diff options
Diffstat (limited to 'crypto/heimdal/kadmin/kadmin.c')
| -rw-r--r-- | crypto/heimdal/kadmin/kadmin.c | 126 |
1 files changed, 64 insertions, 62 deletions
diff --git a/crypto/heimdal/kadmin/kadmin.c b/crypto/heimdal/kadmin/kadmin.c index da9b894561d2..6e31828afa16 100644 --- a/crypto/heimdal/kadmin/kadmin.c +++ b/crypto/heimdal/kadmin/kadmin.c @@ -1,42 +1,40 @@ /* - * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. + * Copyright (c) 1997 - 2004 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. */ #include "kadmin_locl.h" #include "kadmin-commands.h" #include <sl.h> -RCSID("$Id: kadmin.c 22253 2007-12-09 06:00:00Z lha $"); - static char *config_file; static char *keyfile; int local_flag; @@ -54,41 +52,42 @@ static getarg_strings policy_libraries = { 0, NULL }; static struct getargs args[] = { { "principal", 'p', arg_string, &client_name, - "principal to authenticate as" }, + "principal to authenticate as", NULL }, { "keytab", 'K', arg_string, &keytab, - "keytab for authentication principal" }, - { - "config-file", 'c', arg_string, &config_file, - "location of config file", "file" + "keytab for authentication principal", NULL }, + { + "config-file", 'c', arg_string, &config_file, + "location of config file", "file" }, { - "key-file", 'k', arg_string, &keyfile, + "key-file", 'k', arg_string, &keyfile, "location of master key file", "file" }, - { - "realm", 'r', arg_string, &realm, - "realm to use", "realm" + { + "realm", 'r', arg_string, &realm, + "realm to use", "realm" }, - { - "admin-server", 'a', arg_string, &admin_server, - "server to contact", "host" + { + "admin-server", 'a', arg_string, &admin_server, + "server to contact", "host" }, - { - "server-port", 's', arg_integer, &server_port, - "port to use", "port number" + { + "server-port", 's', arg_integer, &server_port, + "port to use", "port number" }, - { "ad", 0, arg_flag, &ad_flag, "active directory admin mode" }, + { "ad", 0, arg_flag, &ad_flag, "active directory admin mode", + NULL }, #ifdef HAVE_DLOPEN - { "check-library", 0, arg_string, &check_library, + { "check-library", 0, arg_string, &check_library, "library to load password check function from", "library" }, { "check-function", 0, arg_string, &check_function, "password check function to load", "function" }, { "policy-libraries", 0, arg_strings, &policy_libraries, "password check function to load", "function" }, #endif - { "local", 'l', arg_flag, &local_flag, "local admin mode" }, - { "help", 'h', arg_flag, &help_flag }, - { "version", 'v', arg_flag, &version_flag } + { "local", 'l', arg_flag, &local_flag, "local admin mode", NULL }, + { "help", 'h', arg_flag, &help_flag, NULL, NULL }, + { "version", 'v', arg_flag, &version_flag, NULL, NULL } }; static int num_args = sizeof(args) / sizeof(args[0]); @@ -126,13 +125,16 @@ get_privs(void *opt, int argc, char **argv) uint32_t privs; char str[128]; kadm5_ret_t ret; - + ret = kadm5_get_privs(kadm_handle, &privs); if(ret) krb5_warn(context, ret, "kadm5_get_privs"); else{ ret =_kadm5_privs_to_string(privs, str, sizeof(str)); - printf("%s\n", str); + if (ret == 0) + printf("%s\n", str); + else + printf("privs: 0x%x\n", (unsigned int)privs); } return 0; } @@ -151,7 +153,7 @@ main(int argc, char **argv) ret = krb5_init_context(&context); if (ret) errx (1, "krb5_init_context failed: %d", ret); - + if(getarg(args, num_args, argc, argv, &optidx)) usage(1); @@ -175,12 +177,12 @@ main(int argc, char **argv) ret = krb5_prepend_config_files_default(config_file, &files); if (ret) krb5_err(context, 1, ret, "getting configuration files"); - + ret = krb5_set_config_files(context, files); krb5_free_config_files(files); - if(ret) + if(ret) krb5_err(context, 1, ret, "reading configuration files"); - + memset(&conf, 0, sizeof(conf)); if(realm) { krb5_set_default_realm(context, realm); /* XXX should be fixed @@ -207,11 +209,11 @@ main(int argc, char **argv) if(local_flag) { int i; - kadm5_setup_passwd_quality_check (context, + kadm5_setup_passwd_quality_check (context, check_library, check_function); - + for (i = 0; i < policy_libraries.num_strings; i++) { - ret = kadm5_add_passwd_quality_verifier(context, + ret = kadm5_add_passwd_quality_verifier(context, policy_libraries.strings[i]); if (ret) krb5_err(context, 1, ret, "kadm5_add_passwd_quality_verifier"); @@ -219,12 +221,12 @@ main(int argc, char **argv) ret = kadm5_add_passwd_quality_verifier(context, NULL); if (ret) krb5_err(context, 1, ret, "kadm5_add_passwd_quality_verifier"); - - ret = kadm5_s_init_with_password_ctx(context, + + ret = kadm5_s_init_with_password_ctx(context, KADM5_ADMIN_SERVICE, NULL, KADM5_ADMIN_SERVICE, - &conf, 0, 0, + &conf, 0, 0, &kadm_handle); } else if (ad_flag) { if (client_name == NULL) @@ -245,13 +247,13 @@ main(int argc, char **argv) &conf, 0, 0, &kadm_handle); } else - ret = kadm5_c_init_with_password_ctx(context, + ret = kadm5_c_init_with_password_ctx(context, client_name, NULL, KADM5_ADMIN_SERVICE, - &conf, 0, 0, + &conf, 0, 0, &kadm_handle); - + if(ret) krb5_err(context, 1, ret, "kadm5_init_with_password"); |