this commit includes all the changes on the OV_9510_INTEGRATION and

OV_MERGE branches.  This includes, but is not limited to, the new openvision
admin system, and major changes to gssapi to add functionality, and bring
the implementation in line with rfc1964.  before committing, the
code was built and tested for netbsd and solaris.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8774 dc483132-0cff-0310-8789-dd5450dbe970

4 files changed, 711 insertions, 0 deletions

diff --git a/src/kadmin/create/attic/Makefile.in b/src/kadmin/create/attic/Makefile.in
new file mode 100644
index 000000000..f7bd9ca38
--- /dev/null
+++ b/src/kadmin/create/attic/Makefile.in
@@ -0,0 +1,20 @@
+CFLAGS = $(CCOPTS) $(DEFS) $(LOCALINCLUDE) 
+
+all::
+
+SRCS = $(srcdir)/ovsec_adm_create.c \
+	$(srcdir)/string_table.c
+
+OBJS = ovsec_adm_create.o \
+	string_table.o
+
+all::	ovsec_adm_create
+
+ovsec_adm_create: $(OBJS) $(DEPLIBS)
+	$(LD) $(LDFLAGS) $(LDARGS) -o ovsec_adm_create $(OBJS) $(LIBS)
+
+install::
+	$(INSTALL_PROGRAM) ./ovsec_adm_create ${DESTDIR}$(SERVER_BINDIR)/kadmind5
+
+clean::
+	$(RM) ovsec_adm_create
diff --git a/src/kadmin/create/attic/configure.in b/src/kadmin/create/attic/configure.in
new file mode 100644
index 000000000..67b8f7c52
--- /dev/null
+++ b/src/kadmin/create/attic/configure.in
@@ -0,0 +1,12 @@
+AC_INIT(ovsec_adm_create.c)
+CONFIG_RULES
+AC_PROG_INSTALL
+USE_KADMSRV_LIBRARY
+USE_GSSRPC_LIBRARY
+USE_GSSAPI_LIBRARY
+USE_KDB5_LIBRARY
+USE_DYN_LIBRARY
+USE_DB_LIBRARY
+KRB5_LIBRARIES
+V5_USE_SHARED_LIB
+V5_AC_OUTPUT_MAKEFILE
diff --git a/src/kadmin/create/attic/make_extern b/src/kadmin/create/attic/make_extern
new file mode 100644
index 000000000..5432edf66
--- /dev/null
+++ b/src/kadmin/create/attic/make_extern
@@ -0,0 +1,16 @@
+#!/bin/csh
+
+echo '/*'
+echo '  * Copyright 1993 OpenVision Technologies, Inc., All Rights Reserved.'
+echo '  * '
+echo '  * $Header$'
+echo '  *'
+echo '  */'
+echo ' '
+echo '#ifndef _OVSEC_ADM_STRINGS_'
+echo ' '
+
+cat $1 | grep -v rcsid | grep ^char | awk '{printf "extern %s %s;\n",$1,$2}'
+
+echo ' '
+echo '#endif /* _OVSEC_ADM_STRINGS_ */'
diff --git a/src/kadmin/create/attic/ovsec_adm_create.c b/src/kadmin/create/attic/ovsec_adm_create.c
new file mode 100644
index 000000000..90be0c406
--- /dev/null
+++ b/src/kadmin/create/attic/ovsec_adm_create.c
@@ -0,0 +1,663 @@
+/*
+ * Copyright 1993 OpenVision Technologies, Inc., All Rights Reserved.
+ *
+ * $Id$
+ * $Source$
+ * 
+ * $Log$
+ * Revision 1.23  1996/07/22 20:24:35  marc
+ * this commit includes all the changes on the OV_9510_INTEGRATION and
+ * OV_MERGE branches.  This includes, but is not limited to, the new openvision
+ * admin system, and major changes to gssapi to add functionality, and bring
+ * the implementation in line with rfc1964.  before committing, the
+ * code was built and tested for netbsd and solaris.
+ *
+ * Revision 1.22.4.1  1996/07/18 03:01:22  marc
+ * merged in changes from OV_9510_BP to OV_9510_FINAL1
+ *
+ * Revision 1.22.2.1  1996/06/20  21:44:55  marc
+ * File added to the repository on a branch
+ *
+ * Revision 1.22  1996/06/19  15:09:32  bjaspan
+ * changes to work in mit tree
+ *
+ * Revision 1.21  1995/11/07  23:27:28  grier
+ * Add stdlib.h
+ * Add string.h
+ *
+ * Revision 1.20  1995/08/13  16:41:11  jik
+ * Fix a nonsensical comment about the iterator() function.  See PR
+ * secure-admin/470.
+ *
+ * Revision 1.19  1995/07/02  19:55:13  jik
+ * Key version numbers should start out at 1, not 0.
+ * Should get the master key version number from the master_db entry in
+ * server_kdb.c, rather than assuming that the master key version number
+ * is 0.
+ *
+ * Revision 1.18  1995/03/14  16:58:50  jik
+ * Use krb5_xfree instead of xfree if KRB5B4 is defined.
+ *
+ * Revision 1.17  1994/03/11 19:37:34  bjaspan
+ * [secure-admin/1593: ovsec_adm_create non-error messages go to stderr]
+ * [secure-releng/1608: audit secure-admin/1593: ovsec_adm_create non-error messages go to stderr]
+ *
+ * Sandbox:
+ *
+ *  Normal messages should be printed to stdout rather than displayed
+ *  using com_err, which will cause then to go to stderr.
+ *
+ * Revision 1.17  1994/03/09  22:21:33  jik
+ * Normal messages should be printed to stdout rather than displayed
+ * using com_err, which will cause then to go to stderr.
+ *
+ * Revision 1.16  1993/12/21  20:26:34  marc
+ * create new principals with policy NULL, not ""
+ *
+ * Revision 1.15  1993/12/14  22:51:35  marc
+ * missing * in call to krb5_random_key
+ *
+ * Revision 1.14  1993/11/27  20:42:32  bjaspan
+ * fix secure/621: coredumps with default realm
+ *
+ * Revision 1.13  1993/11/19  20:03:51  shanzer
+ * osa_adb_open_T takes a file name argument.
+ *
+ * Revision 1.12  1993/11/10  21:30:24  bjaspan
+ * move init code to main, accept -m
+ *
+ * Revision 1.11  1993/11/10  04:33:35  bjaspan
+ * rewrote adding principals to kdb, and set lifetimes
+ *
+ * Revision 1.10  1993/11/06  00:08:44  bjaspan
+ * use new OVSEC_KADM_* names, use correct realm
+ *
+ * Revision 1.9  1993/11/05  05:05:35  bjaspan
+ * added -r realm argument
+ *
+ */
+
+#if !defined(lint) && !defined(__CODECENTER__)
+static char *rcsid = "$Header$";
+#endif
+
+#include "string_table.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ovsec_admin/adb.h>
+#include <ovsec_admin/admin.h>
+
+#include <krb5.h>
+#include <krb5/kdb.h>
+
+int add_admin_princ(void *handle, krb5_context context,
+		    char *name, char *realm, int attrs, int lifetime);
+
+#define ERR 1
+#define OK 0
+
+#define ADMIN_LIFETIME 60*60*3 /* 3 hours */
+#define CHANGEPW_LIFETIME 60*5 /* 5 minutes */
+
+char *whoami;
+
+extern krb5_encrypt_block master_encblock;
+extern krb5_keyblock master_keyblock;
+extern krb5_db_entry master_db;
+
+/*
+ * Function: main
+ *
+ * Purpose: create admin principals, create and populate admin dbs
+ *
+ * Arguments:
+ *
+ *      input           none
+ *      <return value>  exit status 1 for error 0 for success
+ *      
+ * Requires:
+ *      
+ *      
+ * Effects:
+ *      
+ *      
+ * Modifies:
+ *
+ */
+
+void usage()     
+{
+     fprintf(stderr, "%s\n", str_PROG_CREATE_USAGE);
+     exit(1);
+}
+     
+void main(int argc, char **argv)
+{
+     char *realm = NULL;
+     int freerealm = 0;
+     int retval, from_keyboard = 0;
+     krb5_principal creator = NULL;
+     void *handle;
+     krb5_context context;
+
+     whoami = str_PROG_NAME_CREATE;
+
+     argc--; argv++;
+     while (argc) {
+	  if (strcmp(*argv, "-r") == 0) {
+	       argc--; argv++;
+	       if (!argc)
+		    usage();
+	       realm = *argv;
+	  } else if (strcmp(*argv, "-m") == 0) {
+	       from_keyboard = 1;
+	  } else
+	       break;
+	  argc--; argv++;
+     }
+     
+     if (argc != 0)
+	  usage();
+
+     if (retval = krb5_init_context(&context))
+	  exit(ERR);
+
+     if (realm == NULL) {
+	  if ((retval = krb5_get_default_realm(context, &realm)) != 0)
+	       exit(retval);
+	  freerealm = 1;
+     }
+  
+     if ((retval = ovsec_kadm_init(whoami, from_keyboard?"non-null":NULL,
+				   NULL, realm,
+				   OVSEC_KADM_STRUCT_VERSION,
+				   OVSEC_KADM_API_VERSION_1,
+				   &handle))) {
+	  com_err(whoami, retval, str_INITING_KCONTEXT);
+
+	  krb5_free_context(context);
+	  exit(ERR);
+     }
+
+     retval = add_admin_princs(handle, context, realm);
+
+     ovsec_kadm_destroy(handle);
+     krb5_free_context(context);
+
+     if (retval)
+	  exit(retval);
+     
+     exit(0);
+}
+
+/*
+ * Function: build_name_with_realm
+ *
+ * Purpose: concatenate a name and a realm to form a krb5 name
+ *
+ * Arguments:
+ *
+ * 	name	(input) the name
+ * 	realm	(input) the realm
+ *
+ * Returns:
+ *
+ * 	pointer to name@realm, in allocated memory, or NULL if it
+ * 	cannot be allocated
+ *
+ * Requires: both strings are null-terminated
+ */
+char *build_name_with_realm(char *name, char *realm)
+{
+     char *n;
+
+     n = (char *) malloc(strlen(name) + strlen(realm) + 2);
+     sprintf(n, "%s@%s", name, realm);
+     return n;
+}
+
+/*
+ * Function: add_admin_princs
+ *
+ * Purpose: create admin principals
+ *
+ * Arguments:
+ *
+ * 	rseed		(input) random seed
+ * 	realm		(input) realm, or NULL for default realm
+ *      <return value>  (output) status, 0 for success, 1 for serious error
+ *      
+ * Requires:
+ *      
+ * Effects:
+ *      
+ * add_admin_princs creates OVSEC_KADM_ADMIN_SERVICE,
+ * OVSEC_KADM_CHANGEPW_SERVICE, and OVSEC_KADM_HIST_PRINCIPAL.  If any
+ * of these exist a message is printed.  If any of these existing
+ * principal do not have the proper attributes, a warning message is
+ * printed.
+ */
+int add_admin_princs(void *handle, krb5_context context, char *realm)
+{
+  krb5_error_code ret = 0;
+  
+  if ((ret = add_admin_princ(handle, context,
+			     OVSEC_KADM_ADMIN_SERVICE, realm,
+			     KRB5_KDB_DISALLOW_TGT_BASED,
+			     ADMIN_LIFETIME)))
+       goto clean_and_exit;
+
+  if ((ret = add_admin_princ(handle, context, 
+			     OVSEC_KADM_CHANGEPW_SERVICE, realm, 
+			     KRB5_KDB_DISALLOW_TGT_BASED |
+			     KRB5_KDB_PWCHANGE_SERVICE,
+			     CHANGEPW_LIFETIME)))
+       goto clean_and_exit;
+  
+#if 0
+  /* this is now done inside kdb_init_hist in the admin server */
+
+  if ((ret = add_admin_princ(handle, context, 
+			     OVSEC_KADM_HIST_PRINCIPAL, realm,
+			     KRB5_KDB_DISALLOW_ALL_TIX,
+			     0)))
+       goto clean_and_exit;
+#endif
+
+clean_and_exit:
+
+  return ret;
+}
+
+/*
+ * Function: add_admin_princ
+ *
+ * Arguments:
+ *
+ * 	creator		(r) principal to use as "mod_by"
+ * 	rseed		(r) seed for random key generator
+ * 	name		(r) principal name
+ * 	realm		(r) realm name for principal
+ * 	attrs		(r) principal's attributes
+ * 	lifetime	(r) principal's max life, or 0
+ * 	not_unique	(r) error message for multiple entries, never used
+ * 	exists		(r) warning message for principal exists
+ * 	wrong_attrs	(r) warning message for wrong attributes
+ *
+ * Returns:
+ *
+ * 	OK on success
+ * 	ERR on serious errors
+ *
+ * Effects:
+ * 
+ * If the principal is not unique, not_unique is printed (but this
+ * never happens).  If the principal exists, then exists is printed
+ * and if the principals attributes != attrs, wrong_attrs is printed.
+ * Otherwise, the principal is created with mod_by creator and
+ * attributes attrs and max life of lifetime (if not zero).
+ */
+
+int add_admin_princ(void *handle, krb5_context context,
+		    char *name, char *realm, int attrs, int lifetime)
+{
+     char *fullname;
+     int nprincs;
+     krb5_error_code ret;
+     ovsec_kadm_principal_ent_rec ent;
+
+     memset(&ent, 0, sizeof(ent));
+
+     fullname = build_name_with_realm(name, realm);
+     if (ret = krb5_parse_name(context, fullname, &ent.principal)) {
+	  com_err(whoami, ret, str_PARSE_NAME);
+	  return(ERR);
+     }
+     ent.max_life = lifetime;
+     ent.attributes = attrs;
+     
+     if (ret = ovsec_kadm_create_principal(handle, &ent,
+					   (OVSEC_KADM_PRINCIPAL |
+					    OVSEC_KADM_MAX_LIFE |
+					    OVSEC_KADM_ATTRIBUTES),
+					   "to-be-random")) {
+	  if (ret == OVSEC_KADM_DUP)
+	       ret = ovsec_kadm_modify_principal(handle, &ent,
+						 (OVSEC_KADM_PRINCIPAL |
+						  OVSEC_KADM_MAX_LIFE |
+						  OVSEC_KADM_ATTRIBUTES));
+
+	  if (ret) {
+	       com_err(whoami, ret, str_PUT_PRINC, fullname);
+	       krb5_free_principal(context, ent.principal);
+	       free(fullname);
+	       return ERR;
+	  }
+     }
+
+     ret = ovsec_kadm_randkey_principal(handle, ent.principal, NULL);
+
+     krb5_free_principal(context, ent.principal);
+     free(fullname);
+
+     if (ret) {
+	  com_err(whoami, ret, str_RANDOM_KEY, fullname);
+	  return ERR;
+     }
+
+     return OK;
+}
+
+#if 0
+/*
+ * Function: main
+ *
+ * Purpose: Return "garbage" if the caller asks for it.
+ *
+ * Arguments:
+ *
+ *      input           (input) A null-terminated string,
+ *                      or NULL.
+ *      delay           (input/output) The number of seconds the
+ *                      function should delay before returning.
+ *      <return value>  (output) A string.
+ *      
+ * Requires:
+ *      
+ *      "input" must either be NULL or point to an address in the
+ *      program's address space.  "delay" must point to an address in
+ *      the program's address space.
+ *
+ * Effects:
+ *      
+ *      The function first sleeps for approximately the number of
+ *      seconds specified in "delay".
+ *      
+ *      Then, if "input" is non-NULL and points to a null-terminated
+ *      string which is equal to "garbage", the function sets "delay"
+ *      to 42 and returns a string allocated with malloc(3) containing
+ *      "more-garbage".
+ *      
+ *      If "input" is NULL or does not contain "garbage", the function
+ *      returns NULL without modifying "delay".
+ *      
+ *      If "<return value>" is non-NULL, the caller should deallocate
+ *      the string in it (with free(3)) when it is no longer needed.
+ *      
+ * Modifies:
+ *      
+ *      May allocate a new block of memory in the malloc(3) arena.
+ *      May change the value in the memory location pointed to by
+ *      "delay".
+ */
+
+krb5_error_code add_random_princ(princ_str, princ, attrs, lifetime,
+				 creator, rseed) 
+   char *princ_str;
+   krb5_principal princ, creator;
+   krb5_flags attrs;
+   int lifetime;
+   krb5_pointer *rseed;
+{
+    krb5_db_entry entry;
+    krb5_error_code ret;
+    krb5_encrypted_keyblock ekey;
+    krb5_keyblock *rkey;
+    int nentries = 1;
+
+    memset((char *) &entry, 0, sizeof(entry));
+    entry.principal = princ;
+    entry.kvno = 1;
+    entry.max_life = KRB5_KDB_MAX_LIFE;
+    entry.max_renewable_life = 0;
+    entry.mkvno = master_db.mkvno;
+    entry.expiration = KRB5_KDB_EXPIRATION;
+    entry.mod_name = creator;
+    if (lifetime != 0)
+	 entry.max_life = lifetime;
+    
+    if (ret = krb5_timeofday(&entry.mod_date))
+      return(ret);
+
+    entry.attributes = attrs;
+
+    ret = krb5_random_key(&master_encblock, *rseed, &rkey);
+    if (ret != 0) {
+      com_err(whoami, ret, str_RANDOM_KEY, princ_str);
+      return (ERR);
+    }
+
+
+    ret = krb5_kdb_encrypt_key(&master_encblock, rkey, &ekey);
+    krb5_free_keyblock(rkey);
+    if (ret != 0) {
+      com_err(whoami, ret, str_ENCRYPT_KEY, princ_str);
+      return (ERR);
+    }
+
+    entry.key = ekey;
+    entry.salt_type = KRB5_KDB_SALTTYPE_NORMAL;
+    entry.salt_length = 0;
+    entry.salt = 0;
+    
+    ret = krb5_db_put_principal(&entry, &nentries);
+    if (ret != 0)
+      com_err(whoami, ret, str_PUT_PRINC, princ_str);
+#ifdef KRB5B4
+    krb5_xfree(ekey.contents);
+#else
+    xfree(ekey.contents);
+#endif
+
+    if (ret) return(ERR);
+
+    printf(str_CREATED_PRINC, whoami, princ_str);
+
+    return(OK);
+}
+
+/*
+ * Function: create_admin_policy_db
+ *
+ * Purpose: Return "garbage" if the caller asks for it.
+ *
+ * Arguments:
+ *
+ *      input           (input) A null-terminated string,
+ *                      or NULL.
+ *      delay           (input/output) The number of seconds the
+ *                      function should delay before returning.
+ *      <return value>  (output) A string.
+ *      
+ * Requires:
+ *      
+ *      "input" must either be NULL or point to an address in the
+ *      program's address space.  "delay" must point to an address in
+ *      the program's address space.
+ *
+ * Effects:
+ *      
+ *      The function first sleeps for approximately the number of
+ *      seconds specified in "delay".
+ *      
+ *      Then, if "input" is non-NULL and points to a null-terminated
+ *      string which is equal to "garbage", the function sets "delay"
+ *      to 42 and returns a string allocated with malloc(3) containing
+ *      "more-garbage".
+ *      
+ *      If "input" is NULL or does not contain "garbage", the function
+ *      returns NULL without modifying "delay".
+ *      
+ *      If "<return value>" is non-NULL, the caller should deallocate
+ *      the string in it (with free(3)) when it is no longer needed.
+ *      
+ * Modifies:
+ *      
+ *      May allocate a new block of memory in the malloc(3) arena.
+ *      May change the value in the memory location pointed to by
+ *      "delay".
+ */
+
+int create_admin_policy_db()
+{
+  /* We don't have a create/destroy routine, so opening the db and
+     closing it will have to do. */
+  osa_adb_policy_t policy_db = NULL;
+  osa_adb_ret_t ret;
+
+  ret = osa_adb_open_policy(&policy_db, POLICY_DB);
+  if (ret != OSA_ADB_OK) {
+    com_err (whoami, ret, str_CREATING_POLICY_DB);
+    return(-1);
+  }
+
+  /* Should create sample policies here */
+
+  ret = osa_adb_close_policy(policy_db);
+  if (ret != OSA_ADB_OK) {
+    com_err (whoami, ret, str_CLOSING_POLICY_DB);
+    return(-1);
+  }
+
+  printf(str_CREATED_POLICY_DB, whoami);
+
+  return(OK);
+}
+
+/*
+
+ * Function: iterator(ptr, entry)
+ *
+ * Purpose:
+ *
+ * 	Creates an entry in the Admin database corresponding to the
+ * 	specified entry in the Kerberos database.
+ *
+ * Arguments:
+ *
+ *      ptr		(input) Actually of type osa_adb_princ_t,
+ * 			represents the Admin database in which to
+ * 			create the principal.
+ *	entry		(input) The entry in the Kerberos database for
+ * 			which to create an entry in the Admin
+ * 			database.
+ *      
+ * Requires:
+ *      
+ *      "ptr" represents a valid, open Admin principal database.
+ *      "entry" represents a valid, decoded Kerberos database
+ *      principal entry.
+ *
+ * Effects:
+ *      
+ *      Modifies the Admin principal database by creating a principal
+ *      in the database with the same name as "entry" and no other
+ *      information.
+ *      
+ * Modifies:
+ *      
+ *      Does not modify any global memory.  Modifies the Admin
+ *      principal database whose handle is passed into it.
+ */
+
+krb5_error_code
+iterator(ptr, entry)
+krb5_pointer ptr;
+krb5_db_entry *entry;
+{ 
+  osa_adb_ret_t retval;
+  krb5_error_code retval2;
+  char *princ_str = NULL;
+  osa_princ_ent_rec osa_princ;
+
+  /* Zero the whole struct, and fill in the princ name */
+  memset(&osa_princ, 0, sizeof(osa_princ_ent_rec));
+
+  osa_princ.name = entry->principal;
+  osa_princ.policy = NULL;
+
+  retval = osa_adb_create_princ((osa_adb_princ_t) ptr, &osa_princ);
+  if (retval != OSA_ADB_OK) {
+    if (retval2 = krb5_unparse_name(entry->principal, &princ_str)) {
+	com_err(whoami, retval2, str_UNPARSE_PRINC);
+    }
+    com_err(whoami, retval, str_CREATING_PRINC_ENTRY, 
+	    (princ_str ? princ_str : str_A_PRINC));
+    if (princ_str) free(princ_str);
+  }
+  return (0);
+}
+
+/*
+ * Function: create_and_populate_admin_princ_db
+ *
+ * Purpose: Return "garbage" if the caller asks for it.
+ *
+ * Arguments:
+ *
+ *      input           (input) A null-terminated string,
+ *                      or NULL.
+ *      delay           (input/output) The number of seconds the
+ *                      function should delay before returning.
+ *      <return value>  (output) A string.
+ *      
+ * Requires:
+ *      
+ *      "input" must either be NULL or point to an address in the
+ *      program's address space.  "delay" must point to an address in
+ *      the program's address space.
+ *
+ * Effects:
+ *      
+ *      The function first sleeps for approximately the number of
+ *      seconds specified in "delay".
+ *      
+ *      Then, if "input" is non-NULL and points to a null-terminated
+ *      string which is equal to "garbage", the function sets "delay"
+ *      to 42 and returns a string allocated with malloc(3) containing
+ *      "more-garbage".
+ *      
+ *      If "input" is NULL or does not contain "garbage", the function
+ *      returns NULL without modifying "delay".
+ *      
+ *      If "<return value>" is non-NULL, the caller should deallocate
+ *      the string in it (with free(3)) when it is no longer needed.
+ *      
+ * Modifies:
+ *      
+ *      May allocate a new block of memory in the malloc(3) arena.
+ *      May change the value in the memory location pointed to by
+ *      "delay".
+ */
+
+int create_and_populate_admin_princ_db()
+{
+  osa_adb_princ_t princ_db = NULL;
+  osa_adb_ret_t ret;
+
+  /* We don't have a create/destroy routine, so opening the db and
+     closing it will have to do. */
+
+  ret = osa_adb_open_princ(&princ_db, PRINCIPAL_DB);
+  if (ret != OSA_ADB_OK) {
+    com_err (whoami, ret, str_CREATING_PRINC_DB);
+    return(-1);
+  }
+
+  printf(str_CREATED_PRINC_DB, whoami);
+
+  (void) krb5_db_iterate(iterator, princ_db);
+
+  ret = osa_adb_close_princ(princ_db);
+  if (ret != OSA_ADB_OK) {
+    com_err (whoami, ret, str_CLOSING_PRINC_DB);
+    return(-1);
+  }
+
+
+  return(OK);
+}
+
+#endif