diff options
| author | Tom Yu <tlyu@mit.edu> | 2009-10-31 00:48:38 +0000 |
|---|---|---|
| committer | Tom Yu <tlyu@mit.edu> | 2009-10-31 00:48:38 +0000 |
| commit | 02d6bcbc98a214e7aeaaa9f45f0db8784a7b743b (patch) | |
| tree | 61b9147863cd8be3eff63903dc36cae168254bd5 /src/lib/kadm5/clnt | |
| parent | 162ab371748cba0cc6f172419bd6e71fa04bb878 (diff) | |
| download | krb5-02d6bcbc98a214e7aeaaa9f45f0db8784a7b743b.tar.gz krb5-02d6bcbc98a214e7aeaaa9f45f0db8784a7b743b.tar.xz krb5-02d6bcbc98a214e7aeaaa9f45f0db8784a7b743b.zip | |
make mark-cstyle
make reindent
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23100 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/kadm5/clnt')
| -rw-r--r-- | src/lib/kadm5/clnt/client_handle.c | 5 | ||||
| -rw-r--r-- | src/lib/kadm5/clnt/client_init.c | 1307 | ||||
| -rw-r--r-- | src/lib/kadm5/clnt/client_internal.h | 57 | ||||
| -rw-r--r-- | src/lib/kadm5/clnt/client_principal.c | 303 | ||||
| -rw-r--r-- | src/lib/kadm5/clnt/client_rpc.c | 421 | ||||
| -rw-r--r-- | src/lib/kadm5/clnt/clnt_chpass_util.c | 19 | ||||
| -rw-r--r-- | src/lib/kadm5/clnt/clnt_policy.c | 73 | ||||
| -rw-r--r-- | src/lib/kadm5/clnt/clnt_privs.c | 19 |
8 files changed, 1106 insertions, 1098 deletions
diff --git a/src/lib/kadm5/clnt/client_handle.c b/src/lib/kadm5/clnt/client_handle.c index 895777a6ed..48b76707e1 100644 --- a/src/lib/kadm5/clnt/client_handle.c +++ b/src/lib/kadm5/clnt/client_handle.c @@ -1,9 +1,10 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ #include <krb5.h> #include <kadm5/admin.h> #include "client_internal.h" int _kadm5_check_handle(void *handle) { - CHECK_HANDLE(handle); - return 0; + CHECK_HANDLE(handle); + return 0; } diff --git a/src/lib/kadm5/clnt/client_init.c b/src/lib/kadm5/clnt/client_init.c index 0b817b8bce..99e8e15ba3 100644 --- a/src/lib/kadm5/clnt/client_init.c +++ b/src/lib/kadm5/clnt/client_init.c @@ -1,17 +1,18 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 OpenVision Technologies, Inc., All Rights Reserved */ /* * Copyright (C) 1998 by the FundsXpress, INC. - * + * * All rights reserved. - * + * * Export of this software from the United States of America may require * a specific license from the United States Government. It is the * responsibility of any person or organization contemplating export to * obtain such a license before exporting. - * + * * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and * distribute this software and its documentation for any purpose and * without fee is hereby granted, provided that the above copyright @@ -22,7 +23,7 @@ * permission. FundsXpress makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. - * + * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. @@ -56,349 +57,349 @@ #include <gssapi/gssapi_krb5.h> #include <gssrpc/auth_gssapi.h> -#define ADM_CCACHE "/tmp/ovsec_adm.XXXXXX" +#define ADM_CCACHE "/tmp/ovsec_adm.XXXXXX" enum init_type { INIT_PASS, INIT_SKEY, INIT_CREDS }; static kadm5_ret_t _kadm5_init_any(krb5_context context, - char *client_name, - enum init_type init_type, - char *pass, - krb5_ccache ccache_in, - char *service_name, - kadm5_config_params *params, - krb5_ui_4 struct_version, - krb5_ui_4 api_version, - char **db_args, - void **server_handle); + char *client_name, + enum init_type init_type, + char *pass, + krb5_ccache ccache_in, + char *service_name, + kadm5_config_params *params, + krb5_ui_4 struct_version, + krb5_ui_4 api_version, + char **db_args, + void **server_handle); static kadm5_ret_t kadm5_get_init_creds(kadm5_server_handle_t handle, - char *client_name, enum init_type init_type, - char *pass, krb5_ccache ccache_in, - char *svcname_in, char *realm, - char *full_svcname, unsigned int full_svcname_len); + char *client_name, enum init_type init_type, + char *pass, krb5_ccache ccache_in, + char *svcname_in, char *realm, + char *full_svcname, unsigned int full_svcname_len); static kadm5_ret_t kadm5_gic_iter(kadm5_server_handle_t handle, - enum init_type init_type, - krb5_ccache ccache, - krb5_principal client, char *pass, - char *svcname, char *realm, - char *full_svcname, unsigned int full_svcname_len); + enum init_type init_type, + krb5_ccache ccache, + krb5_principal client, char *pass, + char *svcname, char *realm, + char *full_svcname, unsigned int full_svcname_len); static kadm5_ret_t kadm5_setup_gss(kadm5_server_handle_t handle, - kadm5_config_params *params_in, - char *client_name, char *full_svcname); + kadm5_config_params *params_in, + char *client_name, char *full_svcname); static void kadm5_rpc_auth(kadm5_server_handle_t handle, - kadm5_config_params *params_in, - gss_cred_id_t gss_client_creds, - gss_name_t gss_target); + kadm5_config_params *params_in, + gss_cred_id_t gss_client_creds, + gss_name_t gss_target); kadm5_ret_t kadm5_init_with_creds(krb5_context context, - char *client_name, - krb5_ccache ccache, - char *service_name, - kadm5_config_params *params, - krb5_ui_4 struct_version, - krb5_ui_4 api_version, - char **db_args, - void **server_handle) + char *client_name, + krb5_ccache ccache, + char *service_name, + kadm5_config_params *params, + krb5_ui_4 struct_version, + krb5_ui_4 api_version, + char **db_args, + void **server_handle) { - return _kadm5_init_any(context, client_name, INIT_CREDS, NULL, ccache, - service_name, params, - struct_version, api_version, db_args, - server_handle); + return _kadm5_init_any(context, client_name, INIT_CREDS, NULL, ccache, + service_name, params, + struct_version, api_version, db_args, + server_handle); } kadm5_ret_t kadm5_init_with_password(krb5_context context, char *client_name, - char *pass, char *service_name, - kadm5_config_params *params, - krb5_ui_4 struct_version, - krb5_ui_4 api_version, - char **db_args, - void **server_handle) + char *pass, char *service_name, + kadm5_config_params *params, + krb5_ui_4 struct_version, + krb5_ui_4 api_version, + char **db_args, + void **server_handle) { - return _kadm5_init_any(context, client_name, INIT_PASS, pass, NULL, - service_name, params, struct_version, - api_version, db_args, server_handle); + return _kadm5_init_any(context, client_name, INIT_PASS, pass, NULL, + service_name, params, struct_version, + api_version, db_args, server_handle); } kadm5_ret_t kadm5_init(krb5_context context, char *client_name, char *pass, - char *service_name, - kadm5_config_params *params, - krb5_ui_4 struct_version, - krb5_ui_4 api_version, - char **db_args, - void **server_handle) + char *service_name, + kadm5_config_params *params, + krb5_ui_4 struct_version, + krb5_ui_4 api_version, + char **db_args, + void **server_handle) { - return _kadm5_init_any(context, client_name, INIT_PASS, pass, NULL, - service_name, params, struct_version, - api_version, db_args, server_handle); + return _kadm5_init_any(context, client_name, INIT_PASS, pass, NULL, + service_name, params, struct_version, + api_version, db_args, server_handle); } kadm5_ret_t kadm5_init_with_skey(krb5_context context, char *client_name, - char *keytab, char *service_name, - kadm5_config_params *params, - krb5_ui_4 struct_version, - krb5_ui_4 api_version, - char **db_args, - void **server_handle) + char *keytab, char *service_name, + kadm5_config_params *params, + krb5_ui_4 struct_version, + krb5_ui_4 api_version, + char **db_args, + void **server_handle) { - return _kadm5_init_any(context, client_name, INIT_SKEY, keytab, NULL, - service_name, params, struct_version, - api_version, db_args, server_handle); + return _kadm5_init_any(context, client_name, INIT_SKEY, keytab, NULL, + service_name, params, struct_version, + api_version, db_args, server_handle); } static kadm5_ret_t _kadm5_init_any(krb5_context context, char *client_name, - enum init_type init_type, - char *pass, - krb5_ccache ccache_in, - char *service_name, - kadm5_config_params *params_in, - krb5_ui_4 struct_version, - krb5_ui_4 api_version, - char **db_args, - void **server_handle) + enum init_type init_type, + char *pass, + krb5_ccache ccache_in, + char *service_name, + kadm5_config_params *params_in, + krb5_ui_4 struct_version, + krb5_ui_4 api_version, + char **db_args, + void **server_handle) { - struct sockaddr_in addr; - struct hostent *hp; - int fd; - - char *iprop_svc; - int iprop_enable = 0; - char full_svcname[BUFSIZ]; - char *realm; - - kadm5_server_handle_t handle; - kadm5_config_params params_local; - - int code = 0; - generic_ret *r; - - initialize_ovk_error_table(); + struct sockaddr_in addr; + struct hostent *hp; + int fd; + + char *iprop_svc; + int iprop_enable = 0; + char full_svcname[BUFSIZ]; + char *realm; + + kadm5_server_handle_t handle; + kadm5_config_params params_local; + + int code = 0; + generic_ret *r; + + initialize_ovk_error_table(); /* initialize_adb_error_table(); */ - initialize_ovku_error_table(); - - if (! server_handle) { - return EINVAL; - } - - if (! (handle = malloc(sizeof(*handle)))) { - return ENOMEM; - } - memset(handle, 0, sizeof(*handle)); - if (! (handle->lhandle = malloc(sizeof(*handle)))) { - free(handle); - return ENOMEM; - } - - handle->magic_number = KADM5_SERVER_HANDLE_MAGIC; - handle->struct_version = struct_version; - handle->api_version = api_version; - handle->clnt = 0; - handle->cache_name = 0; - handle->destroy_cache = 0; - handle->context = 0; - *handle->lhandle = *handle; - handle->lhandle->api_version = KADM5_API_VERSION_3; - handle->lhandle->struct_version = KADM5_STRUCT_VERSION; - handle->lhandle->lhandle = handle->lhandle; - - handle->context = context; - - if(client_name == NULL) { - free(handle); - return EINVAL; - } - - /* - * Verify the version numbers before proceeding; we can't use - * CHECK_HANDLE because not all fields are set yet. - */ - GENERIC_CHECK_HANDLE(handle, KADM5_OLD_LIB_API_VERSION, - KADM5_NEW_LIB_API_VERSION); - - /* - * Acquire relevant profile entries. In version 2, merge values - * in params_in with values from profile, based on - * params_in->mask. - * - * In version 1, we've given a realm (which may be NULL) instead - * of params_in. So use that realm, make params_in contain an - * empty mask, and behave like version 2. - */ - memset(¶ms_local, 0, sizeof(params_local)); - if (params_in && (params_in->mask & KADM5_CONFIG_REALM)) - realm = params_in->realm; - else - realm = NULL; + initialize_ovku_error_table(); + + if (! server_handle) { + return EINVAL; + } + + if (! (handle = malloc(sizeof(*handle)))) { + return ENOMEM; + } + memset(handle, 0, sizeof(*handle)); + if (! (handle->lhandle = malloc(sizeof(*handle)))) { + free(handle); + return ENOMEM; + } + + handle->magic_number = KADM5_SERVER_HANDLE_MAGIC; + handle->struct_version = struct_version; + handle->api_version = api_version; + handle->clnt = 0; + handle->cache_name = 0; + handle->destroy_cache = 0; + handle->context = 0; + *handle->lhandle = *handle; + handle->lhandle->api_version = KADM5_API_VERSION_3; + handle->lhandle->struct_version = KADM5_STRUCT_VERSION; + handle->lhandle->lhandle = handle->lhandle; + + handle->context = context; + + if(client_name == NULL) { + free(handle); + return EINVAL; + } + + /* + * Verify the version numbers before proceeding; we can't use + * CHECK_HANDLE because not all fields are set yet. + */ + GENERIC_CHECK_HANDLE(handle, KADM5_OLD_LIB_API_VERSION, + KADM5_NEW_LIB_API_VERSION); + + /* + * Acquire relevant profile entries. In version 2, merge values + * in params_in with values from profile, based on + * params_in->mask. + * + * In version 1, we've given a realm (which may be NULL) instead + * of params_in. So use that realm, make params_in contain an + * empty mask, and behave like version 2. + */ + memset(¶ms_local, 0, sizeof(params_local)); + if (params_in && (params_in->mask & KADM5_CONFIG_REALM)) + realm = params_in->realm; + else + realm = NULL; #if 0 /* Since KDC config params can now be put in krb5.conf, these - could show up even when you're just using the remote kadmin - client. */ -#define ILLEGAL_PARAMS (KADM5_CONFIG_DBNAME | KADM5_CONFIG_ADBNAME | \ - KADM5_CONFIG_ADB_LOCKFILE | \ - KADM5_CONFIG_ACL_FILE | KADM5_CONFIG_DICT_FILE \ - | KADM5_CONFIG_ADMIN_KEYTAB | \ - KADM5_CONFIG_STASH_FILE | \ - KADM5_CONFIG_MKEY_NAME | KADM5_CONFIG_ENCTYPE \ - | KADM5_CONFIG_MAX_LIFE | \ - KADM5_CONFIG_MAX_RLIFE | \ - KADM5_CONFIG_EXPIRATION | KADM5_CONFIG_FLAGS | \ - KADM5_CONFIG_ENCTYPES | KADM5_CONFIG_MKEY_FROM_KBD) - - if (params_in && params_in->mask & ILLEGAL_PARAMS) { - free(handle); - return KADM5_BAD_CLIENT_PARAMS; - } + could show up even when you're just using the remote kadmin + client. */ +#define ILLEGAL_PARAMS (KADM5_CONFIG_DBNAME | KADM5_CONFIG_ADBNAME | \ + KADM5_CONFIG_ADB_LOCKFILE | \ + KADM5_CONFIG_ACL_FILE | KADM5_CONFIG_DICT_FILE \ + | KADM5_CONFIG_ADMIN_KEYTAB | \ + KADM5_CONFIG_STASH_FILE | \ + KADM5_CONFIG_MKEY_NAME | KADM5_CONFIG_ENCTYPE \ + | KADM5_CONFIG_MAX_LIFE | \ + KADM5_CONFIG_MAX_RLIFE | \ + KADM5_CONFIG_EXPIRATION | KADM5_CONFIG_FLAGS | \ + KADM5_CONFIG_ENCTYPES | KADM5_CONFIG_MKEY_FROM_KBD) + + if (params_in && params_in->mask & ILLEGAL_PARAMS) { + free(handle); + return KADM5_BAD_CLIENT_PARAMS; + } #endif - if ((code = kadm5_get_config_params(handle->context, 0, - params_in, &handle->params))) { - free(handle); - return(code); - } - -#define REQUIRED_PARAMS (KADM5_CONFIG_REALM | \ - KADM5_CONFIG_ADMIN_SERVER | \ - KADM5_CONFIG_KADMIND_PORT) - - if ((handle->params.mask & REQUIRED_PARAMS) != REQUIRED_PARAMS) { - free(handle); - return KADM5_MISSING_KRB5_CONF_PARAMS; - } - - /* - * Get credentials. Also does some fallbacks in case kadmin/fqdn - * principal doesn't exist. - */ - code = kadm5_get_init_creds(handle, client_name, init_type, pass, - ccache_in, service_name, realm, - full_svcname, sizeof(full_svcname)); - if (code) - goto error; - /* - * We have ticket; open the RPC connection. - */ - - hp = gethostbyname(handle->params.admin_server); - if (hp == (struct hostent *) NULL) { - code = KADM5_BAD_SERVER_NAME; - goto cleanup; - } - - /* - * If the service_name and client_name are iprop-centric, - * we need to clnttcp_create to the appropriate RPC prog. - */ - iprop_svc = strdup(KIPROP_SVC_NAME); - if (iprop_svc == NULL) - return ENOMEM; - - if (service_name != NULL && - (strstr(service_name, iprop_svc) != NULL) && - (strstr(client_name, iprop_svc) != NULL)) - iprop_enable = 1; - else - iprop_enable = 0; - - memset(&addr, 0, sizeof(addr)); - addr.sin_family = hp->h_addrtype; - (void) memcpy(&addr.sin_addr, hp->h_addr, sizeof(addr.sin_addr)); - if (iprop_enable) - addr.sin_port = htons((u_short) handle->params.iprop_port); - else - addr.sin_port = htons((u_short) handle->params.kadmind_port); - - fd = RPC_ANYSOCK; - - if (iprop_enable) { - handle->clnt = clnttcp_create(&addr, KRB5_IPROP_PROG, KRB5_IPROP_VERS, - &fd, 0, 0); - } else - handle->clnt = clnttcp_create(&addr, KADM, KADMVERS, &fd, 0, 0); - if (handle->clnt == NULL) { - code = KADM5_RPC_ERROR; + if ((code = kadm5_get_config_params(handle->context, 0, + params_in, &handle->params))) { + free(handle); + return(code); + } + +#define REQUIRED_PARAMS (KADM5_CONFIG_REALM | \ + KADM5_CONFIG_ADMIN_SERVER | \ + KADM5_CONFIG_KADMIND_PORT) + + if ((handle->params.mask & REQUIRED_PARAMS) != REQUIRED_PARAMS) { + free(handle); + return KADM5_MISSING_KRB5_CONF_PARAMS; + } + + /* + * Get credentials. Also does some fallbacks in case kadmin/fqdn + * principal doesn't exist. + */ + code = kadm5_get_init_creds(handle, client_name, init_type, pass, + ccache_in, service_name, realm, + full_svcname, sizeof(full_svcname)); + if (code) + goto error; + /* + * We have ticket; open the RPC connection. + */ + + hp = gethostbyname(handle->params.admin_server); + if (hp == (struct hostent *) NULL) { + code = KADM5_BAD_SERVER_NAME; + goto cleanup; + } + + /* + * If the service_name and client_name are iprop-centric, + * we need to clnttcp_create to the appropriate RPC prog. + */ + iprop_svc = strdup(KIPROP_SVC_NAME); + if (iprop_svc == NULL) + return ENOMEM; + + if (service_name != NULL && + (strstr(service_name, iprop_svc) != NULL) && + (strstr(client_name, iprop_svc) != NULL)) + iprop_enable = 1; + else + iprop_enable = 0; + + memset(&addr, 0, sizeof(addr)); + addr.sin_family = hp->h_addrtype; + (void) memcpy(&addr.sin_addr, hp->h_addr, sizeof(addr.sin_addr)); + if (iprop_enable) + addr.sin_port = htons((u_short) handle->params.iprop_port); + else + addr.sin_port = htons((u_short) handle->params.kadmind_port); + + fd = RPC_ANYSOCK; + + if (iprop_enable) { + handle->clnt = clnttcp_create(&addr, KRB5_IPROP_PROG, KRB5_IPROP_VERS, + &fd, 0, 0); + } else + handle->clnt = clnttcp_create(&addr, KADM, KADMVERS, &fd, 0, 0); + if (handle->clnt == NULL) { + code = KADM5_RPC_ERROR; #ifdef DEBUG - clnt_pcreateerror("clnttcp_create"); + clnt_pcreateerror("clnttcp_create"); #endif - goto error; - } - handle->lhandle->clnt = handle->clnt; - - /* now that handle->clnt is set, we can check the handle */ - if ((code = _kadm5_check_handle((void *) handle))) - goto error; - - /* - * The RPC connection is open; establish the GSS-API - * authentication context. - */ - code = kadm5_setup_gss(handle, params_in, client_name, full_svcname); - if (code) - goto error; - - /* - * Bypass the remainder of the code and return straightaway - * if the gss service requested is kiprop - */ - if (iprop_enable == 1) { - code = 0; - *server_handle = (void *) handle; - goto cleanup; - } - - r = init_2(&handle->api_version, handle->clnt); - if (r == NULL) { - code = KADM5_RPC_ERROR; + goto error; + } + handle->lhandle->clnt = handle->clnt; + + /* now that handle->clnt is set, we can check the handle */ + if ((code = _kadm5_check_handle((void *) handle))) + goto error; + + /* + * The RPC connection is open; establish the GSS-API + * authentication context. + */ + code = kadm5_setup_gss(handle, params_in, client_name, full_svcname); + if (code) + goto error; + + /* + * Bypass the remainder of the code and return straightaway + * if the gss service requested is kiprop + */ + if (iprop_enable == 1) { + code = 0; + *server_handle = (void *) handle; + goto cleanup; + } + + r = init_2(&handle->api_version, handle->clnt); + if (r == NULL) { + code = KADM5_RPC_ERROR; #ifdef DEBUG - clnt_perror(handle->clnt, "init_2 null resp"); + clnt_perror(handle->clnt, "init_2 null resp"); #endif - goto error; - } - /* Drop down to v2 wire protocol if server does not support v3 */ - if (r->code == KADM5_NEW_SERVER_API_VERSION && - handle->api_version == KADM5_API_VERSION_3) { - handle->api_version = KADM5_API_VERSION_2; - r = init_2(&handle->api_version, handle->clnt); - if (r == NULL) { - code = KADM5_RPC_ERROR; - goto error; - } - } - if (r->code) { - code = r->code; - goto error; - } - - *server_handle = (void *) handle; - - goto cleanup; + goto error; + } + /* Drop down to v2 wire protocol if server does not support v3 */ + if (r->code == KADM5_NEW_SERVER_API_VERSION && + handle->api_version == KADM5_API_VERSION_3) { + handle->api_version = KADM5_API_VERSION_2; + r = init_2(&handle->api_version, handle->clnt); + if (r == NULL) { + code = KADM5_RPC_ERROR; + goto error; + } + } + if (r->code) { + code = r->code; + goto error; + } + + *server_handle = (void *) handle; + + goto cleanup; error: - /* - * Note that it is illegal for this code to execute if "handle" - * has not been allocated and initialized. I.e., don't use "goto - * error" before the block of code at the top of the function - * that allocates and initializes "handle". - */ - if (handle->cache_name) - free(handle->cache_name); - if(handle->clnt && handle->clnt->cl_auth) - AUTH_DESTROY(handle->clnt->cl_auth); - if(handle->clnt) - clnt_destroy(handle->clnt); + /* + * Note that it is illegal for this code to execute if "handle" + * has not been allocated and initialized. I.e., don't use "goto + * error" before the block of code at the top of the function + * that allocates and initializes "handle". + */ + if (handle->cache_name) + free(handle->cache_name); + if(handle->clnt && handle->clnt->cl_auth) + AUTH_DESTROY(handle->clnt->cl_auth); + if(handle->clnt) + clnt_destroy(handle->clnt); cleanup: - if (code) - free(handle); + if (code) + free(handle); - return code; + return code; } /* @@ -409,91 +410,91 @@ cleanup: */ static kadm5_ret_t kadm5_get_init_creds(kadm5_server_handle_t handle, - char *client_name, enum init_type init_type, - char *pass, krb5_ccache ccache_in, - char *svcname_in, char *realm, - char *full_svcname, unsigned int full_svcname_len) + char *client_name, enum init_type init_type, + char *pass, krb5_ccache ccache_in, + char *svcname_in, char *realm, + char *full_svcname, unsigned int full_svcname_len) { - kadm5_ret_t code; - krb5_principal client; - krb5_ccache ccache; - char svcname[BUFSIZ]; - - client = NULL; - ccache = NULL; - /* NULL svcname means use host-based. */ - if (svcname_in == NULL) { - code = kadm5_get_admin_service_name(handle->context, - handle->params.realm, - svcname, sizeof(svcname)); - if (code) { - code = KADM5_MISSING_KRB5_CONF_PARAMS; - goto error; - } - } else { - strncpy(svcname, svcname_in, sizeof(svcname)); - svcname[sizeof(svcname)-1] = '\0'; - } - /* - * Acquire a service ticket for svcname@realm in the name of - * client_name, using password pass (which could be NULL), and - * create a ccache to store them in. If INIT_CREDS, use the - * ccache we were provided instead. - */ - code = krb5_parse_name(handle->context, client_name, &client); - if (code) - goto error; - - if (init_type == INIT_CREDS) { - ccache = ccache_in; - if (asprintf(&handle->cache_name, "%s:%s", - krb5_cc_get_type(handle->context, ccache), - krb5_cc_get_name(handle->context, ccache)) < 0) { - handle->cache_name = NULL; - code = ENOMEM; - goto error; - } - } else { - static int counter = 0; - - if (asprintf(&handle->cache_name, "MEMORY:kadm5_%u", counter++) < 0) { - handle->cache_name = NULL; - code = ENOMEM; - goto error; - } - code = krb5_cc_resolve(handle->context, handle->cache_name, - &ccache); - if (code) - goto error; - - code = krb5_cc_initialize (handle->context, ccache, client); - if (code) - goto error; - - handle->destroy_cache = 1; - } - handle->lhandle->cache_name = handle->cache_name; - - code = kadm5_gic_iter(handle, init_type, ccache, - client, pass, svcname, realm, - full_svcname, full_svcname_len); - if ((code == KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN - || code == KRB5_CC_NOTFOUND) && svcname_in == NULL) { - /* Retry with old host-independent service princpal. */ - code = kadm5_gic_iter(handle, init_type, ccache, - client, pass, - KADM5_ADMIN_SERVICE, realm, - full_svcname, full_svcname_len); - } - /* Improved error messages */ - if (code == KRB5KRB_AP_ERR_BAD_INTEGRITY) code = KADM5_BAD_PASSWORD; - if (code == KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN) - code = KADM5_SECURE_PRINC_MISSING; + kadm5_ret_t code; + krb5_principal client; + krb5_ccache ccache; + char svcname[BUFSIZ]; + + client = NULL; + ccache = NULL; + /* NULL svcname means use host-based. */ + if (svcname_in == NULL) { + code = kadm5_get_admin_service_name(handle->context, + handle->params.realm, + svcname, sizeof(svcname)); + if (code) { + code = KADM5_MISSING_KRB5_CONF_PARAMS; + goto error; + } + } else { + strncpy(svcname, svcname_in, sizeof(svcname)); + svcname[sizeof(svcname)-1] = '\0'; + } + /* + * Acquire a service ticket for svcname@realm in the name of + * client_name, using password pass (which could be NULL), and + * create a ccache to store them in. If INIT_CREDS, use the + * ccache we were provided instead. + */ + code = krb5_parse_name(handle->context, client_name, &client); + if (code) + goto error; + + if (init_type == INIT_CREDS) { + ccache = ccache_in; + if (asprintf(&handle->cache_name, "%s:%s", + krb5_cc_get_type(handle->context, ccache), + krb5_cc_get_name(handle->context, ccache)) < 0) { + handle->cache_name = NULL; + code = ENOMEM; + goto error; + } + } else { + static int counter = 0; + + if (asprintf(&handle->cache_name, "MEMORY:kadm5_%u", counter++) < 0) { + handle->cache_name = NULL; + code = ENOMEM; + goto error; + } + code = krb5_cc_resolve(handle->context, handle->cache_name, + &ccache); + if (code) + goto error; + + code = krb5_cc_initialize (handle->context, ccache, client); + if (code) + goto error; + + handle->destroy_cache = 1; + } + handle->lhandle->cache_name = handle->cache_name; + + code = kadm5_gic_iter(handle, init_type, ccache, + client, pass, svcname, realm, + full_svcname, full_svcname_len); + if ((code == KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN + || code == KRB5_CC_NOTFOUND) && svcname_in == NULL) { + /* Retry with old host-independent service princpal. */ + code = kadm5_gic_iter(handle, init_type, ccache, + client, pass, + KADM5_ADMIN_SERVICE, realm, + full_svcname, full_svcname_len); + } + /* Improved error messages */ + if (code == KRB5KRB_AP_ERR_BAD_INTEGRITY) code = KADM5_BAD_PASSWORD; + if (code == KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN) + code = KADM5_SECURE_PRINC_MISSING; error: - if (ccache != NULL && init_type != INIT_CREDS) - krb5_cc_close(handle->context, ccache); - return code; + if (ccache != NULL && init_type != INIT_CREDS) + krb5_cc_close(handle->context, ccache); + return code; } /* @@ -505,87 +506,87 @@ error: */ static kadm5_ret_t kadm5_gic_iter(kadm5_server_handle_t handle, - enum init_type init_type, - krb5_ccache ccache, - krb5_principal client, char *pass, - char *svcname, char *realm, - char *full_svcname, unsigned int full_svcname_len) + enum init_type init_type, + krb5_ccache ccache, + krb5_principal client, char *pass, + char *svcname, char *realm, + char *full_svcname, unsigned int full_svcname_len) { - kadm5_ret_t code; - krb5_context ctx; - krb5_keytab kt; - krb5_get_init_creds_opt opt; - krb5_creds mcreds, outcreds; - int n; - - ctx = handle->context; - kt = NULL; - memset(full_svcname, 0, full_svcname_len); - memset(&opt, 0, sizeof(opt)); - memset(&mcreds, 0, sizeof(mcreds)); - memset(&outcreds, 0, sizeof(outcreds)); - - code = ENOMEM; - if (realm) { - n = snprintf(full_svcname, full_svcname_len, "%s@%s", - svcname, realm); - if (n < 0 || n >= full_svcname_len) - goto error; - } else { - /* krb5_princ_realm(client) is not null terminated */ - n = snprintf(full_svcname, full_svcname_len, "%s@%.*s", - svcname, krb5_princ_realm(ctx, client)->length, - krb5_princ_realm(ctx, client)->data); - if (n < 0 || n >= full_svcname_len) - goto error; - } - - /* Credentials for kadmin don't need to be forwardable or proxiable. */ - if (init_type != INIT_CREDS) { - krb5_get_init_creds_opt_init(&opt); - krb5_get_init_creds_opt_set_forwardable(&opt, 0); - krb5_get_init_creds_opt_set_proxiable(&opt, 0); - } - - if (init_type == INIT_PASS) { - code = krb5_get_init_creds_password(ctx, &outcreds, client, pass, - krb5_prompter_posix, - NULL, 0, - full_svcname, &opt); - if (code) - goto error; - } else if (init_type == INIT_SKEY) { - if (pass) { - code = krb5_kt_resolve(ctx, pass, &kt); - if (code) - goto error; - } - code = krb5_get_init_creds_keytab(ctx, &outcreds, client, kt, - 0, full_svcname, &opt); - if (pass) - krb5_kt_close(ctx, kt); - if (code) - goto error; - } else if (init_type == INIT_CREDS) { - mcreds.client = client; - code = krb5_parse_name(ctx, full_svcname, &mcreds.server); - if (code) - goto error; - code = krb5_cc_retrieve_cred(ctx, ccache, 0, - &mcreds, &outcreds); - krb5_free_principal(ctx, mcreds.server); - if (code) - goto error; - } - if (init_type != INIT_CREDS) { - /* Caller has initialized ccache. */ - code = krb5_cc_store_cred(ctx, ccache, &outcreds); - if (code) - goto error; - } + kadm5_ret_t code; + krb5_context ctx; + krb5_keytab kt; + krb5_get_init_creds_opt opt; + krb5_creds mcreds, outcreds; + int n; + + ctx = handle->context; + kt = NULL; + memset(full_svcname, 0, full_svcname_len); + memset(&opt, 0, sizeof(opt)); + memset(&mcreds, 0, sizeof(mcreds)); + memset(&outcreds, 0, sizeof(outcreds)); + + code = ENOMEM; + if (realm) { + n = snprintf(full_svcname, full_svcname_len, "%s@%s", + svcname, realm); + if (n < 0 || n >= full_svcname_len) + goto error; + } else { + /* krb5_princ_realm(client) is not null terminated */ + n = snprintf(full_svcname, full_svcname_len, "%s@%.*s", + svcname, krb5_princ_realm(ctx, client)->length, + krb5_princ_realm(ctx, client)->data); + if (n < 0 || n >= full_svcname_len) + goto error; + } + + /* Credentials for kadmin don't need to be forwardable or proxiable. */ + if (init_type != INIT_CREDS) { + krb5_get_init_creds_opt_init(&opt); + krb5_get_init_creds_opt_set_forwardable(&opt, 0); + krb5_get_init_creds_opt_set_proxiable(&opt, 0); + } + + if (init_type == INIT_PASS) { + code = krb5_get_init_creds_password(ctx, &outcreds, client, pass, + krb5_prompter_posix, + NULL, 0, + full_svcname, &opt); + if (code) + goto error; + } else if (init_type == INIT_SKEY) { + if (pass) { + code = krb5_kt_resolve(ctx, pass, &kt); + if (code) + goto error; + } + code = krb5_get_init_creds_keytab(ctx, &outcreds, client, kt, + 0, full_svcname, &opt); + if (pass) + krb5_kt_close(ctx, kt); + if (code) + goto error; + } else if (init_type == INIT_CREDS) { + mcreds.client = client; + code = krb5_parse_name(ctx, full_svcname, &mcreds.server); + if (code) + goto error; + code = krb5_cc_retrieve_cred(ctx, ccache, 0, + &mcreds, &outcreds); + krb5_free_principal(ctx, mcreds.server); + if (code) + goto error; + } + if (init_type != INIT_CREDS) { + /* Caller has initialized ccache. */ + code = krb5_cc_store_cred(ctx, ccache, &outcreds); + if (code) + goto error; + } error: - krb5_free_cred_contents(ctx, &outcreds); - return code; + krb5_free_cred_contents(ctx, &outcreds); + return code; } /* @@ -595,138 +596,138 @@ error: */ static kadm5_ret_t kadm5_setup_gss(kadm5_server_handle_t handle, - kadm5_config_params *params_in, - char *client_name, char *full_svcname) + kadm5_config_params *params_in, + char *client_name, char *full_svcname) { - kadm5_ret_t code; - OM_uint32 gssstat, minor_stat; - gss_buffer_desc buf; - gss_name_t gss_client; - gss_name_t gss_target; - gss_cred_id_t gss_client_creds; - const char *c_ccname_orig; - char *ccname_orig; - - code = KADM5_GSS_ERROR; - gss_client_creds = GSS_C_NO_CREDENTIAL; - ccname_orig = NULL; - gss_client = gss_target = GSS_C_NO_NAME; - - /* Temporarily use the kadm5 cache. */ - gssstat = gss_krb5_ccache_name(&minor_stat, handle->cache_name, - &c_ccname_orig); - if (gssstat != GSS_S_COMPLETE) { - code = KADM5_GSS_ERROR; - goto error; - } - if (c_ccname_orig) - ccname_orig = strdup(c_ccname_orig); - else - ccname_orig = 0; - - buf.value = full_svcname; - buf.length = strlen((char *)buf.value) + 1; - gssstat = gss_import_name(&minor_stat, &buf, - (gss_OID) gss_nt_krb5_name, &gss_target); - if (gssstat != GSS_S_COMPLETE) { - code = KADM5_GSS_ERROR; - goto error; - } - - buf.value = client_name; - buf.length = strlen((char *)buf.value) + 1; - gssstat = gss_import_name(&minor_stat, &buf, - (gss_OID) gss_nt_krb5_name, &gss_client); - if (gssstat != GSS_S_COMPLETE) { - code = KADM5_GSS_ERROR; - goto error; - } - - gssstat = gss_acquire_cred(&minor_stat, gss_client, 0, - GSS_C_NULL_OID_SET, GSS_C_INITIATE, - &gss_client_creds, NULL, NULL); - if (gssstat != GSS_S_COMPLETE) { - code = KADM5_GSS_ERROR; + kadm5_ret_t code; + OM_uint32 gssstat, minor_stat; + gss_buffer_desc buf; + gss_name_t gss_client; + gss_name_t gss_target; + gss_cred_id_t gss_client_creds; + const char *c_ccname_orig; + char *ccname_orig; + + code = KADM5_GSS_ERROR; + gss_client_creds = GSS_C_NO_CREDENTIAL; + ccname_orig = NULL; + gss_client = gss_target = GSS_C_NO_NAME; + + /* Temporarily use the kadm5 cache. */ + gssstat = gss_krb5_ccache_name(&minor_stat, handle->cache_name, + &c_ccname_orig); + if (gssstat != GSS_S_COMPLETE) { + code = KADM5_GSS_ERROR; + goto error; + } + if (c_ccname_orig) + ccname_orig = strdup(c_ccname_orig); + else + ccname_orig = 0; + + buf.value = full_svcname; + buf.length = strlen((char *)buf.value) + 1; + gssstat = gss_import_name(&minor_stat, &buf, + (gss_OID) gss_nt_krb5_name, &gss_target); + if (gssstat != GSS_S_COMPLETE) { + code = KADM5_GSS_ERROR; + goto error; + } + + buf.value = client_name; + buf.length = strlen((char *)buf.value) + 1; + gssstat = gss_import_name(&minor_stat, &buf, + (gss_OID) gss_nt_krb5_name, &gss_client); + if (gssstat != GSS_S_COMPLETE) { + code = KADM5_GSS_ERROR; + goto error; + } + + gssstat = gss_acquire_cred(&minor_stat, gss_client, 0, + GSS_C_NULL_OID_SET, GSS_C_INITIATE, + &gss_client_creds, NULL, NULL); + if (gssstat != GSS_S_COMPLETE) { + code = KADM5_GSS_ERROR; #if 0 /* for debugging only */ - { - OM_uint32 maj_status, min_status, message_context = 0; - gss_buffer_desc status_string; - do { - maj_status = gss_display_status(&min_status, - gssstat, - GSS_C_GSS_CODE, - GSS_C_NO_OID, - &message_context, - &status_string); - if (maj_status == GSS_S_COMPLETE) { - fprintf(stderr, "MAJ: %.*s\n", - (int) status_string.length, - (char *)status_string.value); - gss_release_buffer(&min_status, &status_string); - } else { - fprintf(stderr, - "MAJ? gss_display_status returns 0x%lx?!\n", - (unsigned long) maj_status); - message_context = 0; - } - } while (message_context != 0); - do { - maj_status = gss_display_status(&min_status, - minor_stat, - GSS_C_MECH_CODE, - GSS_C_NO_OID, - &message_context, - &status_string); - if (maj_status == GSS_S_COMPLETE) { - fprintf(stderr, "MIN: %.*s\n", - (int) status_string.length, - (char *)status_string.value); - gss_release_buffer(&min_status, &status_string); - } else { - fprintf(stderr, - "MIN? gss_display_status returns 0x%lx?!\n", - (unsigned long) maj_status); - message_context = 0; - } - } while (message_context != 0); - } + { + OM_uint32 maj_status, min_status, message_context = 0; + gss_buffer_desc status_string; + do { + maj_status = gss_display_status(&min_status, + gssstat, + GSS_C_GSS_CODE, + GSS_C_NO_OID, + &message_context, + &status_string); + if (maj_status == GSS_S_COMPLETE) { + fprintf(stderr, "MAJ: %.*s\n", + (int) status_string.length, + (char *)status_string.value); + gss_release_buffer(&min_status, &status_string); + } else { + fprintf(stderr, + "MAJ? gss_display_status returns 0x%lx?!\n", + (unsigned long) maj_status); + message_context = 0; + } + } while (message_context != 0); + do { + maj_status = gss_display_status(&min_status, + minor_stat, + GSS_C_MECH_CODE, + GSS_C_NO_OID, + &message_context, + &status_string); + if (maj_status == GSS_S_COMPLETE) { + fprintf(stderr, "MIN: %.*s\n", + (int) status_string.length, + (char *)status_string.value); + gss_release_buffer(&min_status, &status_string); + } else { + fprintf(stderr, + "MIN? gss_display_status returns 0x%lx?!\n", + (unsigned long) maj_status); + message_context = 0; + } + } while (message_context != 0); + } #endif - goto error; - } + goto error; + } - /* - * Do actual creation of RPC auth handle. Implements auth flavor - * fallback. - */ - kadm5_rpc_auth(handle, params_in, gss_client_creds, gss_target); + /* + * Do actual creation of RPC auth handle. Implements auth flavor + * fallback. + */ + kadm5_rpc_auth(handle, params_in, gss_client_creds, gss_target); error: - if (gss_client_creds != GSS_C_NO_CREDENTIAL) - (void) gss_release_cred(&minor_stat, &gss_client_creds); - - if (gss_client) - gss_release_name(&minor_stat, &gss_client); - if (gss_target) - gss_release_name(&minor_stat, &gss_target); - - /* Revert to prior gss_krb5 ccache. */ - if (ccname_orig) { - gssstat = gss_krb5_ccache_name(&minor_stat, ccname_orig, NULL); - if (gssstat) { - return KADM5_GSS_ERROR; - } - free(ccname_orig); - } else { - gssstat = gss_krb5_ccache_name(&minor_stat, NULL, NULL); - if (gssstat) { - return KADM5_GSS_ERROR; - } - } - - if (handle->clnt->cl_auth == NULL) { - return KADM5_GSS_ERROR; - } - return 0; + if (gss_client_creds != GSS_C_NO_CREDENTIAL) + (void) gss_release_cred(&minor_stat, &gss_client_creds); + + if (gss_client) + gss_release_name(&minor_stat, &gss_client); + if (gss_target) + gss_release_name(&minor_stat, &gss_target); + + /* Revert to prior gss_krb5 ccache. */ + if (ccname_orig) { + gssstat = gss_krb5_ccache_name(&minor_stat, ccname_orig, NULL); + if (gssstat) { + return KADM5_GSS_ERROR; + } + free(ccname_orig); + } else { + gssstat = gss_krb5_ccache_name(&minor_stat, NULL, NULL); + if (gssstat) { + return KADM5_GSS_ERROR; + } + } + + if (handle->clnt->cl_auth == NULL) { + return KADM5_GSS_ERROR; + } + return 0; } /* @@ -736,77 +737,77 @@ error: */ static void kadm5_rpc_auth(kadm5_server_handle_t handle, - kadm5_config_params *params_in, - gss_cred_id_t gss_client_creds, - gss_name_t gss_target) + kadm5_config_params *params_in, + gss_cred_id_t gss_client_creds, + gss_name_t gss_target) { - OM_uint32 gssstat, minor_stat; - struct rpc_gss_sec sec; - - /* Allow unauthenticated option for testing. */ - if (params_in != NULL && (params_in->mask & KADM5_CONFIG_NO_AUTH)) - return; - - /* Use RPCSEC_GSS by default. */ - if (params_in == NULL || - !(params_in->mask & KADM5_CONFIG_OLD_AUTH_GSSAPI)) { - sec.mech = gss_mech_krb5; - sec.qop = GSS_C_QOP_DEFAULT; - sec.svc = RPCSEC_GSS_SVC_PRIVACY; - sec.cred = gss_client_creds; - sec.req_flags = GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG; - - handle->clnt->cl_auth = authgss_create(handle->clnt, - gss_target, &sec); - if (handle->clnt->cl_auth != NULL) - return; - } - - if (params_in != NULL && (params_in->mask & KADM5_CONFIG_AUTH_NOFALLBACK)) - return; - - /* Fall back to old AUTH_GSSAPI. */ - handle->clnt->cl_auth = auth_gssapi_create(handle->clnt, - &gssstat, - &minor_stat, - gss_client_creds, - gss_target, - (gss_OID) gss_mech_krb5, - GSS_C_MUTUAL_FLAG - | GSS_C_REPLAY_FLAG, - 0, NULL, NULL, NULL); + OM_uint32 gssstat, minor_stat; + struct rpc_gss_sec sec; + + /* Allow unauthenticated option for testing. */ + if (params_in != NULL && (params_in->mask & KADM5_CONFIG_NO_AUTH)) + return; + + /* Use RPCSEC_GSS by default. */ + if (params_in == NULL || + !(params_in->mask & KADM5_CONFIG_OLD_AUTH_GSSAPI)) { + sec.mech = gss_mech_krb5; + sec.qop = GSS_C_QOP_DEFAULT; + sec.svc = RPCSEC_GSS_SVC_PRIVACY; + sec.cred = gss_client_creds; + sec.req_flags = GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG; + + handle->clnt->cl_auth = authgss_create(handle->clnt, + gss_target, &sec); + if (handle->clnt->cl_auth != NULL) + return; + } + + if (params_in != NULL && (params_in->mask & KADM5_CONFIG_AUTH_NOFALLBACK)) + return; + + /* Fall back to old AUTH_GSSAPI. */ + handle->clnt->cl_auth = auth_gssapi_create(handle->clnt, + &gssstat, + &minor_stat, + gss_client_creds, + gss_target, + (gss_OID) gss_mech_krb5, + GSS_C_MUTUAL_FLAG + | GSS_C_REPLAY_FLAG, + 0, NULL, NULL, NULL); } kadm5_ret_t kadm5_destroy(void *server_handle) { - krb5_ccache ccache = NULL; - int code = KADM5_OK; - kadm5_server_handle_t handle = - (kadm5_server_handle_t) server_handle; - - CHECK_HANDLE(server_handle); - - if (handle->destroy_cache && handle->cache_name) { - if ((code = krb5_cc_resolve(handle->context, - handle->cache_name, &ccache)) == 0) - code = krb5_cc_destroy (handle->context, ccache); - } - if (handle->cache_name) - free(handle->cache_name); - if (handle->clnt && handle->clnt->cl_auth) - AUTH_DESTROY(handle->clnt->cl_auth); - if (handle->clnt) - clnt_destroy(handle->clnt); - if (handle->lhandle) - free (handle->lhandle); - - kadm5_free_config_params(handle->context, &handle->params); - - handle->magic_number = 0; - free(handle); - - return code; + krb5_ccache ccache = NULL; + int code = KADM5_OK; + kadm5_server_handle_t handle = + (kadm5_server_handle_t) server_handle; + + CHECK_HANDLE(server_handle); + + if (handle->destroy_cache && handle->cache_name) { + if ((code = krb5_cc_resolve(handle->context, + handle->cache_name, &ccache)) == 0) + code = krb5_cc_destroy (handle->context, ccache); + } + if (handle->cache_name) + free(handle->cache_name); + if (handle->clnt && handle->clnt->cl_auth) + AUTH_DESTROY(handle->clnt->cl_auth); + if (handle->clnt) + clnt_destroy(handle->clnt); + if (handle->lhandle) + free (handle->lhandle); + + kadm5_free_config_params(handle->context, &handle->params); + + handle->magic_number = 0; + free(handle); + + return code; } /* not supported on client */ kadm5_ret_t kadm5_lock(void *server_handle) @@ -822,13 +823,13 @@ kadm5_ret_t kadm5_unlock(void *server_handle) kadm5_ret_t kadm5_flush(void *server_handle) { - return KADM5_OK; + return KADM5_OK; } int _kadm5_check_handle(void *handle) { - CHECK_HANDLE(handle); - return 0; + CHECK_HANDLE(handle); + return 0; } krb5_error_code kadm5_init_krb5_context (krb5_context *ctx) @@ -843,5 +844,5 @@ krb5_error_code kadm5_init_krb5_context (krb5_context *ctx) krb5_error_code kadm5_init_iprop(void *handle, char **db_args) { - return (0); + return (0); } diff --git a/src/lib/kadm5/clnt/client_internal.h b/src/lib/kadm5/clnt/client_internal.h index c5ebfec77c..c3f8999a6e 100644 --- a/src/lib/kadm5/clnt/client_internal.h +++ b/src/lib/kadm5/clnt/client_internal.h @@ -1,12 +1,13 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 OpenVision Technologies, Inc., All Rights Reserved * * $Header$ - * + * * $Log$ * Revision 1.1 1996/07/24 22:22:43 tlyu - * * Makefile.in, configure.in: break out client lib into a - * subdirectory + * * Makefile.in, configure.in: break out client lib into a + * subdirectory * * Revision 1.11 1996/07/22 20:35:46 marc * this commit includes all the changes on the OV_9510_INTEGRATION and @@ -65,33 +66,33 @@ #include "admin_internal.h" typedef struct _kadm5_server_handle_t { - krb5_ui_4 magic_number; - krb5_ui_4 struct_version; - krb5_ui_4 api_version; - char * cache_name; - int destroy_cache; - CLIENT * clnt; - krb5_context context; - kadm5_config_params params; - struct _kadm5_server_handle_t *lhandle; + krb5_ui_4 magic_number; + krb5_ui_4 struct_version; + krb5_ui_4 api_version; + char * cache_name; + int destroy_cache; + CLIENT * clnt; + krb5_context context; + kadm5_config_params params; + struct _kadm5_server_handle_t *lhandle; } kadm5_server_handle_rec, *kadm5_server_handle_t; -#define CLIENT_CHECK_HANDLE(handle) \ -{ \ - kadm5_server_handle_t srvr = \ - (kadm5_server_handle_t) handle; \ - \ - if (! srvr->clnt) \ - return KADM5_BAD_SERVER_HANDLE; \ - if (! srvr->cache_name) \ - return KADM5_BAD_SERVER_HANDLE; \ - if (! srvr->lhandle) \ - return KADM5_BAD_SERVER_HANDLE; \ -} +#define CLIENT_CHECK_HANDLE(handle) \ + { \ + kadm5_server_handle_t srvr = \ + (kadm5_server_handle_t) handle; \ + \ + if (! srvr->clnt) \ + return KADM5_BAD_SERVER_HANDLE; \ + if (! srvr->cache_name) \ + return KADM5_BAD_SERVER_HANDLE; \ + if (! srvr->lhandle) \ + return KADM5_BAD_SERVER_HANDLE; \ + } -#define CHECK_HANDLE(handle) \ - GENERIC_CHECK_HANDLE(handle, KADM5_OLD_LIB_API_VERSION, \ - KADM5_NEW_LIB_API_VERSION) \ - CLIENT_CHECK_HANDLE(handle) +#define CHECK_HANDLE(handle) \ + GENERIC_CHECK_HANDLE(handle, KADM5_OLD_LIB_API_VERSION, \ + KADM5_NEW_LIB_API_VERSION) \ + CLIENT_CHECK_HANDLE(handle) #endif /* __KADM5_CLIENT_INTERNAL_H__ */ diff --git a/src/lib/kadm5/clnt/client_principal.c b/src/lib/kadm5/clnt/client_principal.c index 56ad512196..95d5c2dbd3 100644 --- a/src/lib/kadm5/clnt/client_principal.c +++ b/src/lib/kadm5/clnt/client_principal.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 OpenVision Technologies, Inc., All Rights Reserved * @@ -26,11 +27,11 @@ static char *rcsid = "$Header$"; kadm5_ret_t kadm5_create_principal(void *server_handle, - kadm5_principal_ent_t princ, long mask, - char *pw) + kadm5_principal_ent_t princ, long mask, + char *pw) { - generic_ret *r; - cprinc_arg arg; + generic_ret *r; + cprinc_arg arg; kadm5_server_handle_t handle = server_handle; CHECK_HANDLE(server_handle); @@ -41,38 +42,38 @@ kadm5_create_principal(void *server_handle, arg.api_version = handle->api_version; if(princ == NULL) - return EINVAL; + return EINVAL; memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec)); arg.rec.mod_name = NULL; - + if(!(mask & KADM5_POLICY)) - arg.rec.policy = NULL; + arg.rec.policy = NULL; if (! (mask & KADM5_KEY_DATA)) { - arg.rec.n_key_data = 0; - arg.rec.key_data = NULL; + arg.rec.n_key_data = 0; + arg.rec.key_data = NULL; } if (! (mask & KADM5_TL_DATA)) { - arg.rec.n_tl_data = 0; - arg.rec.tl_data = NULL; + arg.rec.n_tl_data = 0; + arg.rec.tl_data = NULL; } - + r = create_principal_2(&arg, handle->clnt); if(r == NULL) - eret(); + eret(); return r->code; } kadm5_ret_t kadm5_create_principal_3(void *server_handle, - kadm5_principal_ent_t princ, long mask, - int n_ks_tuple, - krb5_key_salt_tuple *ks_tuple, - char *pw) + kadm5_principal_ent_t princ, long mask, + int n_ks_tuple, + krb5_key_salt_tuple *ks_tuple, + char *pw) { - generic_ret *r; - cprinc3_arg arg; + generic_ret *r; + cprinc3_arg arg; kadm5_server_handle_t handle = server_handle; CHECK_HANDLE(server_handle); @@ -85,54 +86,54 @@ kadm5_create_principal_3(void *server_handle, arg.ks_tuple = ks_tuple; if(princ == NULL) - return EINVAL; + return EINVAL; memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec)); arg.rec.mod_name = NULL; - + if(!(mask & KADM5_POLICY)) - arg.rec.policy = NULL; + arg.rec.policy = NULL; if (! (mask & KADM5_KEY_DATA)) { - arg.rec.n_key_data = 0; - arg.rec.key_data = NULL; + arg.rec.n_key_data = 0; + arg.rec.key_data = NULL; } if (! (mask & KADM5_TL_DATA)) { - arg.rec.n_tl_data = 0; - arg.rec.tl_data = NULL; + arg.rec.n_tl_data = 0; + arg.rec.tl_data = NULL; } - + r = create_principal3_2(&arg, handle->clnt); if(r == NULL) - eret(); + eret(); return r->code; } kadm5_ret_t kadm5_delete_principal(void *server_handle, krb5_principal principal) { - dprinc_arg arg; - generic_ret *r; + dprinc_arg arg; + generic_ret *r; kadm5_server_handle_t handle = server_handle; CHECK_HANDLE(server_handle); if(principal == NULL) - return EINVAL; + return EINVAL; arg.princ = principal; arg.api_version = handle->api_version; r = delete_principal_2(&arg, handle->clnt); if(r == NULL) - eret(); + eret(); return r->code; } kadm5_ret_t kadm5_modify_principal(void *server_handle, - kadm5_principal_ent_t princ, long mask) + kadm5_principal_ent_t princ, long mask) { - mprinc_arg arg; - generic_ret *r; + mprinc_arg arg; + generic_ret *r; kadm5_server_handle_t handle = server_handle; CHECK_HANDLE(server_handle); @@ -141,87 +142,87 @@ kadm5_modify_principal(void *server_handle, arg.mask = mask; arg.api_version = handle->api_version; if(princ == NULL) - return EINVAL; + return EINVAL; memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec)); if(!(mask & KADM5_POLICY)) - arg.rec.policy = NULL; + arg.rec.policy = NULL; if (! (mask & KADM5_KEY_DATA)) { - arg.rec.n_key_data = 0; - arg.rec.key_data = NULL; + arg.rec.n_key_data = 0; + arg.rec.key_data = NULL; } if (! (mask & KADM5_TL_DATA)) { - arg.rec.n_tl_data = 0; - arg.rec.tl_data = NULL; + arg.rec.n_tl_data = 0; + arg.rec.tl_data = NULL; } arg.rec.mod_name = NULL; - + r = modify_principal_2(&arg, handle->clnt); if(r == NULL) - eret(); + eret(); return r->code; } kadm5_ret_t kadm5_get_principal(void *server_handle, - krb5_principal princ, kadm5_principal_ent_t ent, - long mask) + krb5_principal princ, kadm5_principal_ent_t ent, + long mask) { - gprinc_arg arg; - gprinc_ret *r; + gprinc_arg arg; + gprinc_ret *r; kadm5_server_handle_t handle = server_handle; CHECK_HANDLE(server_handle); if(princ == NULL) - return EINVAL; + return EINVAL; arg.princ = princ; arg.mask = mask; arg.api_version = handle->api_version; r = get_principal_2(&arg, handle->clnt); if(r == NULL) - eret(); + eret(); if (r->code == 0) - memcpy(ent, &r->rec, sizeof(r->rec)); - + memcpy(ent, &r->rec, sizeof(r->rec)); + return r->code; } kadm5_ret_t kadm5_get_principals(void *server_handle, - char *exp, char ***princs, int *count) + char *exp, char ***princs, int *count) { - gprincs_arg arg; - gprincs_ret *r; + gprincs_arg arg; + gprincs_ret *r; kadm5_server_handle_t handle = server_handle; CHECK_HANDLE(server_handle); if(princs == NULL || count == NULL) - return EINVAL; + return EINVAL; arg.exp = exp; arg.api_version = handle->api_version; r = get_princs_2(&arg, handle->clnt); if(r == NULL) - eret(); + eret(); if(r->code == 0) { - *count = r->count; - *princs = r->princs; + *count = r->count; + *princs = r->princs; } else { - *count = 0; - *princs = NULL; + *count = 0; + *princs = NULL; } - + return r->code; } kadm5_ret_t kadm5_rename_principal(void *server_handle, - krb5_principal source, krb5_principal dest) + krb5_principal source, krb5_principal dest) { - rprinc_arg arg; - generic_ret *r; + rprinc_arg arg; + generic_ret *r; kadm5_server_handle_t handle = server_handle; CHECK_HANDLE(server_handle); @@ -230,19 +231,19 @@ kadm5_rename_principal(void *server_handle, arg.dest = dest; arg.api_version = handle->api_version; if (source == NULL || dest == NULL) - return EINVAL; + return EINVAL; r = rename_principal_2(&arg, handle->clnt); if(r == NULL) - eret(); + eret(); return r->code; } kadm5_ret_t kadm5_chpass_principal(void *server_handle, - krb5_principal princ, char *password) + krb5_principal princ, char *password) { - chpass_arg arg; - generic_ret *r; + chpass_arg arg; + generic_ret *r; kadm5_server_handle_t handle = server_handle; CHECK_HANDLE(server_handle); @@ -252,21 +253,21 @@ kadm5_chpass_principal(void *server_handle, arg.api_version = handle->api_version; if(princ == NULL) - return EINVAL; + return EINVAL; r = chpass_principal_2(&arg, handle->clnt); if(r == NULL) - eret(); + eret(); return r->code; } kadm5_ret_t kadm5_chpass_principal_3(void *server_handle, - krb5_principal princ, krb5_boolean keepold, - int n_ks_tuple, krb5_key_salt_tuple *ks_tuple, - char *password) + krb5_principal princ, krb5_boolean keepold, + int n_ks_tuple, krb5_key_salt_tuple *ks_tuple, + char *password) { - chpass3_arg arg; - generic_ret *r; + chpass3_arg arg; + generic_ret *r; kadm5_server_handle_t handle = server_handle; CHECK_HANDLE(server_handle); @@ -279,20 +280,20 @@ kadm5_chpass_principal_3(void *server_handle, arg.ks_tuple = ks_tuple; if(princ == NULL) - return EINVAL; + return EINVAL; r = chpass_principal3_2(&arg, handle->clnt); if(r == NULL) - eret(); + eret(); return r->code; } kadm5_ret_t kadm5_setv4key_principal(void *server_handle, - krb5_principal princ, - krb5_keyblock *keyblock) + krb5_principal princ, + krb5_keyblock *keyblock) { - setv4key_arg arg; - generic_ret *r; + setv4key_arg arg; + generic_ret *r; kadm5_server_handle_t handle = server_handle; CHECK_HANDLE(server_handle); @@ -302,21 +303,21 @@ kadm5_setv4key_principal(void *server_handle, arg.api_version = handle->api_version; if(princ == NULL || keyblock == NULL) - return EINVAL; + return EINVAL; r = setv4key_principal_2(&arg, handle->clnt); if(r == NULL) - eret(); + eret(); return r->code; } kadm5_ret_t kadm5_setkey_principal(void *server_handle, - krb5_principal princ, - krb5_keyblock *keyblocks, - int n_keys) + krb5_principal princ, + krb5_keyblock *keyblocks, + int n_keys) { - setkey_arg arg; - generic_ret *r; + setkey_arg arg; + generic_ret *r; kadm5_server_handle_t handle = server_handle; CHECK_HANDLE(server_handle); @@ -327,23 +328,23 @@ kadm5_setkey_principal(void *server_handle, arg.api_version = handle->api_version; if(princ == NULL || keyblocks == NULL) - return EINVAL; + return EINVAL; r = setkey_principal_2(&arg, handle->clnt); if(r == NULL) - eret(); + eret(); return r->code; } kadm5_ret_t kadm5_setkey_principal_3(void *server_handle, - krb5_principal princ, - krb5_boolean keepold, int n_ks_tuple, - krb5_key_salt_tuple *ks_tuple, - krb5_keyblock *keyblocks, - int n_keys) + krb5_principal princ, + krb5_boolean keepold, int n_ks_tuple, + krb5_key_salt_tuple *ks_tuple, + krb5_keyblock *keyblocks, + int n_keys) { - setkey3_arg arg; - generic_ret *r; + setkey3_arg arg; + generic_ret *r; kadm5_server_handle_t handle = server_handle; CHECK_HANDLE(server_handle); @@ -357,24 +358,24 @@ kadm5_setkey_principal_3(void *server_handle, arg.ks_tuple = ks_tuple; if(princ == NULL || keyblocks == NULL) - return EINVAL; + return EINVAL; r = setkey_principal3_2(&arg, handle->clnt); if(r == NULL) - eret(); + eret(); return r->code; } kadm5_ret_t kadm5_randkey_principal_3(void *server_handle, - krb5_principal princ, - krb5_boolean keepold, int n_ks_tuple, - krb5_key_salt_tuple *ks_tuple, - krb5_keyblock **key, int *n_keys) + krb5_principal princ, + krb5_boolean keepold, int n_ks_tuple, + krb5_key_salt_tuple *ks_tuple, + krb5_keyblock **key, int *n_keys) { - chrand3_arg arg; - chrand_ret *r; + chrand3_arg arg; + chrand_ret *r; kadm5_server_handle_t handle = server_handle; - int i, ret; + int i, ret; CHECK_HANDLE(server_handle); @@ -385,27 +386,27 @@ kadm5_randkey_principal_3(void *server_handle, arg.ks_tuple = ks_tuple; if(princ == NULL) - return EINVAL; + return EINVAL; r = chrand_principal3_2(&arg, handle->clnt); if(r == NULL) - eret(); + eret(); if (n_keys) - *n_keys = r->n_keys; + *n_keys = r->n_keys; if (key) { - if(r->n_keys) { - *key = malloc(r->n_keys * sizeof(krb5_keyblock)); - if (*key == NULL) - return ENOMEM; - for (i = 0; i < r->n_keys; i++) { - ret = krb5_copy_keyblock_contents(handle->context, &r->keys[i], - &(*key)[i]); - if (ret) { - free(*key); - return ENOMEM; - } - } - } else - *key = NULL; + if(r->n_keys) { + *key = malloc(r->n_keys * sizeof(krb5_keyblock)); + if (*key == NULL) + return ENOMEM; + for (i = 0; i < r->n_keys; i++) { + ret = krb5_copy_keyblock_contents(handle->context, &r->keys[i], + &(*key)[i]); + if (ret) { + free(*key); + return ENOMEM; + } + } + } else + *key = NULL; } return r->code; @@ -413,13 +414,13 @@ kadm5_randkey_principal_3(void *server_handle, kadm5_ret_t kadm5_randkey_principal(void *server_handle, - krb5_principal princ, - krb5_keyblock **key, int *n_keys) + krb5_principal princ, + krb5_keyblock **key, int *n_keys) { - chrand_arg arg; - chrand_ret *r; + chrand_arg arg; + chrand_ret *r; kadm5_server_handle_t handle = server_handle; - int i, ret; + int i, ret; CHECK_HANDLE(server_handle); @@ -427,27 +428,27 @@ kadm5_randkey_principal(void *server_handle, arg.api_version = handle->api_version; if(princ == NULL) - return EINVAL; + return EINVAL; r = chrand_principal_2(&arg, handle->clnt); if(r == NULL) - eret(); + eret(); if (n_keys) - *n_keys = r->n_keys; + *n_keys = r->n_keys; if (key) { - if(r->n_keys) { - *key = malloc(r->n_keys * sizeof(krb5_keyblock)); - if (*key == NULL) - return ENOMEM; - for (i = 0; i < r->n_keys; i++) { - ret = krb5_copy_keyblock_contents(handle->context, &r->keys[i], - &(*key)[i]); - if (ret) { - free(*key); - return ENOMEM; - } - } - } else - *key = NULL; + if(r->n_keys) { + *key = malloc(r->n_keys * sizeof(krb5_keyblock)); + if (*key == NULL) + return ENOMEM; + for (i = 0; i < r->n_keys; i++) { + ret = krb5_copy_keyblock_contents(handle->context, &r->keys[i], + &(*key)[i]); + if (ret) { + free(*key); + return ENOMEM; + } + } + } else + *key = NULL; } return r->code; @@ -455,10 +456,10 @@ kadm5_randkey_principal(void *server_handle, /* not supported on client side */ kadm5_ret_t kadm5_decrypt_key(void *server_handle, - kadm5_principal_ent_t entry, krb5_int32 - ktype, krb5_int32 stype, krb5_int32 - kvno, krb5_keyblock *keyblock, - krb5_keysalt *keysalt, int *kvnop) + kadm5_principal_ent_t entry, krb5_int32 + ktype, krb5_int32 stype, krb5_int32 + kvno, krb5_keyblock *keyblock, + krb5_keysalt *keysalt, int *kvnop) { - return EINVAL; + return EINVAL; } diff --git a/src/lib/kadm5/clnt/client_rpc.c b/src/lib/kadm5/clnt/client_rpc.c index 19c8b4703a..752206b170 100644 --- a/src/lib/kadm5/clnt/client_rpc.c +++ b/src/lib/kadm5/clnt/client_rpc.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ #include <gssrpc/rpc.h> #include <kadm5/kadm_rpc.h> #include <krb5.h> @@ -14,314 +15,314 @@ static struct timeval TIMEOUT = { 120, 0 }; generic_ret * create_principal_2(cprinc_arg *argp, CLIENT *clnt) { - static generic_ret clnt_res; - - memset(&clnt_res, 0, sizeof(clnt_res)); - if (clnt_call(clnt, CREATE_PRINCIPAL, - (xdrproc_t) xdr_cprinc_arg, (caddr_t) argp, - (xdrproc_t) xdr_generic_ret, (caddr_t) &clnt_res, - TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return (&clnt_res); + static generic_ret clnt_res; + + memset(&clnt_res, 0, sizeof(clnt_res)); + if (clnt_call(clnt, CREATE_PRINCIPAL, + (xdrproc_t) xdr_cprinc_arg, (caddr_t) argp, + (xdrproc_t) xdr_generic_ret, (caddr_t) &clnt_res, + TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return (&clnt_res); } generic_ret * create_principal3_2(cprinc3_arg *argp, CLIENT *clnt) { - static generic_ret clnt_res; - - memset(&clnt_res, 0, sizeof(clnt_res)); - if (clnt_call(clnt, CREATE_PRINCIPAL3, - (xdrproc_t) xdr_cprinc3_arg, (caddr_t) argp, - (xdrproc_t) xdr_generic_ret, (caddr_t) &clnt_res, - TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return (&clnt_res); + static generic_ret clnt_res; + + memset(&clnt_res, 0, sizeof(clnt_res)); + if (clnt_call(clnt, CREATE_PRINCIPAL3, + (xdrproc_t) xdr_cprinc3_arg, (caddr_t) argp, + (xdrproc_t) xdr_generic_ret, (caddr_t) &clnt_res, + TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return (&clnt_res); } generic_ret * delete_principal_2(dprinc_arg *argp, CLIENT *clnt) { - static generic_ret clnt_res; - - memset(&clnt_res, 0, sizeof(clnt_res)); - if (clnt_call(clnt, DELETE_PRINCIPAL, - (xdrproc_t) xdr_dprinc_arg, (caddr_t) argp, - (xdrproc_t) xdr_generic_ret, (caddr_t) &clnt_res, - TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return (&clnt_res); + static generic_ret clnt_res; + + memset(&clnt_res, 0, sizeof(clnt_res)); + if (clnt_call(clnt, DELETE_PRINCIPAL, + (xdrproc_t) xdr_dprinc_arg, (caddr_t) argp, + (xdrproc_t) xdr_generic_ret, (caddr_t) &clnt_res, + TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return (&clnt_res); } generic_ret * modify_principal_2(mprinc_arg *argp, CLIENT *clnt) { - static generic_ret clnt_res; - - memset(&clnt_res, 0, sizeof(clnt_res)); - if (clnt_call(clnt, MODIFY_PRINCIPAL, - (xdrproc_t) xdr_mprinc_arg, (caddr_t) argp, - (xdrproc_t) xdr_generic_ret, (caddr_t) &clnt_res, - TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return (&clnt_res); + static generic_ret clnt_res; + + memset(&clnt_res, 0, sizeof(clnt_res)); + if (clnt_call(clnt, MODIFY_PRINCIPAL, + (xdrproc_t) xdr_mprinc_arg, (caddr_t) argp, + (xdrproc_t) xdr_generic_ret, (caddr_t) &clnt_res, + TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return (&clnt_res); } generic_ret * rename_principal_2(rprinc_arg *argp, CLIENT *clnt) { - static generic_ret clnt_res; - - memset(&clnt_res, 0, sizeof(clnt_res)); - if (clnt_call(clnt, RENAME_PRINCIPAL, - (xdrproc_t) xdr_rprinc_arg, (caddr_t) argp, - (xdrproc_t) xdr_generic_ret, (caddr_t) &clnt_res, - TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return (&clnt_res); + static generic_ret clnt_res; + + memset(&clnt_res, 0, sizeof(clnt_res)); + if (clnt_call(clnt, RENAME_PRINCIPAL, + (xdrproc_t) xdr_rprinc_arg, (caddr_t) argp, + (xdrproc_t) xdr_generic_ret, (caddr_t) &clnt_res, + TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return (&clnt_res); } gprinc_ret * get_principal_2(gprinc_arg *argp, CLIENT *clnt) { - static gprinc_ret clnt_res; - - memset(&clnt_res, 0, sizeof(clnt_res)); - if (clnt_call(clnt, GET_PRINCIPAL, - (xdrproc_t) xdr_gprinc_arg, (caddr_t) argp, - (xdrproc_t) xdr_gprinc_ret, (caddr_t) &clnt_res, - TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return (&clnt_res); + static gprinc_ret clnt_res; + + memset(&clnt_res, 0, sizeof(clnt_res)); + if (clnt_call(clnt, GET_PRINCIPAL, + (xdrproc_t) xdr_gprinc_arg, (caddr_t) argp, + (xdrproc_t) xdr_gprinc_ret, (caddr_t) &clnt_res, + TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return (&clnt_res); } gprincs_ret * get_princs_2(gprincs_arg *argp, CLIENT *clnt) { - static gprincs_ret clnt_res; - - memset(&clnt_res, 0, sizeof(clnt_res)); - if (clnt_call(clnt, GET_PRINCS, - (xdrproc_t) xdr_gprincs_arg, (caddr_t) argp, - (xdrproc_t) xdr_gprincs_ret, (caddr_t) &clnt_res, - TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return (&clnt_res); + static gprincs_ret clnt_res; + + memset(&clnt_res, 0, sizeof(clnt_res)); + if (clnt_call(clnt, GET_PRINCS, + (xdrproc_t) xdr_gprincs_arg, (caddr_t) argp, + (xdrproc_t) xdr_gprincs_ret, (caddr_t) &clnt_res, + TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return (&clnt_res); } generic_ret * chpass_principal_2(chpass_arg *argp, CLIENT *clnt) { - static generic_ret clnt_res; - - memset(&clnt_res, 0, sizeof(clnt_res)); - if (clnt_call(clnt, CHPASS_PRINCIPAL, - (xdrproc_t) xdr_chpass_arg, (caddr_t) argp, - (xdrproc_t) xdr_generic_ret, (caddr_t) &clnt_res, - TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return (&clnt_res); + static generic_ret clnt_res; + + memset(&clnt_res, 0, sizeof(clnt_res)); + if (clnt_call(clnt, CHPASS_PRINCIPAL, + (xdrproc_t) xdr_chpass_arg, (caddr_t) argp, + (xdrproc_t) xdr_generic_ret, (caddr_t) &clnt_res, + TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return (&clnt_res); } generic_ret * chpass_principal3_2(chpass3_arg *argp, CLIENT *clnt) { - static generic_ret clnt_res; - - memset(&clnt_res, 0, sizeof(clnt_res)); - if (clnt_call(clnt, CHPASS_PRINCIPAL3, - (xdrproc_t) xdr_chpass3_arg, (caddr_t) argp, - (xdrproc_t) xdr_generic_ret, (caddr_t) &clnt_res, - TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return (&clnt_res); + static generic_ret clnt_res; + + memset(&clnt_res, 0, sizeof(clnt_res)); + if (clnt_call(clnt, CHPASS_PRINCIPAL3, + (xdrproc_t) xdr_chpass3_arg, (caddr_t) argp, + (xdrproc_t) xdr_generic_ret, (caddr_t) &clnt_res, + TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return (&clnt_res); } generic_ret * setv4key_principal_2(setv4key_arg *argp, CLIENT *clnt) { - static generic_ret clnt_res; - - memset(&clnt_res, 0, sizeof(clnt_res)); - if (clnt_call(clnt, SETV4KEY_PRINCIPAL, - (xdrproc_t) xdr_setv4key_arg, (caddr_t) argp, - (xdrproc_t) xdr_generic_ret, (caddr_t) &clnt_res, - TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return (&clnt_res); + static generic_ret clnt_res; + + memset(&clnt_res, 0, sizeof(clnt_res)); + if (clnt_call(clnt, SETV4KEY_PRINCIPAL, + (xdrproc_t) xdr_setv4key_arg, (caddr_t) argp, + (xdrproc_t) xdr_generic_ret, (caddr_t) &clnt_res, + TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return (&clnt_res); } generic_ret * setkey_principal_2(setkey_arg *argp, CLIENT *clnt) { - static generic_ret clnt_res; - - memset(&clnt_res, 0, sizeof(clnt_res)); - if (clnt_call(clnt, SETKEY_PRINCIPAL, - (xdrproc_t) xdr_setkey_arg, (caddr_t) argp, - (xdrproc_t) xdr_generic_ret, (caddr_t) &clnt_res, - TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return (&clnt_res); + static generic_ret clnt_res; + + memset(&clnt_res, 0, sizeof(clnt_res)); + if (clnt_call(clnt, SETKEY_PRINCIPAL, + (xdrproc_t) xdr_setkey_arg, (caddr_t) argp, + (xdrproc_t) xdr_generic_ret, (caddr_t) &clnt_res, + TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return (&clnt_res); } generic_ret * setkey_principal3_2(setkey3_arg *argp, CLIENT *clnt) { - static generic_ret clnt_res; - - memset(&clnt_res, 0, sizeof(clnt_res)); - if (clnt_call(clnt, SETKEY_PRINCIPAL3, - (xdrproc_t) xdr_setkey3_arg, (caddr_t) argp, - (xdrproc_t) xdr_generic_ret, (caddr_t) &clnt_res, - TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return (&clnt_res); + static generic_ret clnt_res; + + memset(&clnt_res, 0, sizeof(clnt_res)); + if (clnt_call(clnt, SETKEY_PRINCIPAL3, + (xdrproc_t) xdr_setkey3_arg, (caddr_t) argp, + (xdrproc_t) xdr_generic_ret, (caddr_t) &clnt_res, + TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return (&clnt_res); } chrand_ret * chrand_principal_2(chrand_arg *argp, CLIENT *clnt) { - static chrand_ret clnt_res; - - memset(&clnt_res, 0, sizeof(clnt_res)); - if (clnt_call(clnt, CHRAND_PRINCIPAL, - (xdrproc_t) xdr_chrand_arg, (caddr_t) argp, - (xdrproc_t) xdr_chrand_ret, (caddr_t) &clnt_res, - TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return (&clnt_res); + static chrand_ret clnt_res; + + memset(&clnt_res, 0, sizeof(clnt_res)); + if (clnt_call(clnt, CHRAND_PRINCIPAL, + (xdrproc_t) xdr_chrand_arg, (caddr_t) argp, + (xdrproc_t) xdr_chrand_ret, (caddr_t) &clnt_res, + TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return (&clnt_res); } chrand_ret * chrand_principal3_2(chrand3_arg *argp, CLIENT *clnt) { - static chrand_ret clnt_res; - - memset(&clnt_res, 0, sizeof(clnt_res)); - if (clnt_call(clnt, CHRAND_PRINCIPAL3, - (xdrproc_t) xdr_chrand3_arg, (caddr_t) argp, - (xdrproc_t) xdr_chrand_ret, (caddr_t) &clnt_res, - TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return (&clnt_res); + static chrand_ret clnt_res; + + memset(&clnt_res, 0, sizeof(clnt_res)); + if (clnt_call(clnt, CHRAND_PRINCIPAL3, + (xdrproc_t) xdr_chrand3_arg, (caddr_t) argp, + (xdrproc_t) xdr_chrand_ret, (caddr_t) &clnt_res, + TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return (&clnt_res); } generic_ret * create_policy_2(cpol_arg *argp, CLIENT *clnt) { - static generic_ret clnt_res; - - memset(&clnt_res, 0, sizeof(clnt_res)); - if (clnt_call(clnt, CREATE_POLICY, - (xdrproc_t) xdr_cpol_arg, (caddr_t) argp, - (xdrproc_t) xdr_generic_ret, (caddr_t) &clnt_res, - TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return (&clnt_res); + static generic_ret clnt_res; + + memset(&clnt_res, 0, sizeof(clnt_res)); + if (clnt_call(clnt, CREATE_POLICY, + (xdrproc_t) xdr_cpol_arg, (caddr_t) argp, + (xdrproc_t) xdr_generic_ret, (caddr_t) &clnt_res, + TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return (&clnt_res); } generic_ret * delete_policy_2(dpol_arg *argp, CLIENT *clnt) { - static generic_ret clnt_res; - - memset(&clnt_res, 0, sizeof(clnt_res)); - if (clnt_call(clnt, DELETE_POLICY, - (xdrproc_t) xdr_dpol_arg, (caddr_t) argp, - (xdrproc_t) xdr_generic_ret, (caddr_t) &clnt_res, - TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return (&clnt_res); + static generic_ret clnt_res; + + memset(&clnt_res, 0, sizeof(clnt_res)); + if (clnt_call(clnt, DELETE_POLICY, + (xdrproc_t) xdr_dpol_arg, (caddr_t) argp, + (xdrproc_t) xdr_generic_ret, (caddr_t) &clnt_res, + TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return (&clnt_res); } generic_ret * modify_policy_2(mpol_arg *argp, CLIENT *clnt) { - static generic_ret clnt_res; - - memset(&clnt_res, 0, sizeof(clnt_res)); - if (clnt_call(clnt, MODIFY_POLICY, - (xdrproc_t) xdr_mpol_arg, (caddr_t) argp, - (xdrproc_t) xdr_generic_ret, (caddr_t) &clnt_res, - TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return (&clnt_res); + static generic_ret clnt_res; + + memset(&clnt_res, 0, sizeof(clnt_res)); + if (clnt_call(clnt, MODIFY_POLICY, + (xdrproc_t) xdr_mpol_arg, (caddr_t) argp, + (xdrproc_t) xdr_generic_ret, (caddr_t) &clnt_res, + TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return (&clnt_res); } gpol_ret * get_policy_2(gpol_arg *argp, CLIENT *clnt) { - static gpol_ret clnt_res; - - memset(&clnt_res, 0, sizeof(clnt_res)); - if (clnt_call(clnt, GET_POLICY, - (xdrproc_t) xdr_gpol_arg, (caddr_t) argp, - (xdrproc_t) xdr_gpol_ret, (caddr_t) &clnt_res, - TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return (&clnt_res); + static gpol_ret clnt_res; + + memset(&clnt_res, 0, sizeof(clnt_res)); + if (clnt_call(clnt, GET_POLICY, + (xdrproc_t) xdr_gpol_arg, (caddr_t) argp, + (xdrproc_t) xdr_gpol_ret, (caddr_t) &clnt_res, + TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return (&clnt_res); } gpols_ret * get_pols_2(gpols_arg *argp, CLIENT *clnt) { - static gpols_ret clnt_res; - - memset(&clnt_res, 0, sizeof(clnt_res)); - if (clnt_call(clnt, GET_POLS, - (xdrproc_t) xdr_gpols_arg, (caddr_t) argp, - (xdrproc_t) xdr_gpols_ret, (caddr_t) &clnt_res, - TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return (&clnt_res); + static gpols_ret clnt_res; + + memset(&clnt_res, 0, sizeof(clnt_res)); + if (clnt_call(clnt, GET_POLS, + (xdrproc_t) xdr_gpols_arg, (caddr_t) argp, + (xdrproc_t) xdr_gpols_ret, (caddr_t) &clnt_res, + TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return (&clnt_res); } getprivs_ret * get_privs_2(void *argp, CLIENT *clnt) { - static getprivs_ret clnt_res; - - memset(&clnt_res, 0, sizeof(clnt_res)); - if (clnt_call(clnt, GET_PRIVS, - (xdrproc_t) xdr_u_int32, (caddr_t) argp, - (xdrproc_t) xdr_getprivs_ret, (caddr_t) &clnt_res, - TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return (&clnt_res); + static getprivs_ret clnt_res; + + memset(&clnt_res, 0, sizeof(clnt_res)); + if (clnt_call(clnt, GET_PRIVS, + (xdrproc_t) xdr_u_int32, (caddr_t) argp, + (xdrproc_t) xdr_getprivs_ret, (caddr_t) &clnt_res, + TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return (&clnt_res); } generic_ret * init_2(void *argp, CLIENT *clnt) { - static generic_ret clnt_res; - - memset(&clnt_res, 0, sizeof(clnt_res)); - if (clnt_call(clnt, INIT, - (xdrproc_t) xdr_u_int32, (caddr_t) argp, - (xdrproc_t) xdr_generic_ret, (caddr_t) &clnt_res, - TIMEOUT) != RPC_SUCCESS) { - return (NULL); - } - return (&clnt_res); + static generic_ret clnt_res; + + memset(&clnt_res, 0, sizeof(clnt_res)); + if (clnt_call(clnt, INIT, + (xdrproc_t) xdr_u_int32, (caddr_t) argp, + (xdrproc_t) xdr_generic_ret, (caddr_t) &clnt_res, + TIMEOUT) != RPC_SUCCESS) { + return (NULL); + } + return (&clnt_res); } diff --git a/src/lib/kadm5/clnt/clnt_chpass_util.c b/src/lib/kadm5/clnt/clnt_chpass_util.c index 71ab649374..618efda980 100644 --- a/src/lib/kadm5/clnt/clnt_chpass_util.c +++ b/src/lib/kadm5/clnt/clnt_chpass_util.c @@ -1,16 +1,17 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ #include <kadm5/admin.h> #include "client_internal.h" kadm5_ret_t kadm5_chpass_principal_util(void *server_handle, - krb5_principal princ, - char *new_pw, - char **ret_pw, - char *msg_ret, - unsigned int msg_len) + krb5_principal princ, + char *new_pw, + char **ret_pw, + char *msg_ret, + unsigned int msg_len) { - kadm5_server_handle_t handle = server_handle; + kadm5_server_handle_t handle = server_handle; - CHECK_HANDLE(server_handle); - return _kadm5_chpass_principal_util(handle, handle->lhandle, princ, - new_pw, ret_pw, msg_ret, msg_len); + CHECK_HANDLE(server_handle); + return _kadm5_chpass_principal_util(handle, handle->lhandle, princ, + new_pw, ret_pw, msg_ret, msg_len); } diff --git a/src/lib/kadm5/clnt/clnt_policy.c b/src/lib/kadm5/clnt/clnt_policy.c index fc91245e8e..0b6796f272 100644 --- a/src/lib/kadm5/clnt/clnt_policy.c +++ b/src/lib/kadm5/clnt/clnt_policy.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 OpenVision Technologies, Inc., All Rights Reserved * @@ -12,29 +13,29 @@ static char *rcsid = "$Header$"; #include <kadm5/admin.h> #include <kadm5/kadm_rpc.h> #include "client_internal.h" -#include <stdlib.h> -#include <string.h> -#include <errno.h> +#include <stdlib.h> +#include <string.h> +#include <errno.h> kadm5_ret_t kadm5_create_policy(void *server_handle, - kadm5_policy_ent_t policy, long mask) + kadm5_policy_ent_t policy, long mask) { - cpol_arg arg; - generic_ret *r; + cpol_arg arg; + generic_ret *r; kadm5_server_handle_t handle = server_handle; CHECK_HANDLE(server_handle); if(policy == (kadm5_policy_ent_t) NULL) - return EINVAL; + return EINVAL; arg.mask = mask; arg.api_version = handle->api_version; memcpy(&arg.rec, policy, sizeof(kadm5_policy_ent_rec)); r = create_policy_2(&arg, handle->clnt); if(r == NULL) - return KADM5_RPC_ERROR; + return KADM5_RPC_ERROR; return r->code; } @@ -42,45 +43,45 @@ kadm5_create_policy(void *server_handle, kadm5_ret_t kadm5_delete_policy(void *server_handle, char *name) { - dpol_arg arg; - generic_ret *r; + dpol_arg arg; + generic_ret *r; kadm5_server_handle_t handle = server_handle; - + CHECK_HANDLE(server_handle); if(name == NULL) - return EINVAL; + return EINVAL; arg.name = name; arg.api_version = handle->api_version; r = delete_policy_2(&arg, handle->clnt); if(r == NULL) - return KADM5_RPC_ERROR; + return KADM5_RPC_ERROR; return r->code; } kadm5_ret_t kadm5_modify_policy(void *server_handle, - kadm5_policy_ent_t policy, long mask) + kadm5_policy_ent_t policy, long mask) { - mpol_arg arg; - generic_ret *r; + mpol_arg arg; + generic_ret *r; kadm5_server_handle_t handle = server_handle; CHECK_HANDLE(server_handle); if(policy == (kadm5_policy_ent_t) NULL) - return EINVAL; - + return EINVAL; + arg.mask = mask; arg.api_version = handle->api_version; memcpy(&arg.rec, policy, sizeof(kadm5_policy_ent_rec)); r = modify_policy_2(&arg, handle->clnt); if(r == NULL) - return KADM5_RPC_ERROR; + return KADM5_RPC_ERROR; return r->code; } @@ -88,8 +89,8 @@ kadm5_modify_policy(void *server_handle, kadm5_ret_t kadm5_get_policy(void *server_handle, char *name, kadm5_policy_ent_t ent) { - gpol_arg arg; - gpol_ret *r; + gpol_arg arg; + gpol_ret *r; kadm5_server_handle_t handle = server_handle; CHECK_HANDLE(server_handle); @@ -98,41 +99,41 @@ kadm5_get_policy(void *server_handle, char *name, kadm5_policy_ent_t ent) arg.api_version = handle->api_version; if(name == NULL) - return EINVAL; - + return EINVAL; + r = get_policy_2(&arg, handle->clnt); if(r == NULL) - return KADM5_RPC_ERROR; + return KADM5_RPC_ERROR; if (r->code == 0) - memcpy(ent, &r->rec, sizeof(r->rec)); - + memcpy(ent, &r->rec, sizeof(r->rec)); + return r->code; } kadm5_ret_t kadm5_get_policies(void *server_handle, - char *exp, char ***pols, int *count) + char *exp, char ***pols, int *count) { - gpols_arg arg; - gpols_ret *r; + gpols_arg arg; + gpols_ret *r; kadm5_server_handle_t handle = server_handle; CHECK_HANDLE(server_handle); if(pols == NULL || count == NULL) - return EINVAL; + return EINVAL; arg.exp = exp; arg.api_version = handle->api_version; r = get_pols_2(&arg, handle->clnt); if(r == NULL) - return KADM5_RPC_ERROR; + return KADM5_RPC_ERROR; if(r->code == 0) { - *count = r->count; - *pols = r->pols; + *count = r->count; + *pols = r->pols; } else { - *count = 0; - *pols = NULL; + *count = 0; + *pols = NULL; } - + return r->code; } diff --git a/src/lib/kadm5/clnt/clnt_privs.c b/src/lib/kadm5/clnt/clnt_privs.c index 5f7ed43703..15b16b1c93 100644 --- a/src/lib/kadm5/clnt/clnt_privs.c +++ b/src/lib/kadm5/clnt/clnt_privs.c @@ -1,9 +1,10 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 OpenVision Technologies, Inc., All Rights Reserved. * * $Id$ * $Source$ - * + * */ #if !defined(lint) && !defined(__CODECENTER__) @@ -17,14 +18,14 @@ static char *rcsid = "$Header$"; kadm5_ret_t kadm5_get_privs(void *server_handle, long *privs) { - getprivs_ret *r; - kadm5_server_handle_t handle = server_handle; + getprivs_ret *r; + kadm5_server_handle_t handle = server_handle; - r = get_privs_2(&handle->api_version, handle->clnt); - if (r == NULL) - return KADM5_RPC_ERROR; - else if (r->code == KADM5_OK) - *privs = r->privs; + r = get_privs_2(&handle->api_version, handle->clnt); + if (r == NULL) + return KADM5_RPC_ERROR; + else if (r->code == KADM5_OK) + *privs = r->privs; - return r->code; + return r->code; } |