2 * Copyright 1993 OpenVision Technologies, Inc., All Rights Reserved
7 #if !defined(lint) && !defined(__CODECENTER__)
8 static char *rcsid = "$Header$";
11 #include <gssrpc/rpc.h>
12 #include <kadm5/admin.h>
13 #include <kadm5/kadm_rpc.h>
18 #include "client_internal.h"
19 #include "err_handle.h"
22 #define eret() do { clnt_perror(handle->clnt, "null ret"); return KADM5_RPC_ERROR; } while (0)
24 #define eret() do { return KADM5_RPC_ERROR; } while (0)
28 kadm5_create_principal(void *server_handle,
29 kadm5_principal_ent_t princ, long mask,
34 kadm5_server_handle_t handle = server_handle;
36 CHECK_HANDLE(server_handle);
38 memset(&arg, 0, sizeof(arg));
41 arg.api_version = handle->api_version;
46 if (handle->api_version == KADM5_API_VERSION_1) {
47 memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec_v1));
49 memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec));
51 if (handle->api_version == KADM5_API_VERSION_1) {
53 * hack hack cough cough.
54 * krb5_unparse name dumps core if we pass it in garbage
55 * or null. So, since the client is not allowed to set mod_name
56 * anyway, we just fill it in with a dummy principal. The server of
57 * course ignores this.
59 krb5_parse_name(handle->context, "bogus/bogus", &arg.rec.mod_name);
61 arg.rec.mod_name = NULL;
63 if(!(mask & KADM5_POLICY))
64 arg.rec.policy = NULL;
65 if (! (mask & KADM5_KEY_DATA)) {
66 arg.rec.n_key_data = 0;
67 arg.rec.key_data = NULL;
69 if (! (mask & KADM5_TL_DATA)) {
70 arg.rec.n_tl_data = 0;
71 arg.rec.tl_data = NULL;
74 r = create_principal_2(&arg, handle->clnt);
76 if (handle->api_version == KADM5_API_VERSION_1)
77 krb5_free_principal(handle->context, arg.rec.mod_name);
85 kadm5_create_principal_3(void *server_handle,
86 kadm5_principal_ent_t princ, long mask,
88 krb5_key_salt_tuple *ks_tuple,
93 kadm5_server_handle_t handle = server_handle;
95 CHECK_HANDLE(server_handle);
97 memset(&arg, 0, sizeof(arg));
100 arg.api_version = handle->api_version;
101 arg.n_ks_tuple = n_ks_tuple;
102 arg.ks_tuple = ks_tuple;
107 if (handle->api_version == KADM5_API_VERSION_1) {
108 memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec_v1));
110 memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec));
112 if (handle->api_version == KADM5_API_VERSION_1) {
114 * hack hack cough cough.
115 * krb5_unparse name dumps core if we pass it in garbage
116 * or null. So, since the client is not allowed to set mod_name
117 * anyway, we just fill it in with a dummy principal. The server of
118 * course ignores this.
120 krb5_parse_name(handle->context, "bogus/bogus", &arg.rec.mod_name);
122 arg.rec.mod_name = NULL;
124 if(!(mask & KADM5_POLICY))
125 arg.rec.policy = NULL;
126 if (! (mask & KADM5_KEY_DATA)) {
127 arg.rec.n_key_data = 0;
128 arg.rec.key_data = NULL;
130 if (! (mask & KADM5_TL_DATA)) {
131 arg.rec.n_tl_data = 0;
132 arg.rec.tl_data = NULL;
135 r = create_principal3_2(&arg, handle->clnt);
137 if (handle->api_version == KADM5_API_VERSION_1)
138 krb5_free_principal(handle->context, arg.rec.mod_name);
146 kadm5_delete_principal(void *server_handle, krb5_principal principal)
150 kadm5_server_handle_t handle = server_handle;
152 CHECK_HANDLE(server_handle);
154 if(principal == NULL)
156 arg.princ = principal;
157 arg.api_version = handle->api_version;
158 r = delete_principal_2(&arg, handle->clnt);
165 kadm5_modify_principal(void *server_handle,
166 kadm5_principal_ent_t princ, long mask)
170 kadm5_server_handle_t handle = server_handle;
172 CHECK_HANDLE(server_handle);
174 memset(&arg, 0, sizeof(arg));
176 arg.api_version = handle->api_version;
178 * cough cough gag gag
179 * see comment in create_principal.
183 if (handle->api_version == KADM5_API_VERSION_1) {
184 memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec_v1));
186 memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec));
188 if(!(mask & KADM5_POLICY))
189 arg.rec.policy = NULL;
190 if (! (mask & KADM5_KEY_DATA)) {
191 arg.rec.n_key_data = 0;
192 arg.rec.key_data = NULL;
194 if (! (mask & KADM5_TL_DATA)) {
195 arg.rec.n_tl_data = 0;
196 arg.rec.tl_data = NULL;
199 if (handle->api_version == KADM5_API_VERSION_1) {
201 * See comment in create_principal
203 krb5_parse_name(handle->context, "bogus/bogus", &arg.rec.mod_name);
205 arg.rec.mod_name = NULL;
207 r = modify_principal_2(&arg, handle->clnt);
209 if (handle->api_version == KADM5_API_VERSION_1)
210 krb5_free_principal(handle->context, arg.rec.mod_name);
218 kadm5_get_principal(void *server_handle,
219 krb5_principal princ, kadm5_principal_ent_t ent,
224 kadm5_server_handle_t handle = server_handle;
226 CHECK_HANDLE(server_handle);
231 if (handle->api_version == KADM5_API_VERSION_1)
232 arg.mask = KADM5_PRINCIPAL_NORMAL_MASK;
235 arg.api_version = handle->api_version;
236 r = get_principal_2(&arg, handle->clnt);
239 if (handle->api_version == KADM5_API_VERSION_1) {
240 kadm5_principal_ent_t_v1 *entp;
242 entp = (kadm5_principal_ent_t_v1 *) ent;
244 if (!(*entp = (kadm5_principal_ent_t_v1)
245 malloc(sizeof(kadm5_principal_ent_rec_v1))))
247 /* this memcpy works because the v1 structure is an initial
248 subset of the v2 struct. C guarantees that this will
249 result in the same layout in memory */
250 memcpy(*entp, &r->rec, sizeof(**entp));
256 memcpy(ent, &r->rec, sizeof(r->rec));
262 krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str );
268 kadm5_get_principals(void *server_handle,
269 char *exp, char ***princs, int *count)
273 kadm5_server_handle_t handle = server_handle;
275 CHECK_HANDLE(server_handle);
277 if(princs == NULL || count == NULL)
280 arg.api_version = handle->api_version;
281 r = get_princs_2(&arg, handle->clnt);
294 krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str );
300 kadm5_rename_principal(void *server_handle,
301 krb5_principal source, krb5_principal dest)
305 kadm5_server_handle_t handle = server_handle;
307 CHECK_HANDLE(server_handle);
311 arg.api_version = handle->api_version;
312 if (source == NULL || dest == NULL)
314 r = rename_principal_2(&arg, handle->clnt);
321 kadm5_chpass_principal(void *server_handle,
322 krb5_principal princ, char *password)
326 kadm5_server_handle_t handle = server_handle;
328 CHECK_HANDLE(server_handle);
332 arg.api_version = handle->api_version;
336 r = chpass_principal_2(&arg, handle->clnt);
343 kadm5_chpass_principal_3(void *server_handle,
344 krb5_principal princ, krb5_boolean keepold,
345 int n_ks_tuple, krb5_key_salt_tuple *ks_tuple,
350 kadm5_server_handle_t handle = server_handle;
352 CHECK_HANDLE(server_handle);
356 arg.api_version = handle->api_version;
357 arg.keepold = keepold;
358 arg.n_ks_tuple = n_ks_tuple;
359 arg.ks_tuple = ks_tuple;
363 r = chpass_principal3_2(&arg, handle->clnt);
370 kadm5_setv4key_principal(void *server_handle,
371 krb5_principal princ,
372 krb5_keyblock *keyblock)
376 kadm5_server_handle_t handle = server_handle;
378 CHECK_HANDLE(server_handle);
381 arg.keyblock = keyblock;
382 arg.api_version = handle->api_version;
384 if(princ == NULL || keyblock == NULL)
386 r = setv4key_principal_2(&arg, handle->clnt);
393 kadm5_setkey_principal(void *server_handle,
394 krb5_principal princ,
395 krb5_keyblock *keyblocks,
400 kadm5_server_handle_t handle = server_handle;
402 CHECK_HANDLE(server_handle);
405 arg.keyblocks = keyblocks;
407 arg.api_version = handle->api_version;
409 if(princ == NULL || keyblocks == NULL)
411 r = setkey_principal_2(&arg, handle->clnt);
418 kadm5_setkey_principal_3(void *server_handle,
419 krb5_principal princ,
420 krb5_boolean keepold, int n_ks_tuple,
421 krb5_key_salt_tuple *ks_tuple,
422 krb5_keyblock *keyblocks,
427 kadm5_server_handle_t handle = server_handle;
429 CHECK_HANDLE(server_handle);
432 arg.keyblocks = keyblocks;
434 arg.api_version = handle->api_version;
435 arg.keepold = keepold;
436 arg.n_ks_tuple = n_ks_tuple;
437 arg.ks_tuple = ks_tuple;
439 if(princ == NULL || keyblocks == NULL)
441 r = setkey_principal3_2(&arg, handle->clnt);
448 kadm5_randkey_principal_3(void *server_handle,
449 krb5_principal princ,
450 krb5_boolean keepold, int n_ks_tuple,
451 krb5_key_salt_tuple *ks_tuple,
452 krb5_keyblock **key, int *n_keys)
456 kadm5_server_handle_t handle = server_handle;
459 CHECK_HANDLE(server_handle);
462 arg.api_version = handle->api_version;
463 arg.keepold = keepold;
464 arg.n_ks_tuple = n_ks_tuple;
465 arg.ks_tuple = ks_tuple;
469 r = chrand_principal3_2(&arg, handle->clnt);
472 if (handle->api_version == KADM5_API_VERSION_1) {
474 krb5_copy_keyblock(handle->context, &r->key, key);
480 *key = (krb5_keyblock *)
481 malloc(r->n_keys*sizeof(krb5_keyblock));
484 for (i = 0; i < r->n_keys; i++) {
485 ret = krb5_copy_keyblock_contents(handle->context,
499 krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str );
506 kadm5_randkey_principal(void *server_handle,
507 krb5_principal princ,
508 krb5_keyblock **key, int *n_keys)
512 kadm5_server_handle_t handle = server_handle;
515 CHECK_HANDLE(server_handle);
518 arg.api_version = handle->api_version;
522 r = chrand_principal_2(&arg, handle->clnt);
525 if (handle->api_version == KADM5_API_VERSION_1) {
527 krb5_copy_keyblock(handle->context, &r->key, key);
533 *key = (krb5_keyblock *)
534 malloc(r->n_keys*sizeof(krb5_keyblock));
537 for (i = 0; i < r->n_keys; i++) {
538 ret = krb5_copy_keyblock_contents(handle->context,
552 krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str );
558 /* not supported on client side */
559 kadm5_ret_t kadm5_decrypt_key(void *server_handle,
560 kadm5_principal_ent_t entry, krb5_int32
561 ktype, krb5_int32 stype, krb5_int32
562 kvno, krb5_keyblock *keyblock,
563 krb5_keysalt *keysalt, int *kvnop)