*/
void (*free)(krb5_context kcontext, void *ptr);
- /*
- * Optional: Inform the module of the master key list. The module may
- * remember an alias to the provided memory. This function is called at
- * startup by the KDC and kadmind with the value returned by
- * fetch_master_key_list.
- */
- krb5_error_code (*set_master_key_list)(krb5_context kcontext,
- krb5_keylist_node *keylist);
-
- /*
- * Optional: Retrieve an alias to the master key list as previously set by
- * set_master_key_list. This function is used by the KDB keytab
- * implementation in libkdb5, which is used by kadmind.
- */
- krb5_error_code (*get_master_key_list)(krb5_context kcontext,
- krb5_keylist_node **keylist);
-
/*
* Optional with default: Retrieve a master keyblock from the stash file
* db_args, filling in *key and *kvno. mname is the name of the master
( krb5_context kcontext, osa_policy_ent_t entry ),
(kcontext, entry));
-WRAP_K (krb5_db2_set_mkey_list,
- ( krb5_context kcontext, krb5_keylist_node *keylist),
- (kcontext, keylist));
-
-WRAP_K (krb5_db2_get_mkey_list,
- ( krb5_context context, krb5_keylist_node **keylist),
- (context, keylist));
-
WRAP_K (krb5_db2_promote_db,
( krb5_context kcontext, char *conf_section, char **db_args ),
(kcontext, conf_section, db_args));
/* free_policy */ wrap_krb5_db2_free_policy,
/* alloc */ krb5_db2_alloc,
/* free */ krb5_db2_free,
- /* set_master_key_list */ wrap_krb5_db2_set_mkey_list,
- /* get_master_key_list */ wrap_krb5_db2_get_mkey_list,
/* blah blah blah */ 0,0,0,0,0,
/* promote_db */ wrap_krb5_db2_promote_db,
0, 0, 0, 0,
return retval;
}
-krb5_error_code
-krb5_db2_set_mkey_list(krb5_context context, krb5_keylist_node *key_list)
-{
- krb5_db2_context *db_ctx;
-
- if (!k5db2_inited(context))
- return (KRB5_KDB_DBNOTINITED);
- db_ctx = context->dal_handle->db_context;
- db_ctx->db_master_key_list = key_list;
- return 0;
-}
-
-krb5_error_code
-krb5_db2_get_mkey_list(krb5_context context, krb5_keylist_node **key_list)
-{
- krb5_db2_context *db_ctx;
-
- if (!k5db2_inited(context))
- return (KRB5_KDB_DBNOTINITED);
-
- db_ctx = context->dal_handle->db_context;
- *key_list = db_ctx->db_master_key_list;
-
- return 0;
-}
/* Return successfully if the db2 name set in context can be opened. */
static krb5_error_code
int db_locks_held; /* Number of times locked */
int db_lock_mode; /* Last lock mode, e.g. greatest*/
krb5_boolean db_nb_locks; /* [Non]Blocking lock modes */
- krb5_keylist_node *db_master_key_list; /* Master key list of database */
osa_adb_policy_t policy_db;
krb5_boolean tempdb;
krb5_boolean disable_last_success;
krb5_error_code krb5_db2_open_database(krb5_context);
krb5_error_code krb5_db2_close_database(krb5_context);
-krb5_error_code
-krb5_db2_set_mkey_list(krb5_context context, krb5_keylist_node *keylist);
-
-krb5_error_code
-krb5_db2_get_mkey_list(krb5_context context, krb5_keylist_node **keylist);
-
krb5_error_code
krb5_db2_delete_principal(krb5_context context,
krb5_const_principal searchfor);
/* alloc */ krb5_ldap_alloc,
/* free */ krb5_ldap_free,
/* optional functions */
- /* set_master_key_list */ krb5_ldap_set_mkey_list,
- /* get_master_key_list */ krb5_ldap_get_mkey_list,
/* fetch_master_key */ NULL /* krb5_ldap_fetch_mkey */,
/* fetch_master_key_list */ NULL,
/* store_master_key_list */ NULL,
$(srcdir)/ldap_services.c \
$(srcdir)/ldap_service_rights.c \
$(srcdir)/princ_xdr.c \
- $(srcdir)/ldap_fetch_mkey.c \
$(srcdir)/ldap_service_stash.c \
$(srcdir)/kdb_xdr.c \
$(srcdir)/ldap_err.c \
ldap_services.o \
ldap_service_rights.o \
princ_xdr.o \
- ldap_fetch_mkey.o \
ldap_service_stash.o \
kdb_xdr.o \
ldap_err.o \
void
krb5_ldap_free( krb5_context kcontext, void *ptr );
-krb5_error_code
-krb5_ldap_get_mkey_list (krb5_context context, krb5_keylist_node **key_list);
-
-krb5_error_code
-krb5_ldap_set_mkey_list(krb5_context, krb5_keylist_node *);
-
krb5_error_code
krb5_ldap_create(krb5_context , char *, char **);
+++ /dev/null
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/*
- * lib/kdb/kdb_ldap/ldap_fetch_mkey.c
- *
- * Copyright (c) 2004-2005, Novell, Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * * Redistributions of source code must retain the above copyright notice,
- * this list of conditions and the following disclaimer.
- * * Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * * The copyright holder's name is not used to endorse or promote products
- * derived from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include "ldap_main.h"
-#include "kdb_ldap.h"
-
-krb5_error_code
-krb5_ldap_get_mkey_list(krb5_context context, krb5_keylist_node **key_list)
-{
- kdb5_dal_handle *dal_handle=NULL;
- krb5_ldap_context *ldap_context=NULL;
-
- /* Clear the global error string */
- krb5_clear_error_message(context);
-
- dal_handle = context->dal_handle;
- ldap_context = (krb5_ldap_context *) dal_handle->db_context;
-
- if (ldap_context == NULL || ldap_context->lrparams == NULL)
- return KRB5_KDB_DBNOTINITED;
-
- *key_list = ldap_context->lrparams->mkey_list;
- return 0;
-}
-
-krb5_error_code
-krb5_ldap_set_mkey_list(krb5_context context, krb5_keylist_node *key_list)
-{
- kdb5_dal_handle *dal_handle=NULL;
- krb5_ldap_context *ldap_context=NULL;
- krb5_ldap_realm_params *r_params = NULL;
-
- /* Clear the global error string */
- krb5_clear_error_message(context);
-
- dal_handle = context->dal_handle;
- ldap_context = (krb5_ldap_context *) dal_handle->db_context;
-
- if (ldap_context == NULL || ldap_context->lrparams == NULL)
- return KRB5_KDB_DBNOTINITED;
-
- r_params = ldap_context->lrparams;
- r_params->mkey_list = key_list;
- return 0;
-}
char **adminservers;
char **passwdservers;
krb5_tl_data *tl_data;
- krb5_keylist_node *mkey_list; /* all master keys in use for the realm */
long mask;
} krb5_ldap_realm_params;