server_context *context = server_handle; - krb5_context kcontext = context->context; - - ret = context->db->destroy(kcontext, context->db); - if(context->my_context) - krb5_free_context(kcontext); - return ret; -} - diff --git a/crypto/heimdal/lib/kadm5/dump_log.c b/crypto/heimdal/lib/kadm5/dump_log.c deleted file mode 100644 index 68a3f534dd6af..0000000000000 --- a/crypto/heimdal/lib/kadm5/dump_log.c +++ /dev/null @@ -1,262 +0,0 @@ -/* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "iprop.h" -#include "parse_time.h" - -RCSID("$Id: dump_log.c,v 1.9 1999/12/04 19:49:43 assar Exp $"); - -static char *op_names[] = { - "get", - "delete", - "create", - "rename", - "chpass", - "modify", - "randkey", - "get_privs", - "get_princs" -}; - -static void -print_entry(kadm5_server_context *server_context, - u_int32_t ver, - time_t timestamp, - enum kadm_ops op, - u_int32_t len, - krb5_storage *sp) -{ - char t[256]; - u_int32_t mask; - hdb_entry ent; - krb5_principal source; - char *name1, *name2; - krb5_data data; - krb5_context context = server_context->context; - - off_t end = sp->seek(sp, 0, SEEK_CUR) + len; - - krb5_error_code ret; - - strftime(t, sizeof(t), "%Y-%m-%d %H:%M:%S", localtime(×tamp)); - - if(op < kadm_get || op > kadm_get_princs) { - printf("unknown op: %d\n", op); - sp->seek(sp, end, SEEK_SET); - return; - } - - printf ("%s: ver = %u, timestamp = %s, len = %u\n", - op_names[op], ver, t, len); - switch(op) { - case kadm_delete: - krb5_ret_principal(sp, &source); - krb5_unparse_name(context, source, &name1); - printf(" %s\n", name1); - free(name1); - krb5_free_principal(context, source); - break; - case kadm_rename: - krb5_data_alloc(&data, len); - krb5_ret_principal(sp, &source); - sp->fetch(sp, data.data, data.length); - hdb_value2entry(context, &data, &ent); - krb5_unparse_name(context, source, &name1); - krb5_unparse_name(context, ent.principal, &name2); - printf(" %s -> %s\n", name1, name2); - free(name1); - free(name2); - krb5_free_principal(context, source); - hdb_free_entry(context, &ent); - break; - case kadm_create: - krb5_data_alloc(&data, len); - sp->fetch(sp, data.data, data.length); - ret = hdb_value2entry(context, &data, &ent); - if(ret) - abort(); - mask = ~0; - goto foo; - case kadm_modify: - krb5_data_alloc(&data, len); - krb5_ret_int32(sp, &mask); - sp->fetch(sp, data.data, data.length); - ret = hdb_value2entry(context, &data, &ent); - if(ret) - abort(); - foo: - if(ent.principal /* mask & KADM5_PRINCIPAL */) { - krb5_unparse_name(context, ent.principal, &name1); - printf(" principal = %s\n", name1); - free(name1); - } - if(mask & KADM5_PRINC_EXPIRE_TIME) { - if(ent.valid_end == NULL) { - strcpy(t, "never"); - } else { - strftime(t, sizeof(t), "%Y-%m-%d %H:%M:%S", - localtime(ent.valid_end)); - } - printf(" expires = %s\n", t); - } - if(mask & KADM5_PW_EXPIRATION) { - if(ent.valid_end == NULL) { - strcpy(t, "never"); - } else { - strftime(t, sizeof(t), "%Y-%m-%d %H:%M:%S", - localtime(ent.valid_end)); - } - printf(" password exp = %s\n", t); - } - if(mask & KADM5_LAST_PWD_CHANGE) { - } - if(mask & KADM5_ATTRIBUTES) { - unparse_flags(HDBFlags2int(ent.flags), - HDBFlags_units, t, sizeof(t)); - printf(" attributes = %s\n", t); - } - if(mask & KADM5_MAX_LIFE) { - if(ent.max_life == NULL) - strcpy(t, "for ever"); - else - unparse_time(*ent.max_life, t, sizeof(t)); - printf(" max life = %s\n", t); - } - if(mask & KADM5_MAX_RLIFE) { - if(ent.max_renew == NULL) - strcpy(t, "for ever"); - else - unparse_time(*ent.max_renew, t, sizeof(t)); - printf(" max rlife = %s\n", t); - } - if(mask & KADM5_MOD_TIME) { - printf(" mod time\n"); - } - if(mask & KADM5_MOD_NAME) { - printf(" mod name\n"); - } - if(mask & KADM5_KVNO) { - printf(" kvno = %d\n", ent.kvno); - } - if(mask & KADM5_MKVNO) { - printf(" mkvno\n"); - } - if(mask & KADM5_AUX_ATTRIBUTES) { - printf(" aux attributes\n"); - } - if(mask & KADM5_POLICY) { - printf(" policy\n"); - } - if(mask & KADM5_POLICY_CLR) { - printf(" mod time\n"); - } - if(mask & KADM5_LAST_SUCCESS) { - printf(" last success\n"); - } - if(mask & KADM5_LAST_FAILED) { - printf(" last failed\n"); - } - if(mask & KADM5_FAIL_AUTH_COUNT) { - printf(" fail auth count\n"); - } - if(mask & KADM5_KEY_DATA) { - printf(" key data\n"); - } - if(mask & KADM5_TL_DATA) { - printf(" tl data\n"); - } - hdb_free_entry(context, &ent); - break; - default: - abort(); - } - sp->seek(sp, end, SEEK_SET); -} - -char *realm; -int version_flag; -int help_flag; -struct getargs args[] = { - { "realm", 'r', arg_string, &realm }, - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } -}; -int num_args = sizeof(args) / sizeof(args[0]); - -int -main(int argc, char **argv) -{ - krb5_context context; - krb5_error_code ret; - void *kadm_handle; - kadm5_server_context *server_context; - kadm5_config_params conf; - - krb5_program_setup(&context, argc, argv, args, num_args, NULL); - - if(help_flag) - krb5_std_usage(0, args, num_args); - if(version_flag) { - print_version(NULL); - exit(0); - } - - memset(&conf, 0, sizeof(conf)); - if(realm) { - conf.mask |= KADM5_CONFIG_REALM; - conf.realm = realm; - } - ret = kadm5_init_with_password_ctx (context, - KADM5_ADMIN_SERVICE, - NULL, - KADM5_ADMIN_SERVICE, - &conf, 0, 0, - &kadm_handle); - if (ret) - krb5_err (context, 1, ret, "kadm5_init_with_password_ctx"); - - server_context = (kadm5_server_context *)kadm_handle; - - ret = kadm5_log_init (server_context); - if (ret) - krb5_err (context, 1, ret, "kadm5_log_init"); - - ret = kadm5_log_foreach (server_context, print_entry); - if(ret) - krb5_warn(context, ret, "kadm5_log_foreach"); - - ret = kadm5_log_end (server_context); - if (ret) - krb5_warn(context, ret, "kadm5_log_end"); - return 0; -} diff --git a/crypto/heimdal/lib/kadm5/ent_setup.c b/crypto/heimdal/lib/kadm5/ent_setup.c deleted file mode 100644 index 46653c7cbbd6b..0000000000000 --- a/crypto/heimdal/lib/kadm5/ent_setup.c +++ /dev/null @@ -1,141 +0,0 @@ -/* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: ent_setup.c,v 1.11 1999/12/02 17:05:06 joda Exp $"); - -#define set_value(X, V) do { if((X) == NULL) (X) = malloc(sizeof(*(X))); *(X) = V; } while(0) -#define set_null(X) do { if((X) != NULL) free((X)); (X) = NULL; } while (0) - -static void -attr_to_flags(unsigned attr, HDBFlags *flags) -{ - flags->postdate = !(attr & KRB5_KDB_DISALLOW_POSTDATED); - flags->forwardable = !(attr & KRB5_KDB_DISALLOW_FORWARDABLE); - flags->initial = !!(attr & KRB5_KDB_DISALLOW_TGT_BASED); - flags->renewable = !(attr & KRB5_KDB_DISALLOW_RENEWABLE); - flags->proxiable = !(attr & KRB5_KDB_DISALLOW_PROXIABLE); - /* DUP_SKEY */ - flags->invalid = !!(attr & KRB5_KDB_DISALLOW_ALL_TIX); - flags->require_preauth = !!(attr & KRB5_KDB_REQUIRES_PRE_AUTH); - /* HW_AUTH */ - flags->server = !(attr & KRB5_KDB_DISALLOW_SVR); - flags->change_pw = !!(attr & KRB5_KDB_PWCHANGE_SERVICE); - flags->client = 1; /* XXX */ -} - -/* - * Create the hdb entry `ent' based on data from `princ' with - * `princ_mask' specifying what fields to be gotten from there and - * `mask' specifying what fields we want filled in. - */ - -kadm5_ret_t -_kadm5_setup_entry(hdb_entry *ent, - u_int32_t mask, - kadm5_principal_ent_t princ, - u_int32_t princ_mask, - kadm5_principal_ent_t def, - u_int32_t def_mask) -{ - if(mask & KADM5_PRINC_EXPIRE_TIME - && princ_mask & KADM5_PRINC_EXPIRE_TIME) { - if (princ->princ_expire_time) - set_value(ent->valid_end, princ->princ_expire_time); - else - set_null(ent->valid_end); - } - if(mask & KADM5_PW_EXPIRATION - && princ_mask & KADM5_PW_EXPIRATION) { - if (princ->pw_expiration) - set_value(ent->pw_end, princ->pw_expiration); - else - set_null(ent->pw_end); - } - if(mask & KADM5_ATTRIBUTES) { - if (princ_mask & KADM5_ATTRIBUTES) { - attr_to_flags(princ->attributes, &ent->flags); - } else if(def_mask & KADM5_ATTRIBUTES) { - attr_to_flags(def->attributes, &ent->flags); - ent->flags.invalid = 0; - } else { - ent->flags.client = 1; - ent->flags.server = 1; - ent->flags.forwardable = 1; - ent->flags.proxiable = 1; - ent->flags.renewable = 1; - ent->flags.postdate = 1; - } - } - if(mask & KADM5_MAX_LIFE) { - if(princ_mask & KADM5_MAX_LIFE) { - if(princ->max_life) - set_value(ent->max_life, princ->max_life); - else - set_null(ent->max_life); - } else if(def_mask & KADM5_MAX_LIFE) { - if(def->max_life) - set_value(ent->max_life, def->max_life); - else - set_null(ent->max_life); - } - } - if(mask & KADM5_KVNO - && princ_mask & KADM5_KVNO) - ent->kvno = princ->kvno; - if(mask & KADM5_MAX_RLIFE) { - if(princ_mask & KADM5_MAX_RLIFE) { - if(princ->max_renewable_life) - set_value(ent->max_renew, princ->max_renewable_life); - else - set_null(ent->max_renew); - } else if(def_mask & KADM5_MAX_RLIFE) { - if(def->max_renewable_life) - set_value(ent->max_renew, def->max_renewable_life); - else - set_null(ent->max_renew); - } - } - if(mask & KADM5_KEY_DATA - && princ_mask & KADM5_KEY_DATA) { - _kadm5_set_keys2(ent, princ->n_key_data, princ->key_data); - } - if(mask & KADM5_TL_DATA) { - /* XXX */ - } - if(mask & KADM5_FAIL_AUTH_COUNT) { - /* XXX */ - } - return 0; -} diff --git a/crypto/heimdal/lib/kadm5/error.c b/crypto/heimdal/lib/kadm5/error.c deleted file mode 100644 index 11b1ded7d875e..0000000000000 --- a/crypto/heimdal/lib/kadm5/error.c +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: error.c,v 1.3 1999/12/02 17:05:06 joda Exp $"); - -kadm5_ret_t -_kadm5_error_code(kadm5_ret_t code) -{ - switch(code){ - case HDB_ERR_EXISTS: - return KADM5_DUP; - case HDB_ERR_NOENTRY: - return KADM5_UNK_PRINC; - } - return code; -} diff --git a/crypto/heimdal/lib/kadm5/flush.c b/crypto/heimdal/lib/kadm5/flush.c deleted file mode 100644 index 4808259de7f8f..0000000000000 --- a/crypto/heimdal/lib/kadm5/flush.c +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: flush.c,v 1.2 1999/12/02 17:05:06 joda Exp $"); - -kadm5_ret_t -kadm5_s_flush(void *server_handle) -{ - return 0; -} - -kadm5_ret_t -kadm5_c_flush(void *server_handle) -{ - return 0; -} diff --git a/crypto/heimdal/lib/kadm5/flush_c.c b/crypto/heimdal/lib/kadm5/flush_c.c deleted file mode 100644 index 01cdcf723aa14..0000000000000 --- a/crypto/heimdal/lib/kadm5/flush_c.c +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "kadm5_locl.h" - -RCSID("$Id: flush_c.c,v 1.1 1999/03/23 18:23:36 joda Exp $"); - -kadm5_ret_t -kadm5_c_flush(void *server_handle) -{ - return 0; -} diff --git a/crypto/heimdal/lib/kadm5/flush_s.c b/crypto/heimdal/lib/kadm5/flush_s.c deleted file mode 100644 index dffbe2f2ca9b5..0000000000000 --- a/crypto/heimdal/lib/kadm5/flush_s.c +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "kadm5_locl.h" - -RCSID("$Id: flush_s.c,v 1.1 1999/03/23 18:23:37 joda Exp $"); - -kadm5_ret_t -kadm5_s_flush(void *server_handle) -{ - return 0; -} diff --git a/crypto/heimdal/lib/kadm5/free.c b/crypto/heimdal/lib/kadm5/free.c deleted file mode 100644 index fcc1e70f0d8e6..0000000000000 --- a/crypto/heimdal/lib/kadm5/free.c +++ /dev/null @@ -1,91 +0,0 @@ -/* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: free.c,v 1.4 1999/12/02 17:05:06 joda Exp $"); - -void -kadm5_free_key_data(void *server_handle, - int16_t *n_key_data, - krb5_key_data *key_data) -{ - int i; - for(i = 0; i < *n_key_data; i++){ - if(key_data[i].key_data_contents[0]){ - memset(key_data[i].key_data_contents[0], - 0, - key_data[i].key_data_length[0]); - free(key_data[i].key_data_contents[0]); - } - if(key_data[i].key_data_contents[1]) - free(key_data[i].key_data_contents[1]); - } - *n_key_data = 0; -} - - -void -kadm5_free_principal_ent(void *server_handle, - kadm5_principal_ent_t princ) -{ - kadm5_server_context *context = server_handle; - if(princ->principal) - krb5_free_principal(context->context, princ->principal); - if(princ->mod_name) - krb5_free_principal(context->context, princ->mod_name); - kadm5_free_key_data(server_handle, &princ->n_key_data, princ->key_data); - while(princ->n_tl_data && princ->tl_data) { - krb5_tl_data *tp; - tp = princ->tl_data; - princ->tl_data = tp->tl_data_next; - princ->n_tl_data--; - memset(tp->tl_data_contents, 0, tp->tl_data_length); - free(tp->tl_data_contents); - free(tp); - } - if (princ->key_data != NULL) - free (princ->key_data); -} - -void -kadm5_free_name_list(void *server_handle, - char **names, - int *count) -{ - int i; - for(i = 0; i < *count; i++) - free(names[i]); - free(names); - *count = 0; -} diff --git a/crypto/heimdal/lib/kadm5/get_c.c b/crypto/heimdal/lib/kadm5/get_c.c deleted file mode 100644 index 9ca672a5e7e18..0000000000000 --- a/crypto/heimdal/lib/kadm5/get_c.c +++ /dev/null @@ -1,76 +0,0 @@ -/* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: get_c.c,v 1.5 1999/12/02 17:05:06 joda Exp $"); - -kadm5_ret_t -kadm5_c_get_principal(void *server_handle, - krb5_principal princ, - kadm5_principal_ent_t out, - u_int32_t mask) -{ - kadm5_client_context *context = server_handle; - kadm5_ret_t ret; - krb5_storage *sp; - unsigned char buf[1024]; - int32_t tmp; - krb5_data reply; - - sp = krb5_storage_from_mem(buf, sizeof(buf)); - if (sp == NULL) - return ENOMEM; - krb5_store_int32(sp, kadm_get); - krb5_store_principal(sp, princ); - krb5_store_int32(sp, mask); - ret = _kadm5_client_send(context, sp); - krb5_storage_free(sp); - if(ret) - return ret; - ret = _kadm5_client_recv(context, &reply); - if (ret) - return ret; - sp = krb5_storage_from_data (&reply); - if (sp == NULL) { - krb5_data_free (&reply); - return ENOMEM; - } - krb5_ret_int32(sp, &tmp); - ret = tmp; - if(ret == 0) - kadm5_ret_principal_ent(sp, out); - krb5_storage_free(sp); - krb5_data_free (&reply); - return ret; -} diff --git a/crypto/heimdal/lib/kadm5/get_princs_c.c b/crypto/heimdal/lib/kadm5/get_princs_c.c deleted file mode 100644 index 0956052272d92..0000000000000 --- a/crypto/heimdal/lib/kadm5/get_princs_c.c +++ /dev/null @@ -1,86 +0,0 @@ -/* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: get_princs_c.c,v 1.3 1999/12/02 17:05:06 joda Exp $"); - -kadm5_ret_t -kadm5_c_get_principals(void *server_handle, - const char *exp, - char ***princs, - int *count) -{ - kadm5_client_context *context = server_handle; - kadm5_ret_t ret; - krb5_storage *sp; - unsigned char buf[1024]; - int32_t tmp; - krb5_data reply; - - sp = krb5_storage_from_mem(buf, sizeof(buf)); - if (sp == NULL) - return ENOMEM; - krb5_store_int32(sp, kadm_get_princs); - krb5_store_int32(sp, exp != NULL); - if(exp) - krb5_store_string(sp, exp); - ret = _kadm5_client_send(context, sp); - krb5_storage_free(sp); - ret = _kadm5_client_recv(context, &reply); - if(ret) - return ret; - sp = krb5_storage_from_data (&reply); - if (sp == NULL) { - krb5_data_free (&reply); - return ENOMEM; - } - krb5_ret_int32(sp, &tmp); - ret = tmp; - if(ret == 0) { - int i; - krb5_ret_int32(sp, &tmp); - *princs = calloc(tmp + 1, sizeof(**princs)); - if (*princs == NULL) { - ret = ENOMEM; - goto out; - } - for(i = 0; i < tmp; i++) - krb5_ret_string(sp, &(*princs)[i]); - *count = tmp; - } -out: - krb5_storage_free(sp); - krb5_data_free (&reply); - return ret; -} diff --git a/crypto/heimdal/lib/kadm5/get_princs_s.c b/crypto/heimdal/lib/kadm5/get_princs_s.c deleted file mode 100644 index 2702bae46131e..0000000000000 --- a/crypto/heimdal/lib/kadm5/get_princs_s.c +++ /dev/null @@ -1,113 +0,0 @@ -/* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: get_princs_s.c,v 1.5 1999/12/02 17:05:06 joda Exp $"); - -struct foreach_data { - const char *exp; - char *exp2; - char **princs; - int count; -}; - -static krb5_error_code -add_princ(struct foreach_data *d, char *princ) -{ - char **tmp; - tmp = realloc(d->princs, (d->count + 1) * sizeof(*tmp)); - if(tmp == NULL) - return ENOMEM; - d->princs = tmp; - d->princs[d->count++] = princ; - return 0; -} - -static krb5_error_code -foreach(krb5_context context, HDB *db, hdb_entry *ent, void *data) -{ - struct foreach_data *d = data; - char *princ; - krb5_error_code ret; - ret = krb5_unparse_name(context, ent->principal, &princ); - if(ret) - return ret; - if(d->exp){ - if(fnmatch(d->exp, princ, 0) == 0 || fnmatch(d->exp2, princ, 0) == 0) - ret = add_princ(d, princ); - else - free(princ); - }else{ - ret = add_princ(d, princ); - } - if(ret) - free(princ); - return ret; -} - -kadm5_ret_t -kadm5_s_get_principals(void *server_handle, - const char *exp, - char ***princs, - int *count) -{ - struct foreach_data d; - kadm5_server_context *context = server_handle; - kadm5_ret_t ret; - ret = context->db->open(context->context, context->db, O_RDWR, 0); - if(ret) { - krb5_warn(context->context, ret, "opening database"); - return ret; - } - d.exp = exp; - { - krb5_realm r; - krb5_get_default_realm(context->context, &r); - asprintf(&d.exp2, "%s@%s", exp, r); - free(r); - } - d.princs = NULL; - d.count = 0; - ret = hdb_foreach(context->context, context->db, 0, foreach, &d); - context->db->close(context->context, context->db); - if(ret == 0) - ret = add_princ(&d, NULL); - if(ret == 0){ - *princs = d.princs; - *count = d.count - 1; - }else - kadm5_free_name_list(context, d.princs, &d.count); - free(d.exp2); - return _kadm5_error_code(ret); -} diff --git a/crypto/heimdal/lib/kadm5/get_s.c b/crypto/heimdal/lib/kadm5/get_s.c deleted file mode 100644 index 12613b6b6d463..0000000000000 --- a/crypto/heimdal/lib/kadm5/get_s.c +++ /dev/null @@ -1,181 +0,0 @@ -/* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: get_s.c,v 1.11 1999/12/26 19:38:23 assar Exp $"); - -kadm5_ret_t -kadm5_s_get_principal(void *server_handle, - krb5_principal princ, - kadm5_principal_ent_t out, - u_int32_t mask) -{ - kadm5_server_context *context = server_handle; - kadm5_ret_t ret; - hdb_entry ent; - - ent.principal = princ; - ret = context->db->open(context->context, context->db, O_RDONLY, 0); - if(ret) - return ret; - ret = context->db->fetch(context->context, context->db, - HDB_F_DECRYPT, &ent); - context->db->close(context->context, context->db); - if(ret) - return _kadm5_error_code(ret); - - memset(out, 0, sizeof(*out)); - if(mask & KADM5_PRINCIPAL) - ret = krb5_copy_principal(context->context, ent.principal, - &out->principal); - if(ret) - goto out; - if(mask & KADM5_PRINC_EXPIRE_TIME && ent.valid_end) - out->princ_expire_time = *ent.valid_end; - if(mask & KADM5_PW_EXPIRATION && ent.pw_end) - out->pw_expiration = *ent.pw_end; - if(mask & KADM5_LAST_PWD_CHANGE) - /* XXX implement */; - if(mask & KADM5_ATTRIBUTES){ - out->attributes |= ent.flags.postdate ? 0 : KRB5_KDB_DISALLOW_POSTDATED; - out->attributes |= ent.flags.forwardable ? 0 : KRB5_KDB_DISALLOW_FORWARDABLE; - out->attributes |= ent.flags.initial ? KRB5_KDB_DISALLOW_TGT_BASED : 0; - out->attributes |= ent.flags.renewable ? 0 : KRB5_KDB_DISALLOW_RENEWABLE; - out->attributes |= ent.flags.proxiable ? 0 : KRB5_KDB_DISALLOW_PROXIABLE; - out->attributes |= ent.flags.invalid ? KRB5_KDB_DISALLOW_ALL_TIX : 0; - out->attributes |= ent.flags.require_preauth ? KRB5_KDB_REQUIRES_PRE_AUTH : 0; - out->attributes |= ent.flags.server ? 0 : KRB5_KDB_DISALLOW_SVR; - out->attributes |= ent.flags.change_pw ? KRB5_KDB_PWCHANGE_SERVICE : 0; - } - if(mask & KADM5_MAX_LIFE && ent.max_life) - out->max_life = *ent.max_life; - if(mask & KADM5_MOD_TIME) { - if(ent.modified_by) - out->mod_date = ent.modified_by->time; - else - out->mod_date = ent.created_by.time; - } - if(mask & KADM5_MOD_NAME) { - if(ent.modified_by) { - if (ent.modified_by->principal != NULL) - ret = krb5_copy_principal(context->context, - ent.modified_by->principal, - &out->mod_name); - } else - ret = krb5_copy_principal(context->context, - ent.created_by.principal, - &out->mod_name); - } - if(ret) - goto out; - - if(mask & KADM5_KVNO) - out->kvno = ent.kvno; - if(mask & KADM5_MKVNO) { - int n; - out->mkvno = 0; /* XXX */ - for(n = 0; n < ent.keys.len; n++) - if(ent.keys.val[n].mkvno) { - out->mkvno = *ent.keys.val[n].mkvno; /* XXX this isn't right */ - break; - } - } - if(mask & KADM5_AUX_ATTRIBUTES) - /* XXX implement */; - if(mask & KADM5_POLICY) - out->policy = NULL; - if(mask & KADM5_MAX_RLIFE && ent.max_renew) - out->max_renewable_life = *ent.max_renew; - if(mask & KADM5_LAST_SUCCESS) - /* XXX implement */; - if(mask & KADM5_LAST_FAILED) - /* XXX implement */; - if(mask & KADM5_FAIL_AUTH_COUNT) - /* XXX implement */; - if(mask & KADM5_KEY_DATA){ - int i; - Key *key; - krb5_key_data *kd; - krb5_salt salt; - krb5_data *sp; - krb5_get_pw_salt(context->context, ent.principal, &salt); - out->key_data = malloc(ent.keys.len * sizeof(*out->key_data)); - for(i = 0; i < ent.keys.len; i++){ - key = &ent.keys.val[i]; - kd = &out->key_data[i]; - kd->key_data_ver = 2; - kd->key_data_kvno = ent.kvno; - kd->key_data_type[0] = key->key.keytype; - if(key->salt) - kd->key_data_type[1] = key->salt->type; - else - kd->key_data_type[1] = pa_pw_salt; - /* setup key */ - kd->key_data_length[0] = key->key.keyvalue.length; - kd->key_data_contents[0] = malloc(kd->key_data_length[0]); - if(kd->key_data_contents[0] == NULL){ - ret = ENOMEM; - break; - } - memcpy(kd->key_data_contents[0], key->key.keyvalue.data, - kd->key_data_length[0]); - /* setup salt */ - if(key->salt) - sp = &key->salt->salt; - else - sp = &salt.saltvalue; - kd->key_data_length[1] = sp->length; - kd->key_data_contents[1] = malloc(kd->key_data_length[1]); - if(kd->key_data_length[1] != 0 - && kd->key_data_contents[1] == NULL) { - memset(kd->key_data_contents[0], 0, kd->key_data_length[0]); - ret = ENOMEM; - break; - } - memcpy(kd->key_data_contents[1], sp->data, kd->key_data_length[1]); - out->n_key_data = i + 1; - } - krb5_free_salt(context->context, salt); - } - if(ret){ - kadm5_free_principal_ent(context, out); - goto out; - } - if(mask & KADM5_TL_DATA) - /* XXX implement */; -out: - hdb_free_entry(context->context, &ent); - - return _kadm5_error_code(ret); -} diff --git a/crypto/heimdal/lib/kadm5/init_c.c b/crypto/heimdal/lib/kadm5/init_c.c deleted file mode 100644 index 098e9c87fadab..0000000000000 --- a/crypto/heimdal/lib/kadm5/init_c.c +++ /dev/null @@ -1,605 +0,0 @@ -/* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" -#include <sys/types.h> -#include <sys/socket.h> -#include <netinet/in.h> -#include <netdb.h> - -RCSID("$Id: init_c.c,v 1.35 2000/01/28 03:20:18 assar Exp $"); - -static void -set_funcs(kadm5_client_context *c) -{ -#define SET(C, F) (C)->funcs.F = kadm5 ## _c_ ## F - SET(c, chpass_principal); - SET(c, chpass_principal); - SET(c, create_principal); - SET(c, delete_principal); - SET(c, destroy); - SET(c, flush); - SET(c, get_principal); - SET(c, get_principals); - SET(c, get_privs); - SET(c, modify_principal); - SET(c, randkey_principal); - SET(c, rename_principal); -} - -kadm5_ret_t -_kadm5_c_init_context(kadm5_client_context **ctx, - kadm5_config_params *params, - krb5_context context) -{ - krb5_error_code ret; - char *colon; - - *ctx = malloc(sizeof(**ctx)); - if(*ctx == NULL) - return ENOMEM; - memset(*ctx, 0, sizeof(**ctx)); - krb5_add_et_list (context, initialize_kadm5_error_table_r); - set_funcs(*ctx); - (*ctx)->context = context; - if(params->mask & KADM5_CONFIG_REALM) - (*ctx)->realm = strdup(params->realm); - else - krb5_get_default_realm((*ctx)->context, &(*ctx)->realm); - if(params->mask & KADM5_CONFIG_ADMIN_SERVER) - (*ctx)->admin_server = strdup(params->admin_server); - else { - char **hostlist; - - ret = krb5_get_krb_admin_hst (context, &(*ctx)->realm, &hostlist); - if (ret) - return ret; - (*ctx)->admin_server = strdup(*hostlist); - krb5_free_krbhst (context, hostlist); - } - - if ((*ctx)->admin_server == NULL) - return ENOMEM; - colon = strchr ((*ctx)->admin_server, ':'); - if (colon != NULL) - *colon++ = '\0'; - - (*ctx)->kadmind_port = 0; - - if(params->mask & KADM5_CONFIG_KADMIND_PORT) - (*ctx)->kadmind_port = params->kadmind_port; - else if (colon != NULL) { - char *end; - - (*ctx)->kadmind_port = htons(strtol (colon, &end, 0)); - } - if ((*ctx)->kadmind_port == 0) - (*ctx)->kadmind_port = krb5_getportbyname (context, "kerberos-adm", - "tcp", 749); - return 0; -} - -static krb5_error_code -get_kadm_ticket(krb5_context context, - krb5_ccache id, - krb5_principal client, - const char *server_name) -{ - krb5_error_code ret; - krb5_creds in, *out; - - memset(&in, 0, sizeof(in)); - in.client = client; - ret = krb5_parse_name(context, server_name, &in.server); - if(ret) - return ret; - ret = krb5_get_credentials(context, 0, id, &in, &out); - if(ret == 0) - krb5_free_creds(context, out); - krb5_free_principal(context, in.server); - return ret; -} - -static krb5_error_code -get_new_cache(krb5_context context, - krb5_principal client, - const char *password, - krb5_prompter_fct prompter, - const char *keytab, - const char *server_name, - krb5_ccache *ret_cache) -{ - krb5_error_code ret; - krb5_creds cred; - krb5_get_init_creds_opt opt; - krb5_ccache id; - - krb5_get_init_creds_opt_init (&opt); - krb5_get_init_creds_opt_set_forwardable (&opt, FALSE); - krb5_get_init_creds_opt_set_proxiable (&opt, FALSE); - - if(password == NULL && prompter == NULL) { - krb5_keytab kt; - if(keytab == NULL) - ret = krb5_kt_default(context, &kt); - else - ret = krb5_kt_resolve(context, keytab, &kt); - if(ret) - return ret; - ret = krb5_get_init_creds_keytab (context, - &cred, - client, - kt, - 0, - server_name, - &opt); - krb5_kt_close(context, kt); - } else { - ret = krb5_get_init_creds_password (context, - &cred, - client, - password, - prompter, - NULL, - 0, - server_name, - &opt); - } - switch(ret){ - case 0: - break; - case KRB5_LIBOS_PWDINTR: /* don't print anything if it was just C-c:ed */ - case KRB5KRB_AP_ERR_BAD_INTEGRITY: - case KRB5KRB_AP_ERR_MODIFIED: - return KADM5_BAD_PASSWORD; - default: - return ret; - } - ret = krb5_cc_gen_new(context, &krb5_mcc_ops, &id); - if(ret) - return ret; - ret = krb5_cc_initialize (context, id, cred.client); - if (ret) - return ret; - ret = krb5_cc_store_cred (context, id, &cred); - if (ret) - return ret; - krb5_free_creds_contents (context, &cred); - *ret_cache = id; - return 0; -} - -static krb5_error_code -get_cred_cache(krb5_context context, - const char *client_name, - const char *server_name, - const char *password, - krb5_prompter_fct prompter, - const char *keytab, - krb5_ccache ccache, - krb5_ccache *ret_cache) -{ - krb5_error_code ret; - krb5_ccache id = NULL; - krb5_principal default_client = NULL, client = NULL; - - /* treat empty password as NULL */ - if(password && *password == '\0') - password = NULL; - if(server_name == NULL) - server_name = KADM5_ADMIN_SERVICE; - - if(client_name != NULL) { - ret = krb5_parse_name(context, client_name, &client); - if(ret) - return ret; - } - - if(password != NULL || prompter != NULL) { - /* get principal from default cache, ok if this doesn't work */ - ret = krb5_cc_default(context, &id); - if(ret == 0) { - ret = krb5_cc_get_principal(context, id, &default_client); - if(ret) { - krb5_cc_close(context, id); - id = NULL; - } - } - - if(client == NULL) - client = default_client; - if(client == NULL) { - const char *user; - - user = get_default_username (); - - if(user == NULL) - return KADM5_FAILURE; - ret = krb5_make_principal(context, &client, - NULL, user, "admin", NULL); - if(ret) - return ret; - } - if(client != default_client) { - krb5_free_principal(context, default_client); - default_client = NULL; - if (id != NULL) { - krb5_cc_close(context, id); - id = NULL; - } - } - } else if(ccache != NULL) - id = ccache; - - - if(id && (default_client == NULL || - krb5_principal_compare(context, client, default_client))) { - ret = get_kadm_ticket(context, id, client, server_name); - if(ret == 0) { - *ret_cache = id; - krb5_free_principal(context, default_client); - if (default_client != client) - krb5_free_principal(context, client); - return 0; - } - if(ccache != NULL) - /* couldn't get ticket from cache */ - return -1; - } - /* get creds via AS request */ - if(id) - krb5_cc_close(context, id); - if (client != default_client) - krb5_free_principal(context, default_client); - - ret = get_new_cache(context, client, password, prompter, keytab, - server_name, ret_cache); - krb5_free_principal(context, client); - return ret; -} - -static kadm5_ret_t -kadm5_c_init_with_context(krb5_context context, - const char *client_name, - const char *password, - krb5_prompter_fct prompter, - const char *keytab, - krb5_ccache ccache, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - kadm5_ret_t ret; - kadm5_client_context *ctx; - krb5_principal server; - krb5_ccache cc; - int s; - struct addrinfo *ai, *a; - struct addrinfo hints; - int error; - char portstr[NI_MAXSERV]; - char *hostname, *slash; - - memset (&hints, 0, sizeof(hints)); - hints.ai_socktype = SOCK_STREAM; - hints.ai_protocol = IPPROTO_TCP; - - ret = _kadm5_c_init_context(&ctx, realm_params, context); - if(ret) - return ret; - - snprintf (portstr, sizeof(portstr), "%u", ntohs(ctx->kadmind_port)); - - hostname = ctx->admin_server; - slash = strchr (hostname, '/'); - if (slash != NULL) - hostname = slash + 1; - - error = getaddrinfo (hostname, portstr, &hints, &ai); - if (error) - return KADM5_BAD_SERVER_NAME; - - for (a = ai; a != NULL; a = a->ai_next) { - s = socket (a->ai_family, a->ai_socktype, a->ai_protocol); - if (s < 0) - continue; - if (connect (s, a->ai_addr, a->ai_addrlen) < 0) { - krb5_warn (context, errno, "connect(%s)", hostname); - close (s); - continue; - } - break; - } - if (a == NULL) { - freeaddrinfo (ai); - krb5_warnx (context, "failed to contact %s", hostname); - return KADM5_FAILURE; - } - ret = get_cred_cache(context, client_name, service_name, - password, prompter, keytab, ccache, &cc); - - if(ret) { - freeaddrinfo (ai); - close(s); - return ret; - } - ret = krb5_parse_name(context, KADM5_ADMIN_SERVICE, &server); - if(ret) { - freeaddrinfo (ai); - if(ccache == NULL) - krb5_cc_close(context, cc); - close(s); - return ret; - } - ctx->ac = NULL; - - ret = krb5_sendauth(context, &ctx->ac, &s, - KADMIN_APPL_VERSION, NULL, - server, AP_OPTS_MUTUAL_REQUIRED, - NULL, NULL, cc, NULL, NULL, NULL); - if(ret == 0) { - krb5_data params, enc_data; - ret = _kadm5_marshal_params(context, realm_params, ¶ms); - - ret = krb5_mk_priv(context, - ctx->ac, - ¶ms, - &enc_data, - NULL); - - ret = krb5_write_message(context, &s, &enc_data); - - krb5_data_free(¶ms); - krb5_data_free(&enc_data); - } else if(ret == KRB5_SENDAUTH_BADAPPLVERS) { - close(s); - - s = socket (a->ai_family, a->ai_socktype, a->ai_protocol); - if (s < 0) { - freeaddrinfo (ai); - return errno; - } - if (connect (s, a->ai_addr, a->ai_addrlen) < 0) { - close (s); - freeaddrinfo (ai); - return errno; - } - freeaddrinfo (ai); - - ret = krb5_sendauth(context, &ctx->ac, &s, - KADMIN_OLD_APPL_VERSION, NULL, - server, AP_OPTS_MUTUAL_REQUIRED, - NULL, NULL, cc, NULL, NULL, NULL); - } - freeaddrinfo (ai); - if(ret) { - close(s); - return ret; - } - - krb5_free_principal(context, server); - if(ccache == NULL) - krb5_cc_close(context, cc); - if(ret) { - close(s); - return ret; - } - ctx->sock = s; - *server_handle = ctx; - return 0; -} - -static kadm5_ret_t -init_context(const char *client_name, - const char *password, - krb5_prompter_fct prompter, - const char *keytab, - krb5_ccache ccache, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - krb5_context context; - kadm5_ret_t ret; - kadm5_server_context *ctx; - - krb5_init_context(&context); - ret = kadm5_c_init_with_context(context, - client_name, - password, - prompter, - keytab, - ccache, - service_name, - realm_params, - struct_version, - api_version, - server_handle); - if(ret){ - krb5_free_context(context); - return ret; - } - ctx = *server_handle; - ctx->my_context = 1; - return 0; -} - -kadm5_ret_t -kadm5_c_init_with_password_ctx(krb5_context context, - const char *client_name, - const char *password, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return kadm5_c_init_with_context(context, - client_name, - password, - krb5_prompter_posix, - NULL, - NULL, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - -kadm5_ret_t -kadm5_c_init_with_password(const char *client_name, - const char *password, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return init_context(client_name, - password, - krb5_prompter_posix, - NULL, - NULL, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - -kadm5_ret_t -kadm5_c_init_with_skey_ctx(krb5_context context, - const char *client_name, - const char *keytab, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return kadm5_c_init_with_context(context, - client_name, - NULL, - NULL, - keytab, - NULL, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - - -kadm5_ret_t -kadm5_c_init_with_skey(const char *client_name, - const char *keytab, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return init_context(client_name, - NULL, - NULL, - keytab, - NULL, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - -kadm5_ret_t -kadm5_c_init_with_creds_ctx(krb5_context context, - const char *client_name, - krb5_ccache ccache, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return kadm5_c_init_with_context(context, - client_name, - NULL, - NULL, - NULL, - ccache, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - -kadm5_ret_t -kadm5_c_init_with_creds(const char *client_name, - krb5_ccache ccache, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return init_context(client_name, - NULL, - NULL, - NULL, - ccache, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - -#if 0 -kadm5_ret_t -kadm5_init(char *client_name, char *pass, - char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ -} -#endif - diff --git a/crypto/heimdal/lib/kadm5/init_s.c b/crypto/heimdal/lib/kadm5/init_s.c deleted file mode 100644 index 6c1f3d144d150..0000000000000 --- a/crypto/heimdal/lib/kadm5/init_s.c +++ /dev/null @@ -1,232 +0,0 @@ -/* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: init_s.c,v 1.9 1999/12/02 17:05:06 joda Exp $"); - - -static kadm5_ret_t -kadm5_s_init_with_context(krb5_context context, - const char *client_name, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - kadm5_ret_t ret; - kadm5_server_context *ctx; - ret = _kadm5_s_init_context(&ctx, realm_params, context); - if(ret) - return ret; - - assert(ctx->config.dbname != NULL); - assert(ctx->config.stash_file != NULL); - assert(ctx->config.acl_file != NULL); - assert(ctx->log_context.log_file != NULL); - assert(ctx->log_context.socket_name.sun_path[0] != '\0'); - - ret = hdb_create(ctx->context, &ctx->db, ctx->config.dbname); - if(ret) - return ret; - ret = hdb_set_master_keyfile (ctx->context, - ctx->db, ctx->config.stash_file); - if(ret) - return ret; - - ctx->log_context.log_fd = -1; - - ctx->log_context.socket_fd = socket (AF_UNIX, SOCK_DGRAM, 0); - - ret = krb5_parse_name(ctx->context, client_name, &ctx->caller); - if(ret) - return ret; - - ret = _kadm5_acl_init(ctx); - if(ret) - return ret; - - *server_handle = ctx; - return 0; -} - -kadm5_ret_t -kadm5_s_init_with_password_ctx(krb5_context context, - const char *client_name, - const char *password, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return kadm5_s_init_with_context(context, - client_name, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - -kadm5_ret_t -kadm5_s_init_with_password(const char *client_name, - const char *password, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - krb5_context context; - kadm5_ret_t ret; - kadm5_server_context *ctx; - - krb5_init_context(&context); - ret = kadm5_s_init_with_password_ctx(context, - client_name, - password, - service_name, - realm_params, - struct_version, - api_version, - server_handle); - if(ret){ - krb5_free_context(context); - return ret; - } - ctx = *server_handle; - ctx->my_context = 1; - return 0; -} - -kadm5_ret_t -kadm5_s_init_with_skey_ctx(krb5_context context, - const char *client_name, - const char *keytab, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return kadm5_s_init_with_context(context, - client_name, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - -kadm5_ret_t -kadm5_s_init_with_skey(const char *client_name, - const char *keytab, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - krb5_context context; - kadm5_ret_t ret; - kadm5_server_context *ctx; - - krb5_init_context(&context); - ret = kadm5_s_init_with_skey_ctx(context, - client_name, - keytab, - service_name, - realm_params, - struct_version, - api_version, - server_handle); - if(ret){ - krb5_free_context(context); - return ret; - } - ctx = *server_handle; - ctx->my_context = 1; - return 0; -} - -kadm5_ret_t -kadm5_s_init_with_creds_ctx(krb5_context context, - const char *client_name, - krb5_ccache ccache, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return kadm5_s_init_with_context(context, - client_name, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - -kadm5_ret_t -kadm5_s_init_with_creds(const char *client_name, - krb5_ccache ccache, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - krb5_context context; - kadm5_ret_t ret; - kadm5_server_context *ctx; - - krb5_init_context(&context); - ret = kadm5_s_init_with_creds_ctx(context, - client_name, - ccache, - service_name, - realm_params, - struct_version, - api_version, - server_handle); - if(ret){ - krb5_free_context(context); - return ret; - } - ctx = *server_handle; - ctx->my_context = 1; - return 0; -} diff --git a/crypto/heimdal/lib/kadm5/iprop.h b/crypto/heimdal/lib/kadm5/iprop.h deleted file mode 100644 index 499f51544e20e..0000000000000 --- a/crypto/heimdal/lib/kadm5/iprop.h +++ /dev/null @@ -1,53 +0,0 @@ -/* - * Copyright (c) 1998-1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: iprop.h,v 1.4 1999/12/02 17:05:06 joda Exp $ */ - -#ifndef __IPROP_H__ -#define __IPROP_H__ - -#include "kadm5_locl.h" -#include <getarg.h> -#ifdef HAVE_SYS_SELECT_H -#include <sys/select.h> -#endif - -#define IPROP_VERSION "iprop-0.0" - -#define KADM5_SLAVE_ACL HDB_DB_DIR "/slaves" - -#define IPROP_NAME "iprop" - -enum iprop_cmd { I_HAVE = 1, FOR_YOU = 2 }; - -#endif /* __IPROP_H__ */ diff --git a/crypto/heimdal/lib/kadm5/ipropd_master.c b/crypto/heimdal/lib/kadm5/ipropd_master.c deleted file mode 100644 index b2e71a736dd26..0000000000000 --- a/crypto/heimdal/lib/kadm5/ipropd_master.c +++ /dev/null @@ -1,422 +0,0 @@ -/* - * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "iprop.h" - -RCSID("$Id: ipropd_master.c,v 1.12 1999/12/02 17:05:06 joda Exp $"); - -static int -make_signal_socket (krb5_context context) -{ - struct sockaddr_un addr; - int fd; - - fd = socket (AF_UNIX, SOCK_DGRAM, 0); - if (fd < 0) - krb5_err (context, 1, errno, "socket AF_UNIX"); - memset (&addr, 0, sizeof(addr)); - addr.sun_family = AF_UNIX; - strncpy (addr.sun_path, KADM5_LOG_SIGNAL, sizeof(addr.sun_path)); - addr.sun_path[sizeof(addr.sun_path) - 1] = '\0'; - unlink (addr.sun_path); - if (bind (fd, (struct sockaddr *)&addr, sizeof(addr)) < 0) - krb5_err (context, 1, errno, "bind %s", addr.sun_path); - return fd; -} - -static int -make_listen_socket (krb5_context context) -{ - int fd; - int one = 1; - struct sockaddr_in addr; - - fd = socket (AF_INET, SOCK_STREAM, 0); - if (fd < 0) - krb5_err (context, 1, errno, "socket AF_INET"); - setsockopt (fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one)); - memset (&addr, 0, sizeof(addr)); - addr.sin_family = AF_INET; - addr.sin_port = htons(4711); - if(bind(fd, (struct sockaddr *)&addr, sizeof(addr)) < 0) - krb5_err (context, 1, errno, "bind"); - if (listen(fd, SOMAXCONN) < 0) - krb5_err (context, 1, errno, "listen"); - return fd; -} - -struct slave { - int fd; - struct sockaddr_in addr; - char *name; - krb5_auth_context ac; - u_int32_t version; - struct slave *next; -}; - -typedef struct slave slave; - -static int -check_acl (krb5_context context, const char *name) -{ - FILE *fp; - char buf[256]; - int ret = 1; - - fp = fopen (KADM5_SLAVE_ACL, "r"); - if (fp == NULL) - return 1; - while (fgets(buf, sizeof(buf), fp) != NULL) { - if (buf[strlen(buf) - 1 ] == '\n') - buf[strlen(buf) - 1 ] = '\0'; - if (strcmp (buf, name) == 0) { - ret = 0; - break; - } - } - fclose (fp); - return ret; -} - -static void -add_slave (krb5_context context, slave **root, int fd) -{ - krb5_principal server; - krb5_error_code ret; - slave *s; - int addr_len; - krb5_ticket *ticket = NULL; - char hostname[128]; - - s = malloc(sizeof(*s)); - if (s == NULL) { - krb5_warnx (context, "add_slave: no memory"); - return; - } - s->name = NULL; - s->ac = NULL; - - addr_len = sizeof(s->addr); - s->fd = accept (fd, (struct sockaddr *)&s->addr, &addr_len); - if (s->fd < 0) { - krb5_warn (context, errno, "accept"); - goto error; - } - gethostname(hostname, sizeof(hostname)); - ret = krb5_sname_to_principal (context, hostname, IPROP_NAME, - KRB5_NT_SRV_HST, &server); - if (ret) { - krb5_warn (context, ret, "krb5_sname_to_principal"); - goto error; - } - - ret = krb5_recvauth (context, &s->ac, &s->fd, - IPROP_VERSION, server, 0, NULL, &ticket); - krb5_free_principal (context, server); - if (ret) { - krb5_warn (context, ret, "krb5_recvauth"); - goto error; - } - ret = krb5_unparse_name (context, ticket->client, &s->name); - if (ret) { - krb5_warn (context, ret, "krb5_unparse_name"); - goto error; - } - if (check_acl (context, s->name)) { - krb5_warnx (context, "%s not in acl", s->name); - goto error; - } - krb5_free_ticket (context, ticket); - printf ("connection from %s\n", s->name); - - s->version = 0; - s->next = *root; - *root = s; - return; -error: - if (s->name) - free (s->name); - if (s->ac) - krb5_auth_con_free(context, s->ac); - if (ticket) - krb5_free_ticket (context, ticket); - close (s->fd); - free(s); -} - -static void -remove_slave (krb5_context context, slave *s, slave **root) -{ - slave **p; - - close (s->fd); - free (s->name); - krb5_auth_con_free (context, s->ac); - - for (p = root; *p; p = &(*p)->next) - if (*p == s) { - *p = s->next; - break; - } - free (s); -} - -static int -send_complete (krb5_context context, slave *s) -{ - abort (); -} - -static int -send_diffs (krb5_context context, slave *s, int log_fd, - u_int32_t current_version) -{ - krb5_storage *sp, *data_sp; - u_int32_t ver; - time_t timestamp; - enum kadm_ops op; - u_int32_t len; - off_t right, left; - krb5_data data; - krb5_data priv_data; - int ret = 0; - - if (s->version == current_version) - return 0; - - sp = kadm5_log_goto_end (log_fd); - right = sp->seek(sp, 0, SEEK_CUR); - printf ("%ld, looking for %d\n", (long)right, s->version); - for (;;) { - if (kadm5_log_previous (sp, &ver, ×tamp, &op, &len)) - abort (); - printf ("version = %d\n", ver); - left = sp->seek(sp, -16, SEEK_CUR); - if (ver == s->version) - return 0; - if (ver == s->version + 1) - break; - if (left == 0) - return send_complete (context, s); - } - krb5_data_alloc (&data, right - left + 4); - sp->fetch (sp, (char *)data.data + 4, data.length - 4); - krb5_storage_free(sp); - - _krb5_put_int(data.data, FOR_YOU, 4); - - ret = krb5_mk_priv (context, s->ac, &data, &priv_data, NULL); - krb5_data_free(&data); - if (ret) { - krb5_warn (context, ret, "krb_mk_priv"); - return 0; - } - - ret = krb5_write_message (context, &s->fd, &priv_data); - krb5_data_free (&priv_data); - if (ret) { - krb5_warn (context, ret, "krb5_write_message"); - return 1; - } - return 0; -} - -static int -process_msg (krb5_context context, slave *s, int log_fd, - u_int32_t current_version) -{ - int ret = 0; - krb5_data in, out; - krb5_storage *sp; - int32_t tmp; - - ret = krb5_read_message (context, &s->fd, &in); - if (ret) - return 1; - - if(in.length == 0) { - krb5_warnx(context, "process_msg: short message"); - return 1; - } - - ret = krb5_rd_priv (context, s->ac, &in, &out, NULL); - krb5_data_free (&in); - if (ret) { - krb5_warn (context, ret, "krb5_rd_priv"); - return 1; - } - - sp = krb5_storage_from_mem (out.data, out.length); - krb5_ret_int32 (sp, &tmp); - switch (tmp) { - case I_HAVE : - krb5_ret_int32 (sp, &tmp); - s->version = tmp; - ret = send_diffs (context, s, log_fd, current_version); - break; - case FOR_YOU : - default : - krb5_warnx (context, "Ignoring command %d", tmp); - break; - } - - krb5_data_free (&out); - return ret; -} - -char *realm; -int version_flag; -int help_flag; -struct getargs args[] = { - { "realm", 'r', arg_string, &realm }, - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } -}; -int num_args = sizeof(args) / sizeof(args[0]); - -int -main(int argc, char **argv) -{ - krb5_error_code ret; - krb5_context context; - void *kadm_handle; - kadm5_server_context *server_context; - kadm5_config_params conf; - int signal_fd, listen_fd; - int log_fd; - slave *slaves = NULL; - u_int32_t current_version, old_version = 0; - - int optind; - - optind = krb5_program_setup(&context, argc, argv, args, num_args, NULL); - - if(help_flag) - krb5_std_usage(0, args, num_args); - if(version_flag) { - print_version(NULL); - exit(0); - } - - memset(&conf, 0, sizeof(conf)); - if(realm) { - conf.mask |= KADM5_CONFIG_REALM; - conf.realm = realm; - } - ret = kadm5_init_with_password_ctx (context, - KADM5_ADMIN_SERVICE, - NULL, - KADM5_ADMIN_SERVICE, - &conf, 0, 0, - &kadm_handle); - if (ret) - krb5_err (context, 1, ret, "kadm5_init_with_password_ctx"); - - server_context = (kadm5_server_context *)kadm_handle; - - log_fd = open (server_context->log_context.log_file, O_RDONLY, 0); - if (log_fd < 0) - krb5_err (context, 1, errno, "open %s", - server_context->log_context.log_file); - - signal_fd = make_signal_socket (context); - listen_fd = make_listen_socket (context); - - for (;;) { - slave *p; - fd_set readset; - int max_fd = 0; - struct timeval to = {30, 0}; - u_int32_t vers; - - FD_ZERO(&readset); - FD_SET(signal_fd, &readset); - max_fd = max(max_fd, signal_fd); - FD_SET(listen_fd, &readset); - max_fd = max(max_fd, listen_fd); - - for (p = slaves; p != NULL; p = p->next) { - FD_SET(p->fd, &readset); - max_fd = max(max_fd, p->fd); - } - - ret = select (max_fd + 1, - &readset, NULL, NULL, &to); - if (ret < 0) { - if (errno == EINTR) - continue; - else - krb5_err (context, 1, errno, "select"); - } - - if (ret == 0) { - old_version = current_version; - kadm5_log_get_version (log_fd, ¤t_version); - - if (current_version > old_version) - for (p = slaves; p != NULL; p = p->next) - send_diffs (context, p, log_fd, current_version); - } - - if (ret && FD_ISSET(signal_fd, &readset)) { - struct sockaddr_un peer_addr; - int peer_len = sizeof(peer_addr); - - if(recvfrom(signal_fd, &vers, sizeof(vers), 0, - (struct sockaddr *)&peer_addr, &peer_len) < 0) { - krb5_warn (context, errno, "recvfrom"); - continue; - } - printf ("signal: %u\n", vers); - --ret; - old_version = current_version; - kadm5_log_get_version (log_fd, ¤t_version); - for (p = slaves; p != NULL; p = p->next) - send_diffs (context, p, log_fd, current_version); - } - - for(p = slaves; p != NULL && ret--; p = p->next) - if (FD_ISSET(p->fd, &readset)) { - if(process_msg (context, p, log_fd, current_version)) - remove_slave (context, p, &slaves); - } - - if (ret && FD_ISSET(listen_fd, &readset)) { - add_slave (context, &slaves, listen_fd); - --ret; - } - - } - - return 0; -} diff --git a/crypto/heimdal/lib/kadm5/ipropd_slave.c b/crypto/heimdal/lib/kadm5/ipropd_slave.c deleted file mode 100644 index 76884eb00c896..0000000000000 --- a/crypto/heimdal/lib/kadm5/ipropd_slave.c +++ /dev/null @@ -1,313 +0,0 @@ -/* - * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "iprop.h" - -RCSID("$Id: ipropd_slave.c,v 1.10 1999/12/02 17:05:06 joda Exp $"); - -static int -connect_to_master (krb5_context context, const char *master) -{ - int fd; - struct sockaddr_in addr; - struct hostent *he; - - fd = socket (AF_INET, SOCK_STREAM, 0); - if (fd < 0) - krb5_err (context, 1, errno, "socket AF_INET"); - memset (&addr, 0, sizeof(addr)); - addr.sin_family = AF_INET; - addr.sin_port = htons(4711); - he = roken_gethostbyname (master); - if (he == NULL) - krb5_errx (context, 1, "gethostbyname: %s", hstrerror(h_errno)); - memcpy (&addr.sin_addr, he->h_addr, sizeof(addr.sin_addr)); - if(connect(fd, (struct sockaddr *)&addr, sizeof(addr)) < 0) - krb5_err (context, 1, errno, "connect"); - return fd; -} - -static void -get_creds(krb5_context context, krb5_ccache *cache, const char *host) -{ - krb5_keytab keytab; - krb5_principal client; - krb5_error_code ret; - krb5_get_init_creds_opt init_opts; -#if 0 - krb5_preauthtype preauth = KRB5_PADATA_ENC_TIMESTAMP; -#endif - krb5_creds creds; - char my_hostname[128]; - char *server; - - ret = krb5_kt_default(context, &keytab); - if(ret) krb5_err(context, 1, ret, "krb5_kt_default"); - - gethostname (my_hostname, sizeof(my_hostname)); - ret = krb5_sname_to_principal (context, my_hostname, IPROP_NAME, - KRB5_NT_SRV_HST, &client); - if (ret) krb5_err(context, 1, ret, "krb5_sname_to_principal"); - - krb5_get_init_creds_opt_init(&init_opts); -#if 0 - krb5_get_init_creds_opt_set_preauth_list(&init_opts, &preauth, 1); -#endif - - asprintf (&server, "%s/%s", IPROP_NAME, host); - if (server == NULL) - krb5_errx (context, 1, "malloc: no memory"); - - ret = krb5_get_init_creds_keytab(context, &creds, client, keytab, - 0, server, &init_opts); - free (server); - if(ret) krb5_err(context, 1, ret, "krb5_get_init_creds"); - - ret = krb5_kt_close(context, keytab); - if(ret) krb5_err(context, 1, ret, "krb5_kt_close"); - - ret = krb5_cc_gen_new(context, &krb5_mcc_ops, cache); - if(ret) krb5_err(context, 1, ret, "krb5_cc_gen_new"); - - ret = krb5_cc_initialize(context, *cache, client); - if(ret) krb5_err(context, 1, ret, "krb5_cc_initialize"); - - ret = krb5_cc_store_cred(context, *cache, &creds); - if(ret) krb5_err(context, 1, ret, "krb5_cc_store_cred"); -} - -static void -ihave (krb5_context context, krb5_auth_context auth_context, - int fd, u_int32_t version) -{ - int ret; - u_char buf[8]; - krb5_storage *sp; - krb5_data data, priv_data; - - sp = krb5_storage_from_mem (buf, 8); - krb5_store_int32 (sp, I_HAVE); - krb5_store_int32 (sp, version); - krb5_storage_free (sp); - data.length = 8; - data.data = buf; - - ret = krb5_mk_priv (context, auth_context, &data, &priv_data, NULL); - if (ret) - krb5_err (context, 1, ret, "krb_mk_priv"); - - ret = krb5_write_message (context, &fd, &priv_data); - if (ret) - krb5_err (context, 1, ret, "krb5_write_message"); - - krb5_data_free (&priv_data); -} - -static void -receive (krb5_context context, - krb5_storage *sp, - kadm5_server_context *server_context) -{ - int ret; - off_t left, right; - void *buf; - int32_t vers; - - ret = server_context->db->open(context, - server_context->db, - O_RDWR | O_CREAT, 0); - if (ret) - krb5_err (context, 1, ret, "db->open"); - - do { - int32_t len, timestamp, tmp; - enum kadm_ops op; - - if(krb5_ret_int32 (sp, &vers) != 0) - return; - krb5_ret_int32 (sp, ×tamp); - krb5_ret_int32 (sp, &tmp); - op = tmp; - krb5_ret_int32 (sp, &len); - if (vers <= server_context->log_context.version) - sp->seek(sp, len, SEEK_CUR); - } while(vers <= server_context->log_context.version); - - left = sp->seek (sp, -16, SEEK_CUR); - right = sp->seek (sp, 0, SEEK_END); - buf = malloc (right - left); - if (buf == NULL) { - krb5_warnx (context, "malloc: no memory"); - return; - } - sp->seek (sp, left, SEEK_SET); - sp->fetch (sp, buf, right - left); - write (server_context->log_context.log_fd, buf, right-left); - fsync (server_context->log_context.log_fd); - free (buf); - - sp->seek (sp, left, SEEK_SET); - - for(;;) { - int32_t len, timestamp, tmp; - enum kadm_ops op; - - if(krb5_ret_int32 (sp, &vers) != 0) - break; - krb5_ret_int32 (sp, ×tamp); - krb5_ret_int32 (sp, &tmp); - op = tmp; - krb5_ret_int32 (sp, &len); - - ret = kadm5_log_replay (server_context, - op, vers, len, sp); - if (ret) - krb5_warn (context, ret, "kadm5_log_replay"); - else - server_context->log_context.version = vers; - sp->seek (sp, 8, SEEK_CUR); - } - - ret = server_context->db->close (context, server_context->db); - if (ret) - krb5_err (context, 1, ret, "db->close"); -} - -char *realm; -int version_flag; -int help_flag; -struct getargs args[] = { - { "realm", 'r', arg_string, &realm }, - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } -}; -int num_args = sizeof(args) / sizeof(args[0]); - -int -main(int argc, char **argv) -{ - krb5_error_code ret; - krb5_context context; - krb5_auth_context auth_context; - void *kadm_handle; - kadm5_server_context *server_context; - kadm5_config_params conf; - int master_fd; - krb5_ccache ccache; - krb5_principal server; - - int optind; - - optind = krb5_program_setup(&context, argc, argv, args, num_args, NULL); - - if(help_flag) - krb5_std_usage(0, args, num_args); - if(version_flag) { - print_version(NULL); - exit(0); - } - - memset(&conf, 0, sizeof(conf)); - if(realm) { - conf.mask |= KADM5_CONFIG_REALM; - conf.realm = realm; - } - ret = kadm5_init_with_password_ctx (context, - KADM5_ADMIN_SERVICE, - NULL, - KADM5_ADMIN_SERVICE, - &conf, 0, 0, - &kadm_handle); - if (ret) - krb5_err (context, 1, ret, "kadm5_init_with_password_ctx"); - - server_context = (kadm5_server_context *)kadm_handle; - - ret = kadm5_log_init (server_context); - if (ret) - krb5_err (context, 1, ret, "kadm5_log_init"); - - get_creds(context, &ccache, argv[1]); - - master_fd = connect_to_master (context, argv[1]); - - ret = krb5_sname_to_principal (context, argv[1], IPROP_NAME, - KRB5_NT_SRV_HST, &server); - if (ret) - krb5_err (context, 1, ret, "krb5_sname_to_principal"); - - auth_context = NULL; - ret = krb5_sendauth (context, &auth_context, &master_fd, - IPROP_VERSION, NULL, server, - AP_OPTS_MUTUAL_REQUIRED, NULL, NULL, - ccache, NULL, NULL, NULL); - if (ret) - krb5_err (context, 1, ret, "krb5_sendauth"); - - ihave (context, auth_context, master_fd, - server_context->log_context.version); - - for (;;) { - int ret; - krb5_data data, out; - krb5_storage *sp; - int32_t tmp; - - ret = krb5_read_message (context, &master_fd, &data); - if (ret) - krb5_err (context, 1, ret, "krb5_read_message"); - - ret = krb5_rd_priv (context, auth_context, &data, &out, NULL); - krb5_data_free (&data); - if (ret) - krb5_err (context, 1, ret, "krb5_rd_priv"); - - sp = krb5_storage_from_mem (out.data, out.length); - krb5_ret_int32 (sp, &tmp); - switch (tmp) { - case FOR_YOU : - receive (context, sp, server_context); - ihave (context, auth_context, master_fd, - server_context->log_context.version); - break; - case I_HAVE : - default : - krb5_warnx (context, "Ignoring command %d", tmp); - break; - } - krb5_storage_free (sp); - krb5_data_free (&out); - } - - return 0; -} diff --git a/crypto/heimdal/lib/kadm5/kadm5_err.et b/crypto/heimdal/lib/kadm5/kadm5_err.et deleted file mode 100644 index 506a554ac1495..0000000000000 --- a/crypto/heimdal/lib/kadm5/kadm5_err.et +++ /dev/null @@ -1,59 +0,0 @@ -# -# Error messages for the kadm5 library -# -# This might look like a com_err file, but is not -# -id "$Id: kadm5_err.et,v 1.4 1998/02/16 16:37:17 joda Exp $" - -error_table ovk kadm5 - -prefix KADM5 -error_code FAILURE, "Operation failed for unspecified reason" -error_code AUTH_GET, "Operation requires `get' privilege" -error_code AUTH_ADD, "Operation requires `add' privilege" -error_code AUTH_MODIFY, "Operation requires `modify' privilege" -error_code AUTH_DELETE, "Operation requires `delete' privilege" -error_code AUTH_INSUFFICIENT, "Insufficient authorization for operation" -error_code BAD_DB, "Database inconsistency detected" -error_code DUP, "Principal or policy already exists" -error_code RPC_ERROR, "Communication failure with server" -error_code NO_SRV, "No administration server found for realm" -error_code BAD_HIST_KEY, "Password history principal key version mismatch" -error_code NOT_INIT, "Connection to server not initialized" -error_code UNK_PRINC, "Principal does not exist" -error_code UNK_POLICY, "Policy does not exist" -error_code BAD_MASK, "Invalid field mask for operation" -error_code BAD_CLASS, "Invalid number of character classes" -error_code BAD_LENGTH, "Invalid password length" -error_code BAD_POLICY, "Invalid policy name" -error_code BAD_PRINCIPAL, "Invalid principal name." -error_code BAD_AUX_ATTR, "Invalid auxillary attributes" -error_code BAD_HISTORY, "Invalid password history count" -error_code BAD_MIN_PASS_LIFE, "Password minimum life is greater then password maximum life" -error_code PASS_Q_TOOSHORT, "Password is too short" -error_code PASS_Q_CLASS, "Password does not contain enough character classes" -error_code PASS_Q_DICT, "Password is in the password dictionary" -error_code PASS_REUSE, "Can't resuse password" -error_code PASS_TOOSOON, "Current password's minimum life has not expired" -error_code POLICY_REF, "Policy is in use" -error_code INIT, "Connection to server already initialized" -error_code BAD_PASSWORD, "Incorrect password" -error_code PROTECT_PRINCIPAL, "Can't change protected principal" -error_code BAD_SERVER_HANDLE, "Programmer error! Bad Admin server handle" -error_code BAD_STRUCT_VERSION, "Programmer error! Bad API structure version" -error_code OLD_STRUCT_VERSION, "API structure version specified by application is no longer supported" -error_code NEW_STRUCT_VERSION, "API structure version specified by application is unknown to libraries" -error_code BAD_API_VERSION, "Programmer error! Bad API version" -error_code OLD_LIB_API_VERSION, "API version specified by application is no longer supported by libraries" -error_code OLD_SERVER_API_VERSION,"API version specified by application is no longer supported by server" -error_code NEW_LIB_API_VERSION, "API version specified by application is unknown to libraries" -error_code NEW_SERVER_API_VERSION,"API version specified by application is unknown to server" -error_code SECURE_PRINC_MISSING,"Database error! Required principal missing" -error_code NO_RENAME_SALT, "The salt type of the specified principal does not support renaming" -error_code BAD_CLIENT_PARAMS, "Invalid configuration parameter for remote KADM5 client" -error_code BAD_SERVER_PARAMS, "Invalid configuration parameter for local KADM5 client." -error_code AUTH_LIST, "Operation requires `list' privilege" -error_code AUTH_CHANGEPW, "Operation requires `change-password' privilege" -error_code BAD_TL_TYPE, "Programmer error! Invalid tagged data list element type" -error_code MISSING_CONF_PARAMS, "Required parameters in kdc.conf missing" -error_code BAD_SERVER_NAME, "Bad krb5 admin server hostname" diff --git a/crypto/heimdal/lib/kadm5/kadm5_locl.h b/crypto/heimdal/lib/kadm5/kadm5_locl.h deleted file mode 100644 index 9344a2c13bad6..0000000000000 --- a/crypto/heimdal/lib/kadm5/kadm5_locl.h +++ /dev/null @@ -1,83 +0,0 @@ -/* - * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: kadm5_locl.h,v 1.21 1999/12/02 17:05:06 joda Exp $ */ - -#ifndef __KADM5_LOCL_H__ -#define __KADM5_LOCL_H__ - -#ifdef HAVE_CONFIG_H -#include <config.h> -#endif - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <errno.h> -#include <assert.h> -#ifdef HAVE_UNISTD_H -#include <unistd.h> -#endif -#ifdef HAVE_FCNTL_H -#include <fcntl.h> -#endif -#ifdef HAVE_SYS_TYPES_H -#include <sys/types.h> -#endif -#ifdef HAVE_SYS_TIME_H -#include <sys/time.h> -#endif -#ifdef HAVE_UNISTD_H -#include <unistd.h> -#endif -#ifdef HAVE_SYS_FILE_H -#include <sys/file.h> -#endif -#ifdef HAVE_SYS_SOCKET_H -#include <sys/socket.h> -#endif -#ifdef HAVE_SYS_UN_H -#include <sys/un.h> -#endif -#ifdef HAVE_NETDB_H -#include <netdb.h> -#endif -#include <fnmatch.h> -#include "admin.h" -#include "kadm5_err.h" -#include <hdb.h> -#include <roken.h> -#include <parse_units.h> -#include "private.h" - -#endif /* __KADM5_LOCL_H__ */ diff --git a/crypto/heimdal/lib/kadm5/log.c b/crypto/heimdal/lib/kadm5/log.c deleted file mode 100644 index e9dc38ce39340..0000000000000 --- a/crypto/heimdal/lib/kadm5/log.c +++ /dev/null @@ -1,666 +0,0 @@ -/* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: log.c,v 1.13 1999/12/04 19:50:35 assar Exp $"); - -/* - * A log record consists of: - * - * version number 4 bytes - * time in seconds 4 bytes - * operation (enum kadm_ops) 4 bytes - * length of record 4 bytes - * data... n bytes - * length of record 4 bytes - * version number 4 bytes - * - */ - -kadm5_ret_t -kadm5_log_get_version (int fd, - u_int32_t *ver) -{ - int ret; - krb5_storage *sp; - int32_t old_version; - - ret = lseek (fd, 0, SEEK_END); - if(ret < 0) - return errno; - if(ret == 0) { - *ver = 0; - return 0; - } - sp = krb5_storage_from_fd (fd); - sp->seek(sp, -4, SEEK_CUR); - krb5_ret_int32 (sp, &old_version); - *ver = old_version; - krb5_storage_free(sp); - lseek (fd, 0, SEEK_END); - return 0; -} - -kadm5_ret_t -kadm5_log_init (kadm5_server_context *context) -{ - int fd; - kadm5_ret_t ret; - kadm5_log_context *log_context = &context->log_context; - - if (log_context->log_fd != -1) - return 0; - fd = open (log_context->log_file, O_RDWR | O_CREAT, 0600); - if (fd < 0) - return errno; - if (flock (fd, LOCK_EX) < 0) { - close (fd); - return errno; - } - - ret = kadm5_log_get_version (fd, &log_context->version); - if (ret) - return ret; - - log_context->log_fd = fd; - return 0; -} - -kadm5_ret_t -kadm5_log_end (kadm5_server_context *context) -{ - kadm5_log_context *log_context = &context->log_context; - int fd = log_context->log_fd; - - flock (fd, LOCK_UN); - close(fd); - log_context->log_fd = -1; - return 0; -} - -static kadm5_ret_t -kadm5_log_preamble (kadm5_server_context *context, - krb5_storage *sp, - enum kadm_ops op) -{ - kadm5_log_context *log_context = &context->log_context; - kadm5_ret_t kadm_ret; - - kadm_ret = kadm5_log_init (context); - if (kadm_ret) - return kadm_ret; - - krb5_store_int32 (sp, ++log_context->version); - krb5_store_int32 (sp, time(NULL)); - krb5_store_int32 (sp, op); - return 0; -} - -static kadm5_ret_t -kadm5_log_postamble (kadm5_log_context *context, - krb5_storage *sp) -{ - krb5_store_int32 (sp, context->version); - return 0; -} - -/* - * flush the log record in `sp'. - */ - -static kadm5_ret_t -kadm5_log_flush (kadm5_log_context *log_context, - krb5_storage *sp) -{ - krb5_data data; - size_t len; - int ret; - - krb5_storage_to_data(sp, &data); - len = data.length; - ret = write (log_context->log_fd, data.data, len); - if (ret != len) { - krb5_data_free(&data); - return errno; - } - if (fsync (log_context->log_fd) < 0) { - krb5_data_free(&data); - return errno; - } - /* - * Try to send a signal to any running `ipropd-master' - */ - sendto (log_context->socket_fd, - (void *)&log_context->version, - sizeof(log_context->version), - 0, - (struct sockaddr *)&log_context->socket_name, - sizeof(log_context->socket_name)); - - krb5_data_free(&data); - return 0; -} - -/* - * Add a `create' operation to the log. - */ - -kadm5_ret_t -kadm5_log_create (kadm5_server_context *context, - hdb_entry *ent) -{ - krb5_storage *sp; - kadm5_ret_t ret; - krb5_data value; - kadm5_log_context *log_context = &context->log_context; - - sp = krb5_storage_emem(); - ret = hdb_entry2value (context->context, ent, &value); - if (ret) { - krb5_storage_free(sp); - return ret; - } - ret = kadm5_log_preamble (context, sp, kadm_create); - if (ret) { - krb5_data_free (&value); - krb5_storage_free(sp); - return ret; - } - krb5_store_int32 (sp, value.length); - sp->store(sp, value.data, value.length); - krb5_store_int32 (sp, value.length); - krb5_data_free (&value); - ret = kadm5_log_postamble (log_context, sp); - if (ret) { - krb5_storage_free (sp); - return ret; - } - ret = kadm5_log_flush (log_context, sp); - krb5_storage_free (sp); - if (ret) - return ret; - ret = kadm5_log_end (context); - return ret; -} - -/* - * Read the data of a create log record from `sp' and change the - * database. - */ - -kadm5_ret_t -kadm5_log_replay_create (kadm5_server_context *context, - u_int32_t ver, - u_int32_t len, - krb5_storage *sp) -{ - krb5_error_code ret; - krb5_data data; - hdb_entry ent; - - krb5_data_alloc (&data, len); - sp->fetch (sp, data.data, len); - ret = hdb_value2entry (context->context, &data, &ent); - krb5_data_free(&data); - if (ret) - return ret; - ret = context->db->store(context->context, context->db, 0, &ent); - hdb_free_entry (context->context, &ent); - return ret; -} - -/* - * Add a `delete' operation to the log. - */ - -kadm5_ret_t -kadm5_log_delete (kadm5_server_context *context, - krb5_principal princ) -{ - krb5_storage *sp; - kadm5_ret_t ret; - off_t off; - off_t len; - kadm5_log_context *log_context = &context->log_context; - - sp = krb5_storage_emem(); - ret = kadm5_log_preamble (context, sp, kadm_delete); - if (ret) { - krb5_storage_free(sp); - return ret; - } - krb5_store_int32 (sp, 0); - off = sp->seek (sp, 0, SEEK_CUR); - krb5_store_principal (sp, princ); - len = sp->seek (sp, 0, SEEK_CUR) - off; - sp->seek(sp, -(len + 4), SEEK_CUR); - krb5_store_int32 (sp, len); - sp->seek(sp, len, SEEK_CUR); - krb5_store_int32 (sp, len); - if (ret) { - krb5_storage_free (sp); - return ret; - } - ret = kadm5_log_postamble (log_context, sp); - if (ret) { - krb5_storage_free (sp); - return ret; - } - ret = kadm5_log_flush (log_context, sp); - krb5_storage_free (sp); - if (ret) - return ret; - ret = kadm5_log_end (context); - return ret; -} - -/* - * Read a `delete' log operation from `sp' and apply it. - */ - -kadm5_ret_t -kadm5_log_replay_delete (kadm5_server_context *context, - u_int32_t ver, - u_int32_t len, - krb5_storage *sp) -{ - krb5_error_code ret; - hdb_entry ent; - - krb5_ret_principal (sp, &ent.principal); - - ret = context->db->remove(context->context, context->db, &ent); - krb5_free_principal (context->context, ent.principal); - return ret; -} - -/* - * Add a `rename' operation to the log. - */ - -kadm5_ret_t -kadm5_log_rename (kadm5_server_context *context, - krb5_principal source, - hdb_entry *ent) -{ - krb5_storage *sp; - kadm5_ret_t ret; - off_t off; - off_t len; - krb5_data value; - kadm5_log_context *log_context = &context->log_context; - - sp = krb5_storage_emem(); - ret = hdb_entry2value (context->context, ent, &value); - if (ret) { - krb5_storage_free(sp); - return ret; - } - ret = kadm5_log_preamble (context, sp, kadm_rename); - if (ret) { - krb5_storage_free(sp); - krb5_data_free (&value); - return ret; - } - krb5_store_int32 (sp, 0); - off = sp->seek (sp, 0, SEEK_CUR); - krb5_store_principal (sp, source); - sp->store(sp, value.data, value.length); - krb5_data_free (&value); - len = sp->seek (sp, 0, SEEK_CUR) - off; - - sp->seek(sp, -(len + 4), SEEK_CUR); - krb5_store_int32 (sp, len); - sp->seek(sp, len, SEEK_CUR); - krb5_store_int32 (sp, len); - if (ret) { - krb5_storage_free (sp); - return ret; - } - ret = kadm5_log_postamble (log_context, sp); - if (ret) { - krb5_storage_free (sp); - return ret; - } - ret = kadm5_log_flush (log_context, sp); - krb5_storage_free (sp); - if (ret) - return ret; - ret = kadm5_log_end (context); - return ret; -} - -/* - * Read a `rename' log operation from `sp' and apply it. - */ - -kadm5_ret_t -kadm5_log_replay_rename (kadm5_server_context *context, - u_int32_t ver, - u_int32_t len, - krb5_storage *sp) -{ - krb5_error_code ret; - krb5_principal source; - hdb_entry source_ent, target_ent; - krb5_data value; - off_t off; - size_t princ_len, data_len; - - off = sp->seek(sp, 0, SEEK_CUR); - krb5_ret_principal (sp, &source); - princ_len = sp->seek(sp, 0, SEEK_CUR) - off; - data_len = len - princ_len; - krb5_data_alloc (&value, data_len); - sp->fetch (sp, value.data, data_len); - ret = hdb_value2entry (context->context, &value, &target_ent); - krb5_data_free(&value); - if (ret) { - krb5_free_principal (context->context, source); - return ret; - } - ret = context->db->store (context->context, context->db, 0, &target_ent); - hdb_free_entry (context->context, &target_ent); - if (ret) { - krb5_free_principal (context->context, source); - return ret; - } - source_ent.principal = source; - ret = context->db->remove (context->context, context->db, &source_ent); - krb5_free_principal (context->context, source); - return ret; -} - - -/* - * Add a `modify' operation to the log. - */ - -kadm5_ret_t -kadm5_log_modify (kadm5_server_context *context, - hdb_entry *ent, - u_int32_t mask) -{ - krb5_storage *sp; - kadm5_ret_t ret; - krb5_data value; - u_int32_t len; - kadm5_log_context *log_context = &context->log_context; - - sp = krb5_storage_emem(); - ret = hdb_entry2value (context->context, ent, &value); - if (ret) { - krb5_storage_free(sp); - return ret; - } - ret = kadm5_log_preamble (context, sp, kadm_modify); - if (ret) { - krb5_data_free (&value); - krb5_storage_free(sp); - return ret; - } - len = value.length + 4; - krb5_store_int32 (sp, len); - krb5_store_int32 (sp, mask); - sp->store(sp, value.data, value.length); - krb5_data_free (&value); - krb5_store_int32 (sp, len); - if (ret) { - krb5_storage_free (sp); - return ret; - } - ret = kadm5_log_postamble (log_context, sp); - if (ret) { - krb5_storage_free (sp); - return ret; - } - ret = kadm5_log_flush (log_context, sp); - krb5_storage_free (sp); - if (ret) - return ret; - ret = kadm5_log_end (context); - return ret; -} - -/* - * Read a `modify' log operation from `sp' and apply it. - */ - -kadm5_ret_t -kadm5_log_replay_modify (kadm5_server_context *context, - u_int32_t ver, - u_int32_t len, - krb5_storage *sp) -{ - krb5_error_code ret; - int32_t mask; - krb5_data value; - hdb_entry ent, log_ent; - - krb5_ret_int32 (sp, &mask); - len -= 4; - krb5_data_alloc (&value, len); - sp->fetch (sp, value.data, len); - ret = hdb_value2entry (context->context, &value, &log_ent); - krb5_data_free(&value); - if (ret) - return ret; - ent.principal = log_ent.principal; - log_ent.principal = NULL; - ret = context->db->fetch(context->context, context->db, - HDB_F_DECRYPT, &ent); - if (ret) - return ret; - if (mask & KADM5_PRINC_EXPIRE_TIME) { - if (ent.valid_end == NULL) - ent.valid_end = malloc(sizeof(*ent.valid_end)); - *ent.valid_end = *log_ent.valid_end; - } - if (mask & KADM5_PW_EXPIRATION) { - if (ent.pw_end == NULL) - ent.pw_end = malloc(sizeof(*ent.pw_end)); - *ent.pw_end = *log_ent.pw_end; - } - if (mask & KADM5_LAST_PWD_CHANGE) { - abort (); /* XXX */ - } - if (mask & KADM5_ATTRIBUTES) { - ent.flags = log_ent.flags; - } - if (mask & KADM5_MAX_LIFE) { - if (ent.max_life == NULL) - ent.max_life = malloc (sizeof(*ent.max_life)); - *ent.max_life = *log_ent.max_life; - } - if ((mask & KADM5_MOD_TIME) && (mask & KADM5_MOD_NAME)) { - if (ent.modified_by == NULL) { - ent.modified_by = malloc(sizeof(*ent.modified_by)); - } else - free_Event(ent.modified_by); - copy_Event(log_ent.modified_by, ent.modified_by); - } - if (mask & KADM5_KVNO) { - ent.kvno = log_ent.kvno; - } - if (mask & KADM5_MKVNO) { - abort (); /* XXX */ - } - if (mask & KADM5_AUX_ATTRIBUTES) { - abort (); /* XXX */ - } - if (mask & KADM5_POLICY) { - abort (); /* XXX */ - } - if (mask & KADM5_POLICY_CLR) { - abort (); /* XXX */ - } - if (mask & KADM5_MAX_RLIFE) { - if (ent.max_renew == NULL) - ent.max_renew = malloc (sizeof(*ent.max_renew)); - *ent.max_renew = *log_ent.max_renew; - } - if (mask & KADM5_LAST_SUCCESS) { - abort (); /* XXX */ - } - if (mask & KADM5_LAST_FAILED) { - abort (); /* XXX */ - } - if (mask & KADM5_FAIL_AUTH_COUNT) { - abort (); /* XXX */ - } - if (mask & KADM5_KEY_DATA) { - size_t len; - int i; - - for (i = 0; i < ent.keys.len; ++i) - free_Key(&ent.keys.val[i]); - free (ent.keys.val); - - len = log_ent.keys.len; - - ent.keys.len = len; - ent.keys.val = malloc(len * sizeof(*ent.keys.val)); - for (i = 0; i < ent.keys.len; ++i) - copy_Key(&log_ent.keys.val[i], - &ent.keys.val[i]); - } - ret = context->db->store(context->context, context->db, - HDB_F_REPLACE, &ent); - hdb_free_entry (context->context, &ent); - hdb_free_entry (context->context, &log_ent); - return ret; -} - -/* - * Call `func' for each log record in the log in `context' - */ - -kadm5_ret_t -kadm5_log_foreach (kadm5_server_context *context, - void (*func)(kadm5_server_context *server_context, - u_int32_t ver, - time_t timestamp, - enum kadm_ops op, - u_int32_t len, - krb5_storage *sp)) -{ - int fd = context->log_context.log_fd; - krb5_storage *sp; - - lseek (fd, 0, SEEK_SET); - sp = krb5_storage_from_fd (fd); - for (;;) { - int32_t ver, timestamp, op, len; - - if(krb5_ret_int32 (sp, &ver) != 0) - break; - krb5_ret_int32 (sp, ×tamp); - krb5_ret_int32 (sp, &op); - krb5_ret_int32 (sp, &len); - (*func)(context, ver, timestamp, op, len, sp); - sp->seek(sp, 8, SEEK_CUR); - } - return 0; -} - -/* - * Go to end of log. - */ - -krb5_storage * -kadm5_log_goto_end (int fd) -{ - krb5_storage *sp; - - sp = krb5_storage_from_fd (fd); - sp->seek(sp, 0, SEEK_END); - return sp; -} - -/* - * Return previous log entry. - */ - -kadm5_ret_t -kadm5_log_previous (krb5_storage *sp, - u_int32_t *ver, - time_t *timestamp, - enum kadm_ops *op, - u_int32_t *len) -{ - off_t off; - int32_t tmp; - - sp->seek(sp, -8, SEEK_CUR); - krb5_ret_int32 (sp, &tmp); - *len = tmp; - krb5_ret_int32 (sp, &tmp); - *ver = tmp; - off = 24 + *len; - sp->seek(sp, -off, SEEK_CUR); - krb5_ret_int32 (sp, &tmp); - assert(tmp == *ver); - krb5_ret_int32 (sp, &tmp); - *timestamp = tmp; - krb5_ret_int32 (sp, &tmp); - *op = tmp; - krb5_ret_int32 (sp, &tmp); - assert(tmp == *len); - return 0; -} - -/* - * Replay a record from the log - */ - -kadm5_ret_t -kadm5_log_replay (kadm5_server_context *context, - enum kadm_ops op, - u_int32_t ver, - u_int32_t len, - krb5_storage *sp) -{ - switch (op) { - case kadm_create : - return kadm5_log_replay_create (context, ver, len, sp); - case kadm_delete : - return kadm5_log_replay_delete (context, ver, len, sp); - case kadm_rename : - return kadm5_log_replay_rename (context, ver, len, sp); - case kadm_modify : - return kadm5_log_replay_modify (context, ver, len, sp); - default : - return KADM5_FAILURE; - } -} diff --git a/crypto/heimdal/lib/kadm5/marshall.c b/crypto/heimdal/lib/kadm5/marshall.c deleted file mode 100644 index 98288376c4f43..0000000000000 --- a/crypto/heimdal/lib/kadm5/marshall.c +++ /dev/null @@ -1,330 +0,0 @@ -/* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: marshall.c,v 1.6 1999/12/02 17:05:06 joda Exp $"); - -kadm5_ret_t -kadm5_store_key_data(krb5_storage *sp, - krb5_key_data *key) -{ - krb5_data c; - krb5_store_int32(sp, key->key_data_ver); - krb5_store_int32(sp, key->key_data_kvno); - krb5_store_int32(sp, key->key_data_type[0]); - c.length = key->key_data_length[0]; - c.data = key->key_data_contents[0]; - krb5_store_data(sp, c); - krb5_store_int32(sp, key->key_data_type[1]); - c.length = key->key_data_length[1]; - c.data = key->key_data_contents[1]; - krb5_store_data(sp, c); - return 0; -} - -kadm5_ret_t -kadm5_ret_key_data(krb5_storage *sp, - krb5_key_data *key) -{ - krb5_data c; - int32_t tmp; - krb5_ret_int32(sp, &tmp); - key->key_data_ver = tmp; - krb5_ret_int32(sp, &tmp); - key->key_data_kvno = tmp; - krb5_ret_int32(sp, &tmp); - key->key_data_type[0] = tmp; - krb5_ret_data(sp, &c); - key->key_data_length[0] = c.length; - key->key_data_contents[0] = c.data; - krb5_ret_int32(sp, &tmp); - key->key_data_type[1] = tmp; - krb5_ret_data(sp, &c); - key->key_data_length[1] = c.length; - key->key_data_contents[1] = c.data; - return 0; -} - -kadm5_ret_t -kadm5_store_tl_data(krb5_storage *sp, - krb5_tl_data *tl) -{ - krb5_data c; - krb5_store_int32(sp, tl->tl_data_type); - c.length = tl->tl_data_length; - c.data = tl->tl_data_contents; - krb5_store_data(sp, c); - return 0; -} - -kadm5_ret_t -kadm5_ret_tl_data(krb5_storage *sp, - krb5_tl_data *tl) -{ - krb5_data c; - int32_t tmp; - krb5_ret_int32(sp, &tmp); - tl->tl_data_type = tmp; - krb5_ret_data(sp, &c); - tl->tl_data_length = c.length; - tl->tl_data_contents = c.data; - return 0; -} - -static kadm5_ret_t -store_principal_ent(krb5_storage *sp, - kadm5_principal_ent_t princ, - u_int32_t mask) -{ - int i; - - if (mask & KADM5_PRINCIPAL) - krb5_store_principal(sp, princ->principal); - if (mask & KADM5_PRINC_EXPIRE_TIME) - krb5_store_int32(sp, princ->princ_expire_time); - if (mask & KADM5_PW_EXPIRATION) - krb5_store_int32(sp, princ->pw_expiration); - if (mask & KADM5_LAST_PWD_CHANGE) - krb5_store_int32(sp, princ->last_pwd_change); - if (mask & KADM5_MAX_LIFE) - krb5_store_int32(sp, princ->max_life); - if (mask & KADM5_MOD_NAME) { - krb5_store_int32(sp, princ->mod_name != NULL); - if(princ->mod_name) - krb5_store_principal(sp, princ->mod_name); - } - if (mask & KADM5_MOD_TIME) - krb5_store_int32(sp, princ->mod_date); - if (mask & KADM5_ATTRIBUTES) - krb5_store_int32(sp, princ->attributes); - if (mask & KADM5_KVNO) - krb5_store_int32(sp, princ->kvno); - if (mask & KADM5_MKVNO) - krb5_store_int32(sp, princ->mkvno); - if (mask & KADM5_POLICY) { - krb5_store_int32(sp, princ->policy != NULL); - if(princ->policy) - krb5_store_string(sp, princ->policy); - } - if (mask & KADM5_AUX_ATTRIBUTES) - krb5_store_int32(sp, princ->aux_attributes); - if (mask & KADM5_MAX_RLIFE) - krb5_store_int32(sp, princ->max_renewable_life); - if (mask & KADM5_LAST_SUCCESS) - krb5_store_int32(sp, princ->last_success); - if (mask & KADM5_LAST_FAILED) - krb5_store_int32(sp, princ->last_failed); - if (mask & KADM5_FAIL_AUTH_COUNT) - krb5_store_int32(sp, princ->fail_auth_count); - if (mask & KADM5_KEY_DATA) { - krb5_store_int32(sp, princ->n_key_data); - for(i = 0; i < princ->n_key_data; i++) - kadm5_store_key_data(sp, &princ->key_data[i]); - } - if (mask & KADM5_TL_DATA) { - krb5_tl_data *tp; - - krb5_store_int32(sp, princ->n_tl_data); - for(tp = princ->tl_data; tp; tp = tp->tl_data_next) - kadm5_store_tl_data(sp, tp); - } - return 0; -} - - -kadm5_ret_t -kadm5_store_principal_ent(krb5_storage *sp, - kadm5_principal_ent_t princ) -{ - return store_principal_ent (sp, princ, ~0); -} - -kadm5_ret_t -kadm5_store_principal_ent_mask(krb5_storage *sp, - kadm5_principal_ent_t princ, - u_int32_t mask) -{ - krb5_store_int32(sp, mask); - return store_principal_ent (sp, princ, mask); -} - -static kadm5_ret_t -ret_principal_ent(krb5_storage *sp, - kadm5_principal_ent_t princ, - u_int32_t mask) -{ - int i; - int32_t tmp; - - if (mask & KADM5_PRINCIPAL) - krb5_ret_principal(sp, &princ->principal); - - if (mask & KADM5_PRINC_EXPIRE_TIME) { - krb5_ret_int32(sp, &tmp); - princ->princ_expire_time = tmp; - } - if (mask & KADM5_PW_EXPIRATION) { - krb5_ret_int32(sp, &tmp); - princ->pw_expiration = tmp; - } - if (mask & KADM5_LAST_PWD_CHANGE) { - krb5_ret_int32(sp, &tmp); - princ->last_pwd_change = tmp; - } - if (mask & KADM5_MAX_LIFE) { - krb5_ret_int32(sp, &tmp); - princ->max_life = tmp; - } - if (mask & KADM5_MOD_NAME) { - krb5_ret_int32(sp, &tmp); - if(tmp) - krb5_ret_principal(sp, &princ->mod_name); - else - princ->mod_name = NULL; - } - if (mask & KADM5_MOD_TIME) { - krb5_ret_int32(sp, &tmp); - princ->mod_date = tmp; - } - if (mask & KADM5_ATTRIBUTES) { - krb5_ret_int32(sp, &tmp); - princ->attributes = tmp; - } - if (mask & KADM5_KVNO) { - krb5_ret_int32(sp, &tmp); - princ->kvno = tmp; - } - if (mask & KADM5_MKVNO) { - krb5_ret_int32(sp, &tmp); - princ->mkvno = tmp; - } - if (mask & KADM5_POLICY) { - krb5_ret_int32(sp, &tmp); - if(tmp) - krb5_ret_string(sp, &princ->policy); - else - princ->policy = NULL; - } - if (mask & KADM5_AUX_ATTRIBUTES) { - krb5_ret_int32(sp, &tmp); - princ->aux_attributes = tmp; - } - if (mask & KADM5_MAX_RLIFE) { - krb5_ret_int32(sp, &tmp); - princ->max_renewable_life = tmp; - } - if (mask & KADM5_LAST_SUCCESS) { - krb5_ret_int32(sp, &tmp); - princ->last_success = tmp; - } - if (mask & KADM5_LAST_FAILED) { - krb5_ret_int32(sp, &tmp); - princ->last_failed = tmp; - } - if (mask & KADM5_FAIL_AUTH_COUNT) { - krb5_ret_int32(sp, &tmp); - princ->fail_auth_count = tmp; - } - if (mask & KADM5_KEY_DATA) { - krb5_ret_int32(sp, &tmp); - princ->n_key_data = tmp; - princ->key_data = malloc(princ->n_key_data * sizeof(*princ->key_data)); - for(i = 0; i < princ->n_key_data; i++) - kadm5_ret_key_data(sp, &princ->key_data[i]); - } - if (mask & KADM5_TL_DATA) { - krb5_ret_int32(sp, &tmp); - princ->n_tl_data = tmp; - princ->tl_data = NULL; - for(i = 0; i < princ->n_tl_data; i++){ - krb5_tl_data *tp = malloc(sizeof(*tp)); - kadm5_ret_tl_data(sp, tp); - tp->tl_data_next = princ->tl_data; - princ->tl_data = tp; - } - } - return 0; -} - -kadm5_ret_t -kadm5_ret_principal_ent(krb5_storage *sp, - kadm5_principal_ent_t princ) -{ - return ret_principal_ent (sp, princ, ~0); -} - -kadm5_ret_t -kadm5_ret_principal_ent_mask(krb5_storage *sp, - kadm5_principal_ent_t princ, - u_int32_t *mask) -{ - int32_t tmp; - - krb5_ret_int32 (sp, &tmp); - *mask = tmp; - return ret_principal_ent (sp, princ, *mask); -} - -kadm5_ret_t -_kadm5_marshal_params(krb5_context context, - kadm5_config_params *params, - krb5_data *out) -{ - krb5_storage *sp = krb5_storage_emem(); - - krb5_store_int32(sp, params->mask & (KADM5_CONFIG_REALM)); - - if(params->mask & KADM5_CONFIG_REALM) - krb5_store_string(sp, params->realm); - krb5_storage_to_data(sp, out); - krb5_storage_free(sp); - - return 0; -} - -kadm5_ret_t -_kadm5_unmarshal_params(krb5_context context, - krb5_data *in, - kadm5_config_params *params) -{ - krb5_storage *sp = krb5_storage_from_data(in); - - krb5_ret_int32(sp, ¶ms->mask); - - if(params->mask & KADM5_CONFIG_REALM) - krb5_ret_string(sp, ¶ms->realm); - krb5_storage_free(sp); - - return 0; -} diff --git a/crypto/heimdal/lib/kadm5/modify_c.c b/crypto/heimdal/lib/kadm5/modify_c.c deleted file mode 100644 index 2a64ccc984841..0000000000000 --- a/crypto/heimdal/lib/kadm5/modify_c.c +++ /dev/null @@ -1,73 +0,0 @@ -/* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: modify_c.c,v 1.3 1999/12/02 17:05:06 joda Exp $"); - -kadm5_ret_t -kadm5_c_modify_principal(void *server_handle, - kadm5_principal_ent_t princ, - u_int32_t mask) -{ - kadm5_client_context *context = server_handle; - kadm5_ret_t ret; - krb5_storage *sp; - unsigned char buf[1024]; - int32_t tmp; - krb5_data reply; - - sp = krb5_storage_from_mem(buf, sizeof(buf)); - if (sp == NULL) - return ENOMEM; - krb5_store_int32(sp, kadm_modify); - kadm5_store_principal_ent(sp, princ); - krb5_store_int32(sp, mask); - ret = _kadm5_client_send(context, sp); - krb5_storage_free(sp); - if(ret) - return ret; - ret = _kadm5_client_recv(context, &reply); - if(ret) - return ret; - sp = krb5_storage_from_data (&reply); - if (sp == NULL) { - krb5_data_free (&reply); - return ENOMEM; - } - krb5_ret_int32(sp, &tmp); - krb5_storage_free(sp); - krb5_data_free (&reply); - return tmp; -} - diff --git a/crypto/heimdal/lib/kadm5/modify_s.c b/crypto/heimdal/lib/kadm5/modify_s.c deleted file mode 100644 index 4157202fcd12f..0000000000000 --- a/crypto/heimdal/lib/kadm5/modify_s.c +++ /dev/null @@ -1,92 +0,0 @@ -/* - * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: modify_s.c,v 1.9 1999/12/02 17:05:06 joda Exp $"); - -static kadm5_ret_t -modify_principal(void *server_handle, - kadm5_principal_ent_t princ, - u_int32_t mask, - u_int32_t forbidden_mask) -{ - kadm5_server_context *context = server_handle; - hdb_entry ent; - kadm5_ret_t ret; - if((mask & forbidden_mask)) - return KADM5_BAD_MASK; - if((mask & KADM5_POLICY) && strcmp(princ->policy, "default")) - return KADM5_UNK_POLICY; - - ent.principal = princ->principal; - ret = context->db->open(context->context, context->db, O_RDWR, 0); - if(ret) - return ret; - ret = context->db->fetch(context->context, context->db, 0, &ent); - if(ret) - goto out; - ret = _kadm5_setup_entry(&ent, mask, princ, mask, NULL, 0); - if(ret) - goto out2; - ret = _kadm5_set_modifier(context, &ent); - if(ret) - goto out2; - - hdb_seal_keys(context->db, &ent); - - kadm5_log_modify (context, - &ent, - mask | KADM5_MOD_NAME | KADM5_MOD_TIME); - - ret = context->db->store(context->context, context->db, - HDB_F_REPLACE, &ent); -out2: - hdb_free_entry(context->context, &ent); -out: - context->db->close(context->context, context->db); - return _kadm5_error_code(ret); -} - - -kadm5_ret_t -kadm5_s_modify_principal(void *server_handle, - kadm5_principal_ent_t princ, - u_int32_t mask) -{ - return modify_principal(server_handle, princ, mask, - KADM5_LAST_PWD_CHANGE | KADM5_MOD_TIME - | KADM5_MOD_NAME | KADM5_MKVNO - | KADM5_AUX_ATTRIBUTES | KADM5_LAST_SUCCESS - | KADM5_LAST_FAILED); -} diff --git a/crypto/heimdal/lib/kadm5/password_quality.c b/crypto/heimdal/lib/kadm5/password_quality.c deleted file mode 100644 index 86d35f36628b9..0000000000000 --- a/crypto/heimdal/lib/kadm5/password_quality.c +++ /dev/null @@ -1,147 +0,0 @@ -/* - * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: password_quality.c,v 1.3 1999/12/02 17:05:06 joda Exp $"); - -#ifdef HAVE_DLFCN_H -#include <dlfcn.h> -#endif - -static const char * -simple_passwd_quality (krb5_context context, - krb5_principal principal, - krb5_data *pwd) -{ - if (pwd->length < 6) - return "Password too short"; - else - return NULL; -} - -typedef const char* (*passwd_quality_check_func)(krb5_context, - krb5_principal, - krb5_data*); - -static passwd_quality_check_func passwd_quality_check = simple_passwd_quality; - -#ifdef HAVE_DLOPEN -extern const char *check_library; -extern const char *check_function; - -#define PASSWD_VERSION 0 - -#endif - -/* - * setup the password quality hook - */ - -void -kadm5_setup_passwd_quality_check(krb5_context context, - const char *check_library, - const char *check_function) -{ -#ifdef HAVE_DLOPEN - void *handle; - void *sym; - int *version; - int flags; - const char *tmp; - -#ifdef RTLD_NOW - flags = RTLD_NOW; -#else - flags = 0; -#endif - - if(check_library == NULL) { - tmp = krb5_config_get_string(context, NULL, - "password_quality", - "check_library", - NULL); - if(tmp != NULL) - check_library = tmp; - } - if(check_function == NULL) { - tmp = krb5_config_get_string(context, NULL, - "password_quality", - "check_function", - NULL); - if(tmp != NULL) - check_function = tmp; - } - if(check_library != NULL && check_function == NULL) - check_function = "passwd_check"; - - if(check_library == NULL) - return; - handle = dlopen(check_library, flags); - if(handle == NULL) { - krb5_warnx(context, "failed to open `%s'", check_library); - return; - } - version = dlsym(handle, "version"); - if(version == NULL) { - krb5_warnx(context, - "didn't find `version' symbol in `%s'", check_library); - dlclose(handle); - return; - } - if(*version != PASSWD_VERSION) { - krb5_warnx(context, - "version of loaded library is %d (expected %d)", - *version, PASSWD_VERSION); - dlclose(handle); - return; - } - sym = dlsym(handle, check_function); - if(sym == NULL) { - krb5_warnx(context, - "didn't find `%s' symbol in `%s'", - check_function, check_library); - dlclose(handle); - return; - } - passwd_quality_check = (passwd_quality_check_func) sym; -#endif /* HAVE_DLOPEN */ -} - -const char * -kadm5_check_password_quality (krb5_context context, - krb5_principal principal, - krb5_data *pwd_data) -{ - return (*passwd_quality_check) (context, principal, pwd_data); -} diff --git a/crypto/heimdal/lib/kadm5/private.h b/crypto/heimdal/lib/kadm5/private.h deleted file mode 100644 index e56a0f5cb1f0b..0000000000000 --- a/crypto/heimdal/lib/kadm5/private.h +++ /dev/null @@ -1,281 +0,0 @@ -/* - * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: private.h,v 1.10 1999/12/04 23:09:34 assar Exp $ */ - -#ifndef __kadm5_private_h__ -#define __kadm5_private_h__ - -struct kadm_func { - kadm5_ret_t (*chpass_principal) (void *, krb5_principal, char*); - kadm5_ret_t (*create_principal) (void*, kadm5_principal_ent_t, - u_int32_t, char*); - kadm5_ret_t (*delete_principal) (void*, krb5_principal); - kadm5_ret_t (*destroy) (void*); - kadm5_ret_t (*flush) (void*); - kadm5_ret_t (*get_principal) (void*, krb5_principal, - kadm5_principal_ent_t, u_int32_t); - kadm5_ret_t (*get_principals) (void*, const char*, char***, int*); - kadm5_ret_t (*get_privs) (void*, u_int32_t*); - kadm5_ret_t (*modify_principal) (void*, kadm5_principal_ent_t, u_int32_t); - kadm5_ret_t (*randkey_principal) (void*, krb5_principal, - krb5_keyblock**, int*); - kadm5_ret_t (*rename_principal) (void*, krb5_principal, krb5_principal); -}; - -/* XXX should be integrated */ -typedef struct kadm5_common_context { - krb5_context context; - krb5_boolean my_context; - struct kadm_func funcs; - void *data; -}kadm5_common_context; - -typedef struct kadm5_log_peer { - int fd; - char *name; - krb5_auth_context ac; - struct kadm5_log_peer *next; -} kadm5_log_peer; - -typedef struct kadm5_log_context { - char *log_file; - int log_fd; - u_int32_t version; - struct sockaddr_un socket_name; - int socket_fd; -} kadm5_log_context; - -typedef struct kadm5_server_context { - krb5_context context; - krb5_boolean my_context; - struct kadm_func funcs; - /* */ - kadm5_config_params config; - HDB *db; - krb5_principal caller; - unsigned acl_flags; - kadm5_log_context log_context; -}kadm5_server_context; - -typedef struct kadm5_client_context { - krb5_context context; - krb5_boolean my_context; - struct kadm_func funcs; - /* */ - krb5_auth_context ac; - char *realm; - char *admin_server; - int kadmind_port; - int sock; -}kadm5_client_context; - -enum kadm_ops { - kadm_get, - kadm_delete, - kadm_create, - kadm_rename, - kadm_chpass, - kadm_modify, - kadm_randkey, - kadm_get_privs, - kadm_get_princs -}; - -#define KADMIN_APPL_VERSION "KADM0.1" -#define KADMIN_OLD_APPL_VERSION "KADM0.0" - -#define KADM5_LOG_SIGNAL HDB_DB_DIR "/signal" - -kadm5_ret_t _kadm5_privs_to_string (u_int32_t, char*, size_t); - -kadm5_ret_t _kadm5_string_to_privs (const char*, u_int32_t*); - -HDB *_kadm5_s_get_db (void *); - -kadm5_ret_t -_kadm5_acl_check_permission __P(( - kadm5_server_context *context, - unsigned op)); - -kadm5_ret_t -_kadm5_acl_init __P((kadm5_server_context *context)); - -kadm5_ret_t -_kadm5_c_init_context __P(( - kadm5_client_context **ctx, - kadm5_config_params *params, - krb5_context context)); - -kadm5_ret_t -_kadm5_client_recv __P(( - kadm5_client_context *context, - krb5_data *reply)); - -kadm5_ret_t -_kadm5_client_send __P(( - kadm5_client_context *context, - krb5_storage *sp)); - -kadm5_ret_t -_kadm5_error_code __P((kadm5_ret_t code)); - -kadm5_ret_t -_kadm5_s_init_context __P(( - kadm5_server_context **ctx, - kadm5_config_params *params, - krb5_context context)); - -kadm5_ret_t -_kadm5_set_keys __P(( - kadm5_server_context *context, - hdb_entry *ent, - const char *password)); - -kadm5_ret_t -_kadm5_set_keys2 __P(( - hdb_entry *ent, - int16_t n_key_data, - krb5_key_data *key_data)); - -kadm5_ret_t -_kadm5_set_keys_randomly __P((kadm5_server_context *context, - hdb_entry *ent, - krb5_keyblock **new_keys, - int *n_keys)); - -kadm5_ret_t -_kadm5_set_modifier __P(( - kadm5_server_context *context, - hdb_entry *ent)); - -kadm5_ret_t -_kadm5_setup_entry __P(( - hdb_entry *ent, - u_int32_t mask, - kadm5_principal_ent_t princ, - u_int32_t princ_mask, - kadm5_principal_ent_t def, - u_int32_t def_mask)); - -kadm5_ret_t -kadm5_log_get_version (int fd, - u_int32_t *ver); - -kadm5_ret_t -kadm5_log_init (kadm5_server_context *context); - -kadm5_ret_t -kadm5_log_create (kadm5_server_context *context, - hdb_entry *ent); - -kadm5_ret_t -kadm5_log_delete (kadm5_server_context *context, - krb5_principal princ); - -kadm5_ret_t -kadm5_log_rename (kadm5_server_context *context, - krb5_principal source, - hdb_entry *ent); - -kadm5_ret_t -kadm5_log_modify (kadm5_server_context *context, - hdb_entry *ent, - u_int32_t mask); - -kadm5_ret_t -kadm5_log_end (kadm5_server_context *context); - -kadm5_ret_t -kadm5_log_foreach (kadm5_server_context *context, - void (*func)(kadm5_server_context *server_context, - u_int32_t ver, - time_t timestamp, - enum kadm_ops op, - u_int32_t len, - krb5_storage *sp)); - -kadm5_ret_t -kadm5_log_replay_create (kadm5_server_context *context, - u_int32_t ver, - u_int32_t len, - krb5_storage *sp); - -kadm5_ret_t -kadm5_log_replay_delete (kadm5_server_context *context, - u_int32_t ver, - u_int32_t len, - krb5_storage *sp); - -kadm5_ret_t -kadm5_log_replay_rename (kadm5_server_context *context, - u_int32_t ver, - u_int32_t len, - krb5_storage *sp); - -kadm5_ret_t -kadm5_log_replay_modify (kadm5_server_context *context, - u_int32_t ver, - u_int32_t len, - krb5_storage *sp); - -kadm5_ret_t -kadm5_log_replay (kadm5_server_context *context, - enum kadm_ops op, - u_int32_t ver, - u_int32_t len, - krb5_storage *sp); - -krb5_storage * -kadm5_log_goto_end (int fd); - -kadm5_ret_t -kadm5_log_previous (krb5_storage *sp, - u_int32_t *ver, - time_t *timestamp, - enum kadm_ops *op, - u_int32_t *len); - -kadm5_ret_t -_kadm5_marshal_params __P((krb5_context context, - kadm5_config_params *params, - krb5_data *out)); - -kadm5_ret_t -_kadm5_unmarshal_params __P((krb5_context context, - krb5_data *in, - kadm5_config_params *params)); - - - -#endif /* __kadm5_private_h__ */ diff --git a/crypto/heimdal/lib/kadm5/privs_c.c b/crypto/heimdal/lib/kadm5/privs_c.c deleted file mode 100644 index 25d49761cdd0c..0000000000000 --- a/crypto/heimdal/lib/kadm5/privs_c.c +++ /dev/null @@ -1,73 +0,0 @@ -/* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: privs_c.c,v 1.3 1999/12/02 17:05:07 joda Exp $"); - -kadm5_ret_t -kadm5_c_get_privs(void *server_handle, u_int32_t *privs) -{ - kadm5_client_context *context = server_handle; - kadm5_ret_t ret; - krb5_storage *sp; - unsigned char buf[1024]; - int32_t tmp; - krb5_data reply; - - sp = krb5_storage_from_mem(buf, sizeof(buf)); - if (sp == NULL) - return ENOMEM; - krb5_store_int32(sp, kadm_get_privs); - ret = _kadm5_client_send(context, sp); - krb5_storage_free(sp); - if(ret) - return ret; - ret = _kadm5_client_recv(context, &reply); - if (ret) - return ret; - sp = krb5_storage_from_data(&reply); - if (sp == NULL) { - krb5_data_free (&reply); - return ENOMEM; - } - krb5_ret_int32(sp, &tmp); - ret = tmp; - if(ret == 0){ - krb5_ret_int32(sp, &tmp); - *privs = tmp; - } - krb5_storage_free(sp); - krb5_data_free (&reply); - return ret; -} diff --git a/crypto/heimdal/lib/kadm5/privs_s.c b/crypto/heimdal/lib/kadm5/privs_s.c deleted file mode 100644 index 85cd5d597d005..0000000000000 --- a/crypto/heimdal/lib/kadm5/privs_s.c +++ /dev/null @@ -1,44 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: privs_s.c,v 1.2 1999/12/02 17:05:07 joda Exp $"); - -kadm5_ret_t -kadm5_s_get_privs(void *server_handle, u_int32_t *privs) -{ - kadm5_server_context *context = server_handle; - *privs = context->acl_flags; - return 0; -} diff --git a/crypto/heimdal/lib/kadm5/randkey_c.c b/crypto/heimdal/lib/kadm5/randkey_c.c deleted file mode 100644 index 7531b6e9f096b..0000000000000 --- a/crypto/heimdal/lib/kadm5/randkey_c.c +++ /dev/null @@ -1,89 +0,0 @@ -/* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: randkey_c.c,v 1.3 1999/12/02 17:05:07 joda Exp $"); - -kadm5_ret_t -kadm5_c_randkey_principal(void *server_handle, - krb5_principal princ, - krb5_keyblock **new_keys, - int *n_keys) -{ - kadm5_client_context *context = server_handle; - kadm5_ret_t ret; - krb5_storage *sp; - unsigned char buf[1024]; - int32_t tmp; - krb5_data reply; - - sp = krb5_storage_from_mem(buf, sizeof(buf)); - if (sp == NULL) - return ENOMEM; - krb5_store_int32(sp, kadm_randkey); - krb5_store_principal(sp, princ); - ret = _kadm5_client_send(context, sp); - krb5_storage_free(sp); - if (ret) - return ret; - ret = _kadm5_client_recv(context, &reply); - if(ret) - return ret; - sp = krb5_storage_from_data(&reply); - if (sp == NULL) { - krb5_data_free (&reply); - return ENOMEM; - } - krb5_ret_int32(sp, &tmp); - ret = tmp; - if(ret == 0){ - krb5_keyblock *k; - int i; - - krb5_ret_int32(sp, &tmp); - k = malloc(tmp * sizeof(*k)); - if (k == NULL) { - ret = ENOMEM; - goto out; - } - for(i = 0; i < tmp; i++) - krb5_ret_keyblock(sp, &k[i]); - *n_keys = tmp; - *new_keys = k; - } -out: - krb5_storage_free(sp); - krb5_data_free (&reply); - return ret; -} diff --git a/crypto/heimdal/lib/kadm5/randkey_s.c b/crypto/heimdal/lib/kadm5/randkey_s.c deleted file mode 100644 index 25c8571745019..0000000000000 --- a/crypto/heimdal/lib/kadm5/randkey_s.c +++ /dev/null @@ -1,96 +0,0 @@ -/* - * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: randkey_s.c,v 1.10 1999/12/02 17:05:07 joda Exp $"); - -/* - * Set the keys of `princ' to random values, returning the random keys - * in `new_keys', `n_keys'. - */ - -kadm5_ret_t -kadm5_s_randkey_principal(void *server_handle, - krb5_principal princ, - krb5_keyblock **new_keys, - int *n_keys) -{ - kadm5_server_context *context = server_handle; - hdb_entry ent; - kadm5_ret_t ret; - - ent.principal = princ; - ret = context->db->open(context->context, context->db, O_RDWR, 0); - if(ret) - return ret; - ret = context->db->fetch(context->context, context->db, 0, &ent); - if(ret) - goto out; - - ret = _kadm5_set_keys_randomly (context, - &ent, - new_keys, - n_keys); - if (ret) - goto out2; - - ret = _kadm5_set_modifier(context, &ent); - if(ret) - goto out3; - - hdb_seal_keys(context->db, &ent); - - kadm5_log_modify (context, - &ent, - KADM5_PRINCIPAL | KADM5_MOD_NAME | KADM5_MOD_TIME | - KADM5_KEY_DATA | KADM5_KVNO); - - ret = context->db->store(context->context, context->db, - HDB_F_REPLACE, &ent); -out3: - if (ret) { - int i; - - for (i = 0; i < *n_keys; ++i) - krb5_free_keyblock_contents (context->context, &(*new_keys)[i]); - free (*new_keys); - *new_keys = NULL; - *n_keys = 0; - } -out2: - hdb_free_entry(context->context, &ent); -out: - context->db->close(context->context, context->db); - return _kadm5_error_code(ret); -} diff --git a/crypto/heimdal/lib/kadm5/rename_c.c b/crypto/heimdal/lib/kadm5/rename_c.c deleted file mode 100644 index d33e611dedd30..0000000000000 --- a/crypto/heimdal/lib/kadm5/rename_c.c +++ /dev/null @@ -1,73 +0,0 @@ -/* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: rename_c.c,v 1.3 1999/12/02 17:05:07 joda Exp $"); - -kadm5_ret_t -kadm5_c_rename_principal(void *server_handle, - krb5_principal source, - krb5_principal target) -{ - kadm5_client_context *context = server_handle; - kadm5_ret_t ret; - krb5_storage *sp; - unsigned char buf[1024]; - int32_t tmp; - krb5_data reply; - - sp = krb5_storage_from_mem(buf, sizeof(buf)); - if (sp == NULL) - return ENOMEM; - krb5_store_int32(sp, kadm_rename); - krb5_store_principal(sp, source); - krb5_store_principal(sp, target); - ret = _kadm5_client_send(context, sp); - krb5_storage_free(sp); - if (ret) - return ret; - ret = _kadm5_client_recv(context, &reply); - if(ret) - return ret; - sp = krb5_storage_from_data (&reply); - if (sp == NULL) { - krb5_data_free (&reply); - return ENOMEM; - } - krb5_ret_int32(sp, &tmp); - ret = tmp; - krb5_storage_free(sp); - krb5_data_free (&reply); - return ret; -} diff --git a/crypto/heimdal/lib/kadm5/rename_s.c b/crypto/heimdal/lib/kadm5/rename_s.c deleted file mode 100644 index e7f9038baba0a..0000000000000 --- a/crypto/heimdal/lib/kadm5/rename_s.c +++ /dev/null @@ -1,104 +0,0 @@ -/* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: rename_s.c,v 1.9 1999/12/02 17:05:07 joda Exp $"); - -kadm5_ret_t -kadm5_s_rename_principal(void *server_handle, - krb5_principal source, - krb5_principal target) -{ - kadm5_server_context *context = server_handle; - kadm5_ret_t ret; - hdb_entry ent, ent2; - ent.principal = source; - if(krb5_principal_compare(context->context, source, target)) - return KADM5_DUP; /* XXX is this right? */ - if(!krb5_realm_compare(context->context, source, target)) - return KADM5_FAILURE; /* XXX better code */ - ret = context->db->open(context->context, context->db, O_RDWR, 0); - if(ret) - return ret; - ret = context->db->fetch(context->context, context->db, 0, &ent); - if(ret){ - context->db->close(context->context, context->db); - goto out; - } - ret = _kadm5_set_modifier(context, &ent); - if(ret) - goto out2; - { - /* fix salt */ - int i; - Salt salt; - krb5_salt salt2; - krb5_get_pw_salt(context->context, source, &salt2); - salt.type = hdb_pw_salt; - salt.salt = salt2.saltvalue; - for(i = 0; i < ent.keys.len; i++){ - if(ent.keys.val[i].salt == NULL){ - ent.keys.val[i].salt = malloc(sizeof(*ent.keys.val[i].salt)); - ret = copy_Salt(&salt, ent.keys.val[i].salt); - if(ret) - break; - } - } - krb5_free_salt(context->context, salt2); - } - if(ret) - goto out2; - ent2.principal = ent.principal; - ent.principal = target; - - hdb_seal_keys(context->db, &ent); - - kadm5_log_rename (context, - source, - &ent); - - ret = context->db->store(context->context, context->db, 0, &ent); - if(ret){ - ent.principal = ent2.principal; - goto out2; - } - ret = context->db->remove(context->context, context->db, &ent2); - ent.principal = ent2.principal; -out2: - context->db->close(context->context, context->db); - hdb_free_entry(context->context, &ent); -out: - return _kadm5_error_code(ret); -} - diff --git a/crypto/heimdal/lib/kadm5/replay_log.c b/crypto/heimdal/lib/kadm5/replay_log.c deleted file mode 100644 index c0e05eee6af09..0000000000000 --- a/crypto/heimdal/lib/kadm5/replay_log.c +++ /dev/null @@ -1,118 +0,0 @@ -/* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "iprop.h" - -RCSID("$Id: replay_log.c,v 1.7 1999/12/04 19:51:11 assar Exp $"); - -static void -apply_entry(kadm5_server_context *server_context, - u_int32_t ver, - time_t timestamp, - enum kadm_ops op, - u_int32_t len, - krb5_storage *sp) -{ - krb5_error_code ret; - - printf ("ver %u... ", ver); - fflush (stdout); - - ret = kadm5_log_replay (server_context, - op, ver, len, sp); - if (ret) - krb5_warn (server_context->context, ret, "kadm5_log_replay"); - - - printf ("done\n"); -} - -int version_flag; -int help_flag; -struct getargs args[] = { - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } -}; -int num_args = sizeof(args) / sizeof(args[0]); - -int -main(int argc, char **argv) -{ - krb5_context context; - krb5_error_code ret; - void *kadm_handle; - kadm5_config_params conf; - kadm5_server_context *server_context; - - krb5_program_setup(&context, argc, argv, args, num_args, NULL); - - if(help_flag) - krb5_std_usage(0, args, num_args); - if(version_flag) { - print_version(NULL); - exit(0); - } - - memset(&conf, 0, sizeof(conf)); - ret = kadm5_init_with_password_ctx (context, - KADM5_ADMIN_SERVICE, - NULL, - KADM5_ADMIN_SERVICE, - &conf, 0, 0, - &kadm_handle); - if (ret) - krb5_err (context, 1, ret, "kadm5_init_with_password_ctx"); - - server_context = (kadm5_server_context *)kadm_handle; - - ret = server_context->db->open(context, - server_context->db, - O_RDWR | O_CREAT, 0); - if (ret) - krb5_err (context, 1, ret, "db->open"); - - ret = kadm5_log_init (server_context); - if (ret) - krb5_err (context, 1, ret, "kadm5_log_init"); - - ret = kadm5_log_foreach (server_context, apply_entry); - if(ret) - krb5_warn(context, ret, "kadm5_log_foreach"); - ret = kadm5_log_end (server_context); - if (ret) - krb5_warn(context, ret, "kadm5_log_end"); - ret = server_context->db->close (context, server_context->db); - if (ret) - krb5_err (context, 1, ret, "db->close"); - return 0; -} diff --git a/crypto/heimdal/lib/kadm5/sample_passwd_check.c b/crypto/heimdal/lib/kadm5/sample_passwd_check.c deleted file mode 100644 index 4ff5122c164b4..0000000000000 --- a/crypto/heimdal/lib/kadm5/sample_passwd_check.c +++ /dev/null @@ -1,85 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -/* $Id: sample_passwd_check.c,v 1.1 1999/09/10 10:11:03 assar Exp $ */ - -#include <string.h> -#include <stdlib.h> -#include <krb5.h> - -/* specify the api-version this library conforms to */ - -int version = 0; - -/* just check the length of the password, this is what the default - check does, but this lets you specify the minimum length in - krb5.conf */ -const char* -check_length(krb5_context context, - krb5_principal prinipal, - krb5_data *password) -{ - int min_length = krb5_config_get_int_default(context, NULL, 6, - "password_quality", - "min_length", - NULL); - if(password->length < min_length) - return "Password too short"; - return NULL; -} - -#ifdef DICTPATH - -/* use cracklib to check password quality; this requires a patch for - cracklib that can be found at - ftp://ftp.pdc.kth.se/pub/krb/src/cracklib.patch */ - -const char* -check_cracklib(krb5_context context, - krb5_principal principal, - krb5_data *password) -{ - char *s = malloc(password->length + 1); - char *msg; - char *strings[2]; - if(s == NULL) - return NULL; /* XXX */ - strings[0] = principal->name.name_string.val[0]; /* XXX */ - strings[1] = NULL; - memcpy(s, password->data, password->length); - s[password->length] = '\0'; - msg = FascistCheck(s, DICTPATH, strings); - memset(s, 0, password->length); - free(s); - return msg; -} -#endif diff --git a/crypto/heimdal/lib/kadm5/send_recv.c b/crypto/heimdal/lib/kadm5/send_recv.c deleted file mode 100644 index 51f6972c12f39..0000000000000 --- a/crypto/heimdal/lib/kadm5/send_recv.c +++ /dev/null @@ -1,89 +0,0 @@ -/* - * Copyright (c) 1997, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: send_recv.c,v 1.7 1999/12/02 17:05:07 joda Exp $"); - -kadm5_ret_t -_kadm5_client_send(kadm5_client_context *context, krb5_storage *sp) -{ - krb5_data msg, out; - krb5_error_code ret; - size_t len; - krb5_storage *sock; - - len = sp->seek(sp, 0, SEEK_CUR); - ret = krb5_data_alloc(&msg, len); - sp->seek(sp, 0, SEEK_SET); - sp->fetch(sp, msg.data, msg.length); - - ret = krb5_mk_priv(context->context, context->ac, &msg, &out, NULL); - krb5_data_free(&msg); - if(ret) - return ret; - - sock = krb5_storage_from_fd(context->sock); - if(sock == NULL) { - krb5_data_free(&out); - return ENOMEM; - } - - ret = krb5_store_data(sock, out); - krb5_storage_free(sock); - krb5_data_free(&out); - return ret; -} - -kadm5_ret_t -_kadm5_client_recv(kadm5_client_context *context, krb5_data *reply) -{ - krb5_error_code ret; - krb5_data data; - krb5_storage *sock; - - sock = krb5_storage_from_fd(context->sock); - if(sock == NULL) - return ENOMEM; - ret = krb5_ret_data(sock, &data); - krb5_storage_free(sock); - if(ret == KRB5_CC_END) - return KADM5_RPC_ERROR; - else if(ret) - return ret; - - ret = krb5_rd_priv(context->context, context->ac, &data, reply, NULL); - krb5_data_free(&data); - return ret; -} - diff --git a/crypto/heimdal/lib/kadm5/server_glue.c b/crypto/heimdal/lib/kadm5/server_glue.c deleted file mode 100644 index 21b60776add0c..0000000000000 --- a/crypto/heimdal/lib/kadm5/server_glue.c +++ /dev/null @@ -1,150 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: server_glue.c,v 1.6 1999/12/02 17:05:07 joda Exp $"); - -kadm5_ret_t -kadm5_init_with_password(const char *client_name, - const char *password, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return kadm5_s_init_with_password(client_name, - password, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - -kadm5_ret_t -kadm5_init_with_password_ctx(krb5_context context, - const char *client_name, - const char *password, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return kadm5_s_init_with_password_ctx(context, - client_name, - password, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - -kadm5_ret_t -kadm5_init_with_skey(const char *client_name, - const char *keytab, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return kadm5_s_init_with_skey(client_name, - keytab, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - -kadm5_ret_t -kadm5_init_with_skey_ctx(krb5_context context, - const char *client_name, - const char *keytab, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return kadm5_s_init_with_skey_ctx(context, - client_name, - keytab, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - -kadm5_ret_t -kadm5_init_with_creds(const char *client_name, - krb5_ccache ccache, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return kadm5_s_init_with_creds(client_name, - ccache, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} - -kadm5_ret_t -kadm5_init_with_creds_ctx(krb5_context context, - const char *client_name, - krb5_ccache ccache, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) -{ - return kadm5_s_init_with_creds_ctx(context, - client_name, - ccache, - service_name, - realm_params, - struct_version, - api_version, - server_handle); -} diff --git a/crypto/heimdal/lib/kadm5/set_keys.c b/crypto/heimdal/lib/kadm5/set_keys.c deleted file mode 100644 index e4d5d1a648785..0000000000000 --- a/crypto/heimdal/lib/kadm5/set_keys.c +++ /dev/null @@ -1,292 +0,0 @@ -/* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: set_keys.c,v 1.18 1999/12/04 23:11:01 assar Exp $"); - -/* - * free all the memory used by (len, keys) - */ - -static void -free_keys (kadm5_server_context *context, - int len, Key *keys) -{ - int i; - - for (i = 0; i < len; ++i) { - free (keys[i].mkvno); - keys[i].mkvno = NULL; - if (keys[i].salt != NULL) { - free_Salt(keys[i].salt); - free(keys[i].salt); - keys[i].salt = NULL; - } - krb5_free_keyblock_contents(context->context, &keys[i].key); - } - free (keys); -} - -/* - * null-ify `len', `keys' - */ - -static void -init_keys (Key *keys, int len) -{ - int i; - - for (i = 0; i < len; ++i) { - keys[i].mkvno = NULL; - keys[i].salt = NULL; - keys[i].key.keyvalue.length = 0; - keys[i].key.keyvalue.data = NULL; - } -} - -/* - * the known and used DES enctypes - */ - -static krb5_enctype des_types[] = { ETYPE_DES_CBC_CRC, - ETYPE_DES_CBC_MD4, - ETYPE_DES_CBC_MD5 }; - -static unsigned n_des_types = 3; - -/* - * Set the keys of `ent' to the string-to-key of `password' - */ - -kadm5_ret_t -_kadm5_set_keys(kadm5_server_context *context, - hdb_entry *ent, - const char *password) -{ - kadm5_ret_t ret = 0; - int i; - unsigned len; - Key *keys; - krb5_salt salt; - krb5_boolean v4_salt = FALSE; - - len = n_des_types + 1; - keys = malloc (len * sizeof(*keys)); - if (keys == NULL) - return ENOMEM; - - init_keys (keys, len); - - salt.salttype = KRB5_PW_SALT; - salt.saltvalue.length = 0; - salt.saltvalue.data = NULL; - - if (krb5_config_get_bool (context->context, - NULL, "kadmin", "use_v4_salt", NULL)) { - v4_salt = TRUE; - } else { - ret = krb5_get_pw_salt (context->context, ent->principal, &salt); - if (ret) - goto out; - } - - for (i = 0; i < n_des_types; ++i) { - ret = krb5_string_to_key_salt (context->context, - des_types[i], - password, - salt, - &keys[i].key); - if (ret) - goto out; - if (v4_salt) { - keys[i].salt = malloc (sizeof(*keys[i].salt)); - if (keys[i].salt == NULL) { - ret = ENOMEM; - goto out; - } - keys[i].salt->type = salt.salttype; - ret = copy_octet_string (&salt.saltvalue, &keys[i].salt->salt); - if (ret) - goto out; - } - } - - ret = krb5_string_to_key (context->context, - ETYPE_DES3_CBC_SHA1, - password, - ent->principal, - &keys[n_des_types].key); - if (ret) - goto out; - - free_keys (context, ent->keys.len, ent->keys.val); - ent->keys.len = len; - ent->keys.val = keys; - ent->kvno++; - return ret; -out: - krb5_data_free (&salt.saltvalue); - free_keys (context, len, keys); - return ret; -} - -/* - * Set the keys of `ent' to (`n_key_data', `key_data') - */ - -kadm5_ret_t -_kadm5_set_keys2(hdb_entry *ent, - int16_t n_key_data, - krb5_key_data *key_data) -{ - krb5_error_code ret; - int i; - - ent->keys.len = n_key_data; - ent->keys.val = malloc(ent->keys.len * sizeof(*ent->keys.val)); - if(ent->keys.val == NULL) - return ENOMEM; - for(i = 0; i < n_key_data; i++) { - ent->keys.val[i].mkvno = NULL; - ent->keys.val[i].key.keytype = key_data[i].key_data_type[0]; - ret = krb5_data_copy(&ent->keys.val[i].key.keyvalue, - key_data[i].key_data_contents[0], - key_data[i].key_data_length[0]); - if(ret) - return ret; - if(key_data[i].key_data_ver == 2) { - Salt *salt; - salt = malloc(sizeof(*salt)); - if(salt == NULL) - return ENOMEM; - ent->keys.val[i].salt = salt; - salt->type = key_data[i].key_data_type[1]; - krb5_data_copy(&salt->salt, - key_data[i].key_data_contents[1], - key_data[i].key_data_length[1]); - } else - ent->keys.val[i].salt = NULL; - } - ent->kvno++; - return 0; -} - -/* - * Set the keys of `ent' to random keys and return them in `n_keys' - * and `new_keys'. - */ - -kadm5_ret_t -_kadm5_set_keys_randomly (kadm5_server_context *context, - hdb_entry *ent, - krb5_keyblock **new_keys, - int *n_keys) -{ - kadm5_ret_t ret = 0; - int i; - unsigned len; - krb5_keyblock *keys; - Key *hkeys; - - len = n_des_types + 1; - keys = malloc (len * sizeof(*keys)); - if (keys == NULL) - return ENOMEM; - - for (i = 0; i < len; ++i) { - keys[i].keyvalue.length = 0; - keys[i].keyvalue.data = NULL; - } - - hkeys = malloc (len * sizeof(*hkeys)); - if (hkeys == NULL) { - free (keys); - return ENOMEM; - } - - init_keys (hkeys, len); - - ret = krb5_generate_random_keyblock (context->context, - des_types[0], - &keys[0]); - if (ret) - goto out; - - ret = krb5_copy_keyblock_contents (context->context, - &keys[0], - &hkeys[0].key); - if (ret) - goto out; - - for (i = 1; i < n_des_types; ++i) { - ret = krb5_copy_keyblock_contents (context->context, - &keys[0], - &keys[i]); - if (ret) - goto out; - keys[i].keytype = des_types[i]; - ret = krb5_copy_keyblock_contents (context->context, - &keys[0], - &hkeys[i].key); - if (ret) - goto out; - hkeys[i].key.keytype = des_types[i]; - } - - ret = krb5_generate_random_keyblock (context->context, - ETYPE_DES3_CBC_SHA1, - &keys[n_des_types]); - if (ret) - goto out; - - ret = krb5_copy_keyblock_contents (context->context, - &keys[n_des_types], - &hkeys[n_des_types].key); - if (ret) - goto out; - - free_keys (context, ent->keys.len, ent->keys.val); - ent->keys.len = len; - ent->keys.val = hkeys; - ent->kvno++; - *new_keys = keys; - *n_keys = len; - return ret; -out: - for (i = 0; i < len; ++i) - krb5_free_keyblock_contents (context->context, &keys[i]); - free (keys); - free_keys (context, len, hkeys); - return ret; -} diff --git a/crypto/heimdal/lib/kadm5/set_modifier.c b/crypto/heimdal/lib/kadm5/set_modifier.c deleted file mode 100644 index 2b097459b5d25..0000000000000 --- a/crypto/heimdal/lib/kadm5/set_modifier.c +++ /dev/null @@ -1,54 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm5_locl.h" - -RCSID("$Id: set_modifier.c,v 1.2 1999/12/02 17:05:07 joda Exp $"); - -kadm5_ret_t -_kadm5_set_modifier(kadm5_server_context *context, - hdb_entry *ent) -{ - kadm5_ret_t ret; - if(ent->modified_by == NULL){ - ent->modified_by = malloc(sizeof(*ent->modified_by)); - if(ent->modified_by == NULL) - return ENOMEM; - } else - free_Event(ent->modified_by); - ent->modified_by->time = time(NULL); - ret = krb5_copy_principal(context->context, context->caller, - &ent->modified_by->principal); - return ret; -} - |