summaryrefslogtreecommitdiff
path: root/crypto/kerberosIV/kadmin/kadmin.c
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/kerberosIV/kadmin/kadmin.c')
-rw-r--r--crypto/kerberosIV/kadmin/kadmin.c845
1 files changed, 0 insertions, 845 deletions
diff --git a/crypto/kerberosIV/kadmin/kadmin.c b/crypto/kerberosIV/kadmin/kadmin.c
deleted file mode 100644
index f117b6b36a35..000000000000
--- a/crypto/kerberosIV/kadmin/kadmin.c
+++ /dev/null
@@ -1,845 +0,0 @@
-/*
- Copyright (C) 1989 by the Massachusetts Institute of Technology
-
- Export of this software from the United States of America is assumed
- to require a specific license from the United States Government.
- It is the responsibility of any person or organization contemplating
- export to obtain such a license before exporting.
-
-WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
-distribute this software and its documentation for any purpose and
-without fee is hereby granted, provided that the above copyright
-notice appear in all copies and that both that copyright notice and
-this permission notice appear in supporting documentation, and that
-the name of M.I.T. not be used in advertising or publicity pertaining
-to distribution of the software without specific, written prior
-permission. M.I.T. makes no representations about the suitability of
-this software for any purpose. It is provided "as is" without express
-or implied warranty.
-
- */
-
-/*
- * Kerberos database administrator's tool.
- *
- * The default behavior of kadmin is if the -m option is given
- * on the commandline, multiple requests are allowed to be given
- * with one entry of the admin password (until the tickets expire).
- */
-
-#include "kadm_locl.h"
-
-RCSID("$Id: kadmin.c,v 1.48 1997/05/13 09:43:06 bg Exp $");
-
-static void change_password(int argc, char **argv);
-static void change_key(int argc, char **argv);
-static void change_admin_password(int argc, char **argv);
-static void add_new_key(int argc, char **argv);
-static void del_entry(int argc, char **argv);
-static void get_entry(int argc, char **argv);
-static void mod_entry(int argc, char **argv);
-static void help(int argc, char **argv);
-static void clean_up_cmd(int argc, char **argv);
-static void quit_cmd(int argc, char **argv);
-
-static SL_cmd cmds[] = {
- {"change_password", change_password, "Change a user's password"},
- {"cpw"},
- {"passwd"},
- {"change_key", change_key, "Change a user's password as a DES binary key"},
- {"ckey"},
- {"change_admin_password", change_admin_password,
- "Change your admin password"},
- {"cap"},
- {"add_new_key", add_new_key, "Add new user to kerberos database"},
- {"ank"},
- {"del_entry", del_entry, "Delete entry from database"},
- {"del"},
- {"delete"},
- {"get_entry", get_entry, "Get entry from kerberos database"},
- {"mod_entry", mod_entry, "Modify entry in kerberos database"},
- {"destroy_tickets", clean_up_cmd, "Destroy admin tickets"},
- {"exit", quit_cmd, "Exit program"},
- {"quit"},
- {"help", help, "Help"},
- {"?"},
- {NULL}
-};
-
-#define BAD_PW 1
-#define GOOD_PW 0
-#define FUDGE_VALUE 15 /* for ticket expiration time */
-#define PE_NO 0
-#define PE_YES 1
-#define PE_UNSURE 2
-
-/* for get_password, whether it should do the swapping...necessary for
- using vals structure, unnecessary for change_pw requests */
-#define DONTSWAP 0
-#define SWAP 1
-
-static krb_principal pr;
-static char default_realm[REALM_SZ]; /* default kerberos realm */
-static char krbrlm[REALM_SZ]; /* current realm being administered */
-static int multiple = 0; /* Allow multiple requests per ticket */
-
-#ifdef NOENCRYPTION
-#define read_long_pw_string placebo_read_pw_string
-#else
-#define read_long_pw_string des_read_pw_string
-#endif
-
-static void
-get_maxlife(Kadm_vals *vals)
-{
- char buff[BUFSIZ];
- time_t life;
- int l;
-
- do {
- printf("Maximum ticket lifetime? (%d) [%s] ",
- vals->max_life, krb_life_to_atime(vals->max_life));
- fflush(stdout);
- if (fgets(buff, sizeof(buff), stdin) == NULL || *buff == '\n') {
- clearerr(stdin);
- return;
- }
- life = krb_atime_to_life(buff);
- } while (life <= 0);
-
- l = strlen(buff);
- if (buff[l-2] == 'm')
- life = krb_time_to_life(0L, life*60);
- if (buff[l-2] == 'h')
- life = krb_time_to_life(0L, life*60*60);
-
- vals->max_life = life;
- SET_FIELD(KADM_MAXLIFE,vals->fields);
-}
-
-static void
-get_attr(Kadm_vals *vals)
-{
- char buff[BUFSIZ], *out;
- int attr;
-
- do {
- printf("Attributes? [0x%.2x] ", vals->attributes);
- fflush(stdout);
- if (fgets(buff, sizeof(buff), stdin) == NULL || *buff == '\n') {
- clearerr(stdin);
- return;
- }
- attr = strtol(buff, &out, 0);
- if (attr == 0 && out == buff)
- attr = -1;
- } while (attr < 0 || attr > 0xffff);
-
- vals->attributes = attr;
- SET_FIELD(KADM_ATTR,vals->fields);
-}
-
-static void
-get_expdate(Kadm_vals *vals)
-{
- char buff[BUFSIZ];
- struct tm edate;
-
- memset(&edate, 0, sizeof(edate));
- do {
- printf("Expiration date (enter yyyy-mm-dd) ? [%.24s] ",
- asctime(k_localtime(&vals->exp_date)));
- fflush(stdout);
- if (fgets(buff, sizeof(buff), stdin) == NULL || *buff == '\n') {
- clearerr(stdin);
- return;
- }
- if (sscanf(buff, "%d-%d-%d",
- &edate.tm_year, &edate.tm_mon, &edate.tm_mday) == 3) {
- edate.tm_mon--; /* January is 0, not 1 */
- edate.tm_hour = 23; /* nearly midnight at the end of the */
- edate.tm_min = 59; /* specified day */
- }
- } while (krb_check_tm (edate));
-
- edate.tm_year -= 1900;
- vals->exp_date = tm2time (edate, 1);
- SET_FIELD(KADM_EXPDATE,vals->fields);
-}
-
-static int
-princ_exists(char *name, char *instance, char *realm)
-{
- int status;
-
- status = krb_get_pw_in_tkt(name, instance, realm,
- KRB_TICKET_GRANTING_TICKET,
- realm, 1, "");
-
- if ((status == KSUCCESS) || (status == INTK_BADPW))
- return(PE_YES);
- else if (status == KDC_PR_UNKNOWN)
- return(PE_NO);
- else
- return(PE_UNSURE);
-}
-
-static int
-get_password(u_int32_t *low, u_int32_t *high, char *prompt, int byteswap)
-{
- char new_passwd[MAX_KPW_LEN]; /* new password */
- des_cblock newkey;
-
- if (read_long_pw_string(new_passwd, sizeof(new_passwd)-1, prompt, 1))
- return(BAD_PW);
- if (strlen(new_passwd) == 0) {
- printf("Using random password.\n");
-#ifdef NOENCRYPTION
- memset(newkey, 0, sizeof(newkey));
-#else
- des_new_random_key(&newkey);
-#endif
- } else {
-#ifdef NOENCRYPTION
- memset(newkey, 0, sizeof(newkey));
-#else
- des_string_to_key(new_passwd, &newkey);
-#endif
- memset(new_passwd, 0, sizeof(new_passwd));
- }
-
- memcpy(low, newkey, 4);
- memcpy(high, ((char *)newkey) + 4, 4);
-
- memset(newkey, 0, sizeof(newkey));
-
-#ifdef NOENCRYPTION
- *low = 1;
-#endif
-
- if (byteswap != DONTSWAP) {
- *low = htonl(*low);
- *high = htonl(*high);
- }
- return(GOOD_PW);
-}
-
-static int
-get_admin_password(void)
-{
- int status;
- char admin_passwd[MAX_KPW_LEN]; /* Admin's password */
- int ticket_life = 1; /* minimum ticket lifetime */
- CREDENTIALS c;
-
- if (multiple) {
- /* If admin tickets exist and are valid, just exit. */
- memset(&c, 0, sizeof(c));
- if (krb_get_cred(PWSERV_NAME, KADM_SINST, krbrlm, &c) == KSUCCESS)
- /*
- * If time is less than lifetime - FUDGE_VALUE after issue date,
- * tickets will probably last long enough for the next
- * transaction.
- */
- if (time(0) < (c.issue_date + (5 * 60 * c.lifetime) - FUDGE_VALUE))
- return(KADM_SUCCESS);
- ticket_life = DEFAULT_TKT_LIFE;
- }
-
- if (princ_exists(pr.name, pr.instance, pr.realm) != PE_NO) {
- char prompt[256];
- snprintf(prompt, sizeof(prompt), "%s's Password: ", krb_unparse_name(&pr));
- if (read_long_pw_string(admin_passwd,
- sizeof(admin_passwd)-1,
- prompt, 0)) {
- warnx ("Error reading admin password.");
- goto bad;
- }
- status = krb_get_pw_in_tkt(pr.name, pr.instance, pr.realm,
- PWSERV_NAME, KADM_SINST,
- ticket_life, admin_passwd);
- memset(admin_passwd, 0, sizeof(admin_passwd));
-
- /* Initialize non shared random sequence from session key. */
- memset(&c, 0, sizeof(c));
- krb_get_cred(PWSERV_NAME, KADM_SINST, krbrlm, &c);
- des_init_random_number_generator(&c.session);
- }
- else
- status = KDC_PR_UNKNOWN;
-
- switch(status) {
- case GT_PW_OK:
- return(GOOD_PW);
- case KDC_PR_UNKNOWN:
- printf("Principal %s does not exist.\n", krb_unparse_name(&pr));
- goto bad;
- case GT_PW_BADPW:
- printf("Incorrect admin password.\n");
- goto bad;
- default:
- com_err("kadmin", status+krb_err_base,
- "while getting password tickets");
- goto bad;
- }
-
- bad:
- memset(admin_passwd, 0, sizeof(admin_passwd));
- dest_tkt();
- return(BAD_PW);
-}
-
-static void
-usage(void)
-{
- fprintf (stderr, "Usage: kadmin [[-u|-p] admin_name] [-r default_realm]"
- " [-m]\n"
- " -m allows multiple admin requests to be "
- "serviced with one entry of admin\n"
- " password.\n");
- exit (1);
-}
-
-/* GLOBAL */
-static void
-clean_up()
-{
- dest_tkt();
-}
-
-static void
-clean_up_cmd (int argc, char **argv)
-{
- clean_up();
-}
-
-/* GLOBAL */
-static void
-quit()
-{
- printf("Cleaning up and exiting.\n");
- clean_up();
- exit(0);
-}
-
-static void
-quit_cmd (int argc, char **argv)
-{
- quit();
-}
-
-static void
-do_init(int argc, char **argv)
-{
- int c;
- int tflag = 0;
- char tktstring[MaxPathLen];
- int k_errno;
-
- set_progname (argv[0]);
-
- memset(&pr, 0, sizeof(pr));
- if (krb_get_default_principal(pr.name, pr.instance, default_realm) < 0)
- errx (1, "I could not even guess who you might be");
- while ((c = getopt(argc, argv, "p:u:r:mt")) != EOF)
- switch (c) {
- case 'p':
- case 'u':
- if((k_errno = krb_parse_name(optarg, &pr)) != KSUCCESS)
- errx (1, "%s", krb_get_err_text(k_errno));
- break;
- case 'r':
- memset(default_realm, 0, sizeof(default_realm));
- strncpy(default_realm, optarg, sizeof(default_realm) - 1);
- break;
- case 'm':
- multiple++;
- break;
- case 't':
- tflag++;
- break;
- default:
- usage();
- break;
- }
- if (optind < argc)
- usage();
- strcpy(krbrlm, default_realm);
-
- if (kadm_init_link(PWSERV_NAME, KRB_MASTER, krbrlm) != KADM_SUCCESS)
- *krbrlm = '\0';
- if (pr.realm[0] == '\0')
- strcpy (pr.realm, krbrlm);
- if (pr.instance[0] == '\0')
- strcpy(pr.instance, "admin");
-
- if (!tflag) {
- snprintf(tktstring, sizeof(tktstring), TKT_ROOT "_adm_%d",(int)getpid());
- krb_set_tkt_string(tktstring);
- }
-
-}
-
-int
-main(int argc, char **argv)
-{
- do_init(argc, argv);
-
- printf("Welcome to the Kerberos Administration Program, version 2\n");
- printf("Type \"help\" if you need it.\n");
- sl_loop (cmds, "kadmin: ");
- printf("\n");
- quit();
- exit(0);
-}
-
-static int
-setvals(Kadm_vals *vals, char *string)
-{
- char realm[REALM_SZ];
- int status = KADM_SUCCESS;
-
- memset(vals, 0, sizeof(*vals));
- memset(realm, 0, sizeof(realm));
-
- SET_FIELD(KADM_NAME,vals->fields);
- SET_FIELD(KADM_INST,vals->fields);
- if ((status = kname_parse(vals->name, vals->instance, realm, string))) {
- printf("kerberos error: %s\n", krb_get_err_text(status));
- return status;
- }
- if (!realm[0])
- strcpy(realm, default_realm);
- if (strcmp(realm, krbrlm)) {
- strcpy(krbrlm, realm);
- if ((status = kadm_init_link(PWSERV_NAME, KRB_MASTER, krbrlm))
- != KADM_SUCCESS)
- printf("kadm error for realm %s: %s\n",
- krbrlm, error_message(status));
- }
- if (status)
- return 1;
- else
- return KADM_SUCCESS;
-}
-
-static void
-change_password(int argc, char **argv)
-{
- Kadm_vals old, new;
- int status;
- char pw_prompt[BUFSIZ];
-
- if (argc != 2) {
- printf("Usage: change_password loginname\n");
- return;
- }
-
- if (setvals(&old, argv[1]) != KADM_SUCCESS)
- return;
-
- new = old;
-
- SET_FIELD(KADM_DESKEY,new.fields);
-
- if (princ_exists(old.name, old.instance, krbrlm) != PE_NO) {
- /* get the admin's password */
- if (get_admin_password() != GOOD_PW)
- return;
-
- /* get the new password */
- snprintf(pw_prompt, sizeof(pw_prompt), "New password for %s:", argv[1]);
-
- if (get_password(&new.key_low, &new.key_high,
- pw_prompt, SWAP) == GOOD_PW) {
- status = kadm_mod(&old, &new);
- if (status == KADM_SUCCESS) {
- printf("Password changed for %s.\n", argv[1]);
- } else {
- printf("kadmin: %s\nwhile changing password for %s",
- error_message(status), argv[1]);
- }
- } else
- printf("Error reading password; password unchanged\n");
- memset(&new, 0, sizeof(new));
- if (!multiple)
- clean_up();
- }
- else
- printf("kadmin: Principal %s does not exist.\n",
- krb_unparse_name_long (old.name, old.instance, krbrlm));
- return;
-}
-
-static int
-getkey(unsigned char *k)
-{
- int i, c;
- for (i = 0; i < 8; i++)
- {
- c = getchar();
- if (c == EOF)
- return 0;
- else if (c == '\\')
- {
- int oct = -1;
- scanf("%03o", &oct);
- if (oct < 0 || oct > 255)
- return 0;
- k[i] = oct;
- }
- else if (!isalpha(c))
- return 0;
- else
- k[i] = c;
- }
- c = getchar();
- if (c != '\n')
- return 0;
- return 1; /* Success */
-}
-
-static void
-printkey(unsigned char *tkey)
-{
- int j;
- for(j = 0; j < 8; j++)
- if(tkey[j] != '\\' && isalpha(tkey[j]) != 0)
- printf("%c", tkey[j]);
- else
- printf("\\%03o",(unsigned char)tkey[j]);
- printf("\n");
-}
-
-static void
-change_key(int argc, char **argv)
-{
- Kadm_vals old, new;
- unsigned char newkey[8];
- int status;
-
- if (argc != 2) {
- printf("Usage: change_key principal-name\n");
- return;
- }
-
- if (setvals(&old, argv[1]) != KADM_SUCCESS)
- return;
-
- new = old;
-
- SET_FIELD(KADM_DESKEY,new.fields);
-
- if (princ_exists(old.name, old.instance, krbrlm) != PE_NO) {
- /* get the admin's password */
- if (get_admin_password() != GOOD_PW)
- return;
-
- /* get the new password */
- printf("New DES key for %s: ", argv[1]);
-
- if (getkey(newkey)) {
- memcpy(&new.key_low, newkey, 4);
- memcpy(&new.key_high, ((char *)newkey) + 4, 4);
- printf("Entered key for %s: ", argv[1]);
- printkey(newkey);
- memset(newkey, 0, sizeof(newkey));
-
- status = kadm_mod(&old, &new);
- if (status == KADM_SUCCESS) {
- printf("Key changed for %s.\n", argv[1]);
- } else {
- printf("kadmin: %s\nwhile changing key for %s",
- error_message(status), argv[1]);
- }
- } else
- printf("Error reading key; key unchanged\n");
- memset(&new, 0, sizeof(new));
- if (!multiple)
- clean_up();
- }
- else
- printf("kadmin: Principal %s does not exist.\n",
- krb_unparse_name_long (old.name, old.instance, krbrlm));
- return;
-}
-
-static void
-change_admin_password(int argc, char **argv)
-{
- des_cblock newkey;
- int status;
- char pword[MAX_KPW_LEN];
- char *pw_msg;
-
- if (argc != 1) {
- printf("Usage: change_admin_password\n");
- return;
- }
- if (get_pw_new_pwd(pword, sizeof(pword), &pr, 1) == 0) {
- des_string_to_key(pword, &newkey);
- status = kadm_change_pw_plain(newkey, pword, &pw_msg);
- if(status == KADM_INSECURE_PW)
- printf("Insecure password: %s\n", pw_msg);
- else if (status == KADM_SUCCESS)
- printf("Admin password changed\n");
- else
- printf("kadm error: %s\n",error_message(status));
- memset(newkey, 0, sizeof(newkey));
- memset(pword, 0, sizeof(pword));
- }
- if (!multiple)
- clean_up();
- return;
-}
-
-static void
-add_new_key(int argc, char **argv)
-{
- Kadm_vals new;
- char pw_prompt[BUFSIZ];
- int status;
-
- if (argc != 2) {
- printf("Usage: add_new_key user_name.\n");
- return;
- }
- if (setvals(&new, argv[1]) != KADM_SUCCESS)
- return;
-
- SET_FIELD(KADM_EXPDATE,new.fields);
- SET_FIELD(KADM_ATTR,new.fields);
- SET_FIELD(KADM_MAXLIFE,new.fields);
- SET_FIELD(KADM_DESKEY,new.fields);
-
- if (princ_exists(new.name, new.instance, krbrlm) != PE_YES) {
- Kadm_vals vals;
- u_char fields[4];
- char n[ANAME_SZ + INST_SZ + 1];
-
- /* get the admin's password */
- if (get_admin_password() != GOOD_PW)
- return;
-
- memset(fields, 0, sizeof(fields));
- SET_FIELD(KADM_NAME,fields);
- SET_FIELD(KADM_INST,fields);
- SET_FIELD(KADM_EXPDATE,fields);
- SET_FIELD(KADM_ATTR,fields);
- SET_FIELD(KADM_MAXLIFE,fields);
- snprintf (n, sizeof(n), "default.%s", new.instance);
- if (setvals(&vals, n) != KADM_SUCCESS)
- return;
-
- if (kadm_get(&vals, fields) != KADM_SUCCESS) {
- if (setvals(&vals, "default") != KADM_SUCCESS)
- return;
- if ((status = kadm_get(&vals, fields)) != KADM_SUCCESS) {
- printf ("kadm error: %s\n", error_message(status));
- return;
- }
- }
-
- if (vals.max_life == 255) /* Defaults not set! */ {
- /* This is the default maximum lifetime for new principals. */
- if (strcmp(new.instance, "admin") == 0)
- vals.max_life = 1 + (CLOCK_SKEW/(5*60)); /* 5+5 minutes */
- else if (strcmp(new.instance, "root") == 0)
- vals.max_life = 96; /* 8 hours */
- else if (krb_life_to_time(0, 162) >= 24*60*60)
- vals.max_life = 162; /* ca 100 hours */
- else
- vals.max_life = 255; /* ca 21 hours (maximum) */
-
- /* Also fix expiration date. */
- if (strcmp(new.name, "rcmd") == 0)
- vals.exp_date = 1104814999; /* Tue Jan 4 06:03:19 2005 */
- else
- vals.exp_date = time(0) + 2*(365*24*60*60); /* + ca 2 years */
- }
-
- new.max_life = vals.max_life;
- new.exp_date = vals.exp_date;
- new.attributes = vals.attributes;
- get_maxlife(&new);
- get_attr(&new);
- get_expdate(&new);
-
- /* get the new password */
- snprintf(pw_prompt, sizeof(pw_prompt), "Password for %s:", argv[1]);
-
- if (get_password(&new.key_low, &new.key_high,
- pw_prompt, SWAP) == GOOD_PW) {
- status = kadm_add(&new);
- if (status == KADM_SUCCESS) {
- printf("%s added to database.\n", argv[1]);
- } else {
- printf("kadm error: %s\n",error_message(status));
- }
- } else
- printf("Error reading password; %s not added\n",argv[1]);
- memset(&new, 0, sizeof(new));
- if (!multiple)
- clean_up();
- }
- else
- printf("kadmin: Principal already exists.\n");
- return;
-}
-
-static void
-del_entry(int argc, char **argv)
-{
- int status;
- Kadm_vals vals;
-
- if (argc != 2) {
- printf("Usage: del_entry username\n");
- return;
- }
-
- if (setvals(&vals, argv[1]) != KADM_SUCCESS)
- return;
-
- if (princ_exists(vals.name, vals.instance, krbrlm) != PE_NO) {
- /* get the admin's password */
- if (get_admin_password() != GOOD_PW)
- return;
-
- if ((status = kadm_del(&vals)) == KADM_SUCCESS){
- printf("%s removed from database.\n", argv[1]);
- } else {
- printf("kadm error: %s\n",error_message(status));
- }
-
- if (!multiple)
- clean_up();
- }
- else
- printf("kadmin: Principal %s does not exist.\n",
- krb_unparse_name_long (vals.name, vals.instance, krbrlm));
- return;
-}
-
-static void
-get_entry(int argc, char **argv)
-{
- int status;
- u_char fields[4];
- Kadm_vals vals;
-
- if (argc != 2) {
- printf("Usage: get_entry username\n");
- return;
- }
-
- memset(fields, 0, sizeof(fields));
-
- SET_FIELD(KADM_NAME,fields);
- SET_FIELD(KADM_INST,fields);
- SET_FIELD(KADM_EXPDATE,fields);
- SET_FIELD(KADM_ATTR,fields);
- SET_FIELD(KADM_MAXLIFE,fields);
-#if 0
- SET_FIELD(KADM_DESKEY,fields);
-#endif
-
- if (setvals(&vals, argv[1]) != KADM_SUCCESS)
- return;
-
-
- if (princ_exists(vals.name, vals.instance, krbrlm) != PE_NO) {
- /* get the admin's password */
- if (get_admin_password() != GOOD_PW)
- return;
-
- if ((status = kadm_get(&vals, fields)) == KADM_SUCCESS)
- prin_vals(&vals);
- else
- printf("kadm error: %s\n",error_message(status));
-
- if (!multiple)
- clean_up();
- }
- else
- printf("kadmin: Principal %s does not exist.\n",
- krb_unparse_name_long (vals.name, vals.instance, krbrlm));
- return;
-}
-
-static void
-mod_entry(int argc, char **argv)
-{
- int status;
- u_char fields[4];
- Kadm_vals ovals, nvals;
-
- if (argc != 2) {
- printf("Usage: mod_entry username\n");
- return;
- }
-
- memset(fields, 0, sizeof(fields));
-
- SET_FIELD(KADM_NAME,fields);
- SET_FIELD(KADM_INST,fields);
- SET_FIELD(KADM_EXPDATE,fields);
- SET_FIELD(KADM_ATTR,fields);
- SET_FIELD(KADM_MAXLIFE,fields);
-
- if (setvals(&ovals, argv[1]) != KADM_SUCCESS)
- return;
-
- nvals = ovals;
-
- if (princ_exists(ovals.name, ovals.instance, krbrlm) == PE_NO) {
- printf("kadmin: Principal %s does not exist.\n",
- krb_unparse_name_long (ovals.name, ovals.instance, krbrlm));
- return;
- }
-
- /* get the admin's password */
- if (get_admin_password() != GOOD_PW)
- return;
-
- if ((status = kadm_get(&ovals, fields)) != KADM_SUCCESS) {
- printf("[ unable to retrieve current settings: %s ]\n",
- error_message(status));
- nvals.max_life = DEFAULT_TKT_LIFE;
- nvals.exp_date = 0;
- nvals.attributes = 0;
- } else {
- nvals.max_life = ovals.max_life;
- nvals.exp_date = ovals.exp_date;
- nvals.attributes = ovals.attributes;
- }
-
- get_maxlife(&nvals);
- get_attr(&nvals);
- get_expdate(&nvals);
-
- if (IS_FIELD(KADM_MAXLIFE, nvals.fields) ||
- IS_FIELD(KADM_ATTR, nvals.fields) ||
- IS_FIELD(KADM_EXPDATE, nvals.fields)) {
- if ((status = kadm_mod(&ovals, &nvals)) != KADM_SUCCESS) {
- printf("kadm error: %s\n",error_message(status));
- goto out;
- }
- if ((status = kadm_get(&ovals, fields)) != KADM_SUCCESS) {
- printf("kadm error: %s\n",error_message(status));
- goto out;
- }
- }
- prin_vals(&ovals);
-
-out:
- if (!multiple)
- clean_up();
- return;
-}
-
-static void
-help(int argc, char **argv)
-{
- sl_help (cmds, argc, argv);
-}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-27 11:42:56 +0000