diff options
Diffstat (limited to 'src/plugins/kdb/db2/kdb_db2.c')
-rw-r--r-- | src/plugins/kdb/db2/kdb_db2.c | 1261 |
1 files changed, 631 insertions, 630 deletions
diff --git a/src/plugins/kdb/db2/kdb_db2.c b/src/plugins/kdb/db2/kdb_db2.c index 363a1f3d15..042649e49f 100644 --- a/src/plugins/kdb/db2/kdb_db2.c +++ b/src/plugins/kdb/db2/kdb_db2.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/kdb/kdb_db2.c * @@ -130,8 +131,8 @@ static char default_db_name[] = DEFAULT_KDB_FILE; /* * Routines to deal with context. */ -#define k5db2_inited(c) (c && c->dal_handle \ - && c->dal_handle->db_context \ +#define k5db2_inited(c) (c && c->dal_handle \ + && c->dal_handle->db_context \ && ((krb5_db2_context *) c->dal_handle->db_context)->db_inited) static krb5_error_code @@ -139,23 +140,23 @@ krb5_db2_get_db_opt(char *input, char **opt, char **val) { char *pos = strchr(input, '='); if (pos == NULL) { - *opt = NULL; - *val = strdup(input); - if (*val == NULL) { - return ENOMEM; - } + *opt = NULL; + *val = strdup(input); + if (*val == NULL) { + return ENOMEM; + } } else { - *opt = malloc((pos - input) + 1); - *val = strdup(pos + 1); - if (!*opt || !*val) { - free(*opt); - *opt = NULL; - free(*val); - *val = NULL; - return ENOMEM; - } - memcpy(*opt, input, pos - input); - (*opt)[pos - input] = '\0'; + *opt = malloc((pos - input) + 1); + *val = strdup(pos + 1); + if (!*opt || !*val) { + free(*opt); + *opt = NULL; + free(*val); + *val = NULL; + return ENOMEM; + } + memcpy(*opt, input, pos - input); + (*opt)[pos - input] = '\0'; } return (0); @@ -172,9 +173,9 @@ k5db2_clear_context(krb5_db2_context *dbctx) * are the caller's problem. */ if (dbctx->db_lf_name) - free(dbctx->db_lf_name); + free(dbctx->db_lf_name); if (dbctx->db_name && (dbctx->db_name != default_db_name)) - free(dbctx->db_name); + free(dbctx->db_name); /* * Clear the structure and reset the defaults. */ @@ -193,14 +194,14 @@ k5db2_init_context(krb5_context context) dal_handle = context->dal_handle; if (dal_handle->db_context == NULL) { - db_ctx = (krb5_db2_context *) malloc(sizeof(krb5_db2_context)); - if (db_ctx == NULL) - return ENOMEM; - else { - memset(db_ctx, 0, sizeof(krb5_db2_context)); - k5db2_clear_context((krb5_db2_context *) db_ctx); - dal_handle->db_context = (void *) db_ctx; - } + db_ctx = (krb5_db2_context *) malloc(sizeof(krb5_db2_context)); + if (db_ctx == NULL) + return ENOMEM; + else { + memset(db_ctx, 0, sizeof(krb5_db2_context)); + k5db2_clear_context((krb5_db2_context *) db_ctx); + dal_handle->db_context = (void *) db_ctx; + } } return (0); } @@ -215,10 +216,10 @@ gen_dbsuffix(char *db_name, char *sfx) char *dbsuffix; if (sfx == NULL) - return ((char *) NULL); + return ((char *) NULL); if (asprintf(&dbsuffix, "%s%s", db_name, sfx) < 0) - return (0); + return (0); return dbsuffix; } @@ -237,14 +238,14 @@ k5db2_dbopen(krb5_db2_context *dbc, char *fname, int flags, int mode, int tempdb bti.prefix = NULL; if (tempdb) { - fname = gen_dbsuffix(fname, "~"); + fname = gen_dbsuffix(fname, "~"); } else { - fname = strdup(fname); + fname = strdup(fname); } if (fname == NULL) { - errno = ENOMEM; - return NULL; + errno = ENOMEM; + return NULL; } @@ -256,25 +257,25 @@ k5db2_dbopen(krb5_db2_context *dbc, char *fname, int flags, int mode, int tempdb hashi.nelem = 1; db = dbopen(fname, flags, mode, - dbc->hashfirst ? DB_HASH : DB_BTREE, - dbc->hashfirst ? (void *) &hashi : (void *) &bti); + dbc->hashfirst ? DB_HASH : DB_BTREE, + dbc->hashfirst ? (void *) &hashi : (void *) &bti); if (db != NULL) { - free(fname); - return db; + free(fname); + return db; } switch (errno) { #ifdef EFTYPE case EFTYPE: #endif case EINVAL: - db = dbopen(fname, flags, mode, - dbc->hashfirst ? DB_BTREE : DB_HASH, - dbc->hashfirst ? (void *) &bti : (void *) &hashi); - if (db != NULL) - dbc->hashfirst = !dbc->hashfirst; + db = dbopen(fname, flags, mode, + dbc->hashfirst ? DB_BTREE : DB_HASH, + dbc->hashfirst ? (void *) &bti : (void *) &hashi); + if (db != NULL) + dbc->hashfirst = !dbc->hashfirst; default: - free(fname); - return db; + free(fname); + return db; } } @@ -285,7 +286,7 @@ krb5_db2_db_set_hashfirst(krb5_context context, int hashfirst) kdb5_dal_handle *dal_handle; if (k5db2_inited(context)) - return KRB5_KDB_DBNOTINITED; + return KRB5_KDB_DBNOTINITED; dal_handle = context->dal_handle; dbc = (krb5_db2_context *) dal_handle->db_context; dbc->hashfirst = hashfirst; @@ -306,51 +307,51 @@ krb5_db2_db_init(krb5_context context) char policy_db_name[1024], policy_lock_name[1024]; if (k5db2_inited(context)) - return 0; + return 0; /* Check for presence of our context, if not present, allocate one. */ if ((retval = k5db2_init_context(context))) - return (retval); + return (retval); dal_handle = context->dal_handle; db_ctx = dal_handle->db_context; db_ctx->db = NULL; if (!(filename = gen_dbsuffix(db_ctx->db_name, db_ctx->tempdb - ?KDB2_TEMP_LOCK_EXT:KDB2_LOCK_EXT))) - return ENOMEM; - db_ctx->db_lf_name = filename; /* so it gets freed by clear_context */ + ?KDB2_TEMP_LOCK_EXT:KDB2_LOCK_EXT))) + return ENOMEM; + db_ctx->db_lf_name = filename; /* so it gets freed by clear_context */ /* * should be opened read/write so that write locking can work with * POSIX systems */ if ((db_ctx->db_lf_file = open(filename, O_RDWR, 0666)) < 0) { - if ((db_ctx->db_lf_file = open(filename, O_RDONLY, 0666)) < 0) { - retval = errno; - goto err_out; - } + if ((db_ctx->db_lf_file = open(filename, O_RDONLY, 0666)) < 0) { + retval = errno; + goto err_out; + } } set_cloexec_fd(db_ctx->db_lf_file); db_ctx->db_inited++; if ((retval = krb5_db2_db_get_age(context, NULL, &db_ctx->db_lf_time))) - goto err_out; + goto err_out; snprintf(policy_db_name, sizeof(policy_db_name), - db_ctx->tempdb ? "%s~.kadm5" : "%s.kadm5", - db_ctx->db_name); + db_ctx->tempdb ? "%s~.kadm5" : "%s.kadm5", + db_ctx->db_name); snprintf(policy_lock_name, sizeof(policy_lock_name), - "%s.lock", policy_db_name); + "%s.lock", policy_db_name); if ((retval = osa_adb_init_db(&db_ctx->policy_db, policy_db_name, - policy_lock_name, OSA_ADB_POLICY_DB_MAGIC))) + policy_lock_name, OSA_ADB_POLICY_DB_MAGIC))) { - goto err_out; + goto err_out; } return 0; - err_out: +err_out: db_ctx->db = NULL; k5db2_clear_context(db_ctx); return (retval); @@ -369,28 +370,28 @@ krb5_db2_db_fini(krb5_context context) dal_handle = context->dal_handle; if (dal_handle == NULL) { - return 0; + return 0; } db_ctx = (krb5_db2_context *) dal_handle->db_context; if (k5db2_inited(context)) { - if (close(db_ctx->db_lf_file)) - retval = errno; - else - retval = 0; + if (close(db_ctx->db_lf_file)) + retval = errno; + else + retval = 0; } if (db_ctx) { - if (db_ctx->policy_db) { - retval = - osa_adb_fini_db(db_ctx->policy_db, OSA_ADB_POLICY_DB_MAGIC); - if (retval) - return retval; - } + if (db_ctx->policy_db) { + retval = + osa_adb_fini_db(db_ctx->policy_db, OSA_ADB_POLICY_DB_MAGIC); + if (retval) + return retval; + } - k5db2_clear_context(db_ctx); - /* free(dal_handle->db_context); */ - dal_handle->db_context = NULL; + k5db2_clear_context(db_ctx); + /* free(dal_handle->db_context); */ + dal_handle->db_context = NULL; } return retval; } @@ -405,7 +406,7 @@ krb5_db2_db_set_mkey(krb5_context context, krb5_keyblock *key) kdb5_dal_handle *dal_handle; if (!k5db2_inited(context)) - return (KRB5_KDB_DBNOTINITED); + return (KRB5_KDB_DBNOTINITED); dal_handle = context->dal_handle; db_ctx = dal_handle->db_context; @@ -420,7 +421,7 @@ krb5_db2_db_get_mkey(krb5_context context, krb5_keyblock **key) kdb5_dal_handle *dal_handle; if (!k5db2_inited(context)) - return (KRB5_KDB_DBNOTINITED); + return (KRB5_KDB_DBNOTINITED); dal_handle = context->dal_handle; db_ctx = dal_handle->db_context; @@ -436,7 +437,7 @@ krb5_db2_db_set_mkey_list(krb5_context context, krb5_keylist_node *key_list) kdb5_dal_handle *dal_handle; if (!k5db2_inited(context)) - return (KRB5_KDB_DBNOTINITED); + return (KRB5_KDB_DBNOTINITED); dal_handle = context->dal_handle; db_ctx = dal_handle->db_context; @@ -451,7 +452,7 @@ krb5_db2_db_get_mkey_list(krb5_context context, krb5_keylist_node **key_list) kdb5_dal_handle *dal_handle; if (!k5db2_inited(context)) - return (KRB5_KDB_DBNOTINITED); + return (KRB5_KDB_DBNOTINITED); dal_handle = context->dal_handle; db_ctx = dal_handle->db_context; @@ -478,21 +479,21 @@ krb5_db2_db_set_name(krb5_context context, char *name, int tempdb) kdb5_dal_handle *dal_handle; if (k5db2_inited(context)) - return KRB5_KDB_DBINITED; + return KRB5_KDB_DBINITED; /* Check for presence of our context, if not present, allocate one. */ if ((kret = k5db2_init_context(context))) - return (kret); + return (kret); if (name == NULL) - name = default_db_name; + name = default_db_name; dal_handle = context->dal_handle; db_ctx = dal_handle->db_context; db_ctx->tempdb = tempdb; db = k5db2_dbopen(db_ctx, name, O_RDONLY, 0, tempdb); if (db == NULL) - return errno; + return errno; db_ctx->db_name = strdup(name); (*db->close) (db); @@ -513,14 +514,14 @@ krb5_db2_db_get_age(krb5_context context, char *db_name, time_t *age) struct stat st; if (!k5db2_inited(context)) - return (KRB5_KDB_DBNOTINITED); + return (KRB5_KDB_DBNOTINITED); dal_handle = context->dal_handle; db_ctx = (krb5_db2_context *) dal_handle->db_context; if (fstat(db_ctx->db_lf_file, &st) < 0) - *age = -1; + *age = -1; else - *age = st.st_mtime; + *age = st.st_mtime; return 0; } @@ -549,29 +550,29 @@ krb5_db2_db_end_update(krb5_context context) struct utimbuf utbuf; if (!k5db2_inited(context)) - return (KRB5_KDB_DBNOTINITED); + return (KRB5_KDB_DBNOTINITED); retval = 0; dal_handle = context->dal_handle; db_ctx = dal_handle->db_context; now = time((time_t *) NULL); if (fstat(db_ctx->db_lf_file, &st) == 0) { - if (st.st_mtime >= now) { - utbuf.actime = st.st_mtime + 1; - utbuf.modtime = st.st_mtime + 1; - if (utime(db_ctx->db_lf_name, &utbuf)) - retval = errno; - } else { - if (utime(db_ctx->db_lf_name, (struct utimbuf *) NULL)) - retval = errno; - } + if (st.st_mtime >= now) { + utbuf.actime = st.st_mtime + 1; + utbuf.modtime = st.st_mtime + 1; + if (utime(db_ctx->db_lf_name, &utbuf)) + retval = errno; + } else { + if (utime(db_ctx->db_lf_name, (struct utimbuf *) NULL)) + retval = errno; + } } else - retval = errno; + retval = errno; if (!retval) { - if (fstat(db_ctx->db_lf_file, &st) == 0) - db_ctx->db_lf_time = st.st_mtime; - else - retval = errno; + if (fstat(db_ctx->db_lf_file, &st) == 0) + db_ctx->db_lf_time = st.st_mtime; + else + retval = errno; } return (retval); } @@ -591,76 +592,76 @@ krb5_db2_db_lock(krb5_context context, int in_mode) switch (in_mode) { case KRB5_DB_LOCKMODE_PERMANENT: - mode = KRB5_DB_LOCKMODE_EXCLUSIVE; - break; + mode = KRB5_DB_LOCKMODE_EXCLUSIVE; + break; case KRB5_DB_LOCKMODE_EXCLUSIVE: - mode = KRB5_LOCKMODE_EXCLUSIVE; - break; + mode = KRB5_LOCKMODE_EXCLUSIVE; + break; case KRB5_DB_LOCKMODE_SHARED: - mode = KRB5_LOCKMODE_SHARED; - break; + mode = KRB5_LOCKMODE_SHARED; + break; default: - return EINVAL; + return EINVAL; } if (!k5db2_inited(context)) - return KRB5_KDB_DBNOTINITED; + return KRB5_KDB_DBNOTINITED; dal_handle = context->dal_handle; db_ctx = (krb5_db2_context *) dal_handle->db_context; if (db_ctx->db_locks_held && (db_ctx->db_lock_mode >= mode)) { - /* No need to upgrade lock, just return */ - db_ctx->db_locks_held++; - goto policy_lock; + /* No need to upgrade lock, just return */ + db_ctx->db_locks_held++; + goto policy_lock; } if ((mode != KRB5_LOCKMODE_SHARED) && (mode != KRB5_LOCKMODE_EXCLUSIVE)) - return KRB5_KDB_BADLOCKMODE; + return KRB5_KDB_BADLOCKMODE; krb5_lock_mode = mode | KRB5_LOCKMODE_DONTBLOCK; for (gotlock = tries = 0; tries < MAX_LOCK_TRIES; tries++) { - retval = krb5_lock_file(context, db_ctx->db_lf_file, krb5_lock_mode); - if (retval == 0) { - gotlock++; - break; - } else if (retval == EBADF && mode == KRB5_DB_LOCKMODE_EXCLUSIVE) - /* tried to exclusive-lock something we don't have */ - /* write access to */ - return KRB5_KDB_CANTLOCK_DB; - sleep(1); + retval = krb5_lock_file(context, db_ctx->db_lf_file, krb5_lock_mode); + if (retval == 0) { + gotlock++; + break; + } else if (retval == EBADF && mode == KRB5_DB_LOCKMODE_EXCLUSIVE) + /* tried to exclusive-lock something we don't have */ + /* write access to */ + return KRB5_KDB_CANTLOCK_DB; + sleep(1); } if (retval == EACCES) - return KRB5_KDB_CANTLOCK_DB; + return KRB5_KDB_CANTLOCK_DB; else if (retval == EAGAIN || retval == EWOULDBLOCK) - return OSA_ADB_CANTLOCK_DB; + return OSA_ADB_CANTLOCK_DB; else if (retval != 0) - return retval; + return retval; if ((retval = krb5_db2_db_get_age(context, NULL, &mod_time))) - goto lock_error; + goto lock_error; db = k5db2_dbopen(db_ctx, db_ctx->db_name, - mode == KRB5_LOCKMODE_SHARED ? O_RDONLY : O_RDWR, 0600, db_ctx->tempdb); + mode == KRB5_LOCKMODE_SHARED ? O_RDONLY : O_RDWR, 0600, db_ctx->tempdb); if (db) { - db_ctx->db_lf_time = mod_time; - db_ctx->db = db; + db_ctx->db_lf_time = mod_time; + db_ctx->db = db; } else { - retval = errno; - db_ctx->db = NULL; - goto lock_error; + retval = errno; + db_ctx->db = NULL; + goto lock_error; } db_ctx->db_lock_mode = mode; db_ctx->db_locks_held++; - policy_lock: +policy_lock: if ((retval = osa_adb_get_lock(db_ctx->policy_db, in_mode))) { - krb5_db2_db_unlock(context); + krb5_db2_db_unlock(context); } return retval; - lock_error:; +lock_error:; db_ctx->db_lock_mode = 0; db_ctx->db_locks_held = 0; krb5_db2_db_unlock(context); @@ -676,26 +677,26 @@ krb5_db2_db_unlock(krb5_context context) krb5_error_code retval; if (!k5db2_inited(context)) - return KRB5_KDB_DBNOTINITED; + return KRB5_KDB_DBNOTINITED; dal_handle = context->dal_handle; db_ctx = (krb5_db2_context *) dal_handle->db_context; if ((retval = osa_adb_release_lock(db_ctx->policy_db))) { - return retval; + return retval; } - if (!db_ctx->db_locks_held) /* lock already unlocked */ - return KRB5_KDB_NOTLOCKED; + if (!db_ctx->db_locks_held) /* lock already unlocked */ + return KRB5_KDB_NOTLOCKED; db = db_ctx->db; if (--(db_ctx->db_locks_held) == 0) { - (*db->close) (db); - db_ctx->db = NULL; + (*db->close) (db); + db_ctx->db = NULL; - retval = krb5_lock_file(context, db_ctx->db_lf_file, - KRB5_LOCKMODE_UNLOCK); - db_ctx->db_lock_mode = 0; - return (retval); + retval = krb5_lock_file(context, db_ctx->db_lf_file, + KRB5_LOCKMODE_UNLOCK); + db_ctx->db_lock_mode = 0; + return (retval); } return 0; } @@ -716,49 +717,49 @@ krb5_db2_db_create(krb5_context context, char *db_name, krb5_int32 flags) char policy_db_name[1024], policy_lock_name[1024]; if ((retval = k5db2_init_context(context))) - return (retval); + return (retval); dal_handle = context->dal_handle; db_ctx = (krb5_db2_context *) dal_handle->db_context; switch (flags) { case KRB5_KDB_CREATE_HASH: - if ((retval = krb5_db2_db_set_hashfirst(context, TRUE))) - return retval; - break; + if ((retval = krb5_db2_db_set_hashfirst(context, TRUE))) + return retval; + break; case KRB5_KDB_CREATE_BTREE: case 0: - if ((retval = krb5_db2_db_set_hashfirst(context, FALSE))) - return retval; - break; + if ((retval = krb5_db2_db_set_hashfirst(context, FALSE))) + return retval; + break; default: - return KRB5_KDB_BAD_CREATEFLAGS; + return KRB5_KDB_BAD_CREATEFLAGS; } db = k5db2_dbopen(db_ctx, db_name, O_RDWR | O_CREAT | O_EXCL, 0600, db_ctx->tempdb); if (db == NULL) - return errno; + return errno; (*db->close) (db); db_name2 = db_ctx->tempdb ? gen_dbsuffix(db_name, "~") : strdup(db_name); if (db_name2 == NULL) - return ENOMEM; + return ENOMEM; okname = gen_dbsuffix(db_name2, KDB2_LOCK_EXT); if (!okname) - retval = ENOMEM; + retval = ENOMEM; else { - fd = open(okname, O_CREAT | O_RDWR | O_TRUNC, 0600); - if (fd < 0) - retval = errno; - else - close(fd); - free_dbsuffix(okname); + fd = open(okname, O_CREAT | O_RDWR | O_TRUNC, 0600); + if (fd < 0) + retval = errno; + else + close(fd); + free_dbsuffix(okname); } snprintf(policy_db_name, sizeof(policy_db_name), "%s.kadm5", db_name2); snprintf(policy_lock_name, sizeof(policy_lock_name), - "%s.lock", policy_db_name); + "%s.lock", policy_db_name); retval = osa_adb_create_db(policy_db_name, - policy_lock_name, OSA_ADB_POLICY_DB_MAGIC); + policy_lock_name, OSA_ADB_POLICY_DB_MAGIC); free(db_name2); return retval; } @@ -772,7 +773,7 @@ destroy_file_suffix(char *dbname, char *suffix) char *filename; struct stat statb; int nb, fd; - int j; + int j; off_t pos; char buf[BUFSIZ]; char zbuf[BUFSIZ]; @@ -780,19 +781,19 @@ destroy_file_suffix(char *dbname, char *suffix) filename = gen_dbsuffix(dbname, suffix); if (filename == 0) - return ENOMEM; + return ENOMEM; if ((fd = open(filename, O_RDWR, 0)) < 0) { - free(filename); - return errno; + free(filename); + return errno; } set_cloexec_fd(fd); /* fstat() will probably not fail unless using a remote filesystem * (which is inappropriate for the kerberos database) so this check * is mostly paranoia. */ if (fstat(fd, &statb) == -1) { - int retval = errno; - free(filename); - return retval; + int retval = errno; + free(filename); + return retval; } /* * Stroll through the file, reading in BUFSIZ chunks. If everything @@ -805,31 +806,31 @@ destroy_file_suffix(char *dbname, char *suffix) memset(zbuf, 0, BUFSIZ); pos = 0; while (pos < statb.st_size) { - dowrite = 0; - nb = read(fd, buf, BUFSIZ); - if (nb < 0) { - int retval = errno; - free(filename); - return retval; - } - for (j = 0; j < nb; j++) { - if (buf[j] != '\0') { - dowrite = 1; - break; - } - } - /* For signedness */ - j = nb; - if (dowrite) { - lseek(fd, pos, SEEK_SET); - nb = write(fd, zbuf, j); - if (nb < 0) { - int retval = errno; - free(filename); - return retval; - } - } - pos += nb; + dowrite = 0; + nb = read(fd, buf, BUFSIZ); + if (nb < 0) { + int retval = errno; + free(filename); + return retval; + } + for (j = 0; j < nb; j++) { + if (buf[j] != '\0') { + dowrite = 1; + break; + } + } + /* For signedness */ + j = nb; + if (dowrite) { + lseek(fd, pos, SEEK_SET); + nb = write(fd, zbuf, j); + if (nb < 0) { + int retval = errno; + free(filename); + return retval; + } + } + pos += nb; } /* ??? Is fsync really needed? I don't know of any non-networked * filesystem which will discard queued writes to disk if a file @@ -840,8 +841,8 @@ destroy_file_suffix(char *dbname, char *suffix) close(fd); if (unlink(filename)) { - free(filename); - return (errno); + free(filename); + return (errno); } free(filename); return (0); @@ -866,10 +867,10 @@ krb5_db2_db_destroy(krb5_context context, char *dbname) tmpcontext = 0; if (!context->dal_handle - || !context->dal_handle->db_context) { - tmpcontext = 1; - if ((retval1 = k5db2_init_context(context))) - return (retval1); + || !context->dal_handle->db_context) { + tmpcontext = 1; + if ((retval1 = k5db2_init_context(context))) + return (retval1); } retval1 = retval2 = 0; @@ -877,20 +878,20 @@ krb5_db2_db_destroy(krb5_context context, char *dbname) retval2 = destroy_file_suffix(dbname, KDB2_LOCK_EXT); if (tmpcontext) { - k5db2_clear_context((krb5_db2_context *) context->dal_handle->db_context); - free(context->dal_handle->db_context); - context->dal_handle->db_context = NULL; + k5db2_clear_context((krb5_db2_context *) context->dal_handle->db_context); + free(context->dal_handle->db_context); + context->dal_handle->db_context = NULL; } if (retval1 || retval2) - return (retval1 ? retval1 : retval2); + return (retval1 ? retval1 : retval2); snprintf(policy_db_name, sizeof(policy_db_name), "%s.kadm5", dbname); snprintf(policy_lock_name, sizeof(policy_lock_name), - "%s.lock", policy_db_name); + "%s.lock", policy_db_name); retval1 = osa_adb_destroy_db(policy_db_name, - policy_lock_name, OSA_ADB_POLICY_DB_MAGIC); + policy_lock_name, OSA_ADB_POLICY_DB_MAGIC); return retval1; } @@ -903,10 +904,10 @@ krb5_db2_db_destroy(krb5_context context, char *dbname) krb5_error_code krb5_db2_db_get_principal(krb5_context context, - krb5_const_principal searchfor, - krb5_db_entry *entries, /* filled in */ - int *nentries, /* how much room/how many found */ - krb5_boolean *more) /* are there more? */ + krb5_const_principal searchfor, + krb5_db_entry *entries, /* filled in */ + int *nentries, /* how much room/how many found */ + krb5_boolean *more) /* are there more? */ { krb5_db2_context *db_ctx; krb5_error_code retval; @@ -920,27 +921,27 @@ krb5_db2_db_get_principal(krb5_context context, *nentries = 0; if (!k5db2_inited(context)) - return KRB5_KDB_DBNOTINITED; + return KRB5_KDB_DBNOTINITED; dal_handle = context->dal_handle; db_ctx = (krb5_db2_context *) dal_handle->db_context; for (trynum = 0; trynum < KRB5_DB2_MAX_RETRY; trynum++) { - if ((retval = krb5_db2_db_lock(context, KRB5_LOCKMODE_SHARED))) { - if (db_ctx->db_nb_locks) - return (retval); - sleep(1); - continue; - } - break; + if ((retval = krb5_db2_db_lock(context, KRB5_LOCKMODE_SHARED))) { + if (db_ctx->db_nb_locks) + return (retval); + sleep(1); + continue; + } + break; } if (trynum == KRB5_DB2_MAX_RETRY) - return KRB5_KDB_DB_INUSE; + return KRB5_KDB_DB_INUSE; /* XXX deal with wildcard lookups */ retval = krb5_encode_princ_dbkey(context, &keydata, searchfor); if (retval) - goto cleanup; + goto cleanup; key.data = keydata.data; key.size = keydata.length; @@ -950,35 +951,35 @@ krb5_db2_db_get_principal(krb5_context context, krb5_free_data_contents(context, &keydata); switch (dbret) { case 1: - retval = 0; + retval = 0; case -1: default: - *nentries = 0; - goto cleanup; + *nentries = 0; + goto cleanup; case 0: - contdata.data = contents.data; - contdata.length = contents.size; - retval = krb5_decode_princ_contents(context, &contdata, entries); - if (!retval) - *nentries = 1; - break; + contdata.data = contents.data; + contdata.length = contents.size; + retval = krb5_decode_princ_contents(context, &contdata, entries); + if (!retval) + *nentries = 1; + break; } - cleanup: - (void) krb5_db2_db_unlock(context); /* unlock read lock */ +cleanup: + (void) krb5_db2_db_unlock(context); /* unlock read lock */ return retval; } /* Free stuff returned by krb5_db2_db_get_principal. - */ +*/ krb5_error_code krb5_db2_db_free_principal(krb5_context context, krb5_db_entry *entries, - int nentries) + int nentries) { register int i; for (i = 0; i < nentries; i++) - krb5_dbe_free_contents(context, &entries[i]); + krb5_dbe_free_contents(context, &entries[i]); return 0; } @@ -990,13 +991,13 @@ krb5_db2_db_free_principal(krb5_context context, krb5_db_entry *entries, acutally stored; the first *"nstored" records will have been stored in the database (even if an error occurs). - */ +*/ krb5_error_code krb5_db2_db_put_principal(krb5_context context, - krb5_db_entry *entries, - int *nentries, /* number of entry structs to update */ - char **db_args) + krb5_db_entry *entries, + int *nentries, /* number of entry structs to update */ + char **db_args) { int i, n, dbret; DB *db; @@ -1008,55 +1009,55 @@ krb5_db2_db_put_principal(krb5_context context, krb5_clear_error_message (context); if (db_args) { - /* DB2 does not support db_args DB arguments for principal */ - krb5_set_error_message(context, EINVAL, - "Unsupported argument \"%s\" for db2", - db_args[0]); - return EINVAL; + /* DB2 does not support db_args DB arguments for principal */ + krb5_set_error_message(context, EINVAL, + "Unsupported argument \"%s\" for db2", + db_args[0]); + return EINVAL; } n = *nentries; *nentries = 0; if (!k5db2_inited(context)) - return KRB5_KDB_DBNOTINITED; + return KRB5_KDB_DBNOTINITED; dal_handle = context->dal_handle; db_ctx = (krb5_db2_context *) dal_handle->db_context; if ((retval = krb5_db2_db_lock(context, KRB5_LOCKMODE_EXCLUSIVE))) - return retval; + return retval; db = db_ctx->db; if ((retval = krb5_db2_db_start_update(context))) { - (void) krb5_db2_db_unlock(context); - return retval; + (void) krb5_db2_db_unlock(context); + return retval; } /* for each one, stuff temps, and do replace/append */ for (i = 0; i < n; i++) { - retval = krb5_encode_princ_contents(context, &contdata, entries); - if (retval) - break; - contents.data = contdata.data; - contents.size = contdata.length; - retval = krb5_encode_princ_dbkey(context, &keydata, entries->princ); - if (retval) { - krb5_free_data_contents(context, &contdata); - break; - } - - key.data = keydata.data; - key.size = keydata.length; - dbret = (*db->put) (db, &key, &contents, 0); - retval = dbret ? errno : 0; - krb5_free_data_contents(context, &keydata); - krb5_free_data_contents(context, &contdata); - if (retval) - break; - entries++; /* bump to next struct */ + retval = krb5_encode_princ_contents(context, &contdata, entries); + if (retval) + break; + contents.data = contdata.data; + contents.size = contdata.length; + retval = krb5_encode_princ_dbkey(context, &keydata, entries->princ); + if (retval) { + krb5_free_data_contents(context, &contdata); + break; + } + + key.data = keydata.data; + key.size = keydata.length; + dbret = (*db->put) (db, &key, &contents, 0); + retval = dbret ? errno : 0; + krb5_free_data_contents(context, &keydata); + krb5_free_data_contents(context, &contdata); + if (retval) + break; + entries++; /* bump to next struct */ } (void) krb5_db2_db_end_update(context); - (void) krb5_db2_db_unlock(context); /* unlock database */ + (void) krb5_db2_db_unlock(context); /* unlock database */ *nentries = i; return (retval); } @@ -1068,8 +1069,8 @@ krb5_db2_db_put_principal(krb5_context context, krb5_error_code krb5_db2_db_delete_principal(krb5_context context, - krb5_const_principal searchfor, - int *nentries) /* how many found & deleted */ + krb5_const_principal searchfor, + int *nentries) /* how many found & deleted */ { krb5_error_code retval; krb5_db_entry entry; @@ -1081,20 +1082,20 @@ krb5_db2_db_delete_principal(krb5_context context, kdb5_dal_handle *dal_handle; if (!k5db2_inited(context)) - return KRB5_KDB_DBNOTINITED; + return KRB5_KDB_DBNOTINITED; dal_handle = context->dal_handle; db_ctx = (krb5_db2_context *) dal_handle->db_context; if ((retval = krb5_db2_db_lock(context, KRB5_LOCKMODE_EXCLUSIVE))) - return (retval); + return (retval); if ((retval = krb5_db2_db_start_update(context))) { - (void) krb5_db2_db_unlock(context); /* unlock write lock */ - return (retval); + (void) krb5_db2_db_unlock(context); /* unlock write lock */ + return (retval); } if ((retval = krb5_encode_princ_dbkey(context, &keydata, searchfor))) - goto cleanup; + goto cleanup; key.data = keydata.data; key.size = keydata.length; @@ -1103,34 +1104,34 @@ krb5_db2_db_delete_principal(krb5_context context, retval = errno; switch (dbret) { case 1: - retval = KRB5_KDB_NOENTRY; + retval = KRB5_KDB_NOENTRY; case -1: default: - *nentries = 0; - goto cleankey; + *nentries = 0; + goto cleankey; case 0: - ; + ; } memset(&entry, 0, sizeof(entry)); contdata.data = contents.data; contdata.length = contents.size; retval = krb5_decode_princ_contents(context, &contdata, &entry); if (retval) - goto cleankey; + goto cleankey; *nentries = 1; /* Clear encrypted key contents */ for (i = 0; i < entry.n_key_data; i++) { - if (entry.key_data[i].key_data_length[0]) { - memset(entry.key_data[i].key_data_contents[0], 0, - (unsigned) entry.key_data[i].key_data_length[0]); - } + if (entry.key_data[i].key_data_length[0]) { + memset(entry.key_data[i].key_data_contents[0], 0, + (unsigned) entry.key_data[i].key_data_length[0]); + } } retval = krb5_encode_princ_contents(context, &contdata, &entry); krb5_dbe_free_contents(context, &entry); if (retval) - goto cleankey; + goto cleankey; contents.data = contdata.data; contents.size = contdata.length; @@ -1138,23 +1139,23 @@ krb5_db2_db_delete_principal(krb5_context context, retval = dbret ? errno : 0; krb5_free_data_contents(context, &contdata); if (retval) - goto cleankey; + goto cleankey; dbret = (*db->del) (db, &key, 0); retval = dbret ? errno : 0; - cleankey: +cleankey: krb5_free_data_contents(context, &keydata); - cleanup: +cleanup: (void) krb5_db2_db_end_update(context); - (void) krb5_db2_db_unlock(context); /* unlock write lock */ + (void) krb5_db2_db_unlock(context); /* unlock write lock */ return retval; } krb5_error_code krb5_db2_db_iterate_ext(krb5_context context, - krb5_error_code(*func) (krb5_pointer, krb5_db_entry *), - krb5_pointer func_arg, - int backwards, int recursive) + krb5_error_code(*func) (krb5_pointer, krb5_db_entry *), + krb5_pointer func_arg, + int backwards, int recursive) { krb5_db2_context *db_ctx; DB *db; @@ -1168,75 +1169,75 @@ krb5_db2_db_iterate_ext(krb5_context context, cookie = NULL; if (!k5db2_inited(context)) - return KRB5_KDB_DBNOTINITED; + return KRB5_KDB_DBNOTINITED; dal_handle = context->dal_handle; db_ctx = (krb5_db2_context *) dal_handle->db_context; retval = krb5_db2_db_lock(context, KRB5_LOCKMODE_SHARED); if (retval) - return retval; + return retval; db = db_ctx->db; if (recursive && db->type != DB_BTREE) { - (void) krb5_db2_db_unlock(context); - return KRB5_KDB_UK_RERROR; /* Not optimal, but close enough. */ + (void) krb5_db2_db_unlock(context); + return KRB5_KDB_UK_RERROR; /* Not optimal, but close enough. */ } if (!recursive) { - dbret = (*db->seq) (db, &key, &contents, backwards ? R_LAST : R_FIRST); + dbret = (*db->seq) (db, &key, &contents, backwards ? R_LAST : R_FIRST); } else { #ifdef HAVE_BT_RSEQ - dbret = bt_rseq(db, &key, &contents, &cookie, - backwards ? R_LAST : R_FIRST); + dbret = bt_rseq(db, &key, &contents, &cookie, + backwards ? R_LAST : R_FIRST); #else - (void) krb5_db2_db_unlock(context); - return KRB5_KDB_UK_RERROR; /* Not optimal, but close enough. */ + (void) krb5_db2_db_unlock(context); + return KRB5_KDB_UK_RERROR; /* Not optimal, but close enough. */ #endif } while (dbret == 0) { - krb5_error_code retval2; - - contdata.data = contents.data; - contdata.length = contents.size; - retval = krb5_decode_princ_contents(context, &contdata, &entries); - if (retval) - break; - retval = k5_mutex_unlock(krb5_db2_mutex); - if (retval) - break; - retval = (*func) (func_arg, &entries); - krb5_dbe_free_contents(context, &entries); - retval2 = k5_mutex_lock(krb5_db2_mutex); - /* Note: If re-locking fails, the wrapper in db2_exp.c will - still try to unlock it again. That would be a bug. Fix - when integrating the locking better. */ - if (retval) - break; - if (retval2) { - retval = retval2; - break; - } - if (!recursive) { - dbret = (*db->seq) (db, &key, &contents, - backwards ? R_PREV : R_NEXT); - } else { + krb5_error_code retval2; + + contdata.data = contents.data; + contdata.length = contents.size; + retval = krb5_decode_princ_contents(context, &contdata, &entries); + if (retval) + break; + retval = k5_mutex_unlock(krb5_db2_mutex); + if (retval) + break; + retval = (*func) (func_arg, &entries); + krb5_dbe_free_contents(context, &entries); + retval2 = k5_mutex_lock(krb5_db2_mutex); + /* Note: If re-locking fails, the wrapper in db2_exp.c will + still try to unlock it again. That would be a bug. Fix + when integrating the locking better. */ + if (retval) + break; + if (retval2) { + retval = retval2; + break; + } + if (!recursive) { + dbret = (*db->seq) (db, &key, &contents, + backwards ? R_PREV : R_NEXT); + } else { #ifdef HAVE_BT_RSEQ - dbret = bt_rseq(db, &key, &contents, &cookie, - backwards ? R_PREV : R_NEXT); + dbret = bt_rseq(db, &key, &contents, &cookie, + backwards ? R_PREV : R_NEXT); #else - (void) krb5_db2_db_unlock(context); - return KRB5_KDB_UK_RERROR; /* Not optimal, but close enough. */ + (void) krb5_db2_db_unlock(context); + return KRB5_KDB_UK_RERROR; /* Not optimal, but close enough. */ #endif - } + } } switch (dbret) { case 1: case 0: - break; + break; case -1: default: - retval = errno; + retval = errno; } (void) krb5_db2_db_unlock(context); return retval; @@ -1244,9 +1245,9 @@ krb5_db2_db_iterate_ext(krb5_context context, krb5_error_code krb5_db2_db_iterate(krb5_context context, - char *match_expr, - krb5_error_code(*func) (krb5_pointer, krb5_db_entry *), - krb5_pointer func_arg) + char *match_expr, + krb5_error_code(*func) (krb5_pointer, krb5_db_entry *), + krb5_pointer func_arg) { return krb5_db2_db_iterate_ext(context, func, func_arg, 0, 0); } @@ -1261,8 +1262,8 @@ krb5_db2_db_set_lockmode(krb5_context context, krb5_boolean mode) dal_handle = context->dal_handle; old = mode; if (dal_handle && (db_ctx = (krb5_db2_context *) dal_handle->db_context)) { - old = db_ctx->db_nb_locks; - db_ctx->db_nb_locks = mode; + old = db_ctx->db_nb_locks; + db_ctx->db_nb_locks = mode; } return old; } @@ -1285,7 +1286,7 @@ krb5_db2_lib_cleanup() krb5_error_code krb5_db2_open(krb5_context kcontext, - char *conf_section, char **db_args, int mode) + char *conf_section, char **db_args, int mode) { krb5_error_code status = 0; char **t_ptr = db_args; @@ -1295,75 +1296,75 @@ krb5_db2_open(krb5_context kcontext, krb5_clear_error_message (kcontext); if (k5db2_inited(kcontext)) - return 0; + return 0; while (t_ptr && *t_ptr) { - char *opt = NULL, *val = NULL; - - krb5_db2_get_db_opt(*t_ptr, &opt, &val); - if (opt && !strcmp(opt, "dbname")) { - if (dbname) free(dbname); - dbname = strdup(val); - if (dbname == NULL) { - free(opt); - free(val); - return ENOMEM; - } - } - else if (!opt && !strcmp(val, "temporary") ) { - tempdb = 1; - } - else if (!opt && !strcmp(val, "merge_nra")) { - ; - } - /* ignore hash argument. Might have been passed from create */ - else if (!opt || strcmp(opt, "hash")) { - krb5_set_error_message(kcontext, EINVAL, - "Unsupported argument \"%s\" for db2", - opt ? opt : val); - free(opt); - free(val); - return EINVAL; - } - - free(opt); - free(val); - t_ptr++; + char *opt = NULL, *val = NULL; + + krb5_db2_get_db_opt(*t_ptr, &opt, &val); + if (opt && !strcmp(opt, "dbname")) { + if (dbname) free(dbname); + dbname = strdup(val); + if (dbname == NULL) { + free(opt); + free(val); + return ENOMEM; + } + } + else if (!opt && !strcmp(val, "temporary") ) { + tempdb = 1; + } + else if (!opt && !strcmp(val, "merge_nra")) { + ; + } + /* ignore hash argument. Might have been passed from create */ + else if (!opt || strcmp(opt, "hash")) { + krb5_set_error_message(kcontext, EINVAL, + "Unsupported argument \"%s\" for db2", + opt ? opt : val); + free(opt); + free(val); + return EINVAL; + } + + free(opt); + free(val); + t_ptr++; } if(dbname) { - status = krb5_db2_db_set_name(kcontext, dbname, tempdb); - free(dbname); - if (status) { - goto clean_n_exit; - } - db_name_set = 1; + status = krb5_db2_db_set_name(kcontext, dbname, tempdb); + free(dbname); + if (status) { + goto clean_n_exit; + } + db_name_set = 1; } if (!db_name_set) { - char *value = NULL; - status = profile_get_string(KRB5_DB_GET_PROFILE(kcontext), KDB_MODULE_SECTION, conf_section, KDB_DB2_DATABASE_NAME, /* under given conf section */ - NULL, &value); + char *value = NULL; + status = profile_get_string(KRB5_DB_GET_PROFILE(kcontext), KDB_MODULE_SECTION, conf_section, KDB_DB2_DATABASE_NAME, /* under given conf section */ + NULL, &value); - if (value == NULL) { - /* special case for db2. We might actually be looking at old type config file where database is specified as part of realm */ - status = profile_get_string(KRB5_DB_GET_PROFILE(kcontext), KDB_REALM_SECTION, KRB5_DB_GET_REALM(kcontext), KDB_DB2_DATABASE_NAME, /* under given realm */ - default_db_name, &value); - if (status) { - goto clean_n_exit; - } - } + if (value == NULL) { + /* special case for db2. We might actually be looking at old type config file where database is specified as part of realm */ + status = profile_get_string(KRB5_DB_GET_PROFILE(kcontext), KDB_REALM_SECTION, KRB5_DB_GET_REALM(kcontext), KDB_DB2_DATABASE_NAME, /* under given realm */ + default_db_name, &value); + if (status) { + goto clean_n_exit; + } + } - status = krb5_db2_db_set_name(kcontext, value, tempdb); - profile_release_string(value); - if (status) { - goto clean_n_exit; - } + status = krb5_db2_db_set_name(kcontext, value, tempdb); + profile_release_string(value); + if (status) { + goto clean_n_exit; + } } status = krb5_db2_db_init(kcontext); - clean_n_exit: +clean_n_exit: return status; } @@ -1379,97 +1380,97 @@ krb5_db2_create(krb5_context kcontext, char *conf_section, char **db_args) krb5_clear_error_message (kcontext); if (k5db2_inited(kcontext)) - return 0; + return 0; while (t_ptr && *t_ptr) { - char *opt = NULL, *val = NULL; - - krb5_db2_get_db_opt(*t_ptr, &opt, &val); - if (opt && !strcmp(opt, "dbname")) { - db_name = strdup(val); - if (db_name == NULL) { - free(opt); - free(val); - return ENOMEM; - } - } - else if (!opt && !strcmp(val, "temporary")) { - tempdb = 1; - } else if (!opt && !strcmp(val, "merge_nra")) { - ; - } else if (opt && !strcmp(opt, "hash")) { - flags = KRB5_KDB_CREATE_HASH; - } else { - krb5_set_error_message(kcontext, EINVAL, - "Unsupported argument \"%s\" for db2", - opt ? opt : val); - free(opt); - free(val); - return EINVAL; - } - - free(opt); - free(val); - t_ptr++; + char *opt = NULL, *val = NULL; + + krb5_db2_get_db_opt(*t_ptr, &opt, &val); + if (opt && !strcmp(opt, "dbname")) { + db_name = strdup(val); + if (db_name == NULL) { + free(opt); + free(val); + return ENOMEM; + } + } + else if (!opt && !strcmp(val, "temporary")) { + tempdb = 1; + } else if (!opt && !strcmp(val, "merge_nra")) { + ; + } else if (opt && !strcmp(opt, "hash")) { + flags = KRB5_KDB_CREATE_HASH; + } else { + krb5_set_error_message(kcontext, EINVAL, + "Unsupported argument \"%s\" for db2", + opt ? opt : val); + free(opt); + free(val); + return EINVAL; + } + + free(opt); + free(val); + t_ptr++; } if (db_name) { - status = krb5_db2_db_set_name(kcontext, db_name, tempdb); - if (!status) { - status = EEXIST; - goto clean_n_exit; - } - db_name_set = 1; + status = krb5_db2_db_set_name(kcontext, db_name, tempdb); + if (!status) { + status = EEXIST; + goto clean_n_exit; + } + db_name_set = 1; } if (!db_name_set) { - char *value = NULL; - status = profile_get_string(KRB5_DB_GET_PROFILE(kcontext), - KDB_MODULE_SECTION, conf_section, - /* under given conf section */ - KDB_DB2_DATABASE_NAME, NULL, &value); - - if (value == NULL) { - /* Special case for db2. We might actually be looking at - * old type config file where database is specified as - * part of realm. */ - status = profile_get_string(KRB5_DB_GET_PROFILE(kcontext), - KDB_REALM_SECTION, - KRB5_DB_GET_REALM(kcontext), - /* under given realm */ - KDB_DB2_DATABASE_NAME, - default_db_name, &value); - if (status) { - goto clean_n_exit; - } - } - - db_name = strdup(value); - if (db_name == NULL) { - status = ENOMEM; - profile_release_string(value); - goto clean_n_exit; - } - status = krb5_db2_db_set_name(kcontext, value, tempdb); - profile_release_string(value); - if (!status) { - status = EEXIST; - goto clean_n_exit; - } + char *value = NULL; + status = profile_get_string(KRB5_DB_GET_PROFILE(kcontext), + KDB_MODULE_SECTION, conf_section, + /* under given conf section */ + KDB_DB2_DATABASE_NAME, NULL, &value); + + if (value == NULL) { + /* Special case for db2. We might actually be looking at + * old type config file where database is specified as + * part of realm. */ + status = profile_get_string(KRB5_DB_GET_PROFILE(kcontext), + KDB_REALM_SECTION, + KRB5_DB_GET_REALM(kcontext), + /* under given realm */ + KDB_DB2_DATABASE_NAME, + default_db_name, &value); + if (status) { + goto clean_n_exit; + } + } + + db_name = strdup(value); + if (db_name == NULL) { + status = ENOMEM; + profile_release_string(value); + goto clean_n_exit; + } + status = krb5_db2_db_set_name(kcontext, value, tempdb); + profile_release_string(value); + if (!status) { + status = EEXIST; + goto clean_n_exit; + } } status = krb5_db2_db_create(kcontext, db_name, flags); if (status) - goto clean_n_exit; + goto clean_n_exit; /* db2 has a problem of needing to close and open the database again. This removes that need */ status = krb5_db2_db_fini(kcontext); if (status) - goto clean_n_exit; + goto clean_n_exit; status = krb5_db2_open(kcontext, conf_section, db_args, KRB5_KDB_OPEN_RW); - clean_n_exit: +clean_n_exit: if (db_name) - free(db_name); + free(db_name); return status; } @@ -1482,77 +1483,77 @@ krb5_db2_destroy(krb5_context kcontext, char *conf_section, char **db_args) char *db_name = NULL; while (t_ptr && *t_ptr) { - char *opt = NULL, *val = NULL; - - krb5_db2_get_db_opt(*t_ptr, &opt, &val); - if (opt && !strcmp(opt, "dbname")) { - db_name = strdup(val); - if (db_name == NULL) { - free(opt); - free(val); - return ENOMEM; - } - } - else if (!opt && !strcmp(val, "temporary")) { - tempdb = 1; - } - /* ignore hash argument. Might have been passed from create */ - else if (!opt || strcmp(opt, "hash")) { - free(opt); - free(val); - return EINVAL; - } - - free(opt); - free(val); - t_ptr++; + char *opt = NULL, *val = NULL; + + krb5_db2_get_db_opt(*t_ptr, &opt, &val); + if (opt && !strcmp(opt, "dbname")) { + db_name = strdup(val); + if (db_name == NULL) { + free(opt); + free(val); + return ENOMEM; + } + } + else if (!opt && !strcmp(val, "temporary")) { + tempdb = 1; + } + /* ignore hash argument. Might have been passed from create */ + else if (!opt || strcmp(opt, "hash")) { + free(opt); + free(val); + return EINVAL; + } + + free(opt); + free(val); + t_ptr++; } if (db_name) { - status = krb5_db2_db_set_name(kcontext, db_name, tempdb); - if (status) { - goto clean_n_exit; - } - db_name_set = 1; + status = krb5_db2_db_set_name(kcontext, db_name, tempdb); + if (status) { + goto clean_n_exit; + } + db_name_set = 1; } if (!db_name_set) { - char *value = NULL; - status = profile_get_string(KRB5_DB_GET_PROFILE(kcontext), KDB_MODULE_SECTION, conf_section, KDB_DB2_DATABASE_NAME, /* under given conf section */ - NULL, &value); - - if (value == NULL) { - /* special case for db2. We might actually be looking at old type config file where database is specified as part of realm */ - status = profile_get_string(KRB5_DB_GET_PROFILE(kcontext), KDB_REALM_SECTION, KRB5_DB_GET_REALM(kcontext), KDB_DB2_DATABASE_NAME, /* under given realm */ - default_db_name, &value); - if (status) { - goto clean_n_exit; - } - } - - db_name = strdup(value); - if (db_name == NULL) { - status = ENOMEM; - goto clean_n_exit; - } - status = krb5_db2_db_set_name(kcontext, value, tempdb); - profile_release_string(value); - if (status) { - goto clean_n_exit; - } + char *value = NULL; + status = profile_get_string(KRB5_DB_GET_PROFILE(kcontext), KDB_MODULE_SECTION, conf_section, KDB_DB2_DATABASE_NAME, /* under given conf section */ + NULL, &value); + + if (value == NULL) { + /* special case for db2. We might actually be looking at old type config file where database is specified as part of realm */ + status = profile_get_string(KRB5_DB_GET_PROFILE(kcontext), KDB_REALM_SECTION, KRB5_DB_GET_REALM(kcontext), KDB_DB2_DATABASE_NAME, /* under given realm */ + default_db_name, &value); + if (status) { + goto clean_n_exit; + } + } + + db_name = strdup(value); + if (db_name == NULL) { + status = ENOMEM; + goto clean_n_exit; + } + status = krb5_db2_db_set_name(kcontext, value, tempdb); + profile_release_string(value); + if (status) { + goto clean_n_exit; + } } status = krb5_db2_db_destroy(kcontext, db_name); - clean_n_exit: +clean_n_exit: if (db_name) - free(db_name); + free(db_name); return status; } krb5_error_code krb5_db2_set_master_key_ext(krb5_context kcontext, - char *pwd, krb5_keyblock * key) + char *pwd, krb5_keyblock * key) { return krb5_db2_db_set_mkey(kcontext, key); } @@ -1566,7 +1567,7 @@ krb5_db2_db_set_option(krb5_context kcontext, int option, void *value) kdb5_dal_handle *dal_handle; if (!k5db2_inited(kcontext)) - return KRB5_KDB_DBNOTINITED; + return KRB5_KDB_DBNOTINITED; dal_handle = kcontext->dal_handle; db_ctx = (krb5_db2_context *) dal_handle->db_context; @@ -1574,17 +1575,17 @@ krb5_db2_db_set_option(krb5_context kcontext, int option, void *value) switch (option) { case KRB5_KDB_OPT_SET_DB_NAME: - status = krb5_db2_db_set_name(kcontext, (char *) value, db_ctx->tempdb); - break; + status = krb5_db2_db_set_name(kcontext, (char *) value, db_ctx->tempdb); + break; case KRB5_KDB_OPT_SET_LOCK_MODE: - oldval = krb5_db2_db_set_lockmode(kcontext, *((krb5_boolean *) value)); - *((krb5_boolean *) value) = oldval; - break; + oldval = krb5_db2_db_set_lockmode(kcontext, *((krb5_boolean *) value)); + *((krb5_boolean *) value) = oldval; + break; default: - status = -1; /* TBD */ - break; + status = -1; /* TBD */ + break; } return status; @@ -1617,7 +1618,7 @@ krb5_db2_create_policy(krb5_context kcontext, osa_policy_ent_t policy) krb5_error_code krb5_db2_get_policy(krb5_context kcontext, - char *name, osa_policy_ent_t * policy, int *cnt) + char *name, osa_policy_ent_t * policy, int *cnt) { kdb5_dal_handle *dal_handle; krb5_db2_context *dbc; @@ -1642,8 +1643,8 @@ krb5_db2_put_policy(krb5_context kcontext, osa_policy_ent_t policy) krb5_error_code krb5_db2_iter_policy(krb5_context kcontext, - char *match_entry, - osa_adb_iter_policy_func func, void *data) + char *match_entry, + osa_adb_iter_policy_func func, void *data) { kdb5_dal_handle *dal_handle; krb5_db2_context *dbc; @@ -1687,38 +1688,38 @@ krb5_db2_promote_db(krb5_context kcontext, char *conf_section, char **db_args) krb5_clear_error_message (kcontext); { - kdb5_dal_handle *dal_handle = kcontext->dal_handle; - krb5_db2_context *db_ctx = dal_handle->db_context; - db_name = strdup(db_ctx->db_name); - if (db_name == NULL) { - status = ENOMEM; - goto clean_n_exit; - } + kdb5_dal_handle *dal_handle = kcontext->dal_handle; + krb5_db2_context *db_ctx = dal_handle->db_context; + db_name = strdup(db_ctx->db_name); + if (db_name == NULL) { + status = ENOMEM; + goto clean_n_exit; + } } assert(kcontext->dal_handle != NULL); temp_db_name = gen_dbsuffix(db_name, "~"); if (temp_db_name == NULL) { - status = ENOMEM; - goto clean_n_exit; + status = ENOMEM; + goto clean_n_exit; } for (db_argp = db_args; *db_argp; db_argp++) { - if (!strcmp(*db_argp, "merge_nra")) { - merge_nra++; - break; - } + if (!strcmp(*db_argp, "merge_nra")) { + merge_nra++; + break; + } } status = krb5_db2_db_rename (kcontext, temp_db_name, db_name, merge_nra); if (status) - goto clean_n_exit; + goto clean_n_exit; clean_n_exit: if (db_name) - free(db_name); + free(db_name); if (temp_db_name) - free(temp_db_name); + free(temp_db_name); return status; } @@ -1731,25 +1732,25 @@ clean_n_exit: */ static krb5_error_code krb5_db2_merge_principal(krb5_context kcontext, - krb5_db_entry *src, - krb5_db_entry *dst, - int *changed) + krb5_db_entry *src, + krb5_db_entry *dst, + int *changed) { *changed = 0; if (dst->last_success != src->last_success) { - dst->last_success = src->last_success; - (*changed)++; + dst->last_success = src->last_success; + (*changed)++; } if (dst->last_failed != src->last_failed) { - dst->last_failed = src->last_failed; - (*changed)++; + dst->last_failed = src->last_failed; + (*changed)++; } if (dst->fail_auth_count != src->fail_auth_count) { - dst->fail_auth_count = src->fail_auth_count; - (*changed)++; + dst->fail_auth_count = src->fail_auth_count; + (*changed)++; } return 0; @@ -1782,14 +1783,14 @@ krb5_db2_merge_nra_iterator(krb5_pointer ptr, krb5_db_entry *entry) /* look up the new principal in the old DB */ retval = krb5_db2_db_get_principal(nra->kcontext, - entry->princ, - &s_entry, - &n_entries, - &more); + entry->princ, + &s_entry, + &n_entries, + &more); if (retval != 0 || n_entries == 0) { - /* principal may be newly created, so ignore */ - dal_handle->db_context = dst_db; - return 0; + /* principal may be newly created, so ignore */ + dal_handle->db_context = dst_db; + return 0; } /* merge non-replicated attributes from the old entry in */ @@ -1799,12 +1800,12 @@ krb5_db2_merge_nra_iterator(krb5_pointer ptr, krb5_db_entry *entry) /* if necessary, commit the modified new entry to the new DB */ if (changed) { - retval = krb5_db2_db_put_principal(nra->kcontext, - entry, - &n_entries, - NULL); + retval = krb5_db2_db_put_principal(nra->kcontext, + entry, + &n_entries, + NULL); } else { - retval = 0; + retval = 0; } return retval; @@ -1819,8 +1820,8 @@ krb5_db2_merge_nra_iterator(krb5_pointer ptr, krb5_db_entry *entry) */ static krb5_error_code krb5_db2_begin_nra_merge(krb5_context kcontext, - krb5_db2_context *src_db, - krb5_db2_context *dst_db) + krb5_db2_context *src_db, + krb5_db2_context *dst_db) { krb5_error_code retval; kdb5_dal_handle *dal_handle = kcontext->dal_handle; @@ -1834,17 +1835,17 @@ krb5_db2_begin_nra_merge(krb5_context kcontext, retval = krb5_db2_db_lock(kcontext, KRB5_LOCKMODE_EXCLUSIVE); if (retval) { - dal_handle->db_context = dst_db; - return retval; + dal_handle->db_context = dst_db; + return retval; } retval = krb5_db2_db_iterate_ext(kcontext, - krb5_db2_merge_nra_iterator, - &nra, - 0, - 0); + krb5_db2_merge_nra_iterator, + &nra, + 0, + 0); if (retval != 0) - (void) krb5_db2_db_unlock(kcontext); + (void) krb5_db2_db_unlock(kcontext); dal_handle->db_context = dst_db; @@ -1857,8 +1858,8 @@ krb5_db2_begin_nra_merge(krb5_context kcontext, */ static krb5_error_code krb5_db2_end_nra_merge(krb5_context kcontext, - krb5_db2_context *src_db, - krb5_db2_context *dst_db) + krb5_db2_context *src_db, + krb5_db2_context *dst_db) { krb5_error_code retval; kdb5_dal_handle *dal_handle = kcontext->dal_handle; @@ -1896,7 +1897,7 @@ krb5_db2_db_rename(context, from, to, merge_nra) s_context = dal_handle->db_context; dal_handle->db_context = NULL; if ((retval = k5db2_init_context(context))) - return retval; + return retval; db_ctx = (krb5_db2_context *) dal_handle->db_context; /* @@ -1906,7 +1907,7 @@ krb5_db2_db_rename(context, from, to, merge_nra) */ retval = krb5_db2_db_create(context, to, 0); if (retval != 0 && retval != EEXIST) - goto errout; + goto errout; /* * Set the database to the target, so that other processes sharing @@ -1914,21 +1915,21 @@ krb5_db2_db_rename(context, from, to, merge_nra) */ retval = krb5_db2_db_set_name(context, to, 0); if (retval) - goto errout; + goto errout; retval = krb5_db2_db_init(context); if (retval) - goto errout; + goto errout; db_ctx->db_lf_name = gen_dbsuffix(db_ctx->db_name, KDB2_LOCK_EXT); if (db_ctx->db_lf_name == NULL) { - retval = ENOMEM; - goto errout; + retval = ENOMEM; + goto errout; } db_ctx->db_lf_file = open(db_ctx->db_lf_name, O_RDWR|O_CREAT, 0600); if (db_ctx->db_lf_file < 0) { - retval = errno; - goto errout; + retval = errno; + goto errout; } set_cloexec_fd(db_ctx->db_lf_file); @@ -1936,76 +1937,76 @@ krb5_db2_db_rename(context, from, to, merge_nra) retval = krb5_db2_db_get_age(context, NULL, &db_ctx->db_lf_time); if (retval) - goto errout; + goto errout; fromok = gen_dbsuffix(from, KDB2_LOCK_EXT); if (fromok == NULL) { - retval = ENOMEM; - goto errout; + retval = ENOMEM; + goto errout; } if ((retval = krb5_db2_db_lock(context, KRB5_LOCKMODE_EXCLUSIVE))) - goto errfromok; + goto errfromok; if ((retval = krb5_db2_db_start_update(context))) - goto errfromok; + goto errfromok; if (merge_nra) { - if ((retval = krb5_db2_begin_nra_merge(context, s_context, db_ctx))) - goto errfromok; + if ((retval = krb5_db2_begin_nra_merge(context, s_context, db_ctx))) + goto errfromok; } if (rename(from, to)) { - retval = errno; - goto errfromok; + retval = errno; + goto errfromok; } if (unlink(fromok)) { - retval = errno; - goto errfromok; + retval = errno; + goto errfromok; } if (merge_nra) { - krb5_db2_end_nra_merge(context, s_context, db_ctx); + krb5_db2_end_nra_merge(context, s_context, db_ctx); } retval = krb5_db2_db_end_update(context); if (retval) - goto errfromok; + goto errfromok; { - /* XXX moved so that NRA merge works */ - /* Ugly brute force hack. - - Should be going through nice friendly helper routines for - this, but it's a mess of jumbled so-called interfaces right - now. */ - char policy[2048], new_policy[2048]; - assert (strlen(db_ctx->db_name) < 2000); - snprintf(policy, sizeof(policy), "%s.kadm5", db_ctx->db_name); - snprintf(new_policy, sizeof(new_policy), - "%s~.kadm5", db_ctx->db_name); - if (0 != rename(new_policy, policy)) { - retval = errno; - goto errfromok; - } - strlcat(new_policy, ".lock",sizeof(new_policy)); - (void) unlink(new_policy); + /* XXX moved so that NRA merge works */ + /* Ugly brute force hack. + + Should be going through nice friendly helper routines for + this, but it's a mess of jumbled so-called interfaces right + now. */ + char policy[2048], new_policy[2048]; + assert (strlen(db_ctx->db_name) < 2000); + snprintf(policy, sizeof(policy), "%s.kadm5", db_ctx->db_name); + snprintf(new_policy, sizeof(new_policy), + "%s~.kadm5", db_ctx->db_name); + if (0 != rename(new_policy, policy)) { + retval = errno; + goto errfromok; + } + strlcat(new_policy, ".lock",sizeof(new_policy)); + (void) unlink(new_policy); } errfromok: free_dbsuffix(fromok); errout: if (dal_handle->db_context) { - if (db_ctx->db_lf_file >= 0) { - krb5_db2_db_unlock(context); - close(db_ctx->db_lf_file); - } - k5db2_clear_context((krb5_db2_context *) dal_handle->db_context); - free(dal_handle->db_context); + if (db_ctx->db_lf_file >= 0) { + krb5_db2_db_unlock(context); + close(db_ctx->db_lf_file); + } + k5db2_clear_context((krb5_db2_context *) dal_handle->db_context); + free(dal_handle->db_context); } dal_handle->db_context = s_context; - (void) krb5_db2_db_unlock(context); /* unlock saved context db */ + (void) krb5_db2_db_unlock(context); /* unlock saved context db */ return retval; } |