2 * Copyright 1993 OpenVision Technologies, Inc., All Rights Reserved
7 #if !defined(lint) && !defined(__CODECENTER__)
8 static char *rcsid = "$Header$";
11 #include <gssrpc/rpc.h>
12 #include <kadm5/admin.h>
13 #include <kadm5/kadm_rpc.h>
17 #include "client_internal.h"
18 #include "err_handle.h"
21 #define eret() do { clnt_perror(handle->clnt, "null ret"); return KADM5_RPC_ERROR; } while (0)
23 #define eret() do { return KADM5_RPC_ERROR; } while (0)
27 kadm5_create_principal(void *server_handle,
28 kadm5_principal_ent_t princ, long mask,
33 kadm5_server_handle_t handle = server_handle;
35 CHECK_HANDLE(server_handle);
37 memset(&arg, 0, sizeof(arg));
40 arg.api_version = handle->api_version;
45 if (handle->api_version == KADM5_API_VERSION_1) {
46 memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec_v1));
48 memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec));
50 if (handle->api_version == KADM5_API_VERSION_1) {
52 * hack hack cough cough.
53 * krb5_unparse name dumps core if we pass it in garbage
54 * or null. So, since the client is not allowed to set mod_name
55 * anyway, we just fill it in with a dummy principal. The server of
56 * course ignores this.
58 krb5_parse_name(handle->context, "bogus/bogus", &arg.rec.mod_name);
60 arg.rec.mod_name = NULL;
62 if(!(mask & KADM5_POLICY))
63 arg.rec.policy = NULL;
64 if (! (mask & KADM5_KEY_DATA)) {
65 arg.rec.n_key_data = 0;
66 arg.rec.key_data = NULL;
68 if (! (mask & KADM5_TL_DATA)) {
69 arg.rec.n_tl_data = 0;
70 arg.rec.tl_data = NULL;
73 r = create_principal_2(&arg, handle->clnt);
75 if (handle->api_version == KADM5_API_VERSION_1)
76 krb5_free_principal(handle->context, arg.rec.mod_name);
84 kadm5_create_principal_3(void *server_handle,
85 kadm5_principal_ent_t princ, long mask,
87 krb5_key_salt_tuple *ks_tuple,
92 kadm5_server_handle_t handle = server_handle;
94 CHECK_HANDLE(server_handle);
96 memset(&arg, 0, sizeof(arg));
99 arg.api_version = handle->api_version;
100 arg.n_ks_tuple = n_ks_tuple;
101 arg.ks_tuple = ks_tuple;
106 if (handle->api_version == KADM5_API_VERSION_1) {
107 memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec_v1));
109 memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec));
111 if (handle->api_version == KADM5_API_VERSION_1) {
113 * hack hack cough cough.
114 * krb5_unparse name dumps core if we pass it in garbage
115 * or null. So, since the client is not allowed to set mod_name
116 * anyway, we just fill it in with a dummy principal. The server of
117 * course ignores this.
119 krb5_parse_name(handle->context, "bogus/bogus", &arg.rec.mod_name);
121 arg.rec.mod_name = NULL;
123 if(!(mask & KADM5_POLICY))
124 arg.rec.policy = NULL;
125 if (! (mask & KADM5_KEY_DATA)) {
126 arg.rec.n_key_data = 0;
127 arg.rec.key_data = NULL;
129 if (! (mask & KADM5_TL_DATA)) {
130 arg.rec.n_tl_data = 0;
131 arg.rec.tl_data = NULL;
134 r = create_principal3_2(&arg, handle->clnt);
136 if (handle->api_version == KADM5_API_VERSION_1)
137 krb5_free_principal(handle->context, arg.rec.mod_name);
145 kadm5_delete_principal(void *server_handle, krb5_principal principal)
149 kadm5_server_handle_t handle = server_handle;
151 CHECK_HANDLE(server_handle);
153 if(principal == NULL)
155 arg.princ = principal;
156 arg.api_version = handle->api_version;
157 r = delete_principal_2(&arg, handle->clnt);
164 kadm5_modify_principal(void *server_handle,
165 kadm5_principal_ent_t princ, long mask)
169 kadm5_server_handle_t handle = server_handle;
171 CHECK_HANDLE(server_handle);
173 memset(&arg, 0, sizeof(arg));
175 arg.api_version = handle->api_version;
177 * cough cough gag gag
178 * see comment in create_principal.
182 if (handle->api_version == KADM5_API_VERSION_1) {
183 memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec_v1));
185 memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec));
187 if(!(mask & KADM5_POLICY))
188 arg.rec.policy = NULL;
189 if (! (mask & KADM5_KEY_DATA)) {
190 arg.rec.n_key_data = 0;
191 arg.rec.key_data = NULL;
193 if (! (mask & KADM5_TL_DATA)) {
194 arg.rec.n_tl_data = 0;
195 arg.rec.tl_data = NULL;
198 if (handle->api_version == KADM5_API_VERSION_1) {
200 * See comment in create_principal
202 krb5_parse_name(handle->context, "bogus/bogus", &arg.rec.mod_name);
204 arg.rec.mod_name = NULL;
206 r = modify_principal_2(&arg, handle->clnt);
208 if (handle->api_version == KADM5_API_VERSION_1)
209 krb5_free_principal(handle->context, arg.rec.mod_name);
217 kadm5_get_principal(void *server_handle,
218 krb5_principal princ, kadm5_principal_ent_t ent,
223 kadm5_server_handle_t handle = server_handle;
225 CHECK_HANDLE(server_handle);
230 if (handle->api_version == KADM5_API_VERSION_1)
231 arg.mask = KADM5_PRINCIPAL_NORMAL_MASK;
234 arg.api_version = handle->api_version;
235 r = get_principal_2(&arg, handle->clnt);
238 if (handle->api_version == KADM5_API_VERSION_1) {
239 kadm5_principal_ent_t_v1 *entp;
241 entp = (kadm5_principal_ent_t_v1 *) ent;
243 if (!(*entp = (kadm5_principal_ent_t_v1)
244 malloc(sizeof(kadm5_principal_ent_rec_v1))))
246 /* this memcpy works because the v1 structure is an initial
247 subset of the v2 struct. C guarantees that this will
248 result in the same layout in memory */
249 memcpy(*entp, &r->rec, sizeof(**entp));
255 memcpy(ent, &r->rec, sizeof(r->rec));
261 krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str );
267 kadm5_get_principals(void *server_handle,
268 char *exp, char ***princs, int *count)
272 kadm5_server_handle_t handle = server_handle;
274 CHECK_HANDLE(server_handle);
276 if(princs == NULL || count == NULL)
279 arg.api_version = handle->api_version;
280 r = get_princs_2(&arg, handle->clnt);
293 krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str );
299 kadm5_rename_principal(void *server_handle,
300 krb5_principal source, krb5_principal dest)
304 kadm5_server_handle_t handle = server_handle;
306 CHECK_HANDLE(server_handle);
310 arg.api_version = handle->api_version;
311 if (source == NULL || dest == NULL)
313 r = rename_principal_2(&arg, handle->clnt);
320 kadm5_chpass_principal(void *server_handle,
321 krb5_principal princ, char *password)
325 kadm5_server_handle_t handle = server_handle;
327 CHECK_HANDLE(server_handle);
331 arg.api_version = handle->api_version;
335 r = chpass_principal_2(&arg, handle->clnt);
342 kadm5_chpass_principal_3(void *server_handle,
343 krb5_principal princ, krb5_boolean keepold,
344 int n_ks_tuple, krb5_key_salt_tuple *ks_tuple,
349 kadm5_server_handle_t handle = server_handle;
351 CHECK_HANDLE(server_handle);
355 arg.api_version = handle->api_version;
356 arg.keepold = keepold;
357 arg.n_ks_tuple = n_ks_tuple;
358 arg.ks_tuple = ks_tuple;
362 r = chpass_principal3_2(&arg, handle->clnt);
369 kadm5_setv4key_principal(void *server_handle,
370 krb5_principal princ,
371 krb5_keyblock *keyblock)
375 kadm5_server_handle_t handle = server_handle;
377 CHECK_HANDLE(server_handle);
380 arg.keyblock = keyblock;
381 arg.api_version = handle->api_version;
383 if(princ == NULL || keyblock == NULL)
385 r = setv4key_principal_2(&arg, handle->clnt);
392 kadm5_setkey_principal(void *server_handle,
393 krb5_principal princ,
394 krb5_keyblock *keyblocks,
399 kadm5_server_handle_t handle = server_handle;
401 CHECK_HANDLE(server_handle);
404 arg.keyblocks = keyblocks;
406 arg.api_version = handle->api_version;
408 if(princ == NULL || keyblocks == NULL)
410 r = setkey_principal_2(&arg, handle->clnt);
417 kadm5_setkey_principal_3(void *server_handle,
418 krb5_principal princ,
419 krb5_boolean keepold, int n_ks_tuple,
420 krb5_key_salt_tuple *ks_tuple,
421 krb5_keyblock *keyblocks,
426 kadm5_server_handle_t handle = server_handle;
428 CHECK_HANDLE(server_handle);
431 arg.keyblocks = keyblocks;
433 arg.api_version = handle->api_version;
434 arg.keepold = keepold;
435 arg.n_ks_tuple = n_ks_tuple;
436 arg.ks_tuple = ks_tuple;
438 if(princ == NULL || keyblocks == NULL)
440 r = setkey_principal3_2(&arg, handle->clnt);
447 kadm5_randkey_principal_3(void *server_handle,
448 krb5_principal princ,
449 krb5_boolean keepold, int n_ks_tuple,
450 krb5_key_salt_tuple *ks_tuple,
451 krb5_keyblock **key, int *n_keys)
455 kadm5_server_handle_t handle = server_handle;
458 CHECK_HANDLE(server_handle);
461 arg.api_version = handle->api_version;
462 arg.keepold = keepold;
463 arg.n_ks_tuple = n_ks_tuple;
464 arg.ks_tuple = ks_tuple;
468 r = chrand_principal3_2(&arg, handle->clnt);
471 if (handle->api_version == KADM5_API_VERSION_1) {
473 krb5_copy_keyblock(handle->context, &r->key, key);
479 *key = (krb5_keyblock *)
480 malloc(r->n_keys*sizeof(krb5_keyblock));
483 for (i = 0; i < r->n_keys; i++) {
484 ret = krb5_copy_keyblock_contents(handle->context,
498 krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str );
505 kadm5_randkey_principal(void *server_handle,
506 krb5_principal princ,
507 krb5_keyblock **key, int *n_keys)
511 kadm5_server_handle_t handle = server_handle;
514 CHECK_HANDLE(server_handle);
517 arg.api_version = handle->api_version;
521 r = chrand_principal_2(&arg, handle->clnt);
524 if (handle->api_version == KADM5_API_VERSION_1) {
526 krb5_copy_keyblock(handle->context, &r->key, key);
532 *key = (krb5_keyblock *)
533 malloc(r->n_keys*sizeof(krb5_keyblock));
536 for (i = 0; i < r->n_keys; i++) {
537 ret = krb5_copy_keyblock_contents(handle->context,
551 krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str );
557 /* not supported on client side */
558 kadm5_ret_t kadm5_decrypt_key(void *server_handle,
559 kadm5_principal_ent_t entry, krb5_int32
560 ktype, krb5_int32 stype, krb5_int32
561 kvno, krb5_keyblock *keyblock,
562 krb5_keysalt *keysalt, int *kvnop)