summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGreg Hudson <ghudson@mit.edu>2014-01-23 18:15:24 -0500
committerGreg Hudson <ghudson@mit.edu>2014-02-05 00:21:29 -0500
commit6506c87aab5567ae855d1f75dc9b41e1a091f542 (patch)
treec89530754e2b89f273c127a5e569dd002f86683d
parent75b2ec88c4d75e7215322d2f0019307310cc9701 (diff)
downloadkrb5-6506c87aab5567ae855d1f75dc9b41e1a091f542.tar.gz
krb5-6506c87aab5567ae855d1f75dc9b41e1a091f542.tar.xz
krb5-6506c87aab5567ae855d1f75dc9b41e1a091f542.zip
Modernize iprop code
* Don't use "extern" for kdb_log.h prototypes. * Avoid passing structures by value. * Avoid the need to cast the result of the INDEX macro, and use char * instead of unsigned long for pointer arithmetic. * Reorganize kdb_log.c so static helpers are at the top and don't use the "ulog_" prefix. * Get rid of ulog_finish_update_slave since it's more concise to open-code it in ulog_replay. * Get rid of ulog_delete_update. In krb5_db_delete_principal, just call ulog_add_update with kdb_deleted set in upd. * Modernize coding style of kproplog.c. Use k5memdup0 instead of snprintf in print_str to convert a byte range to a C string. Remove an unnecesary textdomain call; libkrb5 takes care of calling bindtextdomain in the library initializer. * Modernize coding style of kpropd.c and kprop.c. No functional changes.
Diffstat
-rw-r--r--src/include/kdb_log.h53
-rw-r--r--src/kadmin/server/ipropd_svc.c2
-rw-r--r--src/lib/kdb/kdb5.c3
-rw-r--r--src/lib/kdb/kdb_log.c198
-rw-r--r--src/slave/kprop.c391
-rw-r--r--src/slave/kpropd.c748
-rw-r--r--src/slave/kproplog.c425
7 files changed, 758 insertions, 1062 deletions
diff --git a/src/include/kdb_log.h b/src/include/kdb_log.h
index 43d2fc41dd..88f0eb590e 100644
--- a/src/include/kdb_log.h
+++ b/src/include/kdb_log.h
@@ -21,8 +21,9 @@ extern "C" {
/*
* DB macros
*/
-#define INDEX(ulogaddr, i) ((unsigned long) ulogaddr + sizeof (kdb_hlog_t) + \
- (i*ulog->kdb_block))
+#define INDEX(ulog, i) (kdb_ent_header_t *)((char *)(ulog) + \
+ sizeof(kdb_hlog_t) + \
+ (i) * ulog->kdb_block)
/*
* Current DB version #
@@ -67,35 +68,23 @@ extern "C" {
/*
* Prototype declarations
*/
-extern krb5_error_code ulog_map(krb5_context context,
- const char *logname, uint32_t entries,
- int caller,
- char **db_args);
-extern void ulog_init_header(krb5_context context);
-extern krb5_error_code ulog_add_update(krb5_context context,
- kdb_incr_update_t *upd);
-extern krb5_error_code ulog_delete_update(krb5_context context,
- kdb_incr_update_t *upd);
-extern krb5_error_code ulog_finish_update(krb5_context context,
- kdb_incr_update_t *upd);
-extern krb5_error_code ulog_get_entries(krb5_context context, kdb_last_t last,
- kdb_incr_result_t *ulog_handle);
-
-extern krb5_error_code
-ulog_replay(krb5_context context, kdb_incr_result_t *incr_ret, char **db_args);
-
-extern krb5_error_code
-ulog_conv_2logentry(krb5_context context, krb5_db_entry *entry,
- kdb_incr_update_t *update);
-
-extern krb5_error_code
-ulog_conv_2dbentry(krb5_context context, krb5_db_entry **entry,
- kdb_incr_update_t *update);
-
-extern void ulog_free_entries(kdb_incr_update_t *updates, int no_of_updates);
-extern krb5_error_code ulog_set_role(krb5_context ctx, iprop_role role);
-
-extern krb5_error_code ulog_lock(krb5_context ctx, int mode);
+krb5_error_code ulog_map(krb5_context context, const char *logname,
+ uint32_t entries, int caller, char **db_args);
+void ulog_init_header(krb5_context context);
+krb5_error_code ulog_add_update(krb5_context context, kdb_incr_update_t *upd);
+krb5_error_code ulog_finish_update(krb5_context context,
+ kdb_incr_update_t *upd);
+krb5_error_code ulog_get_entries(krb5_context context, const kdb_last_t *last,
+ kdb_incr_result_t *ulog_handle);
+krb5_error_code ulog_replay(krb5_context context, kdb_incr_result_t *incr_ret,
+ char **db_args);
+krb5_error_code ulog_conv_2logentry(krb5_context context, krb5_db_entry *entry,
+ kdb_incr_update_t *update);
+krb5_error_code ulog_conv_2dbentry(krb5_context context, krb5_db_entry **entry,
+ kdb_incr_update_t *update);
+void ulog_free_entries(kdb_incr_update_t *updates, int no_of_updates);
+krb5_error_code ulog_set_role(krb5_context ctx, iprop_role role);
+krb5_error_code ulog_lock(krb5_context ctx, int mode);
typedef struct kdb_hlog {
uint32_t kdb_hmagic; /* Log header magic # */
@@ -109,7 +98,7 @@ typedef struct kdb_hlog {
uint16_t kdb_block; /* Block size of each element */
} kdb_hlog_t;
-extern void ulog_sync_header(kdb_hlog_t *);
+void ulog_sync_header(kdb_hlog_t *);
typedef struct kdb_ent_header {
uint32_t kdb_umagic; /* Update entry magic # */
diff --git a/src/kadmin/server/ipropd_svc.c b/src/kadmin/server/ipropd_svc.c
index 6d5ba3c032..955acb9c47 100644
--- a/src/kadmin/server/ipropd_svc.c
+++ b/src/kadmin/server/ipropd_svc.c
@@ -190,7 +190,7 @@ iprop_get_updates_1_svc(kdb_last_t *arg, struct svc_req *rqstp)
goto out;
}
- kret = ulog_get_entries(handle->context, *arg, &ret);
+ kret = ulog_get_entries(handle->context, arg, &ret);
if (ret.ret == UPDATE_OK) {
(void) snprintf(obuf, sizeof (obuf),
diff --git a/src/lib/kdb/kdb5.c b/src/lib/kdb/kdb5.c
index 93293bac19..ca2040d3bc 100644
--- a/src/lib/kdb/kdb5.c
+++ b/src/lib/kdb/kdb5.c
@@ -978,8 +978,9 @@ krb5_db_delete_principal(krb5_context kcontext, krb5_principal search_for)
upd.kdb_princ_name.utf8str_t_val = princ_name;
upd.kdb_princ_name.utf8str_t_len = strlen(princ_name);
+ upd.kdb_deleted = TRUE;
- status = ulog_delete_update(kcontext, &upd);
+ status = ulog_add_update(kcontext, &upd);
if (status)
goto cleanup;
}
diff --git a/src/lib/kdb/kdb_log.c b/src/lib/kdb/kdb_log.c
index 71f0a330e5..c988dcbceb 100644
--- a/src/lib/kdb/kdb_log.c
+++ b/src/lib/kdb/kdb_log.c
@@ -34,9 +34,6 @@ static int pagesize = 0;
ulog = log_ctx->ulog; \
assert(ulog != NULL)
-static int extend_file_to(int fd, unsigned int new_size);
-static void ulog_reset(kdb_hlog_t *ulog);
-
static inline krb5_boolean
time_equal(const kdbe_time_t *a, const kdbe_time_t *b)
{
@@ -53,24 +50,9 @@ time_current(kdbe_time_t *out)
out->useconds = timestamp.tv_usec;
}
-krb5_error_code
-ulog_lock(krb5_context ctx, int mode)
-{
- kdb_log_context *log_ctx = NULL;
- kdb_hlog_t *ulog = NULL;
-
- if (ctx == NULL)
- return KRB5_LOG_ERROR;
- if (ctx->kdblog_context == NULL ||
- ctx->kdblog_context->iproprole == IPROP_NULL)
- return 0;
- INIT_ULOG(ctx);
- return krb5_lock_file(ctx, log_ctx->ulogfd, mode);
-}
-
/* Sync update entry to disk. */
static krb5_error_code
-ulog_sync_update(kdb_hlog_t *ulog, kdb_ent_header_t *upd)
+sync_update(kdb_hlog_t *ulog, kdb_ent_header_t *upd)
{
unsigned long start, end, size;
@@ -93,7 +75,6 @@ ulog_sync_update(kdb_hlog_t *ulog, kdb_ent_header_t *upd)
void
ulog_sync_header(kdb_hlog_t *ulog)
{
-
if (!pagesize)
pagesize = getpagesize();
@@ -104,6 +85,39 @@ ulog_sync_header(kdb_hlog_t *ulog)
}
}
+/* Extend update log file. */
+static int
+extend_file_to(int fd, unsigned int new_size)
+{
+ off_t current_offset;
+ static const char zero[512];
+ ssize_t wrote_size;
+ size_t write_size;
+
+ current_offset = lseek(fd, 0, SEEK_END);
+ if (current_offset < 0)
+ return -1;
+ if (new_size > INT_MAX) {
+ errno = EINVAL;
+ return -1;
+ }
+ while (current_offset < (off_t)new_size) {
+ write_size = new_size - current_offset;
+ if (write_size > 512)
+ write_size = 512;
+ wrote_size = write(fd, zero, write_size);
+ if (wrote_size < 0)
+ return -1;
+ if (wrote_size == 0) {
+ errno = EINVAL;
+ return -1;
+ }
+ current_offset += wrote_size;
+ write_size = new_size - current_offset;
+ }
+ return 0;
+}
+
/*
* Resize the array elements. We reinitialize the update log rather than
* unrolling the the log and copying it over to a temporary log for obvious
@@ -111,8 +125,8 @@ ulog_sync_header(kdb_hlog_t *ulog)
* need for resizing should be very small.
*/
static krb5_error_code
-ulog_resize(kdb_hlog_t *ulog, uint32_t ulogentries, int ulogfd,
- unsigned int recsize)
+resize(kdb_hlog_t *ulog, uint32_t ulogentries, int ulogfd,
+ unsigned int recsize)
{
unsigned int new_block, new_size;
@@ -142,6 +156,32 @@ ulog_resize(kdb_hlog_t *ulog, uint32_t ulogentries, int ulogfd,
return 0;
}
+static void
+reset_header(kdb_hlog_t *ulog)
+{
+ memset(ulog, 0, sizeof(*ulog));
+ ulog->kdb_hmagic = KDB_ULOG_HDR_MAGIC;
+ ulog->db_version_num = KDB_VERSION;
+ ulog->kdb_state = KDB_STABLE;
+ ulog->kdb_block = ULOG_BLOCK;
+ time_current(&ulog->kdb_last_time);
+}
+
+krb5_error_code
+ulog_lock(krb5_context ctx, int mode)
+{
+ kdb_log_context *log_ctx = NULL;
+ kdb_hlog_t *ulog = NULL;
+
+ if (ctx == NULL)
+ return KRB5_LOG_ERROR;
+ if (ctx->kdblog_context == NULL ||
+ ctx->kdblog_context->iproprole == IPROP_NULL)
+ return 0;
+ INIT_ULOG(ctx);
+ return krb5_lock_file(ctx, log_ctx->ulogfd, mode);
+}
+
/*
* Add an entry to the update log. The layout of the update log looks like:
*
@@ -176,7 +216,7 @@ ulog_add_update(krb5_context context, kdb_incr_update_t *upd)
recsize = sizeof(kdb_ent_header_t) + upd_size;
if (recsize > ulog->kdb_block) {
- retval = ulog_resize(ulog, ulogentries, ulogfd, recsize);
+ retval = resize(ulog, ulogentries, ulogfd, recsize);
if (retval)
return retval;
}
@@ -184,14 +224,14 @@ ulog_add_update(krb5_context context, kdb_incr_update_t *upd)
/* If we have reached the last possible serial number, reinitialize the
* ulog and start over. Slaves will do a full resync. */
if (ulog->kdb_last_sno == (kdb_sno_t)-1)
- ulog_reset(ulog);
+ reset_header(ulog);
/* Get the next serial number and save it for finish_update() to index. */
cur_sno = ulog->kdb_last_sno + 1;
upd->kdb_entry_sno = cur_sno;
i = (cur_sno - 1) % ulogentries;
- indx_log = (kdb_ent_header_t *)INDEX(ulog, i);
+ indx_log = INDEX(ulog, i);
memset(indx_log, 0, ulog->kdb_block);
indx_log->kdb_umagic = KDB_ULOG_MAGIC;
@@ -207,7 +247,7 @@ ulog_add_update(krb5_context context, kdb_incr_update_t *upd)
if (!xdr_kdb_incr_update_t(&xdrs, upd))
return KRB5_LOG_CONV;
- retval = ulog_sync_update(ulog, indx_log);
+ retval = sync_update(ulog, indx_log);
if (retval)
return retval;
@@ -220,7 +260,7 @@ ulog_add_update(krb5_context context, kdb_incr_update_t *upd)
if (cur_sno > ulogentries) {
/* Once we've circled, kdb_first_sno is the sno of the next entry. */
i = upd->kdb_entry_sno % ulogentries;
- indx_log = (kdb_ent_header_t *)INDEX(ulog, i);
+ indx_log = INDEX(ulog, i);
ulog->kdb_first_sno = indx_log->kdb_entry_sno;
ulog->kdb_first_time = indx_log->kdb_time;
} else if (cur_sno == 1) {
@@ -249,12 +289,12 @@ ulog_finish_update(krb5_context context, kdb_incr_update_t *upd)
i = (upd->kdb_entry_sno - 1) % ulogentries;
- indx_log = (kdb_ent_header_t *)INDEX(ulog, i);
+ indx_log = INDEX(ulog, i);
indx_log->kdb_commit = TRUE;
ulog->kdb_state = KDB_STABLE;
- retval = ulog_sync_update(ulog, indx_log);
+ retval = sync_update(ulog, indx_log);
if (retval)
return retval;
@@ -262,23 +302,6 @@ ulog_finish_update(krb5_context context, kdb_incr_update_t *upd)
return 0;
}
-/* Set the header log details on the slave and sync it to file. */
-static void
-ulog_finish_update_slave(kdb_hlog_t *ulog, kdb_last_t lastentry)
-{
- ulog->kdb_last_sno = lastentry.last_sno;
- ulog->kdb_last_time = lastentry.last_time;
- ulog_sync_header(ulog);
-}
-
-/* Delete an entry to the update log. */
-krb5_error_code
-ulog_delete_update(krb5_context context, kdb_incr_update_t *upd)
-{
- upd->kdb_deleted = TRUE;
- return ulog_add_update(context, upd);
-}
-
/* Used by the slave to update its hash db from* the incr update log. Must be
* called with lock held. */
krb5_error_code
@@ -289,7 +312,7 @@ ulog_replay(krb5_context context, kdb_incr_result_t *incr_ret, char **db_args)
int i, no_of_updates;
krb5_error_code retval;
krb5_principal dbprinc;
- kdb_last_t errlast;
+ kdb_last_t errlast, *last;
char *dbprincstr;
kdb_log_context *log_ctx;
kdb_hlog_t *ulog = NULL;
@@ -305,6 +328,7 @@ ulog_replay(krb5_context context, kdb_incr_result_t *incr_ret, char **db_args)
errlast.last_sno = (unsigned int)0;
errlast.last_time.seconds = (unsigned int)0;
errlast.last_time.useconds = (unsigned int)0;
+ last = &errlast;
retval = krb5_db_open(context, db_args,
KRB5_KDB_OPEN_RW | KRB5_KDB_SRV_TYPE_ADMIN);
@@ -348,29 +372,20 @@ ulog_replay(krb5_context context, kdb_incr_result_t *incr_ret, char **db_args)
upd++;
}
+ last = &incr_ret->lastentry;
+
cleanup:
if (fupd)
ulog_free_entries(fupd, no_of_updates);
- if (retval)
- ulog_finish_update_slave(ulog, errlast);
- else
- ulog_finish_update_slave(ulog, incr_ret->lastentry);
+ /* Record a new last serial number and timestamp in the ulog header. */
+ ulog->kdb_last_sno = last->last_sno;
+ ulog->kdb_last_time = last->last_time;
+ ulog_sync_header(ulog);
return retval;
}
-static void
-ulog_reset(kdb_hlog_t *ulog)
-{
- memset(ulog, 0, sizeof(*ulog));
- ulog->kdb_hmagic = KDB_ULOG_HDR_MAGIC;
- ulog->db_version_num = KDB_VERSION;
- ulog->kdb_state = KDB_STABLE;
- ulog->kdb_block = ULOG_BLOCK;
- time_current(&ulog->kdb_last_time);
-}
-
/* Reinitialize the log header. Locking is the caller's responsibility. */
void
ulog_init_header(krb5_context context)
@@ -379,7 +394,7 @@ ulog_init_header(krb5_context context)
kdb_hlog_t *ulog;
INIT_ULOG(context);
- ulog_reset(ulog);
+ reset_header(ulog);
ulog_sync_header(ulog);
}
@@ -499,7 +514,7 @@ ulog_map(krb5_context context, const char *logname, uint32_t ulogentries,
}
if (ulog->kdb_hmagic != KDB_ULOG_HDR_MAGIC || caller == FKLOAD) {
- ulog_reset(ulog);
+ reset_header(ulog);
if (caller != FKPROPLOG)
ulog_sync_header(ulog);
ulog_lock(context, KRB5_LOCKMODE_UNLOCK);
@@ -520,7 +535,7 @@ ulog_map(krb5_context context, const char *logname, uint32_t ulogentries,
if (ulog->kdb_num != 0 &&
(ulog->kdb_last_sno > ulog->kdb_num ||
ulog->kdb_num > ulogentries)) {
- ulog_reset(ulog);
+ reset_header(ulog);
ulog_sync_header(ulog);
}
@@ -541,7 +556,7 @@ ulog_map(krb5_context context, const char *logname, uint32_t ulogentries,
/* Get the last set of updates seen, (last+1) to n is returned. */
krb5_error_code
-ulog_get_entries(krb5_context context, kdb_last_t last,
+ulog_get_entries(krb5_context context, const kdb_last_t *last,
kdb_incr_result_t *ulog_handle)
{
XDR xdrs;
@@ -564,7 +579,7 @@ ulog_get_entries(krb5_context context, kdb_last_t last,
/* If another process terminated mid-update, reset the ulog and force full
* resyncs. */
if (ulog->kdb_state != KDB_STABLE)
- ulog_reset(ulog);
+ reset_header(ulog);
/*
* We need to lock out other processes here, such as kadmin.local, since we
@@ -579,26 +594,26 @@ ulog_get_entries(krb5_context context, kdb_last_t last,
/* If we have the same sno and timestamp, return a nil update. If a
* different timestamp, the sno was reused and we need a full resync. */
- if (last.last_sno == ulog->kdb_last_sno) {
- ulog_handle->ret = time_equal(&last.last_time, &ulog->kdb_last_time) ?
+ if (last->last_sno == ulog->kdb_last_sno) {
+ ulog_handle->ret = time_equal(&last->last_time, &ulog->kdb_last_time) ?
UPDATE_NIL : UPDATE_FULL_RESYNC_NEEDED;
goto cleanup;
}
/* We may have overflowed the update log or shrunk the log, or the client
* may have created its ulog. */
- if (last.last_sno > ulog->kdb_last_sno ||
- last.last_sno < ulog->kdb_first_sno) {
+ if (last->last_sno > ulog->kdb_last_sno ||
+ last->last_sno < ulog->kdb_first_sno) {
ulog_handle->lastentry.last_sno = ulog->kdb_last_sno;
ulog_handle->ret = UPDATE_FULL_RESYNC_NEEDED;
goto cleanup;
}
- sno = last.last_sno;
+ sno = last->last_sno;
indx = (sno - 1) % ulogentries;
- indx_log = (kdb_ent_header_t *)INDEX(ulog, indx);
+ indx_log = INDEX(ulog, indx);
- if (!time_equal(&indx_log->kdb_time, &last.last_time)) {
+ if (!time_equal(&indx_log->kdb_time, &last->last_time)) {
/* We have time stamp mismatch or we no longer have the slave's last
* sno, so we brute force it. */
ulog_handle->ret = UPDATE_FULL_RESYNC_NEEDED;
@@ -616,7 +631,7 @@ ulog_get_entries(krb5_context context, kdb_last_t last,
for (; sno < ulog->kdb_last_sno; sno++) {
indx = sno % ulogentries;
- indx_log = (kdb_ent_header_t *)INDEX(ulog, indx);
+ indx_log = INDEX(ulog, indx);
memset(upd, 0, sizeof(kdb_incr_update_t));
xdrmem_create(&xdrs, (char *)indx_log->entry_data,
@@ -657,36 +672,3 @@ ulog_set_role(krb5_context ctx, iprop_role role)
ctx->kdblog_context->iproprole = role;
return 0;
}
-
-/* Extend update log file. */
-static int
-extend_file_to(int fd, unsigned int new_size)
-{
- off_t current_offset;
- static const char zero[512];
- ssize_t wrote_size;
- size_t write_size;
-
- current_offset = lseek(fd, 0, SEEK_END);
- if (current_offset < 0)
- return -1;
- if (new_size > INT_MAX) {
- errno = EINVAL;
- return -1;
- }
- while (current_offset < (off_t)new_size) {
- write_size = new_size - current_offset;
- if (write_size > 512)
- write_size = 512;
- wrote_size = write(fd, zero, write_size);
- if (wrote_size < 0)
- return -1;
- if (wrote_size == 0) {
- errno = EINVAL;
- return -1;
- }
- current_offset += wrote_size;
- write_size = new_size - current_offset;
- }
- return 0;
-}
diff --git a/src/slave/kprop.c b/src/slave/kprop.c
index f1fcc21a77..7446c76efb 100644
--- a/src/slave/kprop.c
+++ b/src/slave/kprop.c
@@ -51,34 +51,38 @@
static char *kprop_version = KPROP_PROT_VERSION;
-char *progname = 0;
-int debug = 0;
-char *srvtab = 0;
-char *slave_host;
-char *realm = 0;
-char *file = KPROP_DEFAULT_FILE;
-
-krb5_principal my_principal; /* The Kerberos principal we'll be */
-/* running under, initialized in */
-/* get_tickets() */
-krb5_ccache ccache; /* Credentials cache which we'll be using */
-krb5_creds creds;
-krb5_address *sender_addr;
-krb5_address *receiver_addr;
-const char *port = KPROP_SERVICE;
-
-void PRS(int, char **);
-void get_tickets(krb5_context);
+static char *progname = NULL;
+static int debug = 0;
+static char *srvtab = NULL;
+static char *slave_host;
+static char *realm = NULL;
+static char *file = KPROP_DEFAULT_FILE;
+
+/* The Kerberos principal we'll be sending as, initialized in get_tickets. */
+static krb5_principal my_principal;
+
+static krb5_ccache ccache; /* Credentials cache which we'll be using */
+static krb5_creds creds;
+static krb5_address *sender_addr;
+static krb5_address *receiver_addr;
+static const char *port = KPROP_SERVICE;
+static char *dbpathname;
+
+static void parse_args(int argc, char **argv);
+static void get_tickets(krb5_context context);
static void usage(void);
-static void open_connection(krb5_context, char *, int *);
-void kerberos_authenticate(krb5_context, krb5_auth_context *,
- int, krb5_principal, krb5_creds **);
-int open_database(krb5_context, char *, int *);
-void close_database(krb5_context, int);
-void xmit_database(krb5_context, krb5_auth_context, krb5_creds *,
- int, int, int);
-void send_error(krb5_context, krb5_creds *, int, char *, krb5_error_code);
-void update_last_prop_file(char *, char *);
+static void open_connection(krb5_context context, char *host, int *fd_out);
+static void kerberos_authenticate(krb5_context context,
+ krb5_auth_context *auth_context, int fd,
+ krb5_principal me, krb5_creds **new_creds);
+static int open_database(krb5_context context, char *data_fn, int *size);
+static void close_database(krb5_context context, int fd);
+static void xmit_database(krb5_context context,
+ krb5_auth_context auth_context, krb5_creds *my_creds,
+ int fd, int database_fd, int in_database_size);
+static void send_error(krb5_context context, krb5_creds *my_creds, int fd,
+ char *err_text, krb5_error_code err_code);
+static void update_last_prop_file(char *hostname, char *file_name);
static void usage()
{
@@ -88,11 +92,9 @@ static void usage()
}
int
-main(argc, argv)
- int argc;
- char **argv;
+main(int argc, char **argv)
{
- int fd, database_fd, database_size;
+ int fd, database_fd, database_size;
krb5_error_code retval;
krb5_context context;
krb5_creds *my_creds;
@@ -104,13 +106,12 @@ main(argc, argv)
com_err(argv[0], retval, _("while initializing krb5"));
exit(1);
}
- PRS(argc, argv);
+ parse_args(argc, argv);
get_tickets(context);
database_fd = open_database(context, file, &database_size);
open_connection(context, slave_host, &fd);
- kerberos_authenticate(context, &auth_context, fd, my_principal,
- &my_creds);
+ kerberos_authenticate(context, &auth_context, fd, my_principal, &my_creds);
xmit_database(context, auth_context, my_creds, fd, database_fd,
database_size);
update_last_prop_file(slave_host, file);
@@ -120,72 +121,62 @@ main(argc, argv)
exit(0);
}
-void PRS(argc, argv)
- int argc;
- char **argv;
+static void
+parse_args(int argc, char **argv)
{
- register char *word, ch;
+ char *word, ch;
progname = *argv++;
- while (--argc && (word = *argv++)) {
- if (*word == '-') {
- word++;
- while (word && (ch = *word++)) {
- switch(ch){
- case 'r':
- if (*word)
- realm = word;
- else
- realm = *argv++;
- if (!realm)
- usage();
- word = 0;
- break;
- case 'f':
- if (*word)
- file = word;
- else
- file = *argv++;
- if (!file)
- usage();
- word = 0;
- break;
- case 'd':
- debug++;
- break;
- case 'P':
- port = (*word != '\0') ? word : *argv++;
- if (port == NULL)
- usage();
- word = 0;
- break;
- case 's':
- if (*word)
- srvtab = word;
- else
- srvtab = *argv++;
- if (!srvtab)
- usage();
- word = 0;
- break;
- default:
- usage();
- }
-
- }
- } else {
- if (slave_host)
+ while (--argc && (word = *argv++) != NULL) {
+ if (*word != '-') {
+ if (slave_host != NULL)
usage();
else
slave_host = word;
+ continue;
+ }
+ word++;
+ while (word != NULL && (ch = *word++) != '\0') {
+ switch (ch) {
+ case 'r':
+ realm = (*word != '\0') ? word : *argv++;
+ if (realm == NULL)
+ usage();
+ word = NULL;
+ break;
+ case 'f':
+ file = (*word != '\0') ? word : *argv++;
+ if (file == NULL)
+ usage();
+ word = NULL;
+ break;
+ case 'd':
+ debug++;
+ break;
+ case 'P':
+ port = (*word != '\0') ? word : *argv++;
+ if (port == NULL)
+ usage();
+ word = NULL;
+ break;
+ case 's':
+ srvtab = (*word != '\0') ? word : *argv++;
+ if (srvtab == NULL)
+ usage();
+ word = NULL;
+ break;
+ default:
+ usage();
+ }
+
}
}
- if (!slave_host)
+ if (slave_host == NULL)
usage();
}
-void get_tickets(context)
- krb5_context context;
+static void
+get_tickets(krb5_context context)
{
char const ccname[] = "MEMORY:kpropcc";
char *def_realm, *server;
@@ -193,16 +184,14 @@ void get_tickets(context)
krb5_keytab keytab = NULL;
krb5_principal server_princ = NULL;
- /*
- * Figure out what tickets we'll be using to send stuff
- */
- retval = krb5_sname_to_principal(context, NULL, NULL,
- KRB5_NT_SRV_HST, &my_principal);
+ /* Figure out what tickets we'll be using to send. */
+ retval = krb5_sname_to_principal(context, NULL, NULL, KRB5_NT_SRV_HST,
+ &my_principal);
if (retval) {
com_err(progname, errno, _("while setting client principal name"));
exit(1);
}
- if (realm) {
+ if (realm != NULL) {
retval = krb5_set_principal_realm(context, my_principal, realm);
if (retval) {
com_err(progname, errno,
@@ -226,13 +215,7 @@ void get_tickets(context)
}
}
-#if 0
- krb5_princ_type(context, my_principal) = KRB5_NT_PRINCIPAL;
-#endif
-
- /*
- * Use a memory cache to avoid possible filesystem conflicts.
- */
+ /* Use a memory cache to avoid possible filesystem conflicts. */
retval = krb5_cc_resolve(context, ccname, &ccache);
if (retval) {
com_err(progname, retval, _("while opening credential cache %s"),
@@ -246,18 +229,13 @@ void get_tickets(context)
exit(1);
}
- /*
- * Get the tickets we'll need.
- *
- * Construct the principal name for the slave host.
- */
+ /* Construct the principal name for the slave host. */
memset(&creds, 0, sizeof(creds));
- retval = krb5_sname_to_principal(context,
- slave_host, KPROP_SERVICE_NAME,
+ retval = krb5_sname_to_principal(context, slave_host, KPROP_SERVICE_NAME,
KRB5_NT_SRV_HST, &server_princ);
if (retval) {
com_err(progname, errno, _("while setting server principal name"));
- (void) krb5_cc_destroy(context, ccache);
+ krb5_cc_destroy(context, ccache);
exit(1);
}
retval = krb5_unparse_name_flags(context, server_princ,
@@ -267,35 +245,33 @@ void get_tickets(context)
exit(1);
}
- /*
- * Now fill in the client....
- */
+ /* Fill in the client. */
retval = krb5_copy_principal(context, my_principal, &creds.client);
if (retval) {
com_err(progname, retval, _("while copying client principal"));
- (void) krb5_cc_destroy(context, ccache);
+ krb5_cc_destroy(context, ccache);
exit(1);
}
- if (srvtab) {
+
+ if (srvtab != NULL) {
retval = krb5_kt_resolve(context, srvtab, &keytab);
if (retval) {
com_err(progname, retval, _("while resolving keytab"));
- (void) krb5_cc_destroy(context, ccache);
+ krb5_cc_destroy(context, ccache);
exit(1);
}
}
- retval = krb5_get_init_creds_keytab(context, &creds, my_principal,
- keytab, 0, server, NULL);
+ retval = krb5_get_init_creds_keytab(context, &creds, my_principal, keytab,
+ 0, server, NULL);
if (retval) {
com_err(progname, retval, _("while getting initial credentials\n"));
- (void) krb5_cc_destroy(context, ccache);
+ krb5_cc_destroy(context, ccache);
exit(1);
}
- if (keytab)
- (void) krb5_kt_close(context, keytab);
-
+ if (keytab != NULL)
+ krb5_kt_close(context, keytab);
krb5_free_unparsed_name(context, server);
krb5_free_principal(context, server_princ);
}
@@ -303,13 +279,12 @@ void get_tickets(context)
static void
open_connection(krb5_context context, char *host, int *fd_out)
{
- int s;
krb5_error_code retval;
GETSOCKNAME_ARG3_TYPE socket_length;
struct addrinfo hints, *res, *answers;
struct sockaddr *sa;
struct sockaddr_storage my_sin;
- int error;
+ int s, error;
*fd_out = -1;
memset(&hints, 0, sizeof(hints));
@@ -363,24 +338,20 @@ open_connection(krb5_context context, char *host, int *fd_out)
com_err(progname, errno, _("while getting local socket address"));
exit(1);
}
- sa = (struct sockaddr *) &my_sin;
+ sa = (struct sockaddr *)&my_sin;
if (sockaddr2krbaddr(context, sa->sa_family, sa, &sender_addr) != 0) {
com_err(progname, errno, _("while converting local address"));
exit(1);
}
}
-
-void kerberos_authenticate(context, auth_context, fd, me, new_creds)
- krb5_context context;
- krb5_auth_context *auth_context;
- int fd;
- krb5_principal me;
- krb5_creds ** new_creds;
+static void
+kerberos_authenticate(krb5_context context, krb5_auth_context *auth_context,
+ int fd, krb5_principal me, krb5_creds **new_creds)
{
krb5_error_code retval;
- krb5_error *error = NULL;
- krb5_ap_rep_enc_part *rep_result;
+ krb5_error *error = NULL;
+ krb5_ap_rep_enc_part *rep_result;
retval = krb5_auth_con_init(context, auth_context);
if (retval)
@@ -396,13 +367,12 @@ void kerberos_authenticate(context, auth_context, fd, me, new_creds)
exit(1);
}
- retval = krb5_sendauth(context, auth_context, (void *)&fd,
- kprop_version, me, creds.server,
- AP_OPTS_MUTUAL_REQUIRED, NULL, &creds, NULL,
- &error, &rep_result, new_creds);
+ retval = krb5_sendauth(context, auth_context, &fd, kprop_version,
+ me, creds.server, AP_OPTS_MUTUAL_REQUIRED, NULL,
+ &creds, NULL, &error, &rep_result, new_creds);
if (retval) {
com_err(progname, retval, _("while authenticating to server"));
- if (error) {
+ if (error != NULL) {
if (error->error == KRB_ERR_GENERIC) {
if (error->text.data) {
fprintf(stderr, _("Generic remote error: %s\n"),
@@ -410,7 +380,7 @@ void kerberos_authenticate(context, auth_context, fd, me, new_creds)
}
} else if (error->error) {
com_err(progname,
- (krb5_error_code) error->error + ERROR_TABLE_BASE_krb5,
+ (krb5_error_code)error->error + ERROR_TABLE_BASE_krb5,
_("signalled from server"));
if (error->text.data) {
fprintf(stderr, _("Error text from server: %s\n"),
@@ -424,7 +394,6 @@ void kerberos_authenticate(context, auth_context, fd, me, new_creds)
krb5_free_ap_rep_enc_part(context, rep_result);
}
-char * dbpathname;
/*
* Open the Kerberos database dump file. Takes care of locking it
* and making sure that the .ok file is more recent that the database
@@ -433,32 +402,27 @@ char * dbpathname;
* Returns the file descriptor of the database dump file. Also fills
* in the size of the database file.
*/
-int
-open_database(context, data_fn, size)
- krb5_context context;
- char *data_fn;
- int *size;
+static int
+open_database(krb5_context context, char *data_fn, int *size)
{
- int fd;
- int err;
- struct stat stbuf, stbuf_ok;
- char *data_ok_fn;
- static char ok[] = ".dump_ok";
+ struct stat stbuf, stbuf_ok;
+ char *data_ok_fn;
+ int fd, err;
dbpathname = strdup(data_fn);
- if (!dbpathname) {
+ if (dbpathname == NULL) {
com_err(progname, ENOMEM, _("allocating database file name '%s'"),
data_fn);
exit(1);
}
- if ((fd = open(dbpathname, O_RDONLY)) < 0) {
- com_err(progname, errno, _("while trying to open %s"),
- dbpathname);
+ fd = open(dbpathname, O_RDONLY);
+ if (fd < 0) {
+ com_err(progname, errno, _("while trying to open %s"), dbpathname);
exit(1);
}
err = krb5_lock_file(context, fd,
- KRB5_LOCKMODE_SHARED|KRB5_LOCKMODE_DONTBLOCK);
+ KRB5_LOCKMODE_SHARED | KRB5_LOCKMODE_DONTBLOCK);
if (err == EAGAIN || err == EWOULDBLOCK || errno == EACCES) {
com_err(progname, 0, _("database locked"));
exit(1);
@@ -470,7 +434,7 @@ open_database(context, data_fn, size)
com_err(progname, errno, _("while trying to stat %s"), data_fn);
exit(1);
}
- if (asprintf(&data_ok_fn, "%s%s", data_fn, ok) < 0) {
+ if (asprintf(&data_ok_fn, "%s.dump_ok", data_fn) < 0) {
com_err(progname, ENOMEM, _("while trying to malloc data_ok_fn"));
exit(1);
}
@@ -480,27 +444,25 @@ open_database(context, data_fn, size)
exit(1);
}
if (stbuf.st_mtime > stbuf_ok.st_mtime) {
- com_err(progname, 0, _("'%s' more recent than '%s'."),
- data_fn, data_ok_fn);
+ com_err(progname, 0, _("'%s' more recent than '%s'."), data_fn,
+ data_ok_fn);
exit(1);
}
free(data_ok_fn);
*size = stbuf.st_size;
- return(fd);
+ return fd;
}
-void
-close_database(context, fd)
- krb5_context context;
- int fd;
+static void
+close_database(krb5_context context, int fd)
{
int err;
+
err = krb5_lock_file(context, fd, KRB5_LOCKMODE_UNLOCK);
if (err)
com_err(progname, err, _("while unlocking database '%s'"), dbpathname);
free(dbpathname);
- (void)close(fd);
- return;
+ close(fd);
}
/*
@@ -512,34 +474,24 @@ close_database(context, fd)
* At any point in the protocol, we may send a KRB_ERROR message; this
* will abort the entire operation.
*/
-void
-xmit_database(context, auth_context, my_creds, fd, database_fd,
- in_database_size)
- krb5_context context;
- krb5_auth_context auth_context;
- krb5_creds *my_creds;
- int fd;
- int database_fd;
- int in_database_size;
+static void
+xmit_database(krb5_context context, krb5_auth_context auth_context,
+ krb5_creds *my_creds, int fd, int database_fd,
+ int in_database_size)
{
- krb5_int32 n;
- krb5_data inbuf, outbuf;
- char buf[KPROP_BUFSIZ];
+ krb5_int32 n;
+ krb5_data inbuf, outbuf;
+ char buf[KPROP_BUFSIZ];
krb5_error_code retval;
- krb5_error *error;
- /* These must be 4 bytes */
- krb5_ui_4 database_size = in_database_size;
- krb5_ui_4 send_size, sent_size;
+ krb5_error *error;
+ krb5_ui_4 database_size = in_database_size, send_size, sent_size;
- /*
- * Send over the size
- */
+ /* Send over the size. */
send_size = htonl(database_size);
- inbuf.data = (char *) &send_size;
+ inbuf.data = (char *)&send_size;
inbuf.length = sizeof(send_size); /* must be 4, really */
/* KPROP_CKSUMTYPE */
- retval = krb5_mk_safe(context, auth_context, &inbuf,
- &outbuf, NULL);
+ retval = krb5_mk_safe(context, auth_context, &inbuf, &outbuf, NULL);
if (retval) {
com_err(progname, retval, _("while encoding database size"));
send_error(context, my_creds, fd, _("while encoding database size"),
@@ -547,16 +499,15 @@ xmit_database(context, auth_context, my_creds, fd, database_fd,
exit(1);
}
- retval = krb5_write_message(context, (void *) &fd, &outbuf);
+ retval = krb5_write_message(context, &fd, &outbuf);
if (retval) {
krb5_free_data_contents(context, &outbuf);
com_err(progname, retval, _("while sending database size"));
exit(1);
}
krb5_free_data_contents(context, &outbuf);
- /*
- * Initialize the initial vector.
- */
+
+ /* Initialize the initial vector. */
retval = krb5_auth_con_initivector(context, auth_context);
if (retval) {
send_error(context, my_creds, fd,
@@ -565,15 +516,12 @@ xmit_database(context, auth_context, my_creds, fd, database_fd,
exit(1);
}
- /*
- * Send over the file, block by block....
- */
+ /* Send over the file, block by block. */
inbuf.data = buf;
sent_size = 0;
while ((n = read(database_fd, buf, sizeof(buf)))) {
inbuf.length = n;
- retval = krb5_mk_priv(context, auth_context, &inbuf,
- &outbuf, NULL);
+ retval = krb5_mk_priv(context, auth_context, &inbuf, &outbuf, NULL);
if (retval) {
snprintf(buf, sizeof(buf),
"while encoding database block starting at %d",
@@ -583,7 +531,7 @@ xmit_database(context, auth_context, my_creds, fd, database_fd,
exit(1);
}
- retval = krb5_write_message(context, (void *)&fd,&outbuf);
+ retval = krb5_write_message(context, &fd, &outbuf);
if (retval) {
krb5_free_data_contents(context, &outbuf);
com_err(progname, retval,
@@ -598,7 +546,8 @@ xmit_database(context, auth_context, my_creds, fd, database_fd,
}
if (sent_size != database_size) {
com_err(progname, 0, _("Premature EOF found for database file!"));
- send_error(context, my_creds, fd,"Premature EOF found for database file!",
+ send_error(context, my_creds, fd,
+ "Premature EOF found for database file!",
KRB5KRB_ERR_GENERIC);
exit(1);
}
@@ -607,7 +556,7 @@ xmit_database(context, auth_context, my_creds, fd, database_fd,
* OK, we've sent the database; now let's wait for a success
* indication from the remote end.
*/
- retval = krb5_read_message(context, (void *) &fd, &inbuf);
+ retval = krb5_read_message(context, &fd, &inbuf);
if (retval) {
com_err(progname, retval, _("while reading response from server"));
exit(1);
@@ -630,8 +579,7 @@ xmit_database(context, auth_context, my_creds, fd, database_fd,
}
} else if (error->error) {
com_err(progname,
- (krb5_error_code) error->error +
- ERROR_TABLE_BASE_krb5,
+ (krb5_error_code)error->error + ERROR_TABLE_BASE_krb5,
_("signalled from server"));
if (error->text.data) {
fprintf(stderr, _("Error text from server: %s\n"),
@@ -652,26 +600,20 @@ xmit_database(context, auth_context, my_creds, fd, database_fd,
memcpy(&send_size, outbuf.data, sizeof(send_size));
send_size = ntohl(send_size);
if (send_size != database_size) {
- com_err(progname, 0,
- _("Kpropd sent database size %d, expecting %d"),
+ com_err(progname, 0, _("Kpropd sent database size %d, expecting %d"),
send_size, database_size);
exit(1);
}
free(outbuf.data);
- /* inbuf.data points to local storage */
}
-void
-send_error(context, my_creds, fd, err_text, err_code)
- krb5_context context;
- krb5_creds *my_creds;
- int fd;
- char *err_text;
- krb5_error_code err_code;
+static void
+send_error(krb5_context context, krb5_creds *my_creds, int fd, char *err_text,
+ krb5_error_code err_code)
{
- krb5_error error;
- const char *text;
- krb5_data outbuf;
+ krb5_error error;
+ const char *text;
+ krb5_data outbuf;
memset(&error, 0, sizeof(error));
krb5_us_timeofday(context, &error.ctime, &error.cusec);
@@ -680,29 +622,24 @@ send_error(context, my_creds, fd, err_text, err_code)
error.error = err_code - ERROR_TABLE_BASE_krb5;
if (error.error > 127)
error.error = KRB_ERR_GENERIC;
- if (err_text)
- text = err_text;
- else
- text = error_message(err_code);
+ text = (err_text != NULL) ? err_text : error_message(err_code);
error.text.length = strlen(text) + 1;
error.text.data = strdup(text);
if (error.text.data) {
if (!krb5_mk_error(context, &error, &outbuf)) {
- (void) krb5_write_message(context, (void *)&fd,&outbuf);
+ (void)krb5_write_message(context, &fd, &outbuf);
krb5_free_data_contents(context, &outbuf);
}
free(error.text.data);
}
}
-void update_last_prop_file(hostname, file_name)
- char *hostname;
- char *file_name;
+static void
+update_last_prop_file(char *hostname, char *file_name)
{
- /* handle slave locking/failure stuff */
char *file_last_prop;
int fd;
- static char last_prop[]=".last_prop";
+ static char last_prop[] = ".last_prop";
if (asprintf(&file_last_prop, "%s.%s%s", file_name, hostname,
last_prop) < 0) {
@@ -710,7 +647,8 @@ void update_last_prop_file(hostname, file_name)
_("while allocating filename for update_last_prop_file"));
return;
}
- if ((fd = THREEPARAMOPEN(file_last_prop, O_WRONLY|O_CREAT|O_TRUNC, 0600)) < 0) {
+ fd = THREEPARAMOPEN(file_last_prop, O_WRONLY | O_CREAT | O_TRUNC, 0600);
+ if (fd < 0) {
com_err(progname, errno, _("while creating 'last_prop' file, '%s'"),
file_last_prop);
free(file_last_prop);
@@ -719,5 +657,4 @@ void update_last_prop_file(hostname, file_name)
write(fd, "", 1);
free(file_last_prop);
close(fd);
- return;
}
diff --git a/src/slave/kpropd.c b/src/slave/kpropd.c
index 7f0a308b87..afeb53fa3b 100644
--- a/src/slave/kpropd.c
+++ b/src/slave/kpropd.c
@@ -103,67 +103,71 @@ int runonce = 0;
* lib/kadm5/clnt/client_internal.h!
*/
typedef struct _kadm5_iprop_handle_t {
- krb5_ui_4 magic_number;
- krb5_ui_4 struct_version;
- krb5_ui_4 api_version;
- char *cache_name;
- int destroy_cache;
- CLIENT *clnt;
- krb5_context context;
+ krb5_ui_4 magic_number;
+ krb5_ui_4 struct_version;
+ krb5_ui_4 api_version;
+ char *cache_name;
+ int destroy_cache;
+ CLIENT *clnt;
+ krb5_context context;
kadm5_config_params params;
struct _kadm5_iprop_handle_t *lhandle;
} *kadm5_iprop_handle_t;
-
static char *kprop_version = KPROP_PROT_VERSION;
static kadm5_config_params params;
-char *progname;
-int debug = 0;
-int nodaemon = 0;
-char *srvtab = 0;
-int standalone = 0;
-
-pid_t fullprop_child = (pid_t)-1;
-
-krb5_principal server; /* This is our server principal name */
-krb5_principal client; /* This is who we're talking to */
-krb5_context kpropd_context;
-krb5_auth_context auth_context;
-char *realm = NULL; /* Our realm */
-char *file = KPROPD_DEFAULT_FILE;
-char *temp_file_name;
-char *kdb5_util = KPROPD_DEFAULT_KDB5_UTIL;
-char *kerb_database = NULL;
-char *acl_file_name = KPROPD_ACL_FILE;
-
-krb5_address *sender_addr;
-krb5_address *receiver_addr;
-const char *port = KPROP_SERVICE;
-
-char **db_args = NULL;
-int db_args_size = 0;
-
-void PRS(char**);
-void do_standalone(void);
-void doit(int);
-krb5_error_code do_iprop(kdb_log_context *log_ctx);
-void kerberos_authenticate(krb5_context, int, krb5_principal *,
- krb5_enctype *, struct sockaddr_storage *);
-krb5_boolean authorized_principal(krb5_context, krb5_principal, krb5_enctype);
-void recv_database(krb5_context, int, int, krb5_data *);
-void load_database(krb5_context, char *, char *);
-void send_error(krb5_context, int, krb5_error_code, char *);
-void recv_error(krb5_context, krb5_data *);
-unsigned int backoff_from_master(int *);
-
-static kadm5_ret_t
-kadm5_get_kiprop_host_srv_name(krb5_context context,
- const char *realm_name,
- char **host_service_name);
+static char *progname;
+static int debug = 0;
+static int nodaemon = 0;
+static char *srvtab = NULL;
+static int standalone = 0;
+
+static pid_t fullprop_child = (pid_t)-1;
+
+static krb5_principal server; /* This is our server principal name */
+static krb5_principal client; /* This is who we're talking to */
+static krb5_context kpropd_context;
+static krb5_auth_context auth_context;
+static char *realm = NULL; /* Our realm */
+static char *file = KPROPD_DEFAULT_FILE;
+static char *temp_file_name;
+static char *kdb5_util = KPROPD_DEFAULT_KDB5_UTIL;
+static char *kerb_database = NULL;
+static char *acl_file_name = KPROPD_ACL_FILE;
+
+static krb5_address *sender_addr;
+static krb5_address *receiver_addr;
+static const char *port = KPROP_SERVICE;
+
+static char **db_args = NULL;
+static int db_args_size = 0;
+
+static void parse_args(char **argv);
+static void do_standalone(void);
+static void doit(int fd);
+static krb5_error_code do_iprop(kdb_log_context *log_ctx);
+static void kerberos_authenticate(krb5_context context, int fd,
+ krb5_principal *clientp, krb5_enctype *etype,
+ struct sockaddr_storage *my_sin);
+static krb5_boolean authorized_principal(krb5_context context,
+ krb5_principal p,
+ krb5_enctype auth_etype);
+static void recv_database(krb5_context context, int fd, int database_fd,
+ krb5_data *confmsg);
+static void load_database(krb5_context context, char *kdb_util,
+ char *database_file_name);
+static void send_error(krb5_context context, int fd, krb5_error_code err_code,
+ char *err_text);
+static void recv_error(krb5_context context, krb5_data *inbuf);
+static unsigned int backoff_from_master(int *cnt);
+static kadm5_ret_t kadm5_get_kiprop_host_srv_name(krb5_context context,
+ const char *realm_name,
+ char **host_service_name);
-static void usage()
+static void
+usage()
{
fprintf(stderr,
_("\nUsage: %s [-r realm] [-s srvtab] [-dS] [-f slave_file]\n"),
@@ -180,6 +184,7 @@ signal_wrapper(int sig, sig_handler_fn handler)
{
#ifdef POSIX_SIGNALS
struct sigaction s_action;
+
memset(&s_action, 0, sizeof(s_action));
sigemptyset(&s_action.sa_mask);
s_action.sa_handler = handler;
@@ -193,6 +198,7 @@ static void
alarm_handler(int sig)
{
static char *timeout_msg = "Full propagation timed out\n";
+
write(STDERR_FILENO, timeout_msg, strlen(timeout_msg));
exit(1);
}
@@ -226,9 +232,7 @@ atexit_kill_do_standalone(void)
}
int
-main(argc, argv)
- int argc;
- char **argv;
+main(int argc, char **argv)
{
krb5_error_code retval;
kdb_log_context *log_ctx;
@@ -236,7 +240,7 @@ main(argc, argv)
struct stat st;
setlocale(LC_ALL, "");
- PRS(argv);
+ parse_args(argv);
if (fstat(0, &st) == -1) {
com_err(progname, errno, _("while checking if stdin is a socket"));
@@ -349,20 +353,19 @@ get_wildcard_addr(struct addrinfo **res)
return getaddrinfo(NULL, port, &hints, res);
}
-void
+static void
do_standalone()
{
- struct sockaddr_in frominet;
+ struct sockaddr_in frominet;
struct addrinfo *res;
- int finet, s;
GETPEERNAME_ARG3_TYPE fromlen;
- int ret, error, val, status;
+ int finet, s, ret, error, val, status;
pid_t child_pid;
pid_t wait_pid;
error = get_wildcard_addr(&res);
if (error != 0) {
- (void) fprintf(stderr, _("getaddrinfo: %s\n"), gai_strerror(error));
+ fprintf(stderr, _("getaddrinfo: %s\n"), gai_strerror(error));
exit(1);
}
@@ -385,7 +388,8 @@ do_standalone()
com_err(progname, errno, _("while unsetting IPV6_V6ONLY option"));
#endif
- if ((ret = bind(finet, res->ai_addr, res->ai_addrlen)) < 0) {
+ ret = bind(finet, res->ai_addr, res->ai_addrlen);
+ if (ret < 0) {
com_err(progname, errno, _("while binding listener socket"));
exit(1);
}
@@ -393,7 +397,7 @@ do_standalone()
com_err(progname, errno, "in listen call");
exit(1);
}
- while (1) {
+ for (;;) {
memset(&frominet, 0, sizeof(frominet));
fromlen = sizeof(frominet);
if (debug)
@@ -403,8 +407,7 @@ do_standalone()
if (s < 0) {
int e = errno;
if (e != EINTR) {
- com_err(progname, e,
- _("while accepting connection"));
+ com_err(progname, e, _("while accepting connection"));
}
}
child_pid = fork();
@@ -413,7 +416,7 @@ do_standalone()
com_err(progname, errno, _("while forking"));
exit(1);
case 0:
- (void) close(finet);
+ close(finet);
doit(s);
close(s);
@@ -446,8 +449,8 @@ do_standalone()
exit(0);
}
-void doit(fd)
- int fd;
+static void
+doit(int fd)
{
struct sockaddr_storage from;
int on = 1;
@@ -458,12 +461,12 @@ void doit(fd)
mode_t omask;
krb5_enctype etype;
int database_fd;
- char host[INET6_ADDRSTRLEN+1];
+ char host[INET6_ADDRSTRLEN + 1];
signal_wrapper(SIGALRM, alarm_handler);
alarm(params.iprop_resync_timeout);
- fromlen = sizeof (from);
- if (getpeername(fd, (struct sockaddr *) &from, &fromlen) < 0) {
+ fromlen = sizeof(from);
+ if (getpeername(fd, (struct sockaddr *)&from, &fromlen) < 0) {
#ifdef ENOTSOCK
if (errno == ENOTSOCK && fd == 0 && !standalone) {
fprintf(stderr,
@@ -479,7 +482,7 @@ void doit(fd)
exit(1);
}
if (setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, (caddr_t) &on,
- sizeof (on)) < 0) {
+ sizeof(on)) < 0) {
com_err(progname, errno,
_("while attempting setsockopt (SO_KEEPALIVE)"));
}
@@ -497,12 +500,11 @@ void doit(fd)
kerberos_authenticate(kpropd_context, fd, &client, &etype, &from);
if (!authorized_principal(kpropd_context, client, etype)) {
- char *name;
+ char *name;
retval = krb5_unparse_name(kpropd_context, client, &name);
if (retval) {
- com_err(progname, retval,
- "While unparsing client name");
+ com_err(progname, retval, "While unparsing client name");
exit(1);
}
if (debug) {
@@ -517,17 +519,17 @@ void doit(fd)
exit(1);
}
omask = umask(077);
- lock_fd = open(temp_file_name, O_RDWR|O_CREAT, 0600);
- (void) umask(omask);
+ lock_fd = open(temp_file_name, O_RDWR | O_CREAT, 0600);
+ (void)umask(omask);
retval = krb5_lock_file(kpropd_context, lock_fd,
- KRB5_LOCKMODE_EXCLUSIVE|KRB5_LOCKMODE_DONTBLOCK);
+ KRB5_LOCKMODE_EXCLUSIVE | KRB5_LOCKMODE_DONTBLOCK);
if (retval) {
com_err(progname, retval, _("while trying to lock '%s'"),
temp_file_name);
exit(1);
}
- if ((database_fd = open(temp_file_name,
- O_WRONLY|O_CREAT|O_TRUNC, 0600)) < 0) {
+ database_fd = open(temp_file_name, O_WRONLY | O_CREAT | O_TRUNC, 0600);
+ if (database_fd < 0) {
com_err(progname, errno, _("while opening database file, '%s'"),
temp_file_name);
exit(1);
@@ -550,13 +552,13 @@ void doit(fd)
com_err(progname, retval, _("while unlocking '%s'"), temp_file_name);
exit(1);
}
- (void)close(lock_fd);
+ close(lock_fd);
/*
* Send the acknowledgement message generated in
* recv_database, then close the socket.
*/
- retval = krb5_write_message(kpropd_context, (void *) &fd, &confmsg);
+ retval = krb5_write_message(kpropd_context, &fd, &confmsg);
if (retval) {
krb5_free_data_contents(kpropd_context, &confmsg);
com_err(progname, retval, _("while sending # of received bytes"));
@@ -584,19 +586,14 @@ full_resync(CLIENT *clnt)
memset(&clnt_res, 0, sizeof(clnt_res));
- status = clnt_call (clnt, IPROP_FULL_RESYNC_EXT,
- (xdrproc_t) xdr_u_int32,
- (caddr_t) &vers,
- (xdrproc_t) xdr_kdb_fullresync_result_t,
- (caddr_t) &clnt_res,
- full_resync_timeout);
+ status = clnt_call(clnt, IPROP_FULL_RESYNC_EXT, (xdrproc_t)xdr_u_int32,
+ (caddr_t)&vers, (xdrproc_t)xdr_kdb_fullresync_result_t,
+ (caddr_t)&clnt_res, full_resync_timeout);
if (status == RPC_PROCUNAVAIL) {
- status = clnt_call (clnt, IPROP_FULL_RESYNC,
- (xdrproc_t) xdr_void,
- (caddr_t *)&vers,
- (xdrproc_t) xdr_kdb_fullresync_result_t,
- (caddr_t) &clnt_res,
- full_resync_timeout);
+ status = clnt_call(clnt, IPROP_FULL_RESYNC, (xdrproc_t)xdr_void,
+ (caddr_t *)&vers,
+ (xdrproc_t)xdr_kdb_fullresync_result_t,
+ (caddr_t)&clnt_res, full_resync_timeout);
}
return (status == RPC_SUCCESS) ? &clnt_res : NULL;
@@ -612,24 +609,17 @@ krb5_error_code
do_iprop(kdb_log_context *log_ctx)
{
kadm5_ret_t retval;
- krb5_ccache cc;
krb5_principal iprop_svc_principal;
void *server_handle = NULL;
- char *iprop_svc_princstr = NULL;
- char *master_svc_princstr = NULL;
+ char *iprop_svc_princstr = NULL, *master_svc_princstr = NULL;
unsigned int pollin, backoff_time;
- int backoff_cnt = 0;
- int reinit_cnt = 0;
+ int backoff_cnt = 0, reinit_cnt = 0;
struct timeval iprop_start, iprop_end;
unsigned long usec;
- time_t frrequested = 0;
- time_t now;
-
+ time_t frrequested = 0, now;
kdb_incr_result_t *incr_ret;
kdb_last_t mylast;
-
kdb_fullresync_result_t *full_ret;
-
kadm5_iprop_handle_t handle;
kdb_hlog_t *ulog;
@@ -642,14 +632,11 @@ do_iprop(kdb_log_context *log_ctx)
if (pollin == 0)
pollin = 10;
- /*
- * Grab the realm info and check if iprop is enabled.
- */
+ /* Grab the realm info and check if iprop is enabled. */
if (def_realm == NULL) {
retval = krb5_get_default_realm(kpropd_context, &def_realm);
if (retval) {
- com_err(progname, retval,
- _("Unable to get default realm"));
+ com_err(progname, retval, _("Unable to get default realm"));
return retval;
}
}
@@ -658,9 +645,9 @@ do_iprop(kdb_log_context *log_ctx)
params.realm = def_realm;
if (master_svc_princstr == NULL) {
- if ((retval = kadm5_get_kiprop_host_srv_name(kpropd_context,
- def_realm,
- &master_svc_princstr))) {
+ retval = kadm5_get_kiprop_host_srv_name(kpropd_context, def_realm,
+ &master_svc_princstr);
+ if (retval) {
com_err(progname, retval,
_("%s: unable to get kiprop host based "
"service name for realm %s\n"),
@@ -669,16 +656,6 @@ do_iprop(kdb_log_context *log_ctx)
}
}
- /*
- * Set cc to the default credentials cache
- */
- if ((retval = krb5_cc_default(kpropd_context, &cc))) {
- com_err(progname, retval,
- _("while opening default "
- "credentials cache"));
- return retval;
- }
-
retval = krb5_sname_to_principal(kpropd_context, NULL, KIPROP_SVC_NAME,
KRB5_NT_SRV_HST, &iprop_svc_principal);
if (retval) {
@@ -702,8 +679,9 @@ do_iprop(kdb_log_context *log_ctx)
}
/* XXX Memory leak: Old r->data value. */
}
- if ((retval = krb5_unparse_name(kpropd_context, iprop_svc_principal,
- &iprop_svc_princstr))) {
+ retval = krb5_unparse_name(kpropd_context, iprop_svc_principal,
+ &iprop_svc_princstr);
+ if (retval) {
com_err(progname, retval,
_("while canonicalizing principal name"));
krb5_free_principal(kpropd_context, iprop_svc_principal);
@@ -734,9 +712,9 @@ reinit:
if (retval == KADM5_RPC_ERROR) {
reinit_cnt++;
if (server_handle)
- kadm5_destroy((void *) server_handle);
- server_handle = (void *)NULL;
- handle = (kadm5_iprop_handle_t)NULL;
+ kadm5_destroy(server_handle);
+ server_handle = NULL;
+ handle = NULL;
com_err(progname, retval, _(
"while attempting to connect"
@@ -746,7 +724,7 @@ reinit:
fprintf(stderr, _("Sleeping %d seconds to re-initialize "
"kadm5 (RPC ERROR)\n"), backoff_time);
}
- (void) sleep(backoff_time);
+ sleep(backoff_time);
goto reinit;
} else {
if (retval == KADM5_BAD_CLIENT_PARAMS ||
@@ -810,8 +788,8 @@ reinit:
clnt_perror(handle->clnt,
_("iprop_get_updates call failed"));
if (server_handle)
- kadm5_destroy((void *)server_handle);
- server_handle = (void *)NULL;
+ kadm5_destroy(server_handle);
+ server_handle = NULL;
handle = (kadm5_iprop_handle_t)NULL;
if (debug) {
fprintf(stderr, _("Reinitializing iprop because get updates "
@@ -844,15 +822,12 @@ reinit:
syslog(LOG_INFO, _("kpropd: Full resync needed."));
full_ret = full_resync(handle->clnt);
- if (full_ret == (kdb_fullresync_result_t *)
- NULL) {
+ if (full_ret == NULL) {
clnt_perror(handle->clnt,
_("iprop_full_resync call failed"));
- if (server_handle)
- kadm5_destroy((void *)
- server_handle);
- server_handle = (void *)NULL;
- handle = (kadm5_iprop_handle_t)NULL;
+ kadm5_destroy(server_handle);
+ server_handle = NULL;
+ handle = NULL;
goto reinit;
}
}
@@ -912,8 +887,7 @@ reinit:
fprintf(stderr,
_("Got incremental updates from the master\n"));
}
- retval = ulog_replay(kpropd_context, incr_ret,
- db_args);
+ retval = ulog_replay(kpropd_context, incr_ret, db_args);
if (retval) {
const char *msg =
@@ -994,13 +968,13 @@ reinit:
"from master, backoff for %d secs\n"),
backoff_time);
}
- (void) sleep(backoff_time);
+ sleep(backoff_time);
} else {
if (debug) {
fprintf(stderr, _("Waiting for %d seconds before checking "
"for updates again\n"), pollin);
}
- (void) sleep(pollin);
+ sleep(pollin);
}
}
@@ -1011,32 +985,20 @@ error:
fprintf(stderr, _("ERROR returned by master, bailing\n"));
syslog(LOG_ERR, _("ERROR returned by master KDC, bailing.\n"));
done:
- if(iprop_svc_princstr)
- free(iprop_svc_princstr);
- if (master_svc_princstr)
- free(master_svc_princstr);
- if ((retval = krb5_cc_close(kpropd_context, cc))) {
- com_err(progname, retval, _("while closing default ccache"));
- return retval;
- }
- if (def_realm && kpropd_context)
- krb5_free_default_realm(kpropd_context, def_realm);
- if (server_handle)
- kadm5_destroy((void *)server_handle);
- if (kpropd_context)
- krb5_free_context(kpropd_context);
-
- if (runonce == 1)
- return (0);
- else
- return 1;
+ free(iprop_svc_princstr);
+ free(master_svc_princstr);
+ krb5_free_default_realm(kpropd_context, def_realm);
+ kadm5_destroy(server_handle);
+ krb5_free_context(kpropd_context);
+
+ return (runonce == 1) ? 0 : 1;
}
-/*
- * Do exponential backoff, since master KDC is BUSY or down
- */
-unsigned int backoff_from_master(int *cnt) {
+/* Do exponential backoff, since master KDC is BUSY or down. */
+static unsigned int
+backoff_from_master(int *cnt)
+{
unsigned int btime;
btime = (unsigned int)(2<<(*cnt));
@@ -1045,13 +1007,11 @@ unsigned int backoff_from_master(int *cnt) {
(*cnt)--;
}
- return (btime);
+ return btime;
}
static void
-kpropd_com_err_proc(const char *whoami,
- long code,
- const char *fmt,
+kpropd_com_err_proc(const char *whoami, long code, const char *fmt,
va_list args)
#if !defined(__cplusplus) && (__GNUC__ > 2)
__attribute__((__format__(__printf__, 3, 0)))
@@ -1059,12 +1019,10 @@ kpropd_com_err_proc(const char *whoami,
;
static void
-kpropd_com_err_proc(const char *whoami,
- long code,
- const char *fmt,
+kpropd_com_err_proc(const char *whoami, long code, const char *fmt,
va_list args)
{
- char error_buf[8096];
+ char error_buf[8096];
error_buf[0] = '\0';
if (fmt)
@@ -1073,15 +1031,13 @@ kpropd_com_err_proc(const char *whoami,
code ? error_message(code) : "", code ? " " : "", error_buf);
}
-void PRS(argv)
- char **argv;
+static void
+parse_args(char **argv)
{
- register char *word, ch;
+ char **newargs, *word, ch;
krb5_error_code retval;
- static const char tmp[] = ".temp";
- kdb_log_context *log_ctx;
- (void) memset(&params, 0, sizeof (params));
+ memset(&params, 0, sizeof(params));
/* Since we may modify the KDB with ulog_replay(), we must read the KDC
* profile. */
@@ -1092,148 +1048,116 @@ void PRS(argv)
}
progname = *argv++;
- while ((word = *argv++)) {
- if (*word == '-') {
- word++;
- while (word && (ch = *word++)) {
- switch(ch){
- case 'f':
- if (*word)
- file = word;
- else
- file = *argv++;
- if (!file)
- usage();
- word = 0;
- break;
- case 'F':
- if (*word)
- kerb_database = word;
- else
- kerb_database = *argv++;
- if (!kerb_database)
- usage();
- word = 0;
- break;
- case 'p':
- if (*word)
- kdb5_util = word;
- else
- kdb5_util = *argv++;
- if (!kdb5_util)
- usage();
- word = 0;
- break;
- case 'P':
- port = (*word != '\0') ? word : *argv++;
- if (port == NULL)
- usage();
- word = 0;
- break;
- case 'r':
- if (*word)
- realm = word;
- else
- realm = *argv++;
- if (!realm)
- usage();
- word = 0;
- break;
- case 's':
- if (*word)
- srvtab = word;
- else
- srvtab = *argv++;
- if (!srvtab)
- usage();
- word = 0;
- break;
- case 'D':
- nodaemon++;
- break;
- case 'd':
- debug++;
- break;
- case 'S':
- /* Standalone mode is now auto-detected; see main(). */
- break;
- case 'a':
- if (*word)
- acl_file_name = word;
- else
- acl_file_name = *argv++;
- if (!acl_file_name)
- usage();
- word = 0;
- break;
-
- case 't':
- /*
- * Undocumented option - for testing only.
- *
- * Option to run the kpropd server exactly
- * once.
- */
- runonce = 1;
- break;
-
- case 'x':
- {
- char **new_db_args;
- new_db_args = realloc(db_args,
- (db_args_size+2)*sizeof(*db_args));
- if (new_db_args == NULL) {
- com_err(argv[0], errno, _("copying db args"));
- exit(1);
- }
- db_args = new_db_args;
- if (*word)
- db_args[db_args_size] = word;
- else
- db_args[db_args_size] = *argv++;
- word = 0;
- if (db_args[db_args_size] == NULL)
- usage();
- db_args[db_args_size+1] = NULL;
- db_args_size++;
- break;
- }
+ while ((word = *argv++) != NULL) {
+ /* We don't take any arguments, only options */
+ if (*word != '-')
+ usage();
- default:
+ word++;
+ while (word != NULL && (ch = *word++) != '\0') {
+ switch (ch) {
+ case 'f':
+ file = (*word != '\0') ? word : *argv++;
+ if (file == NULL)
+ usage();
+ word = NULL;
+ break;
+ case 'F':
+ kerb_database = (*word != '\0') ? word : *argv++;
+ if (kerb_database == NULL)
+ usage();
+ word = NULL;
+ break;
+ case 'p':
+ kdb5_util = (*word != '\0') ? word : *argv++;
+ if (kdb5_util == NULL)
usage();
+ word = NULL;
+ break;
+ case 'P':
+ port = (*word != '\0') ? word : *argv++;
+ if (port == NULL)
+ usage();
+ word = NULL;
+ break;
+ case 'r':
+ realm = (*word != '\0') ? word : *argv++;
+ if (realm == NULL)
+ usage();
+ word = NULL;
+ break;
+ case 's':
+ srvtab = (*word != '\0') ? word : *argv++;
+ if (srvtab == NULL)
+ usage();
+ word = NULL;
+ break;
+ case 'D':
+ nodaemon++;
+ break;
+ case 'd':
+ debug++;
+ break;
+ case 'S':
+ /* Standalone mode is now auto-detected; see main(). */
+ break;
+ case 'a':
+ acl_file_name = (*word != '\0') ? word : *argv++;
+ if (acl_file_name == NULL)
+ usage();
+ word = NULL;
+ break;
+
+ case 't':
+ /* Undocumented option - for testing only. Run the kpropd
+ * server exactly once. */
+ runonce = 1;
+ break;
+
+ case 'x':
+ newargs = realloc(db_args,
+ (db_args_size + 2) * sizeof(*db_args));
+ if (newargs == NULL) {
+ com_err(argv[0], errno, _("copying db args"));
+ exit(1);
}
+ db_args = newargs;
+ db_args[db_args_size] = (*word != '\0') ? word : *argv++;
+ if (db_args[db_args_size] == NULL)
+ usage();
+ word = NULL;
+ db_args[db_args_size + 1] = NULL;
+ db_args_size++;
+ break;
+ default:
+ usage();
}
- } else
- /* We don't take any arguments, only options */
- usage();
+ }
}
+
openlog("kpropd", LOG_PID | LOG_ODELAY, SYSLOG_CLASS);
if (!debug)
set_com_err_hook(kpropd_com_err_proc);
- /*
- * Get my hostname, so we can construct my service name
- */
- retval = krb5_sname_to_principal(kpropd_context,
- NULL, KPROP_SERVICE_NAME,
+
+ /* Construct service name from local hostname. */
+ retval = krb5_sname_to_principal(kpropd_context, NULL, KPROP_SERVICE_NAME,
KRB5_NT_SRV_HST, &server);
if (retval) {
com_err(progname, retval,
_("while trying to construct my service name"));
exit(1);
}
- if (realm) {
+ if (realm != NULL) {
retval = krb5_set_principal_realm(kpropd_context, server, realm);
if (retval) {
- com_err(progname, errno,
- _("while constructing my service realm"));
+ com_err(progname, errno, _("while constructing my service realm"));
exit(1);
}
}
- /*
- * Construct the name of the temporary file.
- */
- if (asprintf(&temp_file_name, "%s%s", file, tmp) < 0) {
+
+ /* Construct the name of the temporary file. */
+ if (asprintf(&temp_file_name, "%s.temp", file) < 0) {
com_err(progname, ENOMEM,
_("while allocating filename for temp file"));
exit(1);
@@ -1249,51 +1173,40 @@ void PRS(argv)
if (ulog_map(kpropd_context, params.iprop_logfile,
params.iprop_ulogsize, FKPROPD, db_args)) {
- com_err(progname, errno,
- _("Unable to map log!\n"));
+ com_err(progname, errno, _("Unable to map log!\n"));
exit(1);
}
}
- log_ctx = kpropd_context->kdblog_context;
- if (log_ctx && (log_ctx->iproprole == IPROP_SLAVE))
- ulog_set_role(kpropd_context, IPROP_SLAVE);
}
/*
* Figure out who's calling on the other end of the connection....
*/
-void
-kerberos_authenticate(context, fd, clientp, etype, my_sin)
- krb5_context context;
- int fd;
- krb5_principal * clientp;
- krb5_enctype * etype;
- struct sockaddr_storage * my_sin;
+static void
+kerberos_authenticate(krb5_context context, int fd, krb5_principal *clientp,
+ krb5_enctype *etype, struct sockaddr_storage *my_sin)
{
- krb5_error_code retval;
- krb5_ticket * ticket;
- struct sockaddr_storage r_sin;
+ krb5_error_code retval;
+ krb5_ticket *ticket;
+ struct sockaddr_storage r_sin;
GETSOCKNAME_ARG3_TYPE sin_length;
- krb5_keytab keytab = NULL;
+ krb5_keytab keytab = NULL;
+ char *name, etypebuf[100];
- /*
- * Set recv_addr and send_addr
- */
- sockaddr2krbaddr(context, my_sin->ss_family, (struct sockaddr *) my_sin,
+ /* Set recv_addr and send_addr. */
+ sockaddr2krbaddr(context, my_sin->ss_family, (struct sockaddr *)my_sin,
&sender_addr);
sin_length = sizeof(r_sin);
- if (getsockname(fd, (struct sockaddr *) &r_sin, &sin_length)) {
+ if (getsockname(fd, (struct sockaddr *)&r_sin, &sin_length)) {
com_err(progname, errno, _("while getting local socket address"));
exit(1);
}
- sockaddr2krbaddr(context, r_sin.ss_family, (struct sockaddr *) &r_sin,
+ sockaddr2krbaddr(context, r_sin.ss_family, (struct sockaddr *)&r_sin,
&receiver_addr);
if (debug) {
- char *name;
-
retval = krb5_unparse_name(context, server, &name);
if (retval) {
com_err(progname, retval, _("while unparsing client name"));
@@ -1327,7 +1240,7 @@ kerberos_authenticate(context, fd, clientp, etype, my_sin)
exit(1);
}
- if (srvtab) {
+ if (srvtab != NULL) {
retval = krb5_kt_resolve(context, srvtab, &keytab);
if (retval) {
syslog(LOG_ERR, _("Error in krb5_kt_resolve: %s"),
@@ -1336,8 +1249,8 @@ kerberos_authenticate(context, fd, clientp, etype, my_sin)
}
}
- retval = krb5_recvauth(context, &auth_context, (void *) &fd,
- kprop_version, server, 0, keytab, &ticket);
+ retval = krb5_recvauth(context, &auth_context, &fd, kprop_version, server,
+ 0, keytab, &ticket);
if (retval) {
syslog(LOG_ERR, _("Error in krb5_recvauth: %s"),
error_message(retval));
@@ -1354,9 +1267,6 @@ kerberos_authenticate(context, fd, clientp, etype, my_sin)
*etype = ticket->enc_part.enctype;
if (debug) {
- char * name;
- char etypebuf[100];
-
retval = krb5_unparse_name(context, *clientp, &name);
if (retval) {
com_err(progname, retval, _("while unparsing client name"));
@@ -1377,25 +1287,22 @@ kerberos_authenticate(context, fd, clientp, etype, my_sin)
krb5_free_ticket(context, ticket);
}
-krb5_boolean
-authorized_principal(context, p, auth_etype)
- krb5_context context;
- krb5_principal p;
- krb5_enctype auth_etype;
+static krb5_boolean
+authorized_principal(krb5_context context, krb5_principal p,
+ krb5_enctype auth_etype)
{
- char *name, *ptr;
- char buf[1024];
- krb5_error_code retval;
- FILE *acl_file;
- int end;
- krb5_enctype acl_etype;
+ char *name, *ptr, buf[1024];
+ krb5_error_code retval;
+ FILE *acl_file;
+ int end;
+ krb5_enctype acl_etype;
retval = krb5_unparse_name(context, p, &name);
if (retval)
return FALSE;
acl_file = fopen(acl_file_name, "r");
- if (!acl_file)
+ if (acl_file == NULL)
return FALSE;
while (!feof(acl_file)) {
@@ -1405,22 +1312,23 @@ authorized_principal(context, p, auth_etype)
if (buf[end] == '\n')
buf[end] = '\0';
if (!strncmp(name, buf, strlen(name))) {
- ptr = buf+strlen(name);
+ ptr = buf + strlen(name);
- /* if the next character is not whitespace or nul, then
- the match is only partial. continue on to new lines. */
- if (*ptr && !isspace((int) *ptr))
+ /* If the next character is not whitespace or null, then the match
+ * is only partial. Continue on to new lines. */
+ if (*ptr != '\0' && !isspace((int)*ptr))
continue;
- /* otherwise, skip trailing whitespace */
- for (; *ptr && isspace((int) *ptr); ptr++) ;
-
- /* now, look for an etype string. if there isn't one,
- return true. if there is an invalid string, continue.
- If there is a valid string, return true only if it
- matches the etype passed in, otherwise continue */
+ /* Otherwise, skip trailing whitespace. */
+ for (; *ptr != '\0' && isspace((int)*ptr); ptr++) ;
- if ((*ptr) &&
+ /*
+ * Now, look for an etype string. If there isn't one, return true.
+ * If there is an invalid string, continue. If there is a valid
+ * string, return true only if it matches the etype passed in,
+ * otherwise continue.
+ */
+ if (*ptr != '\0' &&
((retval = krb5_string_to_enctype(ptr, &acl_etype)) ||
(acl_etype != auth_etype)))
continue;
@@ -1435,23 +1343,18 @@ authorized_principal(context, p, auth_etype)
return FALSE;
}
-void
-recv_database(context, fd, database_fd, confmsg)
- krb5_context context;
- int fd;
- int database_fd;
- krb5_data *confmsg;
+static void
+recv_database(krb5_context context, int fd, int database_fd,
+ krb5_data *confmsg)
{
- krb5_ui_4 database_size, received_size;
- int n;
- char buf[1024];
- krb5_data inbuf, outbuf;
+ krb5_ui_4 database_size, received_size;
+ int n;
+ char buf[1024];
+ krb5_data inbuf, outbuf;
krb5_error_code retval;
- /*
- * Receive and decode size from client
- */
- retval = krb5_read_message(context, (void *) &fd, &inbuf);
+ /* Receive and decode size from client. */
+ retval = krb5_read_message(context, &fd, &inbuf);
if (retval) {
send_error(context, fd, retval, "while reading database size");
com_err(progname, retval,
@@ -1462,8 +1365,7 @@ recv_database(context, fd, database_fd, confmsg)
recv_error(context, &inbuf);
retval = krb5_rd_safe(context,auth_context,&inbuf,&outbuf,NULL);
if (retval) {
- send_error(context, fd, retval,
- "while decoding database size");
+ send_error(context, fd, retval, "while decoding database size");
krb5_free_data_contents(context, &inbuf);
com_err(progname, retval,
_("while decoding database size from client"));
@@ -1474,9 +1376,7 @@ recv_database(context, fd, database_fd, confmsg)
krb5_free_data_contents(context, &outbuf);
database_size = ntohl(database_size);
- /*
- * Initialize the initial vector.
- */
+ /* Initialize the initial vector. */
retval = krb5_auth_con_initivector(context, auth_context);
if (retval) {
send_error(context, fd, retval,
@@ -1488,12 +1388,10 @@ recv_database(context, fd, database_fd, confmsg)
if (debug)
fprintf(stderr, _("Full propagation transfer started.\n"));
- /*
- * Now start receiving the database from the net
- */
+ /* Now start receiving the database from the net. */
received_size = 0;
while (received_size < database_size) {
- retval = krb5_read_message(context, (void *) &fd, &inbuf);
+ retval = krb5_read_message(context, &fd, &inbuf);
if (retval) {
snprintf(buf, sizeof(buf),
"while reading database block starting at offset %d",
@@ -1504,8 +1402,7 @@ recv_database(context, fd, database_fd, confmsg)
}
if (krb5_is_krb_error(&inbuf))
recv_error(context, &inbuf);
- retval = krb5_rd_priv(context, auth_context, &inbuf,
- &outbuf, NULL);
+ retval = krb5_rd_priv(context, auth_context, &inbuf, &outbuf, NULL);
if (retval) {
snprintf(buf, sizeof(buf),
"while decoding database block starting at offset %d",
@@ -1525,15 +1422,15 @@ recv_database(context, fd, database_fd, confmsg)
send_error(context, fd, errno, buf);
} else if ((unsigned int)n != outbuf.length) {
snprintf(buf, sizeof(buf),
- "incomplete write while writing database block starting at \noffset %d (%d written, %d expected)",
+ "incomplete write while writing database block starting "
+ "at \noffset %d (%d written, %d expected)",
received_size, n, outbuf.length);
send_error(context, fd, KRB5KRB_ERR_GENERIC, buf);
}
received_size += outbuf.length;
}
- /*
- * OK, we've seen the entire file. Did we get too many bytes?
- */
+
+ /* OK, we've seen the entire file. Did we get too many bytes? */
if (received_size > database_size) {
snprintf(buf, sizeof(buf),
"Received %d bytes, expected %d bytes for database file",
@@ -1544,52 +1441,42 @@ recv_database(context, fd, database_fd, confmsg)
if (debug)
fprintf(stderr, _("Full propagation transfer finished.\n"));
- /*
- * Create message acknowledging number of bytes received, but
- * don't send it until kdb5_util returns successfully.
- */
+ /* Create message acknowledging number of bytes received, but
+ * don't send it until kdb5_util returns successfully. */
database_size = htonl(database_size);
- inbuf.data = (char *) &database_size;
+ inbuf.data = (char *)&database_size;
inbuf.length = sizeof(database_size);
retval = krb5_mk_safe(context,auth_context,&inbuf,confmsg,NULL);
if (retval) {
- com_err(progname, retval,
- "while encoding # of receieved bytes");
- send_error(context, fd, retval,
- "while encoding # of received bytes");
+ com_err(progname, retval, "while encoding # of receieved bytes");
+ send_error(context, fd, retval, "while encoding # of received bytes");
exit(1);
}
}
-void
-send_error(context, fd, err_code, err_text)
- krb5_context context;
- int fd;
- krb5_error_code err_code;
- char *err_text;
+static void
+send_error(krb5_context context, int fd, krb5_error_code err_code,
+ char *err_text)
{
- krb5_error error;
- const char *text;
- krb5_data outbuf;
- char buf[1024];
+ krb5_error error;
+ const char *text;
+ krb5_data outbuf;
+ char buf[1024];
memset(&error, 0, sizeof(error));
krb5_us_timeofday(context, &error.stime, &error.susec);
error.server = server;
error.client = client;
- if (err_text)
- text = err_text;
- else
- text = error_message(err_code);
+ text = (err_text != NULL) ? err_text : error_message(err_code);
error.error = err_code - ERROR_TABLE_BASE_krb5;
if (error.error > 127) {
error.error = KRB_ERR_GENERIC;
if (err_text) {
- snprintf(buf, sizeof(buf), "%s %s",
- error_message(err_code), err_text);
+ snprintf(buf, sizeof(buf), "%s %s", error_message(err_code),
+ err_text);
text = buf;
}
}
@@ -1597,7 +1484,7 @@ send_error(context, fd, err_code, err_text)
error.text.data = strdup(text);
if (error.text.data) {
if (!krb5_mk_error(context, &error, &outbuf)) {
- (void) krb5_write_message(context, (void *)&fd,&outbuf);
+ (void)krb5_write_message(context, &fd, &outbuf);
krb5_free_data_contents(context, &outbuf);
}
free(error.text.data);
@@ -1605,11 +1492,9 @@ send_error(context, fd, err_code, err_text)
}
void
-recv_error(context, inbuf)
- krb5_context context;
- krb5_data *inbuf;
+recv_error(krb5_context context, krb5_data *inbuf)
{
- krb5_error *error;
+ krb5_error *error;
krb5_error_code retval;
retval = krb5_rd_error(context, inbuf, &error);
@@ -1623,7 +1508,7 @@ recv_error(context, inbuf)
fprintf(stderr, _("Generic remote error: %s\n"), error->text.data);
} else if (error->error) {
com_err(progname,
- (krb5_error_code) error->error + ERROR_TABLE_BASE_krb5,
+ (krb5_error_code)error->error + ERROR_TABLE_BASE_krb5,
_("signaled from server"));
if (error->text.data) {
fprintf(stderr, _("Error text from client: %s\n"),
@@ -1634,26 +1519,21 @@ recv_error(context, inbuf)
exit(1);
}
-void
-load_database(context, kdb_util, database_file_name)
- krb5_context context;
- char *kdb_util;
- char *database_file_name;
+static void
+load_database(krb5_context context, char *kdb_util, char *database_file_name)
{
- static char *edit_av[10];
- int error_ret;
- int child_pid;
- int count;
+ static char *edit_av[10];
+ int error_ret, child_pid, count;
/* <sys/param.h> has been included, so BSD will be defined on
- BSD systems */
+ * BSD systems. */
#if BSD > 0 && BSD <= 43
#ifndef WEXITSTATUS
#define WEXITSTATUS(w) (w).w_retcode
#endif
- union wait waitb;
+ union wait waitb;
#else
- int waitb;
+ int waitb;
#endif
kdb_log_context *log_ctx;
@@ -1673,13 +1553,12 @@ load_database(context, kdb_util, database_file_name)
edit_av[count++] = "-d";
edit_av[count++] = kerb_database;
}
- if (log_ctx && log_ctx->iproprole == IPROP_SLAVE) {
+ if (log_ctx && log_ctx->iproprole == IPROP_SLAVE)
edit_av[count++] = "-i";
- }
edit_av[count++] = database_file_name;
edit_av[count++] = NULL;
- switch(child_pid = fork()) {
+ switch (child_pid = fork()) {
case -1:
com_err(progname, errno, _("while trying to fork %s"), kdb_util);
exit(1);
@@ -1717,20 +1596,17 @@ load_database(context, kdb_util, database_file_name)
* for host_service_name.
*/
static kadm5_ret_t
-kadm5_get_kiprop_host_srv_name(krb5_context context,
- const char *realm_name,
+kadm5_get_kiprop_host_srv_name(krb5_context context, const char *realm_name,
char **host_service_name)
{
- char *name;
- char *host;
+ char *name, *host;
host = params.admin_server; /* XXX */
-
if (asprintf(&name, "%s/%s", KADM5_KIPROP_HOST_SERVICE, host) < 0) {
free(host);
- return (ENOMEM);
+ return ENOMEM;
}
*host_service_name = name;
- return (KADM5_OK);
+ return KADM5_OK;
}
diff --git a/src/slave/kproplog.c b/src/slave/kproplog.c
index 67ff154338..b051279513 100644
--- a/src/slave/kproplog.c
+++ b/src/slave/kproplog.c
@@ -4,8 +4,6 @@
* Use is subject to license terms.
*/
-/* #pragma ident "@(#)kproplog.c 1.4 04/03/19 SMI" */
-
/*
* This module will parse the update logs on the master or slave servers.
*/
@@ -21,11 +19,7 @@
#include <kdb_log.h>
#include <kadm5/admin.h>
-#ifndef gettext
-#define textdomain(X) 0
-#endif
-
-static char *progname;
+static char *progname;
static void
usage()
@@ -69,8 +63,8 @@ print_flags(unsigned int flags)
};
- for (i = 0; i < sizeof (prflags) / sizeof (char *); i++) {
- if (flags & (krb5_flags) 1 << i)
+ for (i = 0; i < sizeof(prflags) / sizeof(*prflags); i++) {
+ if (flags & (krb5_flags)(1 << i))
printf("\t\t\t%s\n", prflags[i]);
}
}
@@ -80,21 +74,19 @@ static char *
ctime_uint32(uint32_t *time32)
{
time_t tmp;
+
tmp = *time32;
return ctime(&tmp);
}
-/*
- * Display time information.
- */
+/* Display time information. */
static void
print_time(uint32_t *timep)
{
if (*timep == 0L)
printf("\t\t\tNone\n");
- else {
+ else
printf("\t\t\t%s", ctime_uint32(timep));
- }
}
static void
@@ -102,6 +94,7 @@ print_deltat(uint32_t *deltat)
{
krb5_error_code ret;
static char buf[30];
+
ret = krb5_deltat_to_string(*deltat, buf, sizeof(buf));
if (ret)
printf("\t\t\t(error)\n");
@@ -109,9 +102,7 @@ print_deltat(uint32_t *deltat)
printf("\t\t\t%s\n", buf);
}
-/*
- * Display string in hex primitive.
- */
+/* Display string in hex primitive. */
static void
print_hex(const char *tag, utf8str_t *str)
{
@@ -120,53 +111,37 @@ print_hex(const char *tag, utf8str_t *str)
len = str->utf8str_t_len;
- (void) printf("\t\t\t%s(%d): 0x", tag, len);
- for (i = 0; i < len; i++) {
- printf("%02x", (krb5_octet) str->utf8str_t_val[i]);
- }
- (void) printf("\n");
+ printf("\t\t\t%s(%d): 0x", tag, len);
+ for (i = 0; i < len; i++)
+ printf("%02x", (krb5_octet)str->utf8str_t_val[i]);
+ printf("\n");
}
-/*
- * Display string primitive.
- */
+/* Display string primitive. */
static void
print_str(const char *tag, utf8str_t *str)
{
- char *dis;
- unsigned int len;
-
- /* + 1 for null byte */
- len = str->utf8str_t_len + 1;
- dis = (char *) malloc(len);
+ krb5_error_code ret;
+ char *s;
- if (!dis) {
- (void) fprintf(stderr, _("\nCouldn't allocate memory"));
+ s = k5memdup0(str->utf8str_t_val, str->utf8str_t_len, &ret);
+ if (s == NULL) {
+ fprintf(stderr, _("\nCouldn't allocate memory"));
exit(1);
}
-
- (void) snprintf(dis, len, "%s", str->utf8str_t_val);
-
- (void) printf("\t\t\t%s(%d): %s\n", tag, len - 1, dis);
-
- free(dis);
+ printf("\t\t\t%s(%d): %s\n", tag, str->utf8str_t_len, s);
+ free(s);
}
-/*
- * Display data components.
- */
+/* Display data components. */
static void
print_data(const char *tag, kdbe_data_t *data)
{
-
- (void) printf("\t\t\tmagic: 0x%x\n", data->k_magic);
-
- (void) print_str(tag, &data->k_data);
+ printf("\t\t\tmagic: 0x%x\n", data->k_magic);
+ print_str(tag, &data->k_data);
}
-/*
- * Display the principal components.
- */
+/* Display the principal components. */
static void
print_princ(kdbe_princ_t *princ)
{
@@ -177,16 +152,11 @@ print_princ(kdbe_princ_t *princ)
len = princ->k_components.k_components_len;
data = princ->k_components.k_components_val;
-
- for (i = 0; i < len; i++, data++) {
-
+ for (i = 0; i < len; i++, data++)
print_data("princ", data);
- }
}
-/*
- * Display individual key.
- */
+/* Display individual key. */
static void
print_key(kdbe_key_t *k)
{
@@ -194,36 +164,27 @@ print_key(kdbe_key_t *k)
utf8str_t *str;
printf("\t\t\tver: %d\n", k->k_ver);
-
printf("\t\t\tkvno: %d\n", k->k_kvno);
- for (i = 0; i < k->k_enctype.k_enctype_len; i++) {
- printf("\t\t\tenc type: 0x%x\n",
- k->k_enctype.k_enctype_val[i]);
- }
+ for (i = 0; i < k->k_enctype.k_enctype_len; i++)
+ printf("\t\t\tenc type: 0x%x\n", k->k_enctype.k_enctype_val[i]);
str = k->k_contents.k_contents_val;
- for (i = 0; i < k->k_contents.k_contents_len; i++, str++) {
+ for (i = 0; i < k->k_contents.k_contents_len; i++, str++)
print_hex("key", str);
- }
}
-/*
- * Display all key data.
- */
+/* Display all key data. */
static void
print_keydata(kdbe_key_t *keys, unsigned int len)
{
unsigned int i;
- for (i = 0; i < len; i++, keys++) {
+ for (i = 0; i < len; i++, keys++)
print_key(keys);
- }
}
-/*
- * Display TL item.
- */
+/* Display TL item. */
static void
print_tl(kdbe_tl_t *tl)
{
@@ -234,25 +195,20 @@ print_tl(kdbe_tl_t *tl)
len = tl->tl_data.tl_data_len;
printf("\t\t\tvalue(%d): 0x", len);
- for (i = 0; i < len; i++) {
- printf("%02x", (krb5_octet) tl->tl_data.tl_data_val[i]);
- }
+ for (i = 0; i < len; i++)
+ printf("%02x", (krb5_octet)tl->tl_data.tl_data_val[i]);
printf("\n");
}
-/*
- * Display TL data items.
- */
+/* Display TL data items. */
static void
print_tldata(kdbe_tl_t *tldata, int len)
{
int i;
printf("\t\t\titems: %d\n", len);
-
- for (i = 0; i < len; i++, tldata++) {
+ for (i = 0; i < len; i++, tldata++)
print_tl(tldata);
- }
}
/*
@@ -264,134 +220,108 @@ print_attr(kdbe_val_t *val, int vverbose)
{
switch (val->av_type) {
case AT_ATTRFLAGS:
- (void) printf(_("\t\tAttribute flags\n"));
- if (vverbose) {
+ printf(_("\t\tAttribute flags\n"));
+ if (vverbose)
print_flags(val->kdbe_val_t_u.av_attrflags);
- }
break;
case AT_MAX_LIFE:
- (void) printf(_("\t\tMaximum ticket life\n"));
- if (vverbose) {
+ printf(_("\t\tMaximum ticket life\n"));
+ if (vverbose)
print_deltat(&val->kdbe_val_t_u.av_max_life);
- }
break;
case AT_MAX_RENEW_LIFE:
- (void) printf(_("\t\tMaximum renewable life\n"));
- if (vverbose) {
+ printf(_("\t\tMaximum renewable life\n"));
+ if (vverbose)
print_deltat(&val->kdbe_val_t_u.av_max_renew_life);
- }
break;
case AT_EXP:
- (void) printf(_("\t\tPrincipal expiration\n"));
- if (vverbose) {
+ printf(_("\t\tPrincipal expiration\n"));
+ if (vverbose)
print_time(&val->kdbe_val_t_u.av_exp);
- }
break;
case AT_PW_EXP:
- (void) printf(_("\t\tPassword expiration\n"));
- if (vverbose) {
+ printf(_("\t\tPassword expiration\n"));
+ if (vverbose)
print_time(&val->kdbe_val_t_u.av_pw_exp);
- }
break;
case AT_LAST_SUCCESS:
- (void) printf(_("\t\tLast successful auth\n"));
- if (vverbose) {
+ printf(_("\t\tLast successful auth\n"));
+ if (vverbose)
print_time(&val->kdbe_val_t_u.av_last_success);
- }
break;
case AT_LAST_FAILED:
- (void) printf(_("\t\tLast failed auth\n"));
- if (vverbose) {
+ printf(_("\t\tLast failed auth\n"));
+ if (vverbose)
print_time(&val->kdbe_val_t_u.av_last_failed);
- }
break;
case AT_FAIL_AUTH_COUNT:
- (void) printf(_("\t\tFailed passwd attempt\n"));
- if (vverbose) {
- (void) printf("\t\t\t%d\n",
- val->kdbe_val_t_u.av_fail_auth_count);
- }
+ printf(_("\t\tFailed passwd attempt\n"));
+ if (vverbose)
+ printf("\t\t\t%d\n", val->kdbe_val_t_u.av_fail_auth_count);
break;
case AT_PRINC:
- (void) printf(_("\t\tPrincipal\n"));
- if (vverbose) {
+ printf(_("\t\tPrincipal\n"));
+ if (vverbose)
print_princ(&val->kdbe_val_t_u.av_princ);
- }
break;
case AT_KEYDATA:
- (void) printf(_("\t\tKey data\n"));
+ printf(_("\t\tKey data\n"));
if (vverbose) {
- print_keydata(
- val->kdbe_val_t_u.av_keydata.av_keydata_val,
- val->kdbe_val_t_u.av_keydata.av_keydata_len);
+ print_keydata(val->kdbe_val_t_u.av_keydata.av_keydata_val,
+ val->kdbe_val_t_u.av_keydata.av_keydata_len);
}
break;
case AT_TL_DATA:
- (void) printf(_("\t\tTL data\n"));
+ printf(_("\t\tTL data\n"));
if (vverbose) {
- print_tldata(
- val->kdbe_val_t_u.av_tldata.av_tldata_val,
- val->kdbe_val_t_u.av_tldata.av_tldata_len);
+ print_tldata(val->kdbe_val_t_u.av_tldata.av_tldata_val,
+ val->kdbe_val_t_u.av_tldata.av_tldata_len);
}
break;
case AT_LEN:
- (void) printf(_("\t\tLength\n"));
- if (vverbose) {
- (void) printf("\t\t\t%d\n",
- val->kdbe_val_t_u.av_len);
- }
+ printf(_("\t\tLength\n"));
+ if (vverbose)
+ printf("\t\t\t%d\n", val->kdbe_val_t_u.av_len);
break;
case AT_PW_LAST_CHANGE:
- (void) printf(_("\t\tPassword last changed\n"));
- if (vverbose) {
+ printf(_("\t\tPassword last changed\n"));
+ if (vverbose)
print_time(&val->kdbe_val_t_u.av_pw_last_change);
- }
break;
case AT_MOD_PRINC:
- (void) printf(_("\t\tModifying principal\n"));
- if (vverbose) {
+ printf(_("\t\tModifying principal\n"));
+ if (vverbose)
print_princ(&val->kdbe_val_t_u.av_mod_princ);
- }
break;
case AT_MOD_TIME:
- (void) printf(_("\t\tModification time\n"));
- if (vverbose) {
+ printf(_("\t\tModification time\n"));
+ if (vverbose)
print_time(&val->kdbe_val_t_u.av_mod_time);
- }
break;
case AT_MOD_WHERE:
- (void) printf(_("\t\tModified where\n"));
- if (vverbose) {
- print_str("where",
- &val->kdbe_val_t_u.av_mod_where);
- }
+ printf(_("\t\tModified where\n"));
+ if (vverbose)
+ print_str("where", &val->kdbe_val_t_u.av_mod_where);
break;
case AT_PW_POLICY:
- (void) printf(_("\t\tPassword policy\n"));
- if (vverbose) {
- print_str("policy",
- &val->kdbe_val_t_u.av_pw_policy);
- }
+ printf(_("\t\tPassword policy\n"));
+ if (vverbose)
+ print_str("policy", &val->kdbe_val_t_u.av_pw_policy);
break;
case AT_PW_POLICY_SWITCH:
- (void) printf(_("\t\tPassword policy switch\n"));
- if (vverbose) {
- (void) printf("\t\t\t%d\n",
- val->kdbe_val_t_u.av_pw_policy_switch);
- }
+ printf(_("\t\tPassword policy switch\n"));
+ if (vverbose)
+ printf("\t\t\t%d\n", val->kdbe_val_t_u.av_pw_policy_switch);
break;
case AT_PW_HIST_KVNO:
- (void) printf(_("\t\tPassword history KVNO\n"));
- if (vverbose) {
- (void) printf("\t\t\t%d\n",
- val->kdbe_val_t_u.av_pw_hist_kvno);
- }
+ printf(_("\t\tPassword history KVNO\n"));
+ if (vverbose)
+ printf("\t\t\t%d\n", val->kdbe_val_t_u.av_pw_hist_kvno);
break;
case AT_PW_HIST:
- (void) printf(_("\t\tPassword history\n"));
- if (vverbose) {
- (void) printf("\t\t\tPW history elided\n");
- }
+ printf(_("\t\tPassword history\n"));
+ if (vverbose)
+ printf("\t\t\tPW history elided\n");
break;
} /* switch */
@@ -403,11 +333,11 @@ static void
print_update(kdb_hlog_t *ulog, uint32_t entry, uint32_t ulogentries,
unsigned int verbose)
{
- XDR xdrs;
- uint32_t start_sno, i, j, indx;
- char *dbprinc;
- kdb_ent_header_t *indx_log;
- kdb_incr_update_t upd;
+ XDR xdrs;
+ uint32_t start_sno, i, j, indx;
+ char *dbprinc;
+ kdb_ent_header_t *indx_log;
+ kdb_incr_update_t upd;
if (entry && (entry < ulog->kdb_num))
start_sno = ulog->kdb_last_sno - entry;
@@ -417,95 +347,82 @@ print_update(kdb_hlog_t *ulog, uint32_t entry, uint32_t ulogentries,
for (i = start_sno; i < ulog->kdb_last_sno; i++) {
indx = i % ulogentries;
- indx_log = (kdb_ent_header_t *)INDEX(ulog, indx);
+ indx_log = INDEX(ulog, indx);
/*
* Check for corrupt update entry
*/
if (indx_log->kdb_umagic != KDB_ULOG_MAGIC) {
- (void) fprintf(stderr,
- _("Corrupt update entry\n\n"));
+ fprintf(stderr, _("Corrupt update entry\n\n"));
exit(1);
}
- (void) memset(&upd, 0, sizeof (kdb_incr_update_t));
+ memset(&upd, 0, sizeof(kdb_incr_update_t));
xdrmem_create(&xdrs, (char *)indx_log->entry_data,
indx_log->kdb_entry_size, XDR_DECODE);
if (!xdr_kdb_incr_update_t(&xdrs, &upd)) {
- (void) printf(_("Entry data decode failure\n\n"));
+ printf(_("Entry data decode failure\n\n"));
exit(1);
}
- (void) printf("---\n");
- (void) printf(_("Update Entry\n"));
+ printf("---\n");
+ printf(_("Update Entry\n"));
- (void) printf(_("\tUpdate serial # : %u\n"),
- indx_log->kdb_entry_sno);
+ printf(_("\tUpdate serial # : %u\n"), indx_log->kdb_entry_sno);
- (void) printf(_("\tUpdate operation : "));
+ printf(_("\tUpdate operation : "));
if (upd.kdb_deleted)
- (void) printf(_("Delete\n"));
+ printf(_("Delete\n"));
else
- (void) printf(_("Add\n"));
+ printf(_("Add\n"));
dbprinc = malloc(upd.kdb_princ_name.utf8str_t_len + 1);
if (dbprinc == NULL) {
- (void) printf(_("Could not allocate "
- "principal name\n\n"));
+ printf(_("Could not allocate principal name\n\n"));
exit(1);
}
- (void) strncpy(dbprinc, upd.kdb_princ_name.utf8str_t_val,
- upd.kdb_princ_name.utf8str_t_len);
+ strncpy(dbprinc, upd.kdb_princ_name.utf8str_t_val,
+ upd.kdb_princ_name.utf8str_t_len);
dbprinc[upd.kdb_princ_name.utf8str_t_len] = 0;
- (void) printf(_("\tUpdate principal : %s\n"), dbprinc);
-
- (void) printf(_("\tUpdate size : %u\n"),
- indx_log->kdb_entry_size);
+ printf(_("\tUpdate principal : %s\n"), dbprinc);
- (void) printf(_("\tUpdate committed : %s\n"),
- indx_log->kdb_commit ? "True" : "False");
+ printf(_("\tUpdate size : %u\n"), indx_log->kdb_entry_size);
+ printf(_("\tUpdate committed : %s\n"),
+ indx_log->kdb_commit ? "True" : "False");
- if (indx_log->kdb_time.seconds == 0L)
- (void) printf(_("\tUpdate time stamp : None\n"));
- else
- (void) printf(_("\tUpdate time stamp : %s"),
- ctime_uint32(&indx_log->kdb_time.seconds));
+ if (indx_log->kdb_time.seconds == 0L) {
+ printf(_("\tUpdate time stamp : None\n"));
+ } else{
+ printf(_("\tUpdate time stamp : %s"),
+ ctime_uint32(&indx_log->kdb_time.seconds));
+ }
- (void) printf(_("\tAttributes changed : %d\n"),
- upd.kdb_update.kdbe_t_len);
+ printf(_("\tAttributes changed : %d\n"), upd.kdb_update.kdbe_t_len);
- if (verbose)
+ if (verbose) {
for (j = 0; j < upd.kdb_update.kdbe_t_len; j++)
- print_attr(&upd.kdb_update.kdbe_t_val[j],
- verbose > 1 ? 1 : 0);
+ print_attr(&upd.kdb_update.kdbe_t_val[j], verbose > 1 ? 1 : 0);
+ }
xdr_free(xdr_kdb_incr_update_t, (char *)&upd);
free(dbprinc);
- } /* for */
+ }
}
int
main(int argc, char **argv)
{
- int c;
- unsigned int verbose = 0;
- bool_t headeronly = FALSE;
- bool_t reset = FALSE;
- uint32_t entry = 0;
- krb5_context context;
+ int c;
+ unsigned int verbose = 0;
+ bool_t headeronly = FALSE, reset = FALSE;
+ uint32_t entry = 0;
+ krb5_context context;
kadm5_config_params params;
- kdb_log_context *log_ctx;
- kdb_hlog_t *ulog = NULL;
- char **db_args = NULL; /* XXX */
+ kdb_log_context *log_ctx;
+ kdb_hlog_t *ulog = NULL;
setlocale(LC_ALL, "");
-#if !defined(TEXT_DOMAIN)
-#define TEXT_DOMAIN "SYS_TEST"
-#endif /* TEXT_DOMAIN */
-
- (void) textdomain(TEXT_DOMAIN);
-
progname = argv[0];
while ((c = getopt(argc, argv, "Rvhe:")) != -1) {
@@ -528,41 +445,37 @@ main(int argc, char **argv)
}
if (krb5_init_context(&context)) {
- (void) fprintf(stderr,
- _("Unable to initialize Kerberos\n\n"));
+ fprintf(stderr, _("Unable to initialize Kerberos\n\n"));
exit(1);
}
- (void) memset(&params, 0, sizeof (params));
+ memset(&params, 0, sizeof(params));
if (kadm5_get_config_params(context, 1, &params, &params)) {
- (void) fprintf(stderr,
- _("Couldn't read database_name\n\n"));
+ fprintf(stderr, _("Couldn't read database_name\n\n"));
exit(1);
}
- (void) printf(_("\nKerberos update log (%s)\n"),
- params.iprop_logfile);
+ printf(_("\nKerberos update log (%s)\n"), params.iprop_logfile);
if (ulog_map(context, params.iprop_logfile, 0,
- reset ? FKADMIND : FKPROPLOG, db_args)) {
- (void) fprintf(stderr, _("Unable to map log file %s\n\n"),
- params.iprop_logfile);
+ reset ? FKADMIND : FKPROPLOG, NULL)) {
+ fprintf(stderr, _("Unable to map log file %s\n\n"),
+ params.iprop_logfile);
exit(1);
}
log_ctx = context->kdblog_context;
- if (log_ctx)
+ if (log_ctx) {
ulog = log_ctx->ulog;
- else {
- (void) fprintf(stderr, _("Unable to map log file %s\n\n"),
- params.iprop_logfile);
+ } else {
+ fprintf(stderr, _("Unable to map log file %s\n\n"),
+ params.iprop_logfile);
exit(1);
}
if (ulog->kdb_hmagic != KDB_ULOG_HDR_MAGIC) {
- (void) fprintf(stderr,
- _("Corrupt header log, exiting\n\n"));
+ fprintf(stderr, _("Corrupt header log, exiting\n\n"));
exit(1);
}
@@ -572,60 +485,58 @@ main(int argc, char **argv)
exit(0);
}
- (void) printf(_("Update log dump :\n"));
- (void) printf(_("\tLog version # : %u\n"), ulog->db_version_num);
- (void) printf(_("\tLog state : "));
+ printf(_("Update log dump :\n"));
+ printf(_("\tLog version # : %u\n"), ulog->db_version_num);
+ printf(_("\tLog state : "));
switch (ulog->kdb_state) {
case KDB_STABLE:
- (void) printf(_("Stable\n"));
+ printf(_("Stable\n"));
break;
case KDB_UNSTABLE:
- (void) printf(_("Unstable\n"));
+ printf(_("Unstable\n"));
break;
case KDB_CORRUPT:
- (void) printf(_("Corrupt\n"));
+ printf(_("Corrupt\n"));
break;
default:
- (void) printf(_("Unknown state: %d\n"),
- ulog->kdb_state);
+ printf(_("Unknown state: %d\n"), ulog->kdb_state);
break;
}
- (void) printf(_("\tEntry block size : %u\n"), ulog->kdb_block);
- (void) printf(_("\tNumber of entries : %u\n"), ulog->kdb_num);
-
- if (ulog->kdb_last_sno == 0)
- (void) printf(_("\tLast serial # : None\n"));
- else {
- if (ulog->kdb_first_sno == 0)
- (void) printf(_("\tFirst serial # : None\n"));
- else {
- (void) printf(_("\tFirst serial # : "));
- (void) printf("%u\n", ulog->kdb_first_sno);
+ printf(_("\tEntry block size : %u\n"), ulog->kdb_block);
+ printf(_("\tNumber of entries : %u\n"), ulog->kdb_num);
+
+ if (ulog->kdb_last_sno == 0) {
+ printf(_("\tLast serial # : None\n"));
+ } else {
+ if (ulog->kdb_first_sno == 0) {
+ printf(_("\tFirst serial # : None\n"));
+ } else {
+ printf(_("\tFirst serial # : "));
+ printf("%u\n", ulog->kdb_first_sno);
}
- (void) printf(_("\tLast serial # : "));
- (void) printf("%u\n", ulog->kdb_last_sno);
+ printf(_("\tLast serial # : "));
+ printf("%u\n", ulog->kdb_last_sno);
}
if (ulog->kdb_last_time.seconds == 0L) {
- (void) printf(_("\tLast time stamp : None\n"));
+ printf(_("\tLast time stamp : None\n"));
} else {
- if (ulog->kdb_first_time.seconds == 0L)
- (void) printf(_("\tFirst time stamp : None\n"));
- else {
- (void) printf(_("\tFirst time stamp : %s"),
- ctime_uint32(&ulog->kdb_first_time.seconds));
+ if (ulog->kdb_first_time.seconds == 0L) {
+ printf(_("\tFirst time stamp : None\n"));
+ } else {
+ printf(_("\tFirst time stamp : %s"),
+ ctime_uint32(&ulog->kdb_first_time.seconds));
}
- (void) printf(_("\tLast time stamp : %s\n"),
- ctime_uint32(&ulog->kdb_last_time.seconds));
+ printf(_("\tLast time stamp : %s\n"),
+ ctime_uint32(&ulog->kdb_last_time.seconds));
}
- if ((!headeronly) && ulog->kdb_num) {
+ if (!headeronly && ulog->kdb_num)
print_update(ulog, entry, params.iprop_ulogsize, verbose);
- }
- (void) printf("\n");
+ printf("\n");
- return (0);
+ return 0;
}
generated by cgit (git 2.34.1) at 2024-04-23 15:50:23 +0000