From ca947d4866ac3fd364712a3a307b9984890fff30 Mon Sep 17 00:00:00 2001 From: Barry Jaspan Date: Mon, 5 Aug 1996 18:38:57 +0000 Subject: [PATCH] * all files: reworked for non-ss usage; kdb5_util_ct.ct and ss_wrapper.c are now obsolete git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8907 dc483132-0cff-0310-8789-dd5450dbe970 --- src/kadmin/dbutil/ChangeLog | 5 + src/kadmin/dbutil/Makefile.in | 4 +- src/kadmin/dbutil/configure.in | 1 - src/kadmin/dbutil/dump.c | 89 ++++++---------- src/kadmin/dbutil/kadm5_create.c | 35 ++++--- src/kadmin/dbutil/kdb5_create.c | 13 --- src/kadmin/dbutil/kdb5_destroy.c | 10 +- src/kadmin/dbutil/kdb5_stash.c | 12 +-- src/kadmin/dbutil/kdb5_util.c | 165 ++++++++++++++++++------------ src/kadmin/dbutil/kdb5_util_ct.ct | 56 ---------- src/kadmin/dbutil/loadv4.c | 96 +++-------------- src/kadmin/dbutil/ss_wrapper.c | 85 --------------- src/kadmin/dbutil/string_table.c | 2 +- 13 files changed, 170 insertions(+), 403 deletions(-) delete mode 100644 src/kadmin/dbutil/kdb5_util_ct.ct delete mode 100644 src/kadmin/dbutil/ss_wrapper.c diff --git a/src/kadmin/dbutil/ChangeLog b/src/kadmin/dbutil/ChangeLog index d22b83a07..d463bea8c 100644 --- a/src/kadmin/dbutil/ChangeLog +++ b/src/kadmin/dbutil/ChangeLog @@ -1,3 +1,8 @@ +Mon Aug 5 14:36:47 1996 Barry Jaspan + + * all files: reworked for non-ss usage; kdb5_util_ct.ct and + ss_wrapper.c are now obsolete + Thu Aug 1 14:34:51 1996 Barry Jaspan * dump.c, kadm5_create.c, kdb5_create.c: create policy database diff --git a/src/kadmin/dbutil/Makefile.in b/src/kadmin/dbutil/Makefile.in index c6325fd1e..28884a42f 100644 --- a/src/kadmin/dbutil/Makefile.in +++ b/src/kadmin/dbutil/Makefile.in @@ -1,7 +1,7 @@ CFLAGS = $(CCOPTS) $(DEFS) -DKDB4_DISABLE -I. $(LOCALINCLUDE) @KRB4_INCLUDES@ PROG = kdb5_util -OBJS = kdb5_util.o kdb5_util_ct.o dump.o dumpv4.o loadv4.o ss_wrapper.o \ +OBJS = kdb5_util.o dump.o dumpv4.o loadv4.o \ kdb5_create.o kadm5_create.o string_table.o kdb5_stash.o \ kdb5_destroy.o ovload.o import_err.o strtok.o @@ -10,8 +10,6 @@ all:: $(PROG) $(PROG): $(OBJS) $(DEPLIBS) $(CC) $(LDFLAGS) $(LDARGS) -o $(PROG) $(OBJS) $(LIBS) -kdb5_util_ct.o: kdb5_util_ct.c - import_err.c import_err.h: $(srcdir)/import_err.et $(OBJS): import_err.h diff --git a/src/kadmin/dbutil/configure.in b/src/kadmin/dbutil/configure.in index 66edf685f..cc2b296e6 100644 --- a/src/kadmin/dbutil/configure.in +++ b/src/kadmin/dbutil/configure.in @@ -7,7 +7,6 @@ USE_KADMSRV_LIBRARY USE_GSSRPC_LIBRARY USE_KDB5_LIBRARY USE_DYN_LIBRARY -USE_SS_LIBRARY USE_KRB4_LIBRARY KRB5_LIBRARIES V5_USE_SHARED_LIB diff --git a/src/kadmin/dbutil/dump.c b/src/kadmin/dbutil/dump.c index d362bc121..13d753825 100644 --- a/src/kadmin/dbutil/dump.c +++ b/src/kadmin/dbutil/dump.c @@ -85,6 +85,7 @@ typedef struct _dump_version { char *name; char *header; int updateonly; + int create_kadm5_princs; dump_func dump_princ; osa_adb_iter_policy_func dump_policy; load_func load_record; @@ -94,6 +95,7 @@ dump_version old_version = { "Kerberos version 5 old format", "kdb5_edit load_dump version 2.0\n", 0, + 1, dump_k5beta_iterator, NULL, process_k5beta_record, @@ -102,6 +104,7 @@ dump_version beta6_version = { "Kerberos version 5 beta 6 format", "kdb5_edit load_dump version 3.0\n", 0, + 1, dump_k5beta6_iterator, NULL, process_k5beta6_record, @@ -110,6 +113,7 @@ dump_version beta7_version = { "Kerberos version 5", "kdb5_util load_dump version 4\n", 0, + 0, dump_k5beta7_princ, dump_k5beta7_policy, process_k5beta7_record, @@ -118,6 +122,7 @@ dump_version ov_version = { "OpenV*Secure V1.0", "OpenV*Secure V1.0\t", 1, + 1, dump_ov_princ, dump_k5beta7_policy, process_ov_record, @@ -185,7 +190,6 @@ static const char read_ktypelen[] = "key data type and length"; static const char read_econtents[] = "extra data contents"; static const char k5beta_fmt_name[] = "Kerberos version 5 old format"; static const char standard_fmt_name[] = "Kerberos version 5 format"; -static const char lusage_err_fmt[] = "%s: usage is %s [%s] [%s] [%s] filename dbname [admin_dbname]\n"; static const char no_name_mem_fmt[] = "%s: cannot get memory for temporary name\n"; static const char ctx_err_fmt[] = "%s: cannot initialize Kerberos context\n"; static const char stdin_name[] = "standard input"; @@ -904,8 +908,8 @@ dump_db(argc, argv) } /* - * Attempt to open the database. The policy database only has to - * be opened if we try a dump that uses it. + * Make sure the database is open. The policy database only has + * to be opened if we try a dump that uses it. */ if (!dbactive || (dump->dump_policy != NULL && policy_db == NULL)) { com_err(argv[0], 0, Err_no_database); @@ -966,7 +970,7 @@ dump_db(argc, argv) error_message(kret)); exit_status++; } - if (ofile && !exit_status) { + if (ofile && ofile != stdout && !exit_status) { fclose(f); update_ok_file(ofile); } @@ -1843,8 +1847,7 @@ restore_dump(programname, kcontext, dumpfile, f, verbose, dump, pol_db) } /* - * Usage is - * load_db [-old] [-verbose] [-update] filename dbname + * Usage: load_db [-old] [-ov] [-b6] [-verbose] [-update] filename */ void load_db(argc, argv) @@ -1874,7 +1877,8 @@ load_db(argc, argv) if (strrchr(programname, (int) '/')) programname = strrchr(argv[0], (int) '/') + 1; dumpfile = (char *) NULL; - dbname = (char *) NULL; + dbname = global_params.dbname; + adbname = global_params.admin_dbname; load = NULL; update = 0; verbose = 0; @@ -1886,6 +1890,8 @@ load_db(argc, argv) load = &old_version; else if (!strcmp(argv[aindex], b6option)) load = &beta6_version; + else if (!strcmp(argv[aindex], ovoption)) + load = &ov_version; else if (!strcmp(argv[aindex], verboseoption)) verbose = 1; else if (!strcmp(argv[aindex], updateoption)) @@ -1893,16 +1899,12 @@ load_db(argc, argv) else break; } - if ((argc - aindex) != 2 && (argc - aindex) != 3) { - fprintf(stderr, lusage_err_fmt, argv[0], argv[0], - oldoption, verboseoption, updateoption); - exit_status++; + if ((argc - aindex) != 1) { + usage(); return; } - dumpfile = argv[aindex]; - dbname = argv[aindex+1]; - adbname = argv[aindex+2]; + if (!(dbname_tmp = (char *) malloc(strlen(dbname)+ strlen(dump_tmptrail)+1))) { fprintf(stderr, no_name_mem_fmt, argv[0]); @@ -1976,13 +1978,6 @@ load_db(argc, argv) if (dumpfile) fclose(f); return; } - - if (load->dump_policy == NULL && adbname != NULL) { - fprintf(stderr, lusage_err_fmt, argv[0], argv[0], - oldoption, verboseoption, updateoption); - exit_status++; - return; - } } if (load->updateonly && !update) { fprintf(stderr, "%s: dump version %s can only be loaded in " @@ -1992,30 +1987,14 @@ load_db(argc, argv) } /* - * Cons up config params for new policy database. Use adbname if - * specified, otherwise let the policy dbname key off the dbname. - * However, after the name is retrieved, if we are not in update - * mode change the actual file name to a temp name that we'll + * Cons up params for the new databases. If we are not in update + * mode change the actual file name to temp names that we'll * rename later (but use the correct lock file). */ newparams = global_params; - newparams.mask &= ~(KADM5_CONFIG_ADBNAME | KADM5_CONFIG_ADB_LOCKFILE); - newparams.dbname = dbname; - newparams.mask |= KADM5_CONFIG_DBNAME; - if (adbname) { - newparams.admin_dbname = adbname; - newparams.mask |= KADM5_CONFIG_ADBNAME; - } - if (kret = kadm5_get_config_params(kcontext, NULL, NULL, &newparams, - &newparams)) { - fprintf(stderr, "%s while retrieiving configuration " - "parameters.\n", error_message(kret)); - if (dumpfile) fclose(f); - exit_status++; - return; - } adbname_real = newparams.admin_dbname; if (! update) { + newparams.dbname = dbname_tmp; newparams.admin_dbname = (char *) malloc(strlen(adbname_real) + strlen(dump_tmptrail) + 1); strcpy(newparams.admin_dbname, adbname_real); @@ -2031,7 +2010,7 @@ load_db(argc, argv) */ if (!update && (kret = krb5_db_create(kcontext, dbname_tmp))) { fprintf(stderr, dbcreaterr_fmt, - programname, dbname, error_message(kret)); + programname, dbname_tmp, error_message(kret)); exit_status++; kadm5_free_config_params(kcontext, &newparams); if (dumpfile) fclose(f); @@ -2045,16 +2024,7 @@ load_db(argc, argv) if (dumpfile) fclose(f); return; } - if (!update && (load != &beta7_version) && - (kret = kadm5_create_magic_princs(&newparams, kcontext))) { - fprintf(stderr, "%s: %s while creating KADM5 principals\n", - programname, error_message(kret)); - exit_status++; - kadm5_free_config_params(kcontext, &newparams); - if (dumpfile) fclose(f); - return; - } - + /* * Point ourselves at the new databases. */ @@ -2108,6 +2078,14 @@ load_db(argc, argv) exit_status++; } + if (!update && load->create_kadm5_princs && + (kret = kadm5_create_magic_princs(&newparams, kcontext))) { + /* error message printed by create_magic_princs */ + exit_status++; + } + + /* close policy db below */ + error: /* * If not an update: if there was an error, destroy the database, @@ -2183,13 +2161,10 @@ error: fclose(f); } - if (adbname_real) { - if (adbname_real != newparams.admin_dbname) { - free(newparams.admin_dbname); - newparams.admin_dbname = adbname_real; - } - kadm5_free_config_params(kcontext, &newparams); + if (adbname_real && adbname_real != newparams.admin_dbname) { + free(newparams.admin_dbname); } + if (dbname_tmp) free(dbname_tmp); krb5_free_context(kcontext); diff --git a/src/kadmin/dbutil/kadm5_create.c b/src/kadmin/dbutil/kadm5_create.c index 45eeef29b..e4341d1fd 100644 --- a/src/kadmin/dbutil/kadm5_create.c +++ b/src/kadmin/dbutil/kadm5_create.c @@ -213,19 +213,31 @@ int add_admin_princ(void *handle, krb5_context context, return(ERR); } ent.max_life = lifetime; - ent.attributes = attrs; + ent.attributes = attrs | KRB5_KDB_DISALLOW_ALL_TIX; if (ret = kadm5_create_principal(handle, &ent, (KADM5_PRINCIPAL | KADM5_MAX_LIFE | KADM5_ATTRIBUTES), "to-be-random")) { - if (ret == KADM5_DUP) - ret = kadm5_modify_principal(handle, &ent, - (KADM5_PRINCIPAL | - KADM5_MAX_LIFE | - KADM5_ATTRIBUTES)); - + if (ret != KADM5_DUP) { + com_err(progname, ret, str_PUT_PRINC, fullname); + krb5_free_principal(context, ent.principal); + free(fullname); + return ERR; + } + } else { + /* only randomize key if we created the principal */ + ret = kadm5_randkey_principal(handle, ent.principal, NULL, NULL); + if (ret) { + com_err(progname, ret, str_RANDOM_KEY, fullname); + krb5_free_principal(context, ent.principal); + free(fullname); + return ERR; + } + + ent.attributes = attrs; + ret = kadm5_modify_principal(handle, &ent, KADM5_ATTRIBUTES); if (ret) { com_err(progname, ret, str_PUT_PRINC, fullname); krb5_free_principal(context, ent.principal); @@ -233,16 +245,9 @@ int add_admin_princ(void *handle, krb5_context context, return ERR; } } - - ret = kadm5_randkey_principal(handle, ent.principal, NULL, NULL); - + krb5_free_principal(context, ent.principal); free(fullname); - if (ret) { - com_err(progname, ret, str_RANDOM_KEY, fullname); - return ERR; - } - return OK; } diff --git a/src/kadmin/dbutil/kdb5_create.c b/src/kadmin/dbutil/kdb5_create.c index e05cc4ee0..73ca72a44 100644 --- a/src/kadmin/dbutil/kdb5_create.c +++ b/src/kadmin/dbutil/kdb5_create.c @@ -121,12 +121,6 @@ extern osa_adb_policy_t policy_db; extern kadm5_config_params global_params; extern krb5_context util_context; -static void usage() -{ - fprintf(stderr, "usage: %s [-s]\n", progname); - exit_status++; -} - void kdb5_create(argc, argv) int argc; char *argv[]; @@ -313,14 +307,7 @@ master key name '%s'\n", } if (!do_stash) unlink(global_params.stash_file); - /* now open the database */ - open_db_and_mkey(); - - exit_status = 0; /* It's OK if we get errors in open_db_and_mkey */ - /* We do not have the key stashed in the database! */ - return; - } static krb5_error_code diff --git a/src/kadmin/dbutil/kdb5_destroy.c b/src/kadmin/dbutil/kdb5_destroy.c index 7c6873df7..c2e9fc54b 100644 --- a/src/kadmin/dbutil/kdb5_destroy.c +++ b/src/kadmin/dbutil/kdb5_destroy.c @@ -40,14 +40,6 @@ extern kadm5_config_params global_params; char *yes = "yes\n"; /* \n to compare against result of fgets */ -static void -usage(who, status) - char *who; - int status; -{ - fprintf(stderr, "usage: %s [-f]\n", who); -} - void kdb5_destroy(argc, argv) int argc; @@ -79,7 +71,7 @@ kdb5_destroy(argc, argv) break; case '?': default: - usage(argv[0], 1); + usage(); return; /*NOTREACHED*/ } diff --git a/src/kadmin/dbutil/kdb5_stash.c b/src/kadmin/dbutil/kdb5_stash.c index 56ca10cbd..62a52e371 100644 --- a/src/kadmin/dbutil/kdb5_stash.c +++ b/src/kadmin/dbutil/kdb5_stash.c @@ -38,16 +38,6 @@ extern kadm5_config_params global_params; extern int exit_status; -static void -usage(who, status) -char *who; -int status; -{ - fprintf(stderr, "usage: %s [-f keyfile]\n", who); - exit_status++; return; -} - - void kdb5_stash(argc, argv) int argc; @@ -86,7 +76,7 @@ char *argv[]; break; case '?': default: - usage(argv[0], 1); + usage(); return; } } diff --git a/src/kadmin/dbutil/kdb5_util.c b/src/kadmin/dbutil/kdb5_util.c index 3f31fcb14..d15a2dc2f 100644 --- a/src/kadmin/dbutil/kdb5_util.c +++ b/src/kadmin/dbutil/kdb5_util.c @@ -49,21 +49,19 @@ krb5_context util_context; osa_adb_policy_t policy_db; kadm5_config_params global_params; -/* - * Script input, specified by -s. - */ -FILE *scriptfile = (FILE *) NULL; - -static void -usage(who, status) - char *who; - int status; +usage() { - fprintf(stderr, - "usage: %s [-d dbpathname ] [-r realmname] [-R request ]\n", - who); - fprintf(stderr, "\t [-k enctype] [-M mkeyname] [-f stashfile]\n"); - exit(status); + fprintf(stderr, "Usage: " + "kdb5_util cmd [-r realm] [-d dbname] [-k mkeytype] [-M mkeyname]\n" + "\t [-m] [cmd options]\n" + "\tcreate [-s]\n" + "\tdestroy [-f]\n" + "\tstash [-f keyfile]\n" + "\tdump [-old] [-ov] [-b6] [-verbose] [filename [princs...]]\n" + "\tload [-old] [-ov] [-b6] [-verbose] [-update] filename\n" + "\tdump_v4 [filename]\n" + "\tload_v4 [-t] [-n] [-K] [-f] inputfile\n"); + exit(1); } krb5_keyblock master_keyblock; @@ -77,14 +75,55 @@ char *progname; krb5_boolean manual_mkey = FALSE; krb5_boolean dbactive = FALSE; -char *kdb5_util_Init(argc, argv) +int kdb5_create(int, char **); +int kdb5_destroy(int, char **); +int kdb5_stash(int, char **); +int dump_db(int, char **); +int load_db(int, char **); +int dump_v4db(int, char **); +int load_v4db(int, char **); + +typedef int (*cmd_func)(int, char **); + +struct _cmd_table { + char *name; + cmd_func func; + int opendb; +} cmd_table[] = { + "create", kdb5_create, 0, + "destroy", kdb5_destroy, 1, + "stash", kdb5_stash, 1, + "dump", dump_db, 1, + "load", load_db, 0, + "dump_v4", dump_v4db, 1, + "load_v4", load_v4db, 0, + NULL, NULL, 0, +}; + +struct _cmd_table *cmd_lookup(name) + char *name; +{ + struct _cmd_table *cmd = cmd_table; + while (cmd->name) { + if (strcmp(cmd->name, name) == 0) + return cmd; + else + cmd++; + } + + return NULL; +} + +#define ARG_VAL (--argc > 0 ? optarg = *(++argv) : (usage(), NULL)) + +int main(argc, argv) int argc; char *argv[]; { - extern char *optarg; - int optchar; + struct _cmd_table *cmd = NULL; + char *optarg, **cmd_argv; + int cmd_argc; krb5_error_code retval; - char *request = NULL; retval = krb5_init_context(&util_context); if (retval) { @@ -95,26 +134,25 @@ char *kdb5_util_Init(argc, argv) krb5_init_ets(util_context); initialize_adb_error_table(); - if (strrchr(argv[0], '/')) - argv[0] = strrchr(argv[0], '/')+1; - - progname = argv[0]; + progname = (strrchr(argv[0], '/') ? strrchr(argv[0], '/')+1 : argv[0]); - while ((optchar = getopt(argc, argv, "P:d:a:r:R:k:M:e:ms:f:")) != EOF) { - switch(optchar) { - case 'P': /* Only used for testing!!! */ + cmd_argv = (char **) malloc(sizeof(char *)*argc); + if (cmd_argv == NULL) { + com_err(progname, ENOMEM, "while creating sub-command arguments"); + exit(1); + } + memset(cmd_argv, 0, sizeof(char *)*argc); + cmd_argc = 1; + + argv++; argc--; + while (*argv) { + if (strcmp(*argv, "-P") == 0 && ARG_VAL) { mkey_password = optarg; manual_mkey = TRUE; - break; - case 'd': + } else if (strcmp(*argv, "-d") == 0 && ARG_VAL) { global_params.dbname = optarg; global_params.mask |= KADM5_CONFIG_DBNAME; - break; - case 'a': - global_params.admin_dbname = optarg; - global_params.mask |= KADM5_CONFIG_ADBNAME; - break; - case 'r': + } else if (strcmp(*argv, "-r") == 0 && ARG_VAL) { global_params.realm = optarg; global_params.mask |= KADM5_CONFIG_REALM; /* not sure this is really necessary */ @@ -123,43 +161,35 @@ char *kdb5_util_Init(argc, argv) com_err(progname, retval, "while setting default realm name"); exit(1); } - break; - case 'R': - request = optarg; - break; - case 'k': + } else if (strcmp(*argv, "-k") == 0 && ARG_VAL) { if (krb5_string_to_enctype(optarg, &global_params.enctype)) com_err(argv[0], 0, "%s is an invalid enctype", optarg); - global_params.mask |= KADM5_CONFIG_ENCTYPE; - break; - case 'M': /* master key name in DB */ + else + global_params.mask |= KADM5_CONFIG_ENCTYPE; + } else if (strcmp(*argv, "-M") == 0 && ARG_VAL) { global_params.mkey_name = optarg; global_params.mask |= KADM5_CONFIG_MKEY_NAME; - break; - case 'm': + } else if (strcmp(*argv, "-f") == 0 && ARG_VAL) { + global_params.stash_file = optarg; + global_params.mask |= KADM5_CONFIG_STASH_FILE; + } else if (strcmp(*argv, "-m") == 0) { manual_mkey = TRUE; global_params.mkey_from_kbd = 1; global_params.mask |= KADM5_CONFIG_MKEY_FROM_KBD; - break; - case 's': - /* Open the script file */ - if (!(scriptfile = fopen(optarg, "r"))) { - com_err(argv[0], errno, "while opening script file %s", - optarg); - exit(1); - } - break; - case 'f': - global_params.stash_file = optarg; - global_params.mask |= KADM5_CONFIG_STASH_FILE; - break; - case '?': - default: - usage(progname, 1); - /*NOTREACHED*/ - } + } else if (cmd_lookup(*argv) != NULL) { + if (cmd_argv[0] == NULL) + cmd_argv[0] = *argv; + else + usage(); + } else { + cmd_argv[cmd_argc++] = *argv; + } + argv++; argc--; } + if (cmd_argv[0] == NULL) + usage(); + if (retval = kadm5_get_config_params(util_context, NULL, NULL, &global_params, &global_params)) { com_err(argv[0], retval, "while retreiving configuration parameters"); @@ -168,9 +198,7 @@ char *kdb5_util_Init(argc, argv) /* * Dump creates files which should not be world-readable. It is - * easiest to do a single umask call here; any shells run by the - * ss command interface will have umask = 77 but that is not a - * serious problem. + * easiest to do a single umask call here. */ (void) umask(077); @@ -190,11 +218,12 @@ char *kdb5_util_Init(argc, argv) master_keyblock.enctype); } + cmd = cmd_lookup(cmd_argv[0]); + if (cmd->opendb && open_db_and_mkey()) + return exit_status; - open_db_and_mkey(); - - exit_status = 0; /* It's OK if we get errors in open_db_and_mkey */ - return request; + (*cmd->func)(cmd_argc, cmd_argv); + return exit_status; } #if 0 diff --git a/src/kadmin/dbutil/kdb5_util_ct.ct b/src/kadmin/dbutil/kdb5_util_ct.ct deleted file mode 100644 index bac1df125..000000000 --- a/src/kadmin/dbutil/kdb5_util_ct.ct +++ /dev/null @@ -1,56 +0,0 @@ -# admin/edit/kdb5_ed_ct.ct -# -# Copyright 1990 by the Massachusetts Institute of Technology. -# All Rights Reserved. -# -# Export of this software from the United States of America may -# require a specific license from the United States Government. -# It is the responsibility of any person or organization contemplating -# export to obtain such a license before exporting. -# -# WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -# distribute this software and its documentation for any purpose and -# without fee is hereby granted, provided that the above copyright -# notice appear in all copies and that both that copyright notice and -# this permission notice appear in supporting documentation, and that -# the name of M.I.T. not be used in advertising or publicity pertaining -# to distribution of the software without specific, written prior -# permission. M.I.T. makes no representations about the suitability of -# this software for any purpose. It is provided "as is" without express -# or implied warranty. -# -# -# Command table for Kerberos administration edit -# - -command_table kdb5_edit_cmds; - -request kdb5_create, "Create a new Kerberos database", - create_db, create; - -request kdb5_destroy, "Destroy a Kerberos database", - destroy_db, destroy; - -request kdb5_stash, "Stash the Kerberos master key", - stash_mkey, stash; - -request dump_db, "Dump database entries to a file", - dump_db, ddb; - -request dump_v4db, "Dump database entries to a V4 slave dump file", - dump_v4db, d4db; - -request load_db, "Load database entries from a file", - load_db, lddb; - -request load_v4db, "Load database entries from a V4 slave dump file", - load_v4db, lddb4; - -# list_requests is generic -- unrelated to Kerberos -request ss_list_requests, "List available requests.", - list_requests, lr, "?"; - -request ss_quit, "Exit program.", - quit, exit, q; - -end; diff --git a/src/kadmin/dbutil/loadv4.c b/src/kadmin/dbutil/loadv4.c index 7dfade9f5..368e3956d 100644 --- a/src/kadmin/dbutil/loadv4.c +++ b/src/kadmin/dbutil/loadv4.c @@ -88,17 +88,6 @@ static krb5_error_code fixup_database PROTOTYPE((krb5_context, char *)); static int create_local_tgt = 0; -static void -usage(who, status) -char *who; -int status; -{ - fprintf(stderr, "usage: %s [-d v5dbpathname] [-t] [-n] [-r realmname] [-K] [-k enctype]\n\ -\t[-M mkeyname] -f inputfile\n", - who); - return; -} - static krb5_keyblock master_keyblock; static krb5_principal master_princ; static krb5_encrypt_block master_encblock; @@ -145,7 +134,6 @@ char *argv[]; char *mkey_name = 0; char *mkey_fullname; char *defrealm; - int enctypedone = 0; int v4manual = 0; int read_mkey = 0; int tempdb = 0; @@ -167,45 +155,24 @@ char *argv[]; persist = 1; op_ind = 1; while (persist && (op_ind < argc)) { - if (!strcmp(argv[op_ind], "-d") && ((argc - op_ind) >= 2)) { - dbname = argv[op_ind+1]; - op_ind++; - } - else if (!strcmp(argv[op_ind], "-T")) { + if (!strcmp(argv[op_ind], "-T")) { create_local_tgt = 1; } else if (!strcmp(argv[op_ind], "-t")) { tempdb = 1; } - else if (!strcmp(argv[op_ind], "-r") && ((argc - op_ind) >= 2)) { - realm = argv[op_ind+1]; - op_ind++; - } else if (!strcmp(argv[op_ind], "-K")) { read_mkey = 1; } else if (!strcmp(argv[op_ind], "-v")) { verbose = 1; } - else if (!strcmp(argv[op_ind], "-k") && ((argc - op_ind) >= 2)) { - if (!krb5_string_to_enctype(argv[op_ind+1], - &master_keyblock.enctype)) - enctypedone++; - else - com_err(argv[0], 0, "%s is an invalid enctype", - argv[op_ind+1]); - op_ind++; - } - else if (!strcmp(argv[op_ind], "-M") && ((argc - op_ind) >= 2)) { - mkey_name = argv[op_ind+1]; - op_ind++; - } else if (!strcmp(argv[op_ind], "-n")) { v4manual++; } else if (!strcmp(argv[op_ind], "-f") && ((argc - op_ind) >= 2)) { if (v4dbname) { - usage(PROGNAME, 1); + usage(); return; } v4dumpfile = argv[op_ind+1]; @@ -216,60 +183,21 @@ char *argv[]; op_ind++; } - /* - * Attempt to read the KDC profile. If we do, then read appropriate values - * from it and augment values supplied on the command line. - */ - if (!(retval = krb5_read_realm_params(context, - realm, - (char *) NULL, - (char *) NULL, - &rparams))) { - /* Get the value for the database */ - if (rparams->realm_dbname && !dbname) - dbname = strdup(rparams->realm_dbname); - - /* Get the value for the master key name */ - if (rparams->realm_mkey_name && !mkey_name) - mkey_name = strdup(rparams->realm_mkey_name); - - /* Get the value for the master key type */ - if (rparams->realm_enctype_valid && !enctypedone) { - master_keyblock.enctype = rparams->realm_enctype; - enctypedone++; - } - - /* Get the value for the stashfile */ - if (rparams->realm_stash_file) - stash_file = strdup(rparams->realm_stash_file); - - /* Get the value for maximum ticket lifetime. */ - if (rparams->realm_max_life_valid) - rblock.max_life = rparams->realm_max_life; - - /* Get the value for maximum renewable ticket lifetime. */ - if (rparams->realm_max_rlife_valid) - rblock.max_rlife = rparams->realm_max_rlife; - - /* Get the value for the default principal expiration */ - if (rparams->realm_expiration_valid) - rblock.expiration = rparams->realm_expiration; - - /* Get the value for the default principal flags */ - if (rparams->realm_flags_valid) - rblock.flags = rparams->realm_flags; - - krb5_free_realm_params(context, rparams); - } + realm = global_params.realm; + dbname = global_params.dbname; + mkey_name = global_params.mkey_name; + master_keyblock.enctype = global_params.enctype; + stash_file = strdup(global_params.stash_file); + rblock.max_life = global_params.max_life; + rblock.max_rlife = global_params.max_rlife; + rblock.expiration = global_params.expiration; + rblock.flags = global_params.flags; if (!v4dumpfile) { - usage(PROGNAME, 1); + usage(); return; } - if (!enctypedone) - master_keyblock.enctype = DEFAULT_KDC_ENCTYPE; - if (!valid_enctype(master_keyblock.enctype)) { com_err(PROGNAME, KRB5_PROG_KEYTYPE_NOSUPP, "while setting up enctype %d", master_keyblock.enctype); diff --git a/src/kadmin/dbutil/ss_wrapper.c b/src/kadmin/dbutil/ss_wrapper.c deleted file mode 100644 index ada85efc9..000000000 --- a/src/kadmin/dbutil/ss_wrapper.c +++ /dev/null @@ -1,85 +0,0 @@ -/* - * admin/edit/ss_wrapper.c - * - * Copyright 1990,1991 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * ss wrapper for kdb5_edit - */ - -#include -#include "kdb5_util.h" -#include -#include - -extern ss_request_table kdb5_edit_cmds; -extern int exit_status; -extern FILE *scriptfile; - -int main(argc, argv) - int argc; - char *argv[]; -{ - char *request; - krb5_error_code retval; - int sci_idx, code = 0; - - request = kdb5_util_Init(argc, argv); - sci_idx = ss_create_invocation("kdb5_util", "5.0", (char *) NULL, - &kdb5_edit_cmds, &retval); - if (retval) { - ss_perror(sci_idx, retval, "creating invocation"); - exit(1); - } - - if (request) { - code = ss_execute_line(sci_idx, request, &code); - if (code != 0) { - ss_perror(sci_idx, code, request); - exit_status++; - } - } else if (scriptfile) { - char *command; - int nread; - - /* Get a buffer */ - if ((command = (char *) malloc(BUFSIZ))) { - /* Process commands from the script until end-of-file or error */ - while (!feof(scriptfile) && - (fgets(command, BUFSIZ, scriptfile))) { - - /* Strip trailing newline */ - if (command[strlen(command)-1] == '\n') - command[strlen(command)-1] = '\0'; - - /* Execute the command */ - code = ss_execute_line(sci_idx, command, &code); - if (code != 0) { - ss_perror(sci_idx, code, command); - exit_status++; - break; - } - } - free(command); - } - } else - ss_listen(sci_idx, &retval); - return quit() ? 1 : exit_status; -} diff --git a/src/kadmin/dbutil/string_table.c b/src/kadmin/dbutil/string_table.c index b9f86a363..c5f09f83b 100644 --- a/src/kadmin/dbutil/string_table.c +++ b/src/kadmin/dbutil/string_table.c @@ -51,7 +51,7 @@ char *str_ENCRYPT_KEY = "while calling encrypt key for %s."; /* principal name */ char *str_PUT_PRINC = - "while calling storing %s in Kerberos database."; /* principal name */ + "while storing %s in Kerberos database."; /* principal name */ char *str_CREATING_POLICY_DB = "while creating/opening admin policy database."; -- 2.26.2