Add a kadm5 RPC for purging old keys from the KDB (e.g., from

change_password -keepold), and add a kadmin CLI command for it.

Keeping ticket open because an automated test needs to be added.

Long-term future work includes start/expire dates on keys, or
not-yet-valid flags.

ticket: 1219
status: open
target_version: 1.9

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24442 dc483132-0cff-0310-8789-dd5450dbe970

3 files changed, 65 insertions, 1 deletions

diff --git a/src/kadmin/server/kadm_rpc_svc.c b/src/kadmin/server/kadm_rpc_svc.c
index 76df26e79..a231d0b1f 100644
--- a/src/kadmin/server/kadm_rpc_svc.c
+++ b/src/kadmin/server/kadm_rpc_svc.c
@@ -212,6 +212,12 @@ void kadm_1(rqstp, transp)
 	  local = (char *(*)()) setkey_principal3_2_svc;
 	  break;
 
+     case PURGEKEYS:
+	  xdr_argument = xdr_purgekeys_arg;
+	  xdr_result = xdr_generic_ret;
+	  local = (char *(*)()) purgekeys_2_svc;
+	  break;
+
      default:
 	  krb5_klog_syslog(LOG_ERR, "Invalid KADM5 procedure number: %s, %d",
 		 inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr),
diff --git a/src/kadmin/server/ovsec_kadmd.c b/src/kadmin/server/ovsec_kadmd.c
index 8e87616eb..4d7a26191 100644
--- a/src/kadmin/server/ovsec_kadmd.c
+++ b/src/kadmin/server/ovsec_kadmd.c
@@ -922,7 +922,8 @@ void log_badverf(gss_name_t client_name, gss_name_t server_name,
         {18, "CREATE_PRINCIPAL3"},
         {19, "CHPASS_PRINCIPAL3"},
         {20, "CHRAND_PRINCIPAL3"},
-        {21, "SETKEY_PRINCIPAL3"}
+        {21, "SETKEY_PRINCIPAL3"},
+        {22, "PURGEKEYS"}
     };
 #define NPROCNAMES (sizeof (proc_names) / sizeof (struct procnames))
     OM_uint32 minor;
diff --git a/src/kadmin/server/server_stubs.c b/src/kadmin/server/server_stubs.c
index 29a8805ee..79bd2839f 100644
--- a/src/kadmin/server/server_stubs.c
+++ b/src/kadmin/server/server_stubs.c
@@ -1564,6 +1564,63 @@ exit_func:
     return &ret;
 }
 
+generic_ret *
+purgekeys_2_svc(purgekeys_arg *arg, struct svc_req *rqstp)
+{
+    static generic_ret          ret;
+    char                        *prime_arg, *funcname;
+    gss_buffer_desc             client_name, service_name;
+    OM_uint32                   minor_stat;
+    kadm5_server_handle_t       handle;
+
+    const char                  *errmsg = NULL;
+
+    xdr_free(xdr_generic_ret, &ret);
+
+    if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
+        goto exit_func;
+
+    if ((ret.code = check_handle((void *)handle)))
+        goto exit_func;
+
+    ret.api_version = handle->api_version;
+
+    funcname = "kadm5_purgekeys";
+
+    if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
+        ret.code = KADM5_FAILURE;
+        goto exit_func;
+    }
+    if (krb5_unparse_name(handle->context, arg->princ, &prime_arg)) {
+        ret.code = KADM5_BAD_PRINCIPAL;
+        goto exit_func;
+    }
+
+    if (CHANGEPW_SERVICE(rqstp)
+        || !kadm5int_acl_check(handle->context, rqst2name(rqstp), ACL_MODIFY,
+                               arg->princ, NULL)) {
+        ret.code = KADM5_AUTH_MODIFY;
+        log_unauth(funcname, prime_arg, &client_name, &service_name, rqstp);
+    } else {
+        ret.code = kadm5_purgekeys((void *)handle, arg->princ,
+                                   arg->keepkvno);
+        if (ret.code != 0)
+            errmsg = krb5_get_error_message(handle->context, ret.code);
+
+        log_done(funcname, prime_arg, errmsg ? errmsg : "success",
+                 &client_name, &service_name, rqstp);
+
+        if (errmsg != NULL)
+            krb5_free_error_message(handle->context, errmsg);
+    }
+    free(prime_arg);
+    gss_release_buffer(&minor_stat, &client_name);
+    gss_release_buffer(&minor_stat, &service_name);
+exit_func:
+    free_server_handle(handle);
+    return &ret;
+}
+
 generic_ret *init_2_svc(krb5_ui_4 *arg, struct svc_req *rqstp)
 {
     static generic_ret         ret;