diff options
| author | Ken Raeburn <raeburn@mit.edu> | 2005-06-21 01:36:03 +0000 |
|---|---|---|
| committer | Ken Raeburn <raeburn@mit.edu> | 2005-06-21 01:36:03 +0000 |
| commit | f72c3ffaca4600d4e75282857ce4dda11106d5e7 (patch) | |
| tree | 89df6e717f00e1687994fc089fd6df9ff8a5c21c /src/kadmin/dbutil | |
| parent | f4aaa29ac68e3dd5a2ae326cd54918c7250558e9 (diff) | |
| download | krb5-f72c3ffaca4600d4e75282857ce4dda11106d5e7.tar.gz krb5-f72c3ffaca4600d4e75282857ce4dda11106d5e7.tar.xz krb5-f72c3ffaca4600d4e75282857ce4dda11106d5e7.zip | |
Novell Database Abstraction Layer merge.
Will probably break things.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17258 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/kadmin/dbutil')
| -rw-r--r-- | src/kadmin/dbutil/ChangeLog | 13 | ||||
| -rw-r--r-- | src/kadmin/dbutil/Makefile.in | 12 | ||||
| -rw-r--r-- | src/kadmin/dbutil/dump.c | 245 | ||||
| -rw-r--r-- | src/kadmin/dbutil/kadm5_create.c | 9 | ||||
| -rw-r--r-- | src/kadmin/dbutil/kdb5_create.c | 66 | ||||
| -rw-r--r-- | src/kadmin/dbutil/kdb5_destroy.c | 29 | ||||
| -rw-r--r-- | src/kadmin/dbutil/kdb5_stash.c | 27 | ||||
| -rw-r--r-- | src/kadmin/dbutil/kdb5_util.c | 107 | ||||
| -rw-r--r-- | src/kadmin/dbutil/kdb5_util.h | 5 | ||||
| -rw-r--r-- | src/kadmin/dbutil/ovload.c | 12 |
10 files changed, 260 insertions, 265 deletions
diff --git a/src/kadmin/dbutil/ChangeLog b/src/kadmin/dbutil/ChangeLog index 374052d4fe..dae3be477c 100644 --- a/src/kadmin/dbutil/ChangeLog +++ b/src/kadmin/dbutil/ChangeLog @@ -1,3 +1,16 @@ +2005-06-20 Ken Raeburn <raeburn@mit.edu> + + Novell merge. + * Makefile.in: + * dump.c: + * kadm5_create.c: + * kdb5_create.c: + * kdb5_destroy.c: + * kdb5_stash.c: + * kdb5_util.c: + * kdb5_util.h: + * ovload.c: + 2004-08-27 Ken Raeburn <raeburn@mit.edu> * loadv4.c (enter_in_v5_db): Terminate argument list of diff --git a/src/kadmin/dbutil/Makefile.in b/src/kadmin/dbutil/Makefile.in index 34569f23d0..6f1fae6278 100644 --- a/src/kadmin/dbutil/Makefile.in +++ b/src/kadmin/dbutil/Makefile.in @@ -6,16 +6,20 @@ DEFINES = -DKDB4_DISABLE LOCALINCLUDES = -I. @KRB4_INCLUDES@ PROG_LIBPATH=-L$(TOPLIBD) $(KRB4_LIBPATH) PROG_RPATH=$(KRB5_LIBDIR) +KDB_DEP_LIB=-ldl -lpthread PROG = kdb5_util -OBJS = kdb5_util.o dump.o dumpv4.o loadv4.o \ - kdb5_create.o kadm5_create.o string_table.o kdb5_stash.o \ - kdb5_destroy.o ovload.o import_err.o strtok.o +###OBJS = kdb5_util.o dump.o dumpv4.o loadv4.o \ +### kdb5_create.o kadm5_create.o string_table.o kdb5_stash.o \ +### kdb5_destroy.o ovload.o import_err.o strtok.o +### + +OBJS = kdb5_util.o kdb5_create.o kadm5_create.o string_table.o kdb5_destroy.o kdb5_stash.o import_err.o strtok.o dump.o ovload.o all:: $(PROG) $(PROG): $(OBJS) $(KADMSRV_DEPLIBS) $(KRB4COMPAT_DEPLIBS) - $(CC_LINK) -o $(PROG) $(OBJS) $(KADMSRV_LIBS) $(KRB4COMPAT_LIBS) + $(CC_LINK) -o $(PROG) $(OBJS) $(KADMSRV_LIBS) $(KDB_DEP_LIB) $(KRB4COMPAT_LIBS) import_err.c import_err.h: $(srcdir)/import_err.et diff --git a/src/kadmin/dbutil/dump.c b/src/kadmin/dbutil/dump.c index 8dee427c74..74f2cde68b 100644 --- a/src/kadmin/dbutil/dump.c +++ b/src/kadmin/dbutil/dump.c @@ -30,7 +30,8 @@ #include <stdio.h> #include <k5-int.h> #include <kadm5/admin.h> -#include <kadm5/adb.h> +#include <kadm5/server_internal.h> +#include <krb5/kdb.h> #include <com_err.h> #include "kdb5_util.h" #if defined(HAVE_REGEX_H) && defined(HAVE_REGCOMP) @@ -91,15 +92,15 @@ typedef krb5_error_code (*dump_func)(krb5_pointer, krb5_db_entry *); static int process_k5beta_record (char *, krb5_context, - FILE *, int, int *, void *); + FILE *, int, int *); static int process_k5beta6_record (char *, krb5_context, - FILE *, int, int *, void *); + FILE *, int, int *); static int process_k5beta7_record (char *, krb5_context, - FILE *, int, int *, void *); + FILE *, int, int *); static int process_ov_record (char *, krb5_context, - FILE *, int, int *, void *); + FILE *, int, int *); typedef krb5_error_code (*load_func)(char *, krb5_context, - FILE *, int, int *, void *); + FILE *, int, int *); typedef struct _dump_version { char *name; @@ -145,7 +146,7 @@ dump_version ov_version = { 1, dump_ov_princ, dump_k5beta7_policy, - process_ov_record, + process_ov_record }; dump_version r1_3_version = { @@ -960,7 +961,7 @@ static krb5_error_code dump_ov_princ(krb5_pointer ptr, krb5_db_entry *kdb) tl_data.tl_data_length, XDR_DECODE); if (! xdr_osa_princ_ent_rec(&xdrs, &adb)) { xdr_destroy(&xdrs); - return(OSA_ADB_XDR_FAILURE); + return(KADM5_XDR_FAILURE); } xdr_destroy(&xdrs); @@ -1021,7 +1022,6 @@ dump_db(argc, argv) dump_version *dump; int aindex; krb5_boolean locked; - extern osa_adb_policy_t policy_db; char *new_mkey_file = 0; /* @@ -1080,7 +1080,7 @@ dump_db(argc, argv) * Make sure the database is open. The policy database only has * to be opened if we try a dump that uses it. */ - if (!dbactive || (dump->dump_policy != NULL && policy_db == NULL)) { + if (!dbactive) { com_err(argv[0], 0, Err_no_database); exit_status++; return; @@ -1174,17 +1174,17 @@ dump_db(argc, argv) if (dump->header[strlen(dump->header)-1] != '\n') fputc('\n', arglist.ofile); - if ((kret = krb5_db_iterate_ext(util_context, - dump->dump_princ, - (krb5_pointer) &arglist, - backwards, recursive))) { + if ((kret = krb5_db_iterate(util_context, + NULL, + dump->dump_princ, + (krb5_pointer) &arglist))) { /* TBD: backwards and recursive not supported */ fprintf(stderr, dumprec_err, programname, dump->name, error_message(kret)); exit_status++; } if (dump->dump_policy && - (kret = osa_adb_iter_policy(policy_db, dump->dump_policy, - &arglist))) { + (kret = krb5_db_iter_policy( util_context, "*", dump->dump_policy, + &arglist))) { fprintf(stderr, dumprec_err, programname, dump->name, error_message(kret)); exit_status++; @@ -1363,13 +1363,12 @@ update_tl_data(kcontext, dbentp, mod_name, mod_date, last_pwd_change) * Returns -1 for end of file, 0 for success and 1 for failure. */ static int -process_k5beta_record(fname, kcontext, filep, verbose, linenop, pol_db) +process_k5beta_record(fname, kcontext, filep, verbose, linenop) char *fname; krb5_context kcontext; FILE *filep; int verbose; int *linenop; - void *pol_db; { int nmatched; int retval; @@ -1664,13 +1663,12 @@ process_k5beta_record(fname, kcontext, filep, verbose, linenop, pol_db) * Returns -1 for end of file, 0 for success and 1 for failure. */ static int -process_k5beta6_record(fname, kcontext, filep, verbose, linenop, pol_db) +process_k5beta6_record(fname, kcontext, filep, verbose, linenop) char *fname; krb5_context kcontext; FILE *filep; int verbose; int *linenop; - void *pol_db; { int retval; krb5_db_entry dbentry; @@ -1948,9 +1946,9 @@ process_k5beta7_policy(fname, kcontext, filep, verbose, linenop, pol_db) return 1; } - if ((ret = osa_adb_create_policy(pol_db, &rec))) { - if (ret == OSA_ADB_DUP && - ((ret = osa_adb_put_policy(pol_db, &rec)))) { + if ((ret = krb5_db_create_policy(kcontext, &rec))) { + if (ret && + ((ret = krb5_db_put_policy(kcontext, &rec)))) { fprintf(stderr, "cannot create policy on line %d: %s\n", *linenop, error_message(ret)); return 1; @@ -1968,13 +1966,12 @@ process_k5beta7_policy(fname, kcontext, filep, verbose, linenop, pol_db) * Returns -1 for end of file, 0 for success and 1 for failure. */ static int -process_k5beta7_record(fname, kcontext, filep, verbose, linenop, pol_db) +process_k5beta7_record(fname, kcontext, filep, verbose, linenop) char *fname; krb5_context kcontext; FILE *filep; int verbose; int *linenop; - void *pol_db; { int nread; char rectype[100]; @@ -1986,10 +1983,10 @@ process_k5beta7_record(fname, kcontext, filep, verbose, linenop, pol_db) return 1; if (strcmp(rectype, "princ") == 0) process_k5beta6_record(fname, kcontext, filep, verbose, - linenop, pol_db); + linenop); else if (strcmp(rectype, "policy") == 0) process_k5beta7_policy(fname, kcontext, filep, verbose, - linenop, pol_db); + linenop); else { fprintf(stderr, "unknown record type \"%s\" on line %d\n", rectype, *linenop); @@ -2005,13 +2002,12 @@ process_k5beta7_record(fname, kcontext, filep, verbose, linenop, pol_db) * Returns -1 for end of file, 0 for success and 1 for failure. */ static int -process_ov_record(fname, kcontext, filep, verbose, linenop, pol_db) +process_ov_record(fname, kcontext, filep, verbose, linenop) char *fname; krb5_context kcontext; FILE *filep; int verbose; int *linenop; - void *pol_db; { int nread; char rectype[100]; @@ -2023,10 +2019,10 @@ process_ov_record(fname, kcontext, filep, verbose, linenop, pol_db) return 1; if (strcmp(rectype, "princ") == 0) process_ov_principal(fname, kcontext, filep, verbose, - linenop, pol_db); + linenop); else if (strcmp(rectype, "policy") == 0) process_k5beta7_policy(fname, kcontext, filep, verbose, - linenop, pol_db); + linenop); else if (strcmp(rectype, "End") == 0) return -1; else { @@ -2042,14 +2038,13 @@ process_ov_record(fname, kcontext, filep, verbose, linenop, pol_db) * restore_dump() - Restore the database from any version dump file. */ static int -restore_dump(programname, kcontext, dumpfile, f, verbose, dump, pol_db) +restore_dump(programname, kcontext, dumpfile, f, verbose, dump) char *programname; krb5_context kcontext; char *dumpfile; FILE *f; int verbose; dump_version *dump; - osa_adb_policy_t pol_db; { int error; int lineno; @@ -2064,8 +2059,7 @@ restore_dump(programname, kcontext, dumpfile, f, verbose, dump, pol_db) kcontext, f, verbose, - &lineno, - pol_db))) + &lineno))) ; if (error != -1) fprintf(stderr, err_line_fmt, programname, lineno, dumpfile); @@ -2085,7 +2079,6 @@ load_db(argc, argv) char **argv; { kadm5_config_params newparams; - osa_adb_policy_t tmppol_db; krb5_error_code kret; krb5_context kcontext; FILE *f; @@ -2115,7 +2108,6 @@ load_db(argc, argv) crflags = KRB5_KDB_CREATE_BTREE; exit_status = 0; dbname_tmp = (char *) NULL; - tmppol_db = NULL; for (aindex = 1; aindex < argc; aindex++) { if (!strcmp(argv[aindex], oldoption)) load = &old_version; @@ -2130,7 +2122,21 @@ load_db(argc, argv) else if (!strcmp(argv[aindex], updateoption)) update = 1; else if (!strcmp(argv[aindex], hashoption)) - crflags = KRB5_KDB_CREATE_HASH; + { + db5util_db_args_size++; + { + char **temp = realloc( db5util_db_args, sizeof(char*) * (db5util_db_args_size+1)); /* one for NULL */ + if( temp == NULL ) + { + com_err(progname, ENOMEM, "while parsing command arguments\n"); + exit(1); + } + + db5util_db_args = temp; + } + db5util_db_args[db5util_db_args_size-1] = "hash=true"; + db5util_db_args[db5util_db_args_size] = NULL; + } else break; } @@ -2159,6 +2165,14 @@ load_db(argc, argv) return; } + if( (kret = krb5_set_default_realm(kcontext, util_context->default_realm)) ) + { + fprintf(stderr, "%s: Unable to set the default realm\n", programname); + free(dbname_tmp); + exit_status++; + return; + } + /* * Open the dumpfile */ @@ -2221,7 +2235,7 @@ load_db(argc, argv) /* * Cons up params for the new databases. If we are not in update - * mode use a temp name that we'll rename later. + * mode, we dont create tmp file and then move it to final place. As it is dependent on DB type, this is not done */ newparams = global_params; if (! update) { @@ -2238,105 +2252,67 @@ load_db(argc, argv) } /* - * If not an update restoration, create the temp database. Always - * create a temp policy db, even if we are not loading a dump file - * with policy info, because they may be loading an old dump - * intending to use it with the new kadm5 system. + * If not an update restoration, create the database. otherwise open */ - if (!update && ((kret = krb5_db_create(kcontext, dbname_tmp, crflags)))) { - fprintf(stderr, dbcreaterr_fmt, - programname, dbname_tmp, error_message(kret)); - exit_status++; - kadm5_free_config_params(kcontext, &newparams); - if (dumpfile) fclose(f); - return; - } - if (!update && (kret = osa_adb_create_policy_db(&newparams))) { - fprintf(stderr, "%s: %s while creating policy database\n", - programname, error_message(kret)); - exit_status++; - kadm5_free_config_params(kcontext, &newparams); - if (dumpfile) fclose(f); - return; + if (!update) { + if((kret = krb5_db_create(kcontext, db5util_db_args))) { + fprintf(stderr, dbcreaterr_fmt, + programname, dbname, error_message(kret)); + exit_status++; + kadm5_free_config_params(kcontext, &newparams); + if (dumpfile) fclose(f); + return; + } } - + else /* - * Point ourselves at the new databases. + * Initialize the database. */ - if ((kret = krb5_db_set_name(kcontext, - (update) ? dbname : dbname_tmp))) { - fprintf(stderr, dbname_err_fmt, - programname, - (update) ? dbname : dbname_tmp, error_message(kret)); - exit_status++; - goto error; - } - if ((kret = osa_adb_open_policy(&tmppol_db, &newparams))) { - fprintf(stderr, "%s: %s while opening policy database\n", - programname, error_message(kret)); - exit_status++; - goto error; + if ((kret = krb5_db_open(kcontext, db5util_db_args, KRB5_KDB_OPEN_RW))) { + fprintf(stderr, dbinit_err_fmt, + programname, error_message(kret)); + exit_status++; + goto error; } + + /* * If an update restoration, make sure the db is left unusable if * the update fails. */ - if (update) { - if ((kret = osa_adb_get_lock(tmppol_db, OSA_ADB_PERMANENT))) { - fprintf(stderr, "%s: %s while permanently locking database\n", - programname, error_message(kret)); - exit_status++; - goto error; - } - } - - /* - * Initialize the database. - */ - if ((kret = krb5_db_init(kcontext))) { - fprintf(stderr, dbinit_err_fmt, - programname, error_message(kret)); - exit_status++; - goto error; - } - /* - * grab an extra lock, since there are no other users - */ - if (!update) { - kret = krb5_db_lock(kcontext, KRB5_LOCKMODE_EXCLUSIVE); - if (kret) { - fprintf(stderr, dblock_err_fmt, - programname, error_message(kret)); - exit_status++; - goto error; - } + if ((kret = krb5_db_lock(kcontext, update?KRB5_DB_LOCKMODE_PERMANENT: KRB5_DB_LOCKMODE_EXCLUSIVE))) { + fprintf(stderr, "%s: %s while permanently locking database\n", + programname, error_message(kret)); + exit_status++; + goto error; } if (restore_dump(programname, kcontext, (dumpfile) ? dumpfile : stdin_name, - f, verbose, load, tmppol_db)) { + f, verbose, load)) { fprintf(stderr, restfail_fmt, programname, load->name); exit_status++; } - if (!update && (kret = krb5_db_unlock(kcontext))) { + if (!update && load->create_kadm5 && + ((kret = kadm5_create_magic_princs(&newparams, kcontext)))) { + /* error message printed by create_magic_princs */ + exit_status++; + } + + if ((kret = krb5_db_unlock(kcontext))) { /* change this error? */ fprintf(stderr, dbunlockerr_fmt, - programname, dbname_tmp, error_message(kret)); + programname, dbname, error_message(kret)); exit_status++; } + if ((kret = krb5_db_fini(kcontext))) { fprintf(stderr, close_err_fmt, programname, error_message(kret)); exit_status++; } - if (!update && load->create_kadm5 && - ((kret = kadm5_create_magic_princs(&newparams, kcontext)))) { - /* error message printed by create_magic_princs */ - exit_status++; - } - /* close policy db below */ error: @@ -2348,54 +2324,11 @@ error: */ if (!update) { if (exit_status) { - if ((kret = krb5_db_destroy(kcontext, dbname_tmp))) { + if ((kret = krb5_db_destroy(kcontext, db5util_db_args))) { fprintf(stderr, dbdelerr_fmt, - programname, dbname_tmp, error_message(kret)); - exit_status++; - } - if ((kret = osa_adb_destroy_policy_db(&newparams))) { - fprintf(stderr, "%s: %s while destroying policy database\n", - programname, error_message(kret)); - exit_status++; - } - } - else { - if ((kret = krb5_db_rename(kcontext, - dbname_tmp, - dbname))) { - fprintf(stderr, dbrenerr_fmt, - programname, dbname_tmp, dbname, - error_message(kret)); - exit_status++; - } - - if ((kret = osa_adb_close_policy(tmppol_db))) { - fprintf(stderr, close_err_fmt, - programname, error_message(kret)); + programname, dbname, error_message(kret)); exit_status++; } - - if ((kret = osa_adb_rename_policy_db(&newparams, - &global_params))) { - fprintf(stderr, - "%s: %s while renaming policy db %s to %s\n", - programname, error_message(kret), - newparams.admin_dbname, - global_params.admin_dbname); - exit_status++; - } - } - } else /* update */ { - if (! exit_status && ((kret = osa_adb_release_lock(tmppol_db)))) { - fprintf(stderr, "%s: %s while releasing permanent lock\n", - programname, error_message(kret)); - exit_status++; - } - - if (tmppol_db && ((kret = osa_adb_close_policy(tmppol_db)))) { - fprintf(stderr, close_err_fmt, - programname, error_message(kret)); - exit_status++; } } diff --git a/src/kadmin/dbutil/kadm5_create.c b/src/kadmin/dbutil/kadm5_create.c index 9ed6459e04..a9a9df0cdb 100644 --- a/src/kadmin/dbutil/kadm5_create.c +++ b/src/kadmin/dbutil/kadm5_create.c @@ -35,7 +35,8 @@ #include <stdio.h> #include <stdlib.h> #include <string.h> -#include <kadm5/adb.h> +#include <k5-int.h> +#include <krb5/kdb.h> #include <kadm5/admin.h> #include <krb5/adm_proto.h> @@ -85,11 +86,6 @@ int kadm5_create(kadm5_config_params *params) return 1; } - if ((retval = osa_adb_create_policy_db(&lparams))) { - com_err(progname, retval, str_CREATING_POLICY_DB); - return 1; - } - retval = kadm5_create_magic_princs(&lparams, context); kadm5_free_config_params(context, &lparams); @@ -110,6 +106,7 @@ int kadm5_create_magic_princs(kadm5_config_params *params, if ((retval = kadm5_init(progname, NULL, NULL, params, KADM5_STRUCT_VERSION, KADM5_API_VERSION_2, + db5util_db_args, &handle))) { com_err(progname, retval, "while initializing the Kerberos admin interface"); return retval; diff --git a/src/kadmin/dbutil/kdb5_create.c b/src/kadmin/dbutil/kdb5_create.c index 2c05c2744e..5bd337e47e 100644 --- a/src/kadmin/dbutil/kdb5_create.c +++ b/src/kadmin/dbutil/kdb5_create.c @@ -55,8 +55,9 @@ #include <stdio.h> #include <k5-int.h> +#include <krb5/kdb.h> +#include <kadm5/server_internal.h> #include <kadm5/admin.h> -#include <kadm5/adb.h> #include <krb5/adm_proto.h> #include "kdb5_util.h" @@ -145,7 +146,6 @@ extern char *mkey_password; extern char *progname; extern int exit_status; -extern osa_adb_policy_t policy_db; extern kadm5_config_params global_params; extern krb5_context util_context; @@ -160,7 +160,6 @@ void kdb5_create(argc, argv) char *pw_str = 0; unsigned int pw_size = 0; int do_stash = 0; - krb5_int32 crflags = KRB5_KDB_CREATE_BTREE; krb5_data pwd, seed; if (strrchr(argv[0], '/')) @@ -172,7 +171,19 @@ void kdb5_create(argc, argv) do_stash++; break; case 'h': - crflags = KRB5_KDB_CREATE_HASH; + db5util_db_args_size++; + { + char **temp = realloc( db5util_db_args, sizeof(char*) * (db5util_db_args_size+1)); /* one for NULL */ + if( temp == NULL ) + { + com_err(progname, ENOMEM, "while parsing command arguments\n"); + exit(1); + } + + db5util_db_args = temp; + } + db5util_db_args[db5util_db_args_size-1] = "hash=true"; + db5util_db_args[db5util_db_args_size] = NULL; case '?': default: usage(); @@ -187,16 +198,6 @@ void kdb5_create(argc, argv) rblock.nkslist = global_params.num_keysalts; rblock.kslist = global_params.keysalts; - retval = krb5_db_set_name(util_context, global_params.dbname); - if (!retval) retval = EEXIST; - - if (retval == EEXIST || retval == EACCES || retval == EPERM) { - /* it exists ! */ - com_err(argv[0], 0, "The database '%s' appears to already exist", - global_params.dbname); - exit_status++; return; - } - printf ("Loading random data\n"); retval = krb5_c_random_os_entropy (util_context, 1, NULL); if (retval) { @@ -267,26 +268,20 @@ master key name '%s'\n", exit_status++; return; } if ((retval = krb5_db_create(util_context, - global_params.dbname, crflags))) { + db5util_db_args))) { com_err(argv[0], retval, "while creating database '%s'", global_params.dbname); exit_status++; return; } - if ((retval = krb5_db_fini(util_context))) { - com_err(argv[0], retval, "while closing current database"); - exit_status++; return; - } - if ((retval = krb5_db_set_name(util_context, global_params.dbname))) { - com_err(argv[0], retval, "while setting active database to '%s'", - global_params.dbname); - exit_status++; return; - } - if ((retval = krb5_db_init(util_context))) { - com_err(argv[0], retval, "while initializing the database '%s'", - global_params.dbname); - exit_status++; return; - } - +/* if ((retval = krb5_db_fini(util_context))) { */ +/* com_err(argv[0], retval, "while closing current database"); */ +/* exit_status++; return; */ +/* } */ +/* if ((retval = krb5_db_open(util_context, db5util_db_args, KRB5_KDB_OPEN_RW))) { */ +/* com_err(argv[0], retval, "while initializing the database '%s'", */ +/* global_params.dbname); */ +/* exit_status++; return; */ +/* } */ if ((retval = add_principal(util_context, master_princ, MASTER_KEY, &rblock)) || (retval = add_principal(util_context, &tgt_princ, TGT_KEY, &rblock))) { (void) krb5_db_fini(util_context); @@ -298,10 +293,11 @@ master key name '%s'\n", * it; delete the file below if it was not requested. DO NOT EXIT * BEFORE DELETING THE KEYFILE if do_stash is not set. */ - retval = krb5_db_store_mkey(util_context, - global_params.stash_file, - master_princ, - &master_keyblock); + retval = krb5_db_store_master_key(util_context, + global_params.stash_file, + master_princ, + &master_keyblock, + mkey_password); if (retval) { com_err(argv[0], errno, "while storing key"); printf("Warning: couldn't stash master key.\n"); @@ -440,6 +436,6 @@ add_principal(context, princ, op, pblock) retval = krb5_db_put_principal(context, &entry, &nentries); error_out:; - krb5_dbe_free_contents(context, &entry); + krb5_db_free_principal(context, &entry, 1); return retval; } diff --git a/src/kadmin/dbutil/kdb5_destroy.c b/src/kadmin/dbutil/kdb5_destroy.c index 2545bdb5d1..ea1011b407 100644 --- a/src/kadmin/dbutil/kdb5_destroy.c +++ b/src/kadmin/dbutil/kdb5_destroy.c @@ -33,7 +33,7 @@ #include <stdio.h> #include "com_err.h" #include <kadm5/admin.h> -#include <kadm5/adb.h> +#include <krb5/kdb.h> #include "kdb5_util.h" extern int exit_status; @@ -53,12 +53,23 @@ kdb5_destroy(argc, argv) int optchar; char *dbname; char buf[5]; - krb5_error_code retval, retval1, retval2; + krb5_error_code retval1; krb5_context context; int force = 0; - krb5_init_context(&context); + retval1 = krb5_init_context(&context); + if( retval1 ) + { + com_err(argv[0], retval1, "while initializing krb5_context"); + exit(1); + } + if ((retval1 = krb5_set_default_realm(context, + util_context->default_realm))) { + com_err(argv[0], retval1, "while setting default realm name"); + exit(1); + } + if (strrchr(argv[0], '/')) argv[0] = strrchr(argv[0], '/')+1; @@ -89,21 +100,11 @@ kdb5_destroy(argc, argv) printf("OK, deleting database '%s'...\n", dbname); } - retval = krb5_db_set_name(context, dbname); - if (retval) { - com_err(argv[0], retval, "'%s'",dbname); - exit_status++; return; - } - retval1 = krb5_db_destroy(context, dbname); - retval2 = osa_adb_destroy_policy_db(&global_params); + retval1 = krb5_db_destroy(context, db5util_db_args); if (retval1) { com_err(argv[0], retval1, "deleting database '%s'",dbname); exit_status++; return; } - if (retval2) { - com_err(argv[0], retval2, "destroying policy database"); - exit_status++; return; - } dbactive = FALSE; printf("** Database '%s' destroyed.\n", dbname); diff --git a/src/kadmin/dbutil/kdb5_stash.c b/src/kadmin/dbutil/kdb5_stash.c index 6d7251541b..09bea21518 100644 --- a/src/kadmin/dbutil/kdb5_stash.c +++ b/src/kadmin/dbutil/kdb5_stash.c @@ -85,10 +85,18 @@ kdb5_stash(argc, argv) if (strrchr(argv[0], '/')) argv[0] = strrchr(argv[0], '/')+1; - /* Tell upwards to close the policy db cause we don't */ - close_policy_db = 1; + retval = krb5_init_context(&context); + if( retval ) + { + com_err(argv[0], retval, "while initializing krb5_context"); + exit(1); + } - krb5_init_context(&context); + if ((retval = krb5_set_default_realm(context, + util_context->default_realm))) { + com_err(argv[0], retval, "while setting default realm name"); + exit(1); + } dbname = global_params.dbname; realm = global_params.realm; @@ -118,13 +126,6 @@ kdb5_stash(argc, argv) exit_status++; return; } - retval = krb5_db_set_name(context, dbname); - if (retval) { - com_err(argv[0], retval, "while setting active database to '%s'", - dbname); - exit_status++; return; - } - /* assemble & parse the master key name */ retval = krb5_db_setup_mkey_name(context, mkey_name, realm, &mkey_fullname, &master_princ); @@ -133,7 +134,7 @@ kdb5_stash(argc, argv) exit_status++; return; } - retval = krb5_db_init(context); + retval = krb5_db_open(context, db5util_db_args, KRB5_KDB_OPEN_RW); if (retval) { com_err(argv[0], retval, "while initializing the database '%s'", dbname); @@ -159,8 +160,8 @@ kdb5_stash(argc, argv) exit_status++; return; } - retval = krb5_db_store_mkey(context, keyfile, master_princ, - &master_keyblock); + retval = krb5_db_store_master_key(context, keyfile, master_princ, + &master_keyblock, NULL); if (retval) { com_err(argv[0], errno, "while storing key"); memset((char *)master_keyblock.contents, 0, master_keyblock.length); diff --git a/src/kadmin/dbutil/kdb5_util.c b/src/kadmin/dbutil/kdb5_util.c index 5249768675..a95dff702d 100644 --- a/src/kadmin/dbutil/kdb5_util.c +++ b/src/kadmin/dbutil/kdb5_util.c @@ -57,7 +57,6 @@ #include <k5-int.h> #include <kadm5/admin.h> #include <krb5/adm_proto.h> -#include <kadm5/adb.h> #include <time.h> #include "kdb5_util.h" @@ -76,13 +75,12 @@ char *mkey_password = 0; int exit_status = 0; krb5_context util_context; -osa_adb_policy_t policy_db; kadm5_config_params global_params; void usage() { fprintf(stderr, "Usage: " - "kdb5_util [-r realm] [-d dbname] [-k mkeytype] [-M mkeyname]\n" + "kdb5_util [-x db_args]* [-r realm] [-d dbname] [-k mkeytype] [-M mkeyname]\n" "\t [-sf stashfilename] [-m] cmd [cmd_options]\n" "\tcreate [-s]\n" "\tdestroy [-f]\n" @@ -91,9 +89,9 @@ void usage() "\t [-mkey_convert] [-new_mkey_file mkey_file]\n" "\t [-rev] [-recurse] [filename [princs...]]\n" "\tload [-old] [-ov] [-b6] [-verbose] [-update] filename\n" - "\tdump_v4 [-S] [filename]\n" - "\tload_v4 [-S] [-t] [-n] [-v] [-K] [-s stashfile] inputfile\n" - "\tark [-e etype_list] principal\n"); + "\tark [-e etype_list] principal\n" + "\nwhere,\n\t[-x db_args]* - any number of database specific arguments.\n" + "\t\t\tLook at each database documentation for supported arguments\n"); exit(1); } @@ -101,7 +99,6 @@ extern krb5_keyblock master_keyblock; extern krb5_principal master_princ; krb5_db_entry master_entry; int valid_master_key = 0; -int close_policy_db = 0; char *progname; krb5_boolean manual_mkey = FALSE; @@ -123,8 +120,8 @@ struct _cmd_table { {"stash", kdb5_stash, 1}, {"dump", dump_db, 1}, {"load", load_db, 0}, - {"dump_v4", dump_v4db, 1}, - {"load_v4", load_v4db, 0}, +/* {"dump_v4", dump_v4db, 1}, */ +/* {"load_v4", load_v4db, 0}, */ {"ark", add_random_key, 1}, {NULL, NULL, 0}, }; @@ -144,6 +141,9 @@ static struct _cmd_table *cmd_lookup(name) } #define ARG_VAL (--argc > 0 ? (koptarg = *(++argv)) : (char *)(usage(), NULL)) + +char **db5util_db_args = NULL; +int db5util_db_args_size = 0; int main(argc, argv) int argc; @@ -151,6 +151,7 @@ int main(argc, argv) { struct _cmd_table *cmd = NULL; char *koptarg, **cmd_argv; + char *db_name_tmp = NULL; int cmd_argc; krb5_error_code retval; @@ -159,7 +160,8 @@ int main(argc, argv) com_err (progname, retval, "while initializing Kerberos code"); exit(1); } - initialize_adb_error_table(); + +/* initialize_adb_error_table(); */ progname = (strrchr(argv[0], '/') ? strrchr(argv[0], '/')+1 : argv[0]); @@ -179,6 +181,47 @@ int main(argc, argv) } else if (strcmp(*argv, "-d") == 0 && ARG_VAL) { global_params.dbname = koptarg; global_params.mask |= KADM5_CONFIG_DBNAME; + + db_name_tmp = malloc( strlen(global_params.dbname) + sizeof("dbname=")); + if( db_name_tmp == NULL ) + { + com_err(progname, ENOMEM, "while parsing command arguments"); + exit(1); + } + + strcpy( db_name_tmp, "dbname="); + strcat( db_name_tmp, global_params.dbname ); + + db5util_db_args_size++; + { + char **temp = realloc( db5util_db_args, sizeof(char*) * (db5util_db_args_size+1)); /* one for NULL */ + if( temp == NULL ) + { + com_err(progname, ENOMEM, "while parsing command arguments\n"); + exit(1); + } + + db5util_db_args = temp; + } + db5util_db_args[db5util_db_args_size-1] = db_name_tmp; + db5util_db_args[db5util_db_args_size] = NULL; + + } else if (strcmp(*argv, "-x") == 0 && ARG_VAL) { + db5util_db_args_size++; + { + char **temp = realloc( db5util_db_args, sizeof(char*) * (db5util_db_args_size+1)); /* one for NULL */ + if( temp == NULL ) + { + fprintf(stderr,"%s: Cannot initialize. Not enough memory\n", + argv[0]); + exit(1); + } + + db5util_db_args = temp; + } + db5util_db_args[db5util_db_args_size-1] = koptarg; + db5util_db_args[db5util_db_args_size] = NULL; + } else if (strcmp(*argv, "-r") == 0 && ARG_VAL) { global_params.realm = koptarg; global_params.mask |= KADM5_CONFIG_REALM; @@ -217,6 +260,18 @@ int main(argc, argv) if (cmd_argv[0] == NULL) usage(); + if( !util_context->default_realm ) + { + char *temp = NULL; + retval = krb5_get_default_realm(util_context, &temp); + if( retval ) + { + com_err (progname, retval, "while getting default realm"); + exit(1); + } + util_context->default_realm = temp; + } + retval = kadm5_get_config_params(util_context, NULL, NULL, &global_params, &global_params); if (retval) { @@ -243,9 +298,12 @@ int main(argc, argv) (*cmd->func)(cmd_argc, cmd_argv); - if(close_policy_db) { - (void) osa_adb_close_policy(policy_db); - } + if( db_name_tmp ) + free( db_name_tmp ); + + if( db5util_db_args ) + free(db5util_db_args); + kadm5_free_config_params(util_context, &global_params); krb5_free_context(util_context); return exit_status; @@ -307,22 +365,11 @@ static int open_db_and_mkey() dbactive = FALSE; valid_master_key = 0; - if ((retval = krb5_db_set_name(util_context, global_params.dbname))) { - com_err(progname, retval, "while setting active database to '%s'", - global_params.dbname); - exit_status++; - return(1); - } - if ((retval = krb5_db_init(util_context))) { + if ((retval = krb5_db_open(util_context, db5util_db_args, KRB5_KDB_OPEN_RW))) { com_err(progname, retval, "while initializing database"); exit_status++; return(1); } - if ((retval = osa_adb_open_policy(&policy_db, &global_params))) { - com_err(progname, retval, "opening policy database"); - exit_status++; - return (1); - } /* assemble & parse the master key name */ @@ -497,7 +544,7 @@ add_random_key(argc, argv) } if (more) { fprintf(stderr, "principal %s not unique\n", pr_str); - krb5_dbe_free_contents(util_context, &dbent); + krb5_db_free_principal(util_context, &dbent, 1); exit_status++; return; } @@ -523,7 +570,7 @@ add_random_key(argc, argv) free(keysalts); if (ret) { com_err(me, ret, "while randomizing principal %s", pr_str); - krb5_dbe_free_contents(util_context, &dbent); + krb5_db_free_principal(util_context, &dbent, 1); exit_status++; return; } @@ -531,19 +578,19 @@ add_random_key(argc, argv) ret = krb5_timeofday(util_context, &now); if (ret) { com_err(me, ret, "while getting time"); - krb5_dbe_free_contents(util_context, &dbent); + krb5_db_free_principal(util_context, &dbent, 1); exit_status++; return; } ret = krb5_dbe_update_last_pwd_change(util_context, &dbent, now); if (ret) { com_err(me, ret, "while setting changetime"); - krb5_dbe_free_contents(util_context, &dbent); + krb5_db_free_principal(util_context, &dbent, 1); exit_status++; return; } ret = krb5_db_put_principal(util_context, &dbent, &n); - krb5_dbe_free_contents(util_context, &dbent); + krb5_db_free_principal(util_context, &dbent, 1); if (ret) { com_err(me, ret, "while saving principal %s", pr_str); exit_status++; diff --git a/src/kadmin/dbutil/kdb5_util.h b/src/kadmin/dbutil/kdb5_util.h index c63ca0371f..bb6b0ac64a 100644 --- a/src/kadmin/dbutil/kdb5_util.h +++ b/src/kadmin/dbutil/kdb5_util.h @@ -40,6 +40,8 @@ extern krb5_context util_context; extern kadm5_config_params global_params; extern int valid_master_key; extern krb5_db_entry master_db; +extern char **db5util_db_args; +extern int db5util_db_args_size; extern void usage(void); @@ -67,8 +69,7 @@ extern int kadm5_create_magic_princs (kadm5_config_params *params, extern int process_ov_principal (char *fname, krb5_context kcontext, FILE *filep, int verbose, - int *linenop, - void *pol_db); + int *linenop); extern void load_db (int argc, char **argv); extern void dump_db (int argc, char **argv); diff --git a/src/kadmin/dbutil/ovload.c b/src/kadmin/dbutil/ovload.c index 15978f8a37..f4338bc906 100644 --- a/src/kadmin/dbutil/ovload.c +++ b/src/kadmin/dbutil/ovload.c @@ -5,7 +5,10 @@ #include <memory.h> #endif -#include <kadm5/adb.h> +#include <k5-int.h> +#include <kadm5/admin.h> +#include <kadm5/server_internal.h> +#include <krb5/kdb.h> #include "import_err.h" #include "kdb5_util.h" #include "nstrtok.h" @@ -92,17 +95,16 @@ done: * [modifies] * */ -int process_ov_principal(fname, kcontext, filep, verbose, linenop, pol_db) +int process_ov_principal(fname, kcontext, filep, verbose, linenop) char *fname; krb5_context kcontext; FILE *filep; int verbose; int *linenop; - void *pol_db; { XDR xdrs; osa_princ_ent_t rec; - osa_adb_ret_t ret; + krb5_error_code ret; krb5_tl_data tl_data; krb5_principal princ; krb5_db_entry kdb; @@ -177,7 +179,7 @@ int process_ov_principal(fname, kcontext, filep, verbose, linenop, pol_db) xdralloc_create(&xdrs, XDR_ENCODE); if (! xdr_osa_princ_ent_rec(&xdrs, rec)) { xdr_destroy(&xdrs); - ret = OSA_ADB_XDR_FAILURE; + ret = KADM5_XDR_FAILURE; goto done; } |