From 33e34488cae8e4569fddef55aeb00fcf5644bcdc Mon Sep 17 00:00:00 2001 From: Tom Yu Date: Tue, 17 Oct 2000 03:14:56 +0000 Subject: [PATCH] * kdb5_util.M: Update manpage * kdb5_util.c (usage): Update usage message. * dumpv4.c (dump_v4_iterator): Add logic to deal with long lifetimes, as well as optionally using short lifetimes. * loadv4.c (load_v4db): Add logic to deal with long lifetimes, as well as optionally using short lifetimes. * kadm5_create.c (kadm5_create_magic_princs): Add calls to krb5_klog_init() and krb5_klog_close() to avoid coredumping if kadm5_init() calls krb5_klog_syslog(). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12763 dc483132-0cff-0310-8789-dd5450dbe970 --- src/kadmin/dbutil/ChangeLog | 16 +++++++++++++ src/kadmin/dbutil/dumpv4.c | 39 +++++++++++++++++++++++--------- src/kadmin/dbutil/kadm5_create.c | 5 ++++ src/kadmin/dbutil/kdb5_util.M | 8 +++++-- src/kadmin/dbutil/kdb5_util.c | 4 ++-- src/kadmin/dbutil/loadv4.c | 12 +++++++++- 6 files changed, 68 insertions(+), 16 deletions(-) diff --git a/src/kadmin/dbutil/ChangeLog b/src/kadmin/dbutil/ChangeLog index b35559db1..7626dec09 100644 --- a/src/kadmin/dbutil/ChangeLog +++ b/src/kadmin/dbutil/ChangeLog @@ -1,3 +1,19 @@ +2000-10-16 Tom Yu + + * kdb5_util.M: Update manpage. + + * kdb5_util.c (usage): Update usage message. + + * dumpv4.c (dump_v4_iterator): Add logic to deal with long + lifetimes, as well as optionally using short lifetimes. + + * loadv4.c (load_v4db): Add logic to deal with long lifetimes, as + well as optionally using short lifetimes. + + * kadm5_create.c (kadm5_create_magic_princs): Add calls to + krb5_klog_init() and krb5_klog_close() to avoid coredumping if + kadm5_init() calls krb5_klog_syslog(). + 2000-07-05 Ken Raeburn * dump.c: Various message char arrays turned into macros, to diff --git a/src/kadmin/dbutil/dumpv4.c b/src/kadmin/dbutil/dumpv4.c index 84a505dc9..2343987b1 100644 --- a/src/kadmin/dbutil/dumpv4.c +++ b/src/kadmin/dbutil/dumpv4.c @@ -94,6 +94,7 @@ void update_ok_file(); #define INST_SZ 40 static char *v4_mkeyfile = "/.k"; +static int shortlife; static int v4init(arg, manual) @@ -241,8 +242,14 @@ dump_v4_iterator(ptr, entry) found_one:; principal->key_version = max_kvno; - if ((principal->max_life = entry->max_life / (60 * 5)) > 255) - principal->max_life = 255; + if (!shortlife) + principal->max_life = krb_time_to_life(0, entry->max_life); + else { + principal->max_life = entry->max_life / (60 * 5); + if (principal->max_life > 255) + principal->max_life = 255; + } + principal->kdc_key_ver = arg->master_key_version; principal->attributes = 0; /* ??? not preserved either */ @@ -282,11 +289,20 @@ void dump_v4db(argc, argv) int argc; char **argv; { + int i; + char *outname = NULL; FILE *f; struct dump_record arg; - - if (argc > 2) { - com_err(argv[0], 0, "Usage: %s filename", argv[0]); + + for (i = 1; i < argc; i++) { + if (!strcmp(argv[i], "-S")) { + shortlife++; + continue; + } + break; + } + if (argc - i > 1) { + com_err(argv[0], 0, "Usage: %s [-S] filename", argv[0]); exit_status++; return; } @@ -295,7 +311,8 @@ void dump_v4db(argc, argv) exit_status++; return; } - if (argc == 2) { + if (argc - i == 1) { + outname = argv[i]; /* * Make sure that we don't open and truncate on the fopen, * since that may hose an on-going kprop process. @@ -306,10 +323,10 @@ void dump_v4db(argc, argv) * but that would involve more OS dependancies than I * want to get into. */ - unlink(argv[1]); - if (!(f = fopen(argv[1], "w"))) { + unlink(outname); + if (!(f = fopen(outname, "w"))) { com_err(argv[0], errno, - "While opening file %s for writing", argv[1]); + "While opening file %s for writing", outname); exit_status++; return; } @@ -363,8 +380,8 @@ void dump_v4db(argc, argv) (krb5_pointer) &arg); if (argc == 2) fclose(f); - if (argv[1]) - update_ok_file(argv[1]); + if (outname) + update_ok_file(outname); } int handle_keys(arg) diff --git a/src/kadmin/dbutil/kadm5_create.c b/src/kadmin/dbutil/kadm5_create.c index 9cedf30c4..9a67ea445 100644 --- a/src/kadmin/dbutil/kadm5_create.c +++ b/src/kadmin/dbutil/kadm5_create.c @@ -112,6 +112,9 @@ int kadm5_create_magic_princs(kadm5_config_params *params, int retval; void *handle; + retval = krb5_klog_init(context, "admin_server", progname, 0); + if (retval) + return retval; if ((retval = kadm5_init(progname, NULL, NULL, params, KADM5_STRUCT_VERSION, KADM5_API_VERSION_2, @@ -124,6 +127,8 @@ int kadm5_create_magic_princs(kadm5_config_params *params, kadm5_destroy(handle); + krb5_klog_close(context); + return retval; } diff --git a/src/kadmin/dbutil/kdb5_util.M b/src/kadmin/dbutil/kdb5_util.M index 829e55af8..c0965370f 100644 --- a/src/kadmin/dbutil/kdb5_util.M +++ b/src/kadmin/dbutil/kdb5_util.M @@ -156,10 +156,11 @@ is optional and is derived from if not specified. .RE .TP -\fBdump_v4\fP [\fIfilename\fP] +\fBdump_v4\fP [\fB\-S\fP] [\fIfilename\fP] Dumps the current database into the Kerberos 4 database dump format. +The \-S option specifies the short lifetime algorithm. .TP -\fBload_v4\fP [\fB\-t\fP] [\fB-n\fP] [\fB\-K\fP] [\fB-s \fIstashfile\fP] \fIinputfile\fP +\fBload_v4\fP [\fB\-S\fP] [\fB\-t\fP] [\fB-n\fP] [\fB\-K\fP] [\fB-s \fIstashfile\fP] \fIinputfile\fP Loads a Kerberos 4 database dump file. Options: .RS .TP @@ -183,6 +184,9 @@ lists each principal as it is converted or ignored. .B \-t uses a temporary database, then moves that into place, instead of adding the keys to the current database. +.TP +.B \-S +Uses the short lifetime algorithm for conversion. .PP Note: if the Kerberos 4 database had a default expiration date of 12/31/1999 or 12/31/2009 (the compiled in defaults for older or newer Kerberos diff --git a/src/kadmin/dbutil/kdb5_util.c b/src/kadmin/dbutil/kdb5_util.c index 92b1c2139..7803e8664 100644 --- a/src/kadmin/dbutil/kdb5_util.c +++ b/src/kadmin/dbutil/kdb5_util.c @@ -88,8 +88,8 @@ usage() "\tstash [-f keyfile]\n" "\tdump [-old] [-ov] [-b6] [-verbose] [filename [princs...]]\n" "\tload [-old] [-ov] [-b6] [-verbose] [-update] filename\n" - "\tdump_v4 [filename]\n" - "\tload_v4 [-t] [-n] [-v] [-K] [-s stashfile] inputfile\n" + "\tdump_v4 [-S] [filename]\n" + "\tload_v4 [-S] [-t] [-n] [-v] [-K] [-s stashfile] inputfile\n" "\tark [-e etype_list] principal\n"); exit(1); } diff --git a/src/kadmin/dbutil/loadv4.c b/src/kadmin/dbutil/loadv4.c index fb9c2e186..7746a661e 100644 --- a/src/kadmin/dbutil/loadv4.c +++ b/src/kadmin/dbutil/loadv4.c @@ -101,6 +101,8 @@ static struct realm_info rblock = { /* XXX */ static int verbose = 0; +static int shortlife = 0; + static krb5_error_code add_principal PROTOTYPE((krb5_context, krb5_principal, @@ -201,6 +203,9 @@ char *argv[]; } else if (!strcmp(argv[op_ind], "-n")) { v4manual++; + } + else if (!strcmp(argv[op_ind], "-S")) { + shortlife++; } else if (!strcmp(argv[op_ind], "-s")) { if ((argc - op_ind) >= 1) { @@ -525,7 +530,12 @@ Principal *princ; } mod_time = princ->mod_date; - entry.max_life = princ->max_life * 60 * 5; + if (!shortlife) { + entry.max_life = krb_life_to_time(0, princ->max_life); + if (entry.max_life == KRB_NEVERDATE) + entry.max_life = rblock.max_life; + } else + entry.max_life = princ->max_life * 60 * 5; entry.max_renewable_life = rblock.max_rlife; entry.len = KRB5_KDB_V1_BASE_LENGTH; entry.expiration = princ->exp_date; -- 2.26.2