principal can't specify ks_tuples changing own passwd

Thanks, the patch has been applied and will appear in a future release. * misc.c (chpass_principal_wrapper_3): Renamed from chpass_principal_wrapper; calls chpass_principal_3 now. (randkey_principal_wrapper_3): Renamed from randkey_principal_wrapper; calls randkey_principal_3 now. Patch from Ben Cox. * server_stubs.c (chpass_principal_1_svc) (chpass_principal3_1_svc): Call chpass_principal_wrapper_3. (chrand_principal_1_svc, chrand_principal3_1_svc): Call randkey_principal_wrapper_3. Patch from Ben Cox. ticket: 1207 version_reported: 1.2.6 target_version: 1.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14915 dc483132-0cff-0310-8789-dd5450dbe970
author: Tom Yu <tlyu@mit.edu> 2002-10-08 20:53:29 +0000
committer: Tom Yu <tlyu@mit.edu> 2002-10-08 20:53:29 +0000
commit: a103731c6350cd9b5106ac29b1f4651f11328266 (patch)
tree: 72ccc381e4f0f77686aba7c49191e585d200a95d /src/kadmin/server
parent: 794f0d854711dbee20ca8cfb3ec2ae729c41910c (diff)
download: krb5-a103731c6350cd9b5106ac29b1f4651f11328266.tar.gz
krb5-a103731c6350cd9b5106ac29b1f4651f11328266.tar.xz
krb5-a103731c6350cd9b5106ac29b1f4651f11328266.zip
3 files changed, 56 insertions, 18 deletions
diff --git a/src/kadmin/server/ChangeLog b/src/kadmin/server/ChangeLog
index 7297d89ed5..55bc680dea 100644
--- a/src/kadmin/server/ChangeLog
+++ b/src/kadmin/server/ChangeLog
@@ -1,3 +1,16 @@
+2002-10-08  Tom Yu  <tlyu@mit.edu>
+
+	* misc.c (chpass_principal_wrapper_3): Renamed from
+	chpass_principal_wrapper; calls chpass_principal_3 now.
+	(randkey_principal_wrapper_3): Renamed from
+	randkey_principal_wrapper; calls randkey_principal_3 now.  Patch
+	from Ben Cox.
+
+	* server_stubs.c (chpass_principal_1_svc)
+	(chpass_principal3_1_svc): Call chpass_principal_wrapper_3.
+	(chrand_principal_1_svc, chrand_principal3_1_svc): Call
+	randkey_principal_wrapper_3.  Patch from Ben Cox.
+
 2002-08-29  Ken Raeburn  <raeburn@mit.edu>
 
 	* Makefile.in: Revert $(S)=>/ change, for Windows support.
diff --git a/src/kadmin/server/misc.c b/src/kadmin/server/misc.c
index 9a9c7668a1..f4c7317d9e 100644
--- a/src/kadmin/server/misc.c
+++ b/src/kadmin/server/misc.c
@@ -9,7 +9,7 @@
 #include    "misc.h"
 
 /*
- * Function: chpass_principal_wrapper
+ * Function: chpass_principal_wrapper_3
  * 
  * Purpose: wrapper to kadm5_chpass_principal that checks to see if
  *	    pw_min_life has been reached. if not it returns an error.
@@ -18,7 +18,11 @@
  * Arguments:
  *	principal	(input) krb5_principals whose password we are
  *				changing
- *	passoword	(input) password we are going to change to.
+ *	keepold 	(input) whether to preserve old keys
+ *	n_ks_tuple	(input) the number of key-salt tuples in ks_tuple
+ *	ks_tuple	(input) array of tuples indicating the caller's
+ *				requested enctypes/salttypes
+ *	password	(input) password we are going to change to.
  * 	<return value>	0 on success error code on failure.
  *
  * Requires:
@@ -30,8 +34,12 @@
  *
  */
 kadm5_ret_t
-chpass_principal_wrapper(void *server_handle,
-			 krb5_principal principal, char *password)
+chpass_principal_wrapper_3(void *server_handle,
+			   krb5_principal principal,
+			   krb5_boolean keepold,
+			   int n_ks_tuple,
+			   krb5_key_salt_tuple *ks_tuple,
+			   char *password)
 {
     krb5_int32			now;
     kadm5_ret_t			ret;
@@ -71,12 +79,14 @@ chpass_principal_wrapper(void *server_handle,
     if (ret)
 	 return ret;
     
-    return kadm5_chpass_principal(server_handle, principal, password);
+    return kadm5_chpass_principal_3(server_handle, principal,
+				    keepold, n_ks_tuple, ks_tuple,
+				    password);
 }
 
 
 /*
- * Function: randkey_principal_wrapper
+ * Function: randkey_principal_wrapper_3
  * 
  * Purpose: wrapper to kadm5_randkey_principal which checks the
 	    passwords min. life.
@@ -84,6 +94,10 @@ chpass_principal_wrapper(void *server_handle,
  * Arguments:
  *	principal	    (input) krb5_principal whose password we are
  *				    changing
+ *	keepold 	(input) whether to preserve old keys
+ *	n_ks_tuple	(input) the number of key-salt tuples in ks_tuple
+ *	ks_tuple	(input) array of tuples indicating the caller's
+ *				requested enctypes/salttypes
  *	key		    (output) new random key
  * 	<return value>	    0, error code on error.
  *
@@ -95,9 +109,12 @@ chpass_principal_wrapper(void *server_handle,
  *
  */
 kadm5_ret_t
-randkey_principal_wrapper(void *server_handle,
-			  krb5_principal principal,
-			  krb5_keyblock **keys, int *n_keys)
+randkey_principal_wrapper_3(void *server_handle,
+			    krb5_principal principal,
+			    krb5_boolean keepold,
+			    int n_ks_tuple,
+			    krb5_key_salt_tuple *ks_tuple,
+			    krb5_keyblock **keys, int *n_keys)
 {
 
     krb5_int32			now;
@@ -137,5 +154,7 @@ randkey_principal_wrapper(void *server_handle,
     ret = kadm5_free_principal_ent(handle->lhandle, &princ);
     if (ret)
 	 return ret;
-    return kadm5_randkey_principal(server_handle, principal, keys, n_keys);
+    return kadm5_randkey_principal_3(server_handle, principal,
+				     keepold, n_ks_tuple, ks_tuple,
+				     keys, n_keys);
 }
diff --git a/src/kadmin/server/server_stubs.c b/src/kadmin/server/server_stubs.c
index a8bd5ce522..d087e0d3d7 100644
--- a/src/kadmin/server/server_stubs.c
+++ b/src/kadmin/server/server_stubs.c
@@ -689,8 +689,8 @@ chpass_principal_1_svc(chpass_arg *arg, struct svc_req *rqstp)
     }
 
     if (cmp_gss_krb5_name(handle, rqstp->rq_clntcred, arg->princ)) {
-	 ret.code = chpass_principal_wrapper((void *)handle, arg->princ,
-					     arg->pass);
+	 ret.code = chpass_principal_wrapper_3((void *)handle, arg->princ,
+					       FALSE, 0, NULL, arg->pass);
     } else if (!(CHANGEPW_SERVICE(rqstp)) &&
 	       acl_check(handle->context, rqstp->rq_clntcred,
 			 ACL_CHANGEPW, arg->princ, NULL)) {
@@ -750,8 +750,11 @@ chpass_principal3_1_svc(chpass3_arg *arg, struct svc_req *rqstp)
     }
 
     if (cmp_gss_krb5_name(handle, rqstp->rq_clntcred, arg->princ)) {
-	 ret.code = chpass_principal_wrapper((void *)handle, arg->princ,
-					     arg->pass);
+	 ret.code = chpass_principal_wrapper_3((void *)handle, arg->princ,
+					       arg->keepold,
+					       arg->n_ks_tuple,
+					       arg->ks_tuple,
+					       arg->pass);
     } else if (!(CHANGEPW_SERVICE(rqstp)) &&
 	       acl_check(handle->context, rqstp->rq_clntcred,
 			 ACL_CHANGEPW, arg->princ, NULL)) {
@@ -997,8 +1000,8 @@ chrand_principal_1_svc(chrand_arg *arg, struct svc_req *rqstp)
     }
 
     if (cmp_gss_krb5_name(handle, rqstp->rq_clntcred, arg->princ)) {
-	 ret.code = randkey_principal_wrapper((void *)handle,
-					      arg->princ, &k, &nkeys); 
+	 ret.code = randkey_principal_wrapper_3((void *)handle, arg->princ,
+						FALSE, 0, NULL, &k, &nkeys);
     } else if (!(CHANGEPW_SERVICE(rqstp)) &&
 	       acl_check(handle->context, rqstp->rq_clntcred,
 			 ACL_CHANGEPW, arg->princ, NULL)) {
@@ -1073,8 +1076,11 @@ chrand_principal3_1_svc(chrand3_arg *arg, struct svc_req *rqstp)
     }
 
     if (cmp_gss_krb5_name(handle, rqstp->rq_clntcred, arg->princ)) {
-	 ret.code = randkey_principal_wrapper((void *)handle,
-					      arg->princ, &k, &nkeys); 
+	 ret.code = randkey_principal_wrapper_3((void *)handle, arg->princ,
+						arg->keepold,
+						arg->n_ks_tuple,
+						arg->ks_tuple,
+						&k, &nkeys);
     } else if (!(CHANGEPW_SERVICE(rqstp)) &&
 	       acl_check(handle->context, rqstp->rq_clntcred,
 			 ACL_CHANGEPW, arg->princ, NULL)) {
author	Tom Yu <tlyu@mit.edu>	2002-10-08 20:53:29 +0000
committer	Tom Yu <tlyu@mit.edu>	2002-10-08 20:53:29 +0000
commit	a103731c6350cd9b5106ac29b1f4651f11328266 (patch)
tree	72ccc381e4f0f77686aba7c49191e585d200a95d /src/kadmin/server
parent	794f0d854711dbee20ca8cfb3ec2ae729c41910c (diff)
download	krb5-a103731c6350cd9b5106ac29b1f4651f11328266.tar.gz krb5-a103731c6350cd9b5106ac29b1f4651f11328266.tar.xz krb5-a103731c6350cd9b5106ac29b1f4651f11328266.zip