0
};
-static krb5_error_code add_principal PROTOTYPE((krb5_principal, enum ap_op,
- struct realm_info *));
+static krb5_error_code add_principal
+ PROTOTYPE((krb5_context,
+ krb5_principal,
+ enum ap_op,
+ struct realm_info *));
/*
* Steps in creating a database:
int keytypedone = 0;
krb5_enctype etype = 0xffff;
krb5_data scratch, pwd;
+ krb5_context context;
- krb5_init_ets();
+ krb5_init_context(&context);
+ krb5_init_ets(context);
if (strrchr(argv[0], '/'))
argv[0] = strrchr(argv[0], '/')+1;
"while setting up etype %d", etype);
exit(1);
}
- krb5_use_cstype(&master_encblock, etype);
+ krb5_use_cstype(context, &master_encblock, etype);
- retval = krb5_db_set_name(dbname);
+ retval = krb5_db_set_name(context, dbname);
if (!retval) retval = EEXIST;
if (retval == EEXIST || retval == EACCES || retval == EPERM) {
exit(1);
}
if (!realm) {
- if (retval = krb5_get_default_realm(&defrealm)) {
+ if (retval = krb5_get_default_realm(context, &defrealm)) {
com_err(argv[0], retval, "while retrieving default realm name");
exit(1);
}
/* assemble & parse the master key name */
- if (retval = krb5_db_setup_mkey_name(mkey_name, realm, &mkey_fullname,
- &master_princ)) {
+ if (retval = krb5_db_setup_mkey_name(context, mkey_name, realm,
+ &mkey_fullname, &master_princ)) {
com_err(argv[0], retval, "while setting up master key name");
exit(1);
}
- krb5_princ_set_realm_data(&db_create_princ, realm);
- krb5_princ_set_realm_length(&db_create_princ, strlen(realm));
- krb5_princ_set_realm_data(&tgt_princ, realm);
- krb5_princ_set_realm_length(&tgt_princ, strlen(realm));
- krb5_princ_component(&tgt_princ,1)->data = realm;
- krb5_princ_component(&tgt_princ,1)->length = strlen(realm);
+ krb5_princ_set_realm_data(context, &db_create_princ, realm);
+ krb5_princ_set_realm_length(context, &db_create_princ, strlen(realm));
+ krb5_princ_set_realm_data(context, &tgt_princ, realm);
+ krb5_princ_set_realm_length(context, &tgt_princ, strlen(realm));
+ krb5_princ_component(context, &tgt_princ,1)->data = realm;
+ krb5_princ_component(context, &tgt_princ,1)->length = strlen(realm);
printf("Initializing database '%s' for realm '%s',\n\
master key name '%s'\n",
if (mkey_password) {
pwd.data = mkey_password;
pwd.length = strlen(mkey_password);
- retval = krb5_principal2salt(master_princ, &scratch);
+ retval = krb5_principal2salt(context, master_princ, &scratch);
if (retval) {
com_err(argv[0], retval, "while calculated master key salt");
exit(1);
}
- retval = krb5_string_to_key(&master_encblock, master_keyblock.keytype,
- &master_keyblock, &pwd, &scratch);
+ retval = krb5_string_to_key(context, &master_encblock,
+ master_keyblock.keytype, &master_keyblock,
+ &pwd, &scratch);
if (retval) {
com_err(argv[0], retval,
"while transforming master key from password");
fflush(stdout);
/* TRUE here means read the keyboard, and do it twice */
- if (retval = krb5_db_fetch_mkey(master_princ, &master_encblock, TRUE,
- TRUE, 0, &master_keyblock)) {
+ if (retval = krb5_db_fetch_mkey(context, master_princ, &master_encblock,
+ TRUE, TRUE, 0, &master_keyblock)) {
com_err(argv[0], retval, "while reading master key");
exit(1);
}
}
- if (retval = krb5_process_key(&master_encblock, &master_keyblock)) {
+ if (retval = krb5_process_key(context, &master_encblock,&master_keyblock)){
com_err(argv[0], retval, "while processing master key");
exit(1);
}
rblock.eblock = &master_encblock;
- if (retval = krb5_init_random_key(&master_encblock, &master_keyblock,
- &rblock.rseed)) {
+ if (retval = krb5_init_random_key(context, &master_encblock,
+ &master_keyblock, &rblock.rseed)) {
com_err(argv[0], retval, "while initializing random key generator");
- (void) krb5_finish_key(&master_encblock);
+ (void) krb5_finish_key(context, &master_encblock);
exit(1);
}
- if (retval = krb5_db_create(dbname)) {
- (void) krb5_finish_key(&master_encblock);
- (void) krb5_finish_random_key(&master_encblock, &rblock.rseed);
+ if (retval = krb5_db_create(context, dbname)) {
+ (void) krb5_finish_key(context, &master_encblock);
+ (void) krb5_finish_random_key(context, &master_encblock, &rblock.rseed);
com_err(argv[0], retval, "while creating database '%s'",
dbname);
exit(1);
}
- if (retval = krb5_db_set_name(dbname)) {
- (void) krb5_finish_key(&master_encblock);
- (void) krb5_finish_random_key(&master_encblock, &rblock.rseed);
+ if (retval = krb5_db_set_name(context, dbname)) {
+ (void) krb5_finish_key(context, &master_encblock);
+ (void) krb5_finish_random_key(context, &master_encblock, &rblock.rseed);
com_err(argv[0], retval, "while setting active database to '%s'",
dbname);
exit(1);
}
- if (retval = krb5_db_init()) {
- (void) krb5_finish_key(&master_encblock);
- (void) krb5_finish_random_key(&master_encblock, &rblock.rseed);
+ if (retval = krb5_db_init(context)) {
+ (void) krb5_finish_key(context, &master_encblock);
+ (void) krb5_finish_random_key(context, &master_encblock, &rblock.rseed);
com_err(argv[0], retval, "while initializing the database '%s'",
dbname);
exit(1);
}
- if ((retval = add_principal(master_princ, MASTER_KEY, &rblock)) ||
- (retval = add_principal(&tgt_princ, RANDOM_KEY, &rblock))) {
- (void) krb5_db_fini();
- (void) krb5_finish_key(&master_encblock);
- (void) krb5_finish_random_key(&master_encblock, &rblock.rseed);
+ if ((retval = add_principal(context, master_princ, MASTER_KEY, &rblock)) ||
+ (retval = add_principal(context, &tgt_princ, RANDOM_KEY, &rblock))) {
+ (void) krb5_db_fini(context);
+ (void) krb5_finish_key(context, &master_encblock);
+ (void) krb5_finish_random_key(context, &master_encblock, &rblock.rseed);
com_err(argv[0], retval, "while adding entries to the database");
exit(1);
}
/* clean up */
- (void) krb5_db_fini();
- (void) krb5_finish_key(&master_encblock);
- (void) krb5_finish_random_key(&master_encblock, &rblock.rseed);
+ (void) krb5_db_fini(context);
+ (void) krb5_finish_key(context, &master_encblock);
+ (void) krb5_finish_random_key(context, &master_encblock, &rblock.rseed);
memset((char *)master_keyblock.contents, 0, master_keyblock.length);
exit(0);
}
static krb5_error_code
-add_principal(princ, op, pblock)
-krb5_principal princ;
-enum ap_op op;
-struct realm_info *pblock;
+add_principal(context, princ, op, pblock)
+ krb5_context context;
+ krb5_principal princ;
+ enum ap_op op;
+ struct realm_info *pblock;
{
krb5_db_entry entry;
krb5_error_code retval;
entry.expiration = pblock->expiration;
entry.mod_name = &db_create_princ;
- if (retval = krb5_timeofday(&entry.mod_date))
+ if (retval = krb5_timeofday(context, &entry.mod_date))
return retval;
entry.attributes = pblock->flags;
switch (op) {
case MASTER_KEY:
entry.attributes |= KRB5_KDB_DISALLOW_ALL_TIX;
- if (retval = krb5_kdb_encrypt_key(pblock->eblock,
- &master_keyblock,
- &ekey))
+ if (retval = krb5_kdb_encrypt_key(context, pblock->eblock,
+ &master_keyblock, &ekey))
return retval;
break;
case RANDOM_KEY:
- if (retval = krb5_random_key(pblock->eblock, pblock->rseed, &rkey))
+ if (retval = krb5_random_key(context, pblock->eblock,
+ pblock->rseed, &rkey))
return retval;
- retval = krb5_kdb_encrypt_key(pblock->eblock, rkey, &ekey);
- krb5_free_keyblock(rkey);
+ retval = krb5_kdb_encrypt_key(context, pblock->eblock, rkey, &ekey);
+ krb5_free_keyblock(context, rkey);
if (retval)
return retval;
break;
entry.salt_length = 0;
entry.salt = 0;
- if (retval = krb5_db_put_principal(&entry, &nentries))
+ if (retval = krb5_db_put_principal(context, &entry, &nentries))
return retval;
krb5_xfree(ekey.contents);
int exit_status = 0;
+krb5_context edit_context;
+
static void
usage(who, status)
-char *who;
-int status;
+ char *who;
+ int status;
{
fprintf(stderr,
"usage: %s [-d dbpathname] [-r realmname] [-R request ]\n",
extern krb5_kt_ops krb5_ktf_writable_ops;
char *request = NULL;
- krb5_init_ets();
+ krb5_init_context(&edit_context);
+ krb5_init_ets(edit_context);
if (strrchr(argv[0], '/'))
argv[0] = strrchr(argv[0], '/')+1;
interface will have umask = 77 but that is not a serious problem. */
(void) umask(077);
- if (retval = krb5_kt_register(&krb5_ktf_writable_ops)) {
+ if (retval = krb5_kt_register(edit_context, &krb5_ktf_writable_ops)) {
com_err(progname, retval,
"while registering writable key table functions");
exit(1);
"while setting up etype %d", etype);
exit(1);
}
- krb5_use_cstype(&master_encblock, etype);
+ krb5_use_cstype(edit_context, &master_encblock, etype);
if (!cur_realm) {
- if (retval = krb5_get_default_realm(&defrealm)) {
+ if (retval = krb5_get_default_realm(edit_context, &defrealm)) {
com_err(progname, retval, "while retrieving default realm name");
exit(1);
}
krb5_kvno
princ_exists(pname, principal)
-char *pname;
-krb5_principal principal;
+ char *pname;
+ krb5_principal principal;
{
int nprincs = 1;
krb5_db_entry entry;
krb5_error_code retval;
krb5_kvno vno;
- if (retval = krb5_db_get_principal(principal, &entry, &nprincs, &more)) {
- com_err(pname, retval, "while attempting to verify principal's existence");
+ if (retval = krb5_db_get_principal(edit_context, principal, &entry,
+ &nprincs, &more)) {
+ com_err(pname, retval,
+ "while attempting to verify principal's existence");
exit_status++;
return 0;
}
if (!nprincs)
return NO_PRINC;
vno = entry.kvno;
- krb5_db_free_principal(&entry, nprincs);
+ krb5_db_free_principal(edit_context, &entry, nprincs);
return(vno);
}
-int create_db_entry(principal, newentry)
+int create_db_entry( principal, newentry)
krb5_principal principal;
krb5_db_entry *newentry;
{
memset(newentry, 0, sizeof(krb5_db_entry));
- if (retval = krb5_copy_principal(principal, &newentry->principal))
+ if (retval = krb5_copy_principal(edit_context, principal, &newentry->principal))
return retval;
newentry->kvno = 1;
newentry->max_life = mblock.max_life;
newentry->max_renewable_life = mblock.max_rlife;
newentry->mkvno = mblock.mkvno;
newentry->expiration = mblock.expiration;
- if (retval = krb5_copy_principal(master_princ, &newentry->mod_name))
+ if (retval = krb5_copy_principal(edit_context, master_princ,&newentry->mod_name))
goto errout;
newentry->attributes = mblock.flags;
newentry->salt_type = KRB5_KDB_SALTTYPE_NORMAL;
- if (retval = krb5_timeofday(&newentry->mod_date))
+ if (retval = krb5_timeofday(edit_context, &newentry->mod_date))
goto errout;
return 0;
errout:
if (newentry->principal)
- krb5_free_principal(newentry->principal);
+ krb5_free_principal(edit_context, newentry->principal);
memset(newentry, 0, sizeof(krb5_db_entry));
return retval;
}
void
-add_key(DECLARG(char const *, cmdname),
- DECLARG(char const *, newprinc),
- DECLARG(krb5_const_principal, principal),
- DECLARG(const krb5_keyblock *, key),
- DECLARG(krb5_kvno, vno),
- DECLARG(struct saltblock *, salt))
-OLDDECLARG(char const *, cmdname)
-OLDDECLARG(char const *, newprinc)
-OLDDECLARG(krb5_const_principal, principal)
-OLDDECLARG(const krb5_keyblock *, key)
-OLDDECLARG(krb5_kvno, vno)
-OLDDECLARG(struct saltblock *, salt)
+add_key(cmdname, newprinc, principal, key, vno, salt)
+ char const * cmdname;
+ char const * newprinc;
+ krb5_const_principal principal;
+ const krb5_keyblock * key;
+ krb5_kvno vno;
+ struct saltblock * salt;
{
krb5_error_code retval;
krb5_db_entry newentry;
int one = 1;
memset((char *) &newentry, 0, sizeof(newentry));
- retval = krb5_kdb_encrypt_key(&master_encblock,
+ retval = krb5_kdb_encrypt_key(edit_context, &master_encblock,
key,
&newentry.key);
if (retval) {
newentry.mkvno = mblock.mkvno;
newentry.expiration = mblock.expiration;
newentry.mod_name = master_princ;
- if (retval = krb5_timeofday(&newentry.mod_date)) {
+ if (retval = krb5_timeofday(edit_context, &newentry.mod_date)) {
com_err(cmdname, retval, "while fetching date");
exit_status++;
memset((char *)newentry.key.contents, 0, newentry.key.length);
newentry.salt = 0;
}
- retval = krb5_db_put_principal(&newentry, &one);
+ retval = krb5_db_put_principal(edit_context, &newentry, &one);
memset((char *)newentry.key.contents, 0, newentry.key.length);
krb5_xfree(newentry.key.contents);
if (retval) {
void
set_dbname(argc, argv)
-int argc;
-char *argv[];
+ int argc;
+ char *argv[];
{
krb5_error_code retval;
return;
}
if (dbactive) {
- if ((retval = krb5_db_fini()) && retval != KRB5_KDB_DBNOTINITED) {
+ if ((retval = krb5_db_fini(edit_context)) && retval!= KRB5_KDB_DBNOTINITED) {
com_err(argv[0], retval, "while closing previous database");
exit_status++;
return;
}
if (valid_master_key) {
- (void) krb5_finish_key(&master_encblock);
- (void) krb5_finish_random_key(&master_encblock,
+ (void) krb5_finish_key(edit_context, &master_encblock);
+ (void) krb5_finish_random_key(edit_context, &master_encblock,
&master_random);
memset((char *)master_keyblock.contents, 0,
master_keyblock.length);
master_keyblock.contents = NULL;
valid_master_key = 0;
}
- krb5_free_principal(master_princ);
+ krb5_free_principal(edit_context, master_princ);
dbactive = FALSE;
}
if (cur_realm)
int
set_dbname_help(pname, dbname)
-char *pname;
-char *dbname;
+ char *pname;
+ char *dbname;
{
krb5_error_code retval;
int nentries;
exit(1);
}
strcpy(current_dbname, dbname);
- if (retval = krb5_db_set_name(current_dbname)) {
+ if (retval = krb5_db_set_name(edit_context, current_dbname)) {
com_err(pname, retval, "while setting active database to '%s'",
dbname);
exit_status++;
return(1);
}
- if (retval = krb5_db_init()) {
+ if (retval = krb5_db_init(edit_context)) {
com_err(pname, retval, "while initializing database");
exit_status++;
return(1);
/* assemble & parse the master key name */
- if (retval = krb5_db_setup_mkey_name(mkey_name, cur_realm, 0,
+ if (retval = krb5_db_setup_mkey_name(edit_context, mkey_name, cur_realm, 0,
&master_princ)) {
com_err(pname, retval, "while setting up master key name");
exit_status++;
return(1);
}
nentries = 1;
- if (retval = krb5_db_get_principal(master_princ, &master_entry, &nentries,
- &more)) {
+ if (retval = krb5_db_get_principal(edit_context, master_princ, &master_entry,
+ &nentries, &more)) {
com_err(pname, retval, "while retrieving master entry");
exit_status++;
- (void) krb5_db_fini();
+ (void) krb5_db_fini(edit_context);
return(1);
} else if (more) {
com_err(pname, KRB5KDC_ERR_PRINCIPAL_NOT_UNIQUE,
"while retrieving master entry");
exit_status++;
- (void) krb5_db_fini();
+ (void) krb5_db_fini(edit_context);
return(1);
} else if (!nentries) {
com_err(pname, KRB5_KDB_NOENTRY, "while retrieving master entry");
exit_status++;
- (void) krb5_db_fini();
+ (void) krb5_db_fini(edit_context);
return(1);
}
mblock.max_life = master_entry.max_life;
/* don't set flags, master has some extra restrictions */
mblock.mkvno = master_entry.kvno;
- krb5_db_free_principal(&master_entry, nentries);
+ krb5_db_free_principal(edit_context, &master_entry, nentries);
if (mkey_password) {
pwd.data = mkey_password;
pwd.length = strlen(mkey_password);
- retval = krb5_principal2salt(master_princ, &scratch);
+ retval = krb5_principal2salt(edit_context, master_princ, &scratch);
if (retval) {
com_err(pname, retval, "while calculated master key salt");
return(1);
}
- retval = krb5_string_to_key(&master_encblock, master_keyblock.keytype,
+ retval = krb5_string_to_key(edit_context, &master_encblock,
+ master_keyblock.keytype,
&master_keyblock, &pwd, &scratch);
if (retval) {
com_err(pname, retval,
}
free(scratch.data);
mkey_password = 0;
- } else if (retval = krb5_db_fetch_mkey(master_princ, &master_encblock,
- manual_mkey, FALSE, 0,
- &master_keyblock)) {
+ } else if (retval = krb5_db_fetch_mkey(edit_context, master_princ,
+ &master_encblock, manual_mkey,
+ FALSE, 0, &master_keyblock)) {
com_err(pname, retval, "while reading master key");
com_err(pname, 0, "Warning: proceeding without master key");
exit_status++;
return(0);
}
valid_master_key = 1;
- if (retval = krb5_db_verify_master_key(master_princ, &master_keyblock,
- &master_encblock)) {
+ if (retval = krb5_db_verify_master_key(edit_context, master_princ,
+ &master_keyblock,&master_encblock)) {
com_err(pname, retval, "while verifying master key");
exit_status++;
memset((char *)master_keyblock.contents, 0, master_keyblock.length);
dbactive = TRUE;
return(1);
}
- if (retval = krb5_process_key(&master_encblock,
+ if (retval = krb5_process_key(edit_context, &master_encblock,
&master_keyblock)) {
com_err(pname, retval, "while processing master key");
exit_status++;
dbactive = TRUE;
return(1);
}
- if (retval = krb5_init_random_key(&master_encblock,
+ if (retval = krb5_init_random_key(edit_context, &master_encblock,
&master_keyblock,
&master_random)) {
com_err(pname, retval, "while initializing random key generator");
exit_status++;
- (void) krb5_finish_key(&master_encblock);
+ (void) krb5_finish_key(edit_context, &master_encblock);
memset((char *)master_keyblock.contents, 0, master_keyblock.length);
krb5_xfree(master_keyblock.contents);
valid_master_key = 0;
}
void enter_master_key(argc, argv)
- int argc;
- char *argv[];
+ int argc;
+ char *argv[];
{
char *pname = argv[0];
krb5_error_code retval;
return;
}
if (valid_master_key) {
- (void) krb5_finish_key(&master_encblock);
- (void) krb5_finish_random_key(&master_encblock,
+ (void) krb5_finish_key(edit_context, &master_encblock);
+ (void) krb5_finish_random_key(edit_context, &master_encblock,
&master_random);
memset((char *)master_keyblock.contents, 0,
master_keyblock.length);
krb5_xfree(master_keyblock.contents);
master_keyblock.contents = NULL;
}
- if (retval = krb5_db_fetch_mkey(master_princ, &master_encblock,
+ if (retval = krb5_db_fetch_mkey(edit_context, master_princ, &master_encblock,
TRUE, FALSE, 0, &master_keyblock)) {
com_err(pname, retval, "while reading master key");
exit_status++;
return;
}
- if (retval = krb5_db_verify_master_key(master_princ, &master_keyblock,
+ if (retval = krb5_db_verify_master_key(edit_context, master_princ,
+ &master_keyblock,
&master_encblock)) {
com_err(pname, retval, "while verifying master key");
exit_status++;
return;
}
- if (retval = krb5_process_key(&master_encblock,
+ if (retval = krb5_process_key(edit_context, &master_encblock,
&master_keyblock)) {
com_err(pname, retval, "while processing master key");
exit_status++;
return;
}
- if (retval = krb5_init_random_key(&master_encblock,
+ if (retval = krb5_init_random_key(edit_context, &master_encblock,
&master_keyblock,
&master_random)) {
com_err(pname, retval, "while initializing random key generator");
exit_status++;
- (void) krb5_finish_key(&master_encblock);
+ (void) krb5_finish_key(edit_context, &master_encblock);
return;
}
valid_master_key = 1;
strcat(ktname, argv[1]);
strcat(ktname, "-new-srvtab");
- if (retval = krb5_kt_resolve(ktname, &ktid)) {
+ if (retval = krb5_kt_resolve(edit_context, ktname, &ktid)) {
com_err(argv[0], retval, "while resolving keytab name '%s'", ktname);
exit_status++;
return;
strcat(pname, cur_realm);
}
- if (retval = krb5_parse_name(pname, &princ)) {
+ if (retval = krb5_parse_name(edit_context, pname, &princ)) {
com_err(argv[0], retval, "while parsing %s", pname);
exit_status++;
free(pname);
continue;
}
nentries = 1;
- if (retval = krb5_db_get_principal(princ, &dbentry, &nentries,
+ if (retval = krb5_db_get_principal(edit_context, princ, &dbentry, &nentries,
&more)) {
com_err(argv[0], retval, "while retrieving %s", pname);
exit_status++;
"while retrieving %s", pname);
exit_status++;
if (nentries)
- krb5_db_free_principal(&dbentry, nentries);
+ krb5_db_free_principal(edit_context, &dbentry, nentries);
goto cleanmost;
} else if (!nentries) {
com_err(argv[0], KRB5_KDB_NOENTRY, "while retrieving %s", pname);
exit_status++;
goto cleanmost;
}
- if (retval = krb5_kdb_decrypt_key(&master_encblock,
+ if (retval = krb5_kdb_decrypt_key(edit_context, &master_encblock,
&dbentry.key,
&newentry.key)) {
com_err(argv[0], retval, "while decrypting key for '%s'", pname);
}
newentry.principal = princ;
newentry.vno = dbentry.kvno;
- if (retval = krb5_kt_add_entry(ktid, &newentry)) {
+ if (retval = krb5_kt_add_entry(edit_context, ktid, &newentry)) {
com_err(argv[0], retval, "while adding key to keytab '%s'",
ktname);
exit_status++;
memset((char *)newentry.key.contents, 0, newentry.key.length);
krb5_xfree(newentry.key.contents);
cleanall:
- krb5_db_free_principal(&dbentry, nentries);
+ krb5_db_free_principal(edit_context, &dbentry, nentries);
cleanmost:
free(pname);
- krb5_free_principal(princ);
+ krb5_free_principal(edit_context, princ);
}
- if (retval = krb5_kt_close(ktid)) {
+ if (retval = krb5_kt_close(edit_context, ktid)) {
com_err(argv[0], retval, "while closing keytab");
exit_status++;
}
strcat(pname, cur_realm);
}
- if (retval = krb5_parse_name(pname, &princ)) {
+ if (retval = krb5_parse_name(edit_context, pname, &princ)) {
com_err(argv[0], retval, "while parsing %s", pname);
exit_status++;
free(pname);
continue;
}
nentries = 1;
- if (retval = krb5_db_get_principal(princ, &dbentry, &nentries,
+ if (retval = krb5_db_get_principal(edit_context, princ, &dbentry, &nentries,
&more)) {
com_err(argv[0], retval, "while retrieving %s", pname);
exit_status++;
"while retrieving %s", pname);
exit_status++;
if (nentries)
- krb5_db_free_principal(&dbentry, nentries);
+ krb5_db_free_principal(edit_context, &dbentry, nentries);
goto cleanmost;
} else if (!nentries) {
com_err(argv[0], KRB5_KDB_NOENTRY, "while retrieving %s", pname);
exit_status++;
goto cleanmost;
}
- if (retval = krb5_kdb_decrypt_key(&master_encblock,
+ if (retval = krb5_kdb_decrypt_key(edit_context, &master_encblock,
&dbentry.key,
&key)) {
com_err(argv[0], retval, "while decrypting key for '%s'", pname);
memset((char *)key.contents, 0, key.length);
krb5_xfree(key.contents);
cleanall:
- krb5_db_free_principal(&dbentry, nentries);
+ krb5_db_free_principal(edit_context, &dbentry, nentries);
cleanmost:
free(pname);
- krb5_free_principal(princ);
+ krb5_free_principal(edit_context, princ);
}
fclose(fout);
return;
int
check_print(chk_entry)
-krb5_db_entry *chk_entry;
+ krb5_db_entry *chk_entry;
{
int names = 0;
int instances = 1;
return(check_for_match(search_name, must_be_first[0], chk_entry,
num_name_tokens, names));
- if ((krb5_princ_size(chk_entry->principal) > 1) &&
+ if ((krb5_princ_size(edit_context, chk_entry->principal) > 1) &&
(num_name_tokens == 0) &&
(num_instance_tokens > 0))
return(check_for_match(search_instance, must_be_first[1], chk_entry,
num_instance_tokens, instances));
- if ((krb5_princ_size(chk_entry->principal) > 1) &&
+ if ((krb5_princ_size(edit_context, chk_entry->principal) > 1) &&
(num_name_tokens > 0) &&
(num_instance_tokens > 0)) {
check1 = check_for_match(search_name, must_be_first[0], chk_entry,
krb5_error_code
list_iterator(ptr, entry)
-krb5_pointer ptr;
-krb5_db_entry *entry;
+ krb5_pointer ptr;
+ krb5_db_entry *entry;
{
krb5_error_code retval;
struct list_iterator_struct *lis = (struct list_iterator_struct *)ptr;
char *name;
- if (retval = krb5_unparse_name(entry->principal, &name)) {
+ if (retval = krb5_unparse_name(edit_context, entry->principal, &name)) {
com_err(lis->cmdname, retval, "while unparsing principal");
exit_status++;
return retval;
parse_token(argbuf, &must_be_first[0],
&num_name_tokens, search_name);
}
- (void) krb5_db_iterate(list_iterator, argv[0]);
+ (void) krb5_db_iterate(edit_context, list_iterator, argv[0]);
}
void delete_entry(argc, argv)
exit_status++;
return;
}
- if (retval = krb5_parse_name(argv[1], &newprinc)) {
+ if (retval = krb5_parse_name(edit_context, argv[1], &newprinc)) {
com_err(argv[0], retval, "while parsing '%s'", argv[1]);
exit_status++;
return;
if (princ_exists(argv[0], newprinc) == NO_PRINC) {
com_err(argv[0], 0, "principal '%s' is not in the database", argv[1]);
exit_status++;
- krb5_free_principal(newprinc);
+ krb5_free_principal(edit_context, newprinc);
return;
}
printf("Are you sure you want to delete '%s'?\nType 'yes' to confirm:",
if ((fgets(yesno, sizeof(yesno), stdin) == NULL) ||
strcmp(yesno, "yes\n")) {
printf("NOT removing '%s'\n", argv[1]);
- krb5_free_principal(newprinc);
+ krb5_free_principal(edit_context, newprinc);
return;
}
printf("OK, deleting '%s'\n", argv[1]);
- if (retval = krb5_db_delete_principal(newprinc, &one)) {
+ if (retval = krb5_db_delete_principal(edit_context, newprinc, &one)) {
com_err(argv[0], retval, "while deleting '%s'", argv[1]);
exit_status++;
} else if (one != 1) {
printf("\007\007\007WARNING: Be sure to take '%s' off all access control lists\n\tbefore reallocating the name\n", argv[1]);
#endif
- krb5_free_principal(newprinc);
+ krb5_free_principal(edit_context, newprinc);
return;
}
exit_status++;
return;
}
- if (retval = krb5_parse_name(argv[1], &newprinc)) {
+ if (retval = krb5_parse_name(edit_context, argv[1], &newprinc)) {
com_err(argv[0], retval, "while parsing '%s'", argv[1]);
exit_status++;
return;
}
- if (retval = krb5_db_get_principal(newprinc, &entry, &nprincs, &more)) {
+ if (retval = krb5_db_get_principal(edit_context, newprinc, &entry,
+ &nprincs, &more)) {
com_err(argv[0], retval, "while trying to get principal's database entry");
exit_status++;
return;
nprincs = 1;
}
- if (retval = krb5_random_key(&master_encblock, master_random, &tempkey)) {
+ if (retval = krb5_random_key(edit_context, &master_encblock,
+ master_random, &tempkey)) {
com_err(argv[0], retval, "while generating random key");
exit_status++;
return;
entry.salt_type = entry.alt_salt_type = 0;
entry.salt_length = entry.alt_salt_length = 0;
- retval = krb5_kdb_encrypt_key(&master_encblock, tempkey, &entry.key);
- krb5_free_keyblock(tempkey);
+ retval = krb5_kdb_encrypt_key(edit_context, &master_encblock,
+ tempkey, &entry.key);
+ krb5_free_keyblock(edit_context, tempkey);
if (retval) {
com_err(argv[0], retval, "while encrypting key for '%s'", argv[1]);
exit_status++;
goto errout;
}
- if (retval = krb5_db_put_principal(&entry, &nprincs)) {
+ if (retval = krb5_db_put_principal(edit_context, &entry, &nprincs)) {
com_err(argv[0], retval, "while storing entry for '%s'\n", argv[1]);
exit_status++;
goto errout;
}
errout:
- krb5_free_principal(newprinc);
+ krb5_free_principal(edit_context, newprinc);
if (nprincs)
- krb5_db_free_principal(&entry, nprincs);
+ krb5_db_free_principal(edit_context, &entry, nprincs);
return;
}
exit_status++;
return;
}
- if (retval = krb5_parse_name(argv[1], &newprinc)) {
+ if (retval = krb5_parse_name(edit_context, argv[1], &newprinc)) {
com_err(cmdname, retval, "while parsing '%s'", argv[1]);
exit_status++;
return;
if (princ_exists(cmdname, newprinc) != NO_PRINC) {
com_err(cmdname, 0, "principal '%s' already exists", argv[1]);
exit_status++;
- krb5_free_principal(newprinc);
+ krb5_free_principal(edit_context, newprinc);
return;
}
enter_pwd_key(cmdname, argv[1], newprinc, newprinc, 0, salttype);
- krb5_free_principal(newprinc);
+ krb5_free_principal(edit_context, newprinc);
return;
}
exit_status++;
return;
}
- if (retval = krb5_parse_name(argv[1], &newprinc)) {
+ if (retval = krb5_parse_name(edit_context, argv[1], &newprinc)) {
com_err(argv[0], retval, "while parsing '%s'", argv[1]);
exit_status++;
return;
if (princ_exists(argv[0], newprinc) != NO_PRINC) {
com_err(argv[0], 0, "principal '%s' already exists", argv[1]);
exit_status++;
- krb5_free_principal(newprinc);
+ krb5_free_principal(edit_context, newprinc);
return;
}
enter_pwd_key(argv[0], argv[1], newprinc, newprinc, 0,
KRB5_KDB_SALTTYPE_V4);
- krb5_free_principal(newprinc);
+ krb5_free_principal(edit_context, newprinc);
return;
}
exit_status++;
return;
}
- if (retval = krb5_parse_name(argv[1], &newprinc)) {
+ if (retval = krb5_parse_name(edit_context, argv[1], &newprinc)) {
com_err(cmdname, retval, "while parsing '%s'", argv[1]);
exit_status++;
return;
if ((vno = princ_exists(argv[0], newprinc)) == NO_PRINC) {
com_err(cmdname, 0, "No principal '%s' exists!", argv[1]);
exit_status++;
- krb5_free_principal(newprinc);
+ krb5_free_principal(edit_context, newprinc);
return;
}
enter_pwd_key(cmdname, argv[1], newprinc, newprinc, vno, salttype);
- krb5_free_principal(newprinc);
+ krb5_free_principal(edit_context, newprinc);
return;
}
exit_status++;
return;
}
- if (retval = krb5_parse_name(argv[1], &newprinc)) {
+ if (retval = krb5_parse_name(edit_context, argv[1], &newprinc)) {
com_err(argv[0], retval, "while parsing '%s'", argv[1]);
exit_status++;
return;
if ((vno = princ_exists(argv[0], newprinc)) == NO_PRINC) {
com_err(argv[0], 0, "No principal '%s' exists!", argv[1]);
exit_status++;
- krb5_free_principal(newprinc);
+ krb5_free_principal(edit_context, newprinc);
return;
}
enter_pwd_key(argv[0], argv[1], newprinc, newprinc, vno,
KRB5_KDB_SALTTYPE_V4);
- krb5_free_principal(newprinc);
+ krb5_free_principal(edit_context, newprinc);
return;
}
void
-enter_pwd_key(DECLARG(char *, cmdname),
- DECLARG(char *, newprinc),
- DECLARG(krb5_const_principal, princ),
- DECLARG(krb5_const_principal, string_princ),
- DECLARG(krb5_kvno, vno),
- DECLARG(int, salttype))
-OLDDECLARG(char *, cmdname)
-OLDDECLARG(char *, newprinc)
-OLDDECLARG(krb5_const_principal, princ)
-OLDDECLARG(krb5_const_principal, string_princ)
-OLDDECLARG(krb5_kvno, vno)
-OLDDECLARG(int, salttype)
+enter_pwd_key(cmdname, newprinc, princ, string_princ, vno, salttype)
+ char * cmdname;
+ char * newprinc;
+ krb5_const_principal princ;
+ krb5_const_principal string_princ;
+ krb5_kvno vno;
+ int salttype;
{
krb5_error_code retval;
char password[BUFSIZ];
krb5_data pwd;
struct saltblock salt;
- if (retval = krb5_read_password(krb5_default_pwd_prompt1,
+ if (retval = krb5_read_password(edit_context, krb5_default_pwd_prompt1,
krb5_default_pwd_prompt2,
password, &pwsize)) {
com_err(cmdname, retval, "while reading password for '%s'", newprinc);
switch (salttype) {
case KRB5_KDB_SALTTYPE_NORMAL:
- if (retval = krb5_principal2salt(string_princ, &salt.saltdata)) {
+ if (retval = krb5_principal2salt(edit_context,string_princ,&salt.saltdata)) {
com_err(cmdname, retval,
"while converting principal to salt for '%s'", newprinc);
exit_status++;
salt.saltdata.length = 0;
break;
case KRB5_KDB_SALTTYPE_NOREALM:
- if (retval = krb5_principal2salt_norealm(string_princ,
+ if (retval = krb5_principal2salt_norealm(edit_context, string_princ,
&salt.saltdata)) {
com_err(cmdname, retval,
"while converting principal to salt for '%s'", newprinc);
case KRB5_KDB_SALTTYPE_ONLYREALM:
{
krb5_data *foo;
- if (retval = krb5_copy_data(krb5_princ_realm(string_princ),
+ if (retval = krb5_copy_data(edit_context,
+ krb5_princ_realm(edit_context, string_princ),
&foo)) {
com_err(cmdname, retval,
"while converting principal to salt for '%s'", newprinc);
exit_status++;
return;
}
- retval = krb5_string_to_key(&master_encblock, master_keyblock.keytype,
- &tempkey,
- &pwd,
- &salt.saltdata);
+ retval = krb5_string_to_key(edit_context, &master_encblock,
+ master_keyblock.keytype, &tempkey,
+ &pwd, &salt.saltdata);
memset(password, 0, sizeof(password)); /* erase it */
if (retval) {
com_err(cmdname, retval, "while converting password to key for '%s'",
exit_status++;
return;
}
- if (retval = krb5_parse_name(argv[1], &princ)) {
+ if (retval = krb5_parse_name(edit_context, argv[1], &princ)) {
com_err(argv[0], retval, "while parsing '%s'", argv[1]);
exit_status++;
return;
}
- if (retval = krb5_db_get_principal(princ, &entry, &nprincs, &more)) {
- com_err(argv[0], retval, "while trying to get principal's database entry");
+ if (retval = krb5_db_get_principal(edit_context,princ,&entry,&nprincs,&more)) {
+ com_err(argv[0], retval,
+ "while trying to get principal's database entry");
exit_status++;
goto errout;
}
goto errout;
}
- if (retval = krb5_unparse_name(entry.principal, &pr_name)) {
+ if (retval = krb5_unparse_name(edit_context, entry.principal, &pr_name)) {
com_err(argv[0], retval, "while unparsing principal");
exit_status++;
goto errout;
}
- if (retval = krb5_unparse_name(entry.mod_name, &pr_mod)) {
+ if (retval = krb5_unparse_name(edit_context, entry.mod_name, &pr_mod)) {
com_err(argv[0], retval, "while unparsing 'modified by' principal");
exit_status++;
goto errout;
}
errout:
- krb5_free_principal(princ);
+ krb5_free_principal(edit_context, princ);
if (nprincs)
- krb5_db_free_principal(&entry, nprincs);
+ krb5_db_free_principal(edit_context, &entry, nprincs);
}
void change_working_dir(argc, argv)
#undef getwd
#endif
-int quit()
+int
+quit()
{
krb5_error_code retval;
static krb5_boolean finished = 0;
if (finished)
return 0;
if (valid_master_key) {
- (void) krb5_finish_key(&master_encblock);
- (void) krb5_finish_random_key(&master_encblock, &master_random);
+ (void) krb5_finish_key(edit_context, &master_encblock);
+ (void) krb5_finish_random_key(edit_context, &master_encblock,
+ &master_random);
}
- retval = krb5_db_fini();
+ retval = krb5_db_fini(edit_context);
memset((char *)master_keyblock.contents, 0, master_keyblock.length);
finished = TRUE;
if (retval && retval != KRB5_KDB_DBNOTINITED) {
projects / krb5.git / commitdiff