*/
int exit_status = 0;
krb5_context kcontext;
-krb5_ccache ccache2use = (krb5_ccache) NULL;
char *programname = (char *) NULL;
char *requestname = (char *) NULL;
krb5_boolean multiple = 0;
static const char *wr_ktab_type = "WRFILE";
static const char *gent_opterr_fmt = "- cannot decode protocol";
+static const char *gen_conn_err_fmt = "- cannot connect to server";
static const char *db_print_header = "------------------------------------\n";
static const char *db_print_1_fmt = "Principal: %s (key version %d)\n";
static const char *db_print_2_fmt = "Maximum ticket lifetime: %s\n";
(krb5_data *) NULL,
&proto_stat,
&ncomps,
- &complist))) {
+ &complist,
+ 0))) {
if (proto_stat == KRB5_ADM_SUCCESS) {
*nextp = (char *) malloc((size_t) complist[0].length + 1);
if (*nextp) {
memset((char *) dbentp, 0, sizeof(krb5_db_entry));
valid = 0;
if (parse_princ_options(argc, argv, &valid, dbentp)) {
- valid |= KRB5_ADM_M_SET; /* We are setting options */
- sprintf(p1, add_prompt1_fmt, principal);
- sprintf(p2, add_prompt2_fmt, principal);
- nplen = KRB5_ADM_MAX_PASSWORD_LEN;
- valid |= KRB5_ADM_M_PASSWORD; /* We have a password */
- if (!(kret = krb5_read_password(kcontext,
- p1, p2, npass, &nplen))) {
- npass[nplen] = '\0';
- nargs = ncomps = 0;
- if (!(kret = krb5_adm_dbent_to_proto(kcontext,
- valid,
- dbentp,
- npass,
- &nargs,
- &arglist)) &&
- !(kret = net_do_proto(KRB5_ADM_ADD_PRINC_CMD,
- principal,
- (char *) NULL,
- nargs,
- arglist,
- &proto_stat,
- &ncomps,
- &complist))) {
- if (proto_stat == KRB5_ADM_SUCCESS) {
- com_err(programname, 0, add_succ_fmt, principal);
+ if (!(kret = net_connect())) {
+ valid |= KRB5_ADM_M_SET; /* We are setting options */
+ sprintf(p1, add_prompt1_fmt, principal);
+ sprintf(p2, add_prompt2_fmt, principal);
+ nplen = KRB5_ADM_MAX_PASSWORD_LEN;
+ valid |= KRB5_ADM_M_PASSWORD; /* We have a password */
+ if (!(kret = krb5_read_password(kcontext,
+ p1, p2, npass, &nplen))) {
+ npass[nplen] = '\0';
+ nargs = ncomps = 0;
+ if (!(kret = krb5_adm_dbent_to_proto(kcontext,
+ valid,
+ dbentp,
+ npass,
+ &nargs,
+ &arglist)) &&
+ !(kret = net_do_proto(KRB5_ADM_ADD_PRINC_CMD,
+ principal,
+ (char *) NULL,
+ nargs,
+ arglist,
+ &proto_stat,
+ &ncomps,
+ &complist,
+ 1))) {
+ if (proto_stat == KRB5_ADM_SUCCESS) {
+ com_err(programname, 0, add_succ_fmt, principal);
+ }
}
+ else {
+ com_err(requestname, kret, add_protoerr_fmt);
+ }
+ if (ncomps)
+ krb5_free_adm_data(kcontext, ncomps, complist);
+ if (nargs)
+ krb5_free_adm_data(kcontext, nargs, arglist);
+ memset(npass, 0, KRB5_ADM_MAX_PASSWORD_LEN);
}
else {
- com_err(requestname, kret, add_protoerr_fmt);
+ com_err(requestname, 0, add_noconf_fmt);
}
- if (ncomps)
- krb5_free_adm_data(kcontext, ncomps, complist);
- if (nargs)
- krb5_free_adm_data(kcontext, nargs, arglist);
- memset(npass, 0, KRB5_ADM_MAX_PASSWORD_LEN);
+ net_disconnect(0);
}
else {
- com_err(requestname, 0, add_noconf_fmt);
+ com_err(requestname, kret, gen_conn_err_fmt);
}
}
else {
sprintf(p1, cpw_prompt1_fmt, argv[1]);
sprintf(p2, cpw_prompt2_fmt, argv[1]);
- nplen = KRB5_ADM_MAX_PASSWORD_LEN;
- if (!(kret = krb5_read_password(kcontext, p1, p2, npass, &nplen))) {
- npass[nplen] = '\0';
- if (!(kret = net_do_proto(KRB5_ADM_CHG_OPW_CMD,
- argv[1],
- npass,
- 0,
- (krb5_data *) NULL,
- &proto_stat,
- &ncomps,
- &complist))) {
- if (proto_stat == KRB5_ADM_SUCCESS) {
- com_err(programname, 0, cpw_succ_fmt, argv[1]);
- krb5_free_adm_data(kcontext, ncomps, complist);
+ if (!(kret = net_connect())) {
+ nplen = KRB5_ADM_MAX_PASSWORD_LEN;
+ if (!(kret = krb5_read_password(kcontext,
+ p1,
+ p2,
+ npass,
+ &nplen))) {
+ npass[nplen] = '\0';
+ if (!(kret = net_do_proto(KRB5_ADM_CHG_OPW_CMD,
+ argv[1],
+ npass,
+ 0,
+ (krb5_data *) NULL,
+ &proto_stat,
+ &ncomps,
+ &complist,
+ 1))) {
+ if (proto_stat == KRB5_ADM_SUCCESS) {
+ com_err(programname, 0, cpw_succ_fmt, argv[1]);
+ krb5_free_adm_data(kcontext, ncomps, complist);
+ }
}
+ memset(npass, 0, KRB5_ADM_MAX_PASSWORD_LEN);
+ }
+ else {
+ com_err(argv[0], kret, cpw_nochange_fmt, argv[1]);
}
- memset(npass, 0, KRB5_ADM_MAX_PASSWORD_LEN);
+ net_disconnect(0);
}
else {
- com_err(argv[0], kret, cpw_nochange_fmt, argv[1]);
+ com_err(argv[0], kret, gen_conn_err_fmt);
}
}
else {
arglist,
&proto_stat,
&ncomps,
- &complist))) {
+ &complist,
+ 0))) {
if (proto_stat == KRB5_ADM_SUCCESS) {
com_err(programname, 0, add_succ_fmt, principal);
}
(krb5_data *) NULL,
&proto_stat,
&ncomps,
- &complist))) {
+ &complist,
+ 0))) {
if (proto_stat == KRB5_ADM_SUCCESS) {
com_err(programname, 0, cpw_succ_fmt, argv[1]);
krb5_free_adm_data(kcontext, ncomps, complist);
(krb5_data *) NULL,
&proto_stat,
&ncomps,
- &complist))) {
+ &complist,
+ 0))) {
if (proto_stat == KRB5_ADM_SUCCESS) {
com_err(programname, 0, del_princ_fmt, argv[i]);
krb5_free_adm_data(kcontext, ncomps, complist);
return;
}
memset((char *) &keytab_entry, 0, sizeof(krb5_keytab_entry));
+
for (i=0; i<argc; i++) {
if (!(kret = net_do_proto(KRB5_ADM_EXT_KEY_CMD,
instance,
(krb5_data *) NULL,
&proto_stat,
&ncomps,
- &complist))) {
+ &complist,
+ 0))) {
if (proto_stat == KRB5_ADM_SUCCESS) {
if (!(kret = krb5_adm_proto_to_ktent(kcontext,
ncomps,
return;
}
memset((char *) &keytab_entry, 0, sizeof(krb5_keytab_entry));
+
for (i=0; i<argc; i++) {
if (!(kret = net_do_proto(KRB5_ADM_EXT_KEY_CMD,
instance,
(krb5_data *) NULL,
&proto_stat,
&ncomps,
- &complist))) {
+ &complist,
+ 0))) {
if (proto_stat == KRB5_ADM_SUCCESS) {
if (!(kret = krb5_adm_proto_to_ktent(kcontext,
ncomps,
arglist,
&proto_stat,
&ncomps,
- &complist))) {
+ &complist,
+ 0))) {
if (proto_stat == KRB5_ADM_SUCCESS) {
com_err(programname, 0, mod_succ_fmt, principal);
}
(krb5_data *) NULL,
&proto_stat,
&ncomps,
- &complist))) {
+ &complist,
+ 0))) {
if (proto_stat == KRB5_ADM_SUCCESS) {
com_err(programname, 0, ren_princ_fmt, argv[0], argv[1]);
krb5_free_adm_data(kcontext, ncomps, complist);
continue;
}
}
-
+
if (!error) {
char *next;
char *nnext;
(krb5_data *) NULL,
&proto_stat,
&ncomps,
- &complist))) {
+ &complist,
+ 0))) {
if (proto_stat == KRB5_ADM_SUCCESS) {
krb5_free_adm_data(kcontext, ncomps, complist);
}
(krb5_data *) NULL,
&proto_stat,
&ncomps,
- &complist))) {
+ &complist,
+ 0))) {
if (proto_stat == KRB5_ADM_SUCCESS) {
krb5_free_adm_data(kcontext, ncomps, complist);
}
char *action = (char *) NULL;
krb5_boolean saveit = 0;
krb5_boolean delit = 0;
+ krb5_ccache ccache;
programname = strrchr(argv[0], (int) '/');
programname = (programname) ? programname+1 : argv[0];
+ ccache = (krb5_ccache) NULL;
while ((option = getopt(argc, argv, "c:dsl:r:p:m")) != EOF) {
switch (option) {
case 'c':
/* Verify ccache name if supplied. */
if (ccname2use) {
- if (kret = krb5_cc_resolve(kcontext, ccname2use, &ccache2use)) {
+ if (kret = krb5_cc_resolve(kcontext, ccname2use, &ccache)) {
com_err(argv[0], kret, kadmin_ccache_fmt, ccname2use);
exit(4);
}
user = (char *) NULL;
/* First try supplied credentials cache */
- if (ccache2use &&
- !(kret = krb5_cc_get_principal(kcontext, ccache2use, &me))) {
+ if (ccache &&
+ !(kret = krb5_cc_get_principal(kcontext, ccache, &me))) {
/* Use our first component, if it exists. */
if (krb5_princ_size(kcontext, me) > 0) {
exit(1);
}
+ if (ccache)
+ krb5_cc_close(kcontext, ccache);
+
/* See if something's left, e.g. a request */
if (argc > optind) {
size_t n2alloc;
static const char *proto_system_err_fmt = "(%s) remote system error";
static const char *proto_ufo_err_fmt = "- (%s) protocol command %s returned unexpected error %d";
static const char *net_conn_err_fmt = "- %s: cannot connect to server";
+static const char *net_ccache_fmt = "- cannot find credential cache %s";
\f
/*
* print_proto_sreply() - Print server's error reply strings.
* connected or a separate connection is required for
* each transaction.
*/
-static krb5_error_code
+krb5_error_code
net_connect()
{
krb5_error_code kret = 0;
if (!multiple || !server_active) {
char opassword[KRB5_ADM_MAX_PASSWORD_LEN];
- server_ccache = (ccache2use) ? ccache2use : (krb5_ccache) NULL;
+ /* Resolve ccache name if supplied. */
+ if (ccname2use) {
+ if (kret = krb5_cc_resolve(kcontext, ccname2use, &server_ccache)) {
+ com_err(programname, kret, net_ccache_fmt, ccname2use);
+ return(kret);
+ }
+ }
+ else
+ server_ccache = (krb5_ccache) NULL;
+
if (!(kret = server_stat = krb5_adm_connect(kcontext,
principal_name,
password_prompt,
}
\f
/*
- * kadmin_disconnect() - Disconnect from the server. If there has been
+ * net_disconnect() - Disconnect from the server. If there has been
* a server error, just close the socket. Otherwise
* engage in the disconnection protocol.
*/
* net_do_proto() - Perform a protocol request and return the results.
*/
krb5_error_code
-net_do_proto(cmd, arg1, arg2, nargs, argp, rstatp, ncompp, complistp)
+net_do_proto(cmd, arg1, arg2, nargs, argp, rstatp, ncompp, complistp, caller)
char *cmd;
char *arg1;
char *arg2;
krb5_int32 *rstatp;
krb5_int32 *ncompp;
krb5_data **complistp;
+ krb5_boolean caller;
{
krb5_error_code kret;
krb5_int32 nprotoargs;
krb5_data *protoargs;
/* Connect to the server, if necessary */
- if (!(kret = net_connect())) {
+ if (caller || !(kret = net_connect())) {
/* Figure out how many things we need to prepend to the arguments */
nprotoargs = nargs + 1;
}
else
kret = ENOMEM;
- net_disconnect(0);
+ if (!caller)
+ net_disconnect(0);
}
return(kret);
}
projects / krb5.git / commitdiff