summaryrefslogtreecommitdiffstats
path: root/src/kadmin/server
diff options
context:
space:
mode:
authorChris Provenzano <proven@mit.edu>1995-01-13 22:05:49 +0000
committerChris Provenzano <proven@mit.edu>1995-01-13 22:05:49 +0000
commit7a3dfafc7c240ec64248269f97f25fed1009e362 (patch)
treeb31628fd34740ee0f0bd068df615759084eaa6bb /src/kadmin/server
parentef4a40eef2b466b34a015a9419dccee2a9fd5ee4 (diff)
downloadkrb5-7a3dfafc7c240ec64248269f97f25fed1009e362.tar.gz
krb5-7a3dfafc7c240ec64248269f97f25fed1009e362.tar.xz
krb5-7a3dfafc7c240ec64248269f97f25fed1009e362.zip
Removed all references to DECLARG and OLDDECLARG.
Added krb5_context to all krb5_*() routines. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@4815 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/kadmin/server')
-rw-r--r--src/kadmin/server/ChangeLog4
-rw-r--r--src/kadmin/server/adm_adm_func.c295
-rw-r--r--src/kadmin/server/adm_check.c4
-rw-r--r--src/kadmin/server/adm_extern.h155
-rw-r--r--src/kadmin/server/adm_fmt_inq.c20
-rw-r--r--src/kadmin/server/adm_funcs.c200
-rw-r--r--src/kadmin/server/adm_kadmin.c47
-rw-r--r--src/kadmin/server/adm_kpasswd.c15
-rw-r--r--src/kadmin/server/adm_listen.c17
-rw-r--r--src/kadmin/server/adm_nego.c20
-rw-r--r--src/kadmin/server/adm_network.c17
-rw-r--r--src/kadmin/server/adm_process.c80
-rw-r--r--src/kadmin/server/adm_server.c108
-rw-r--r--src/kadmin/server/adm_v4_pwd.c22
14 files changed, 580 insertions, 424 deletions
diff --git a/src/kadmin/server/ChangeLog b/src/kadmin/server/ChangeLog
index 4720f005b..4ba19147f 100644
--- a/src/kadmin/server/ChangeLog
+++ b/src/kadmin/server/ChangeLog
@@ -1,3 +1,7 @@
+Fri Jan 13 15:23:47 1995 Chris Provenzano (proven@mit.edu)
+
+ * Added krb5_context to all krb5_routines
+
Mon Dec 19 18:12:18 1994 Theodore Y. Ts'o (tytso@dcl)
* adm_listen.c (kill_children): Use syslog instead of krb_log.
diff --git a/src/kadmin/server/adm_adm_func.c b/src/kadmin/server/adm_adm_func.c
index 7d05d8af7..6c23dd80b 100644
--- a/src/kadmin/server/adm_adm_func.c
+++ b/src/kadmin/server/adm_adm_func.c
@@ -52,12 +52,13 @@ extern int classification;
#endif
krb5_error_code
- adm_build_key (newprinc, client_creds, new_passwd, oper_type, entry)
-krb5_principal newprinc;
-krb5_ticket *client_creds;
-char *new_passwd;
-int oper_type;
-krb5_db_entry entry;
+adm_build_key (context, newprinc, client_creds, new_passwd, oper_type, entry)
+ krb5_context context;
+ krb5_principal newprinc;
+ krb5_ticket *client_creds;
+ char *new_passwd;
+ int oper_type;
+ krb5_db_entry entry;
{
krb5_data outbuf;
int retval;
@@ -119,7 +120,7 @@ krb5_db_entry entry;
#endif
/* Encrypt Password and Phrase */
- if (retval = krb5_mk_priv(&outbuf,
+ if (retval = krb5_mk_priv(context, &outbuf,
ETYPE_DES_CBC_CRC,
client_creds->enc_part2->session,
&client_server_info.server_addr,
@@ -148,7 +149,8 @@ krb5_db_entry entry;
free(outbuf.data);
/* Send private message to Client */
- if (krb5_write_message(&client_server_info.client_socket, &msg_data)){
+ if (krb5_write_message(context, &client_server_info.client_socket,
+ &msg_data)){
free(msg_data.data);
com_err("adm_build_key", 0, "Error Performing Password Write");
return(5); /* Protocol Failure */
@@ -157,13 +159,13 @@ krb5_db_entry entry;
free(msg_data.data);
/* Read Client Response */
- if (krb5_read_message(&client_server_info.client_socket, &inbuf)){
+ if (krb5_read_message(context, &client_server_info.client_socket, &inbuf)){
syslog(LOG_ERR | LOG_INFO, "Error Performing Password Read");
return(5); /* Protocol Failure */
}
/* Decrypt Client Response */
- if (retval = krb5_rd_priv(&inbuf,
+ if (retval = krb5_rd_priv(context, &inbuf,
client_creds->enc_part2->session,
&client_server_info.client_addr,
&client_server_info.server_addr,
@@ -188,11 +190,12 @@ krb5_db_entry entry;
/* kadmin change password request */
krb5_error_code
- adm_change_pwd(prog, customer_name, client_creds, salttype)
-char *prog;
-char *customer_name;
-krb5_ticket *client_creds;
-int salttype;
+adm_change_pwd(context, prog, customer_name, client_creds, salttype)
+ krb5_context context;
+ char *prog;
+ char *customer_name;
+ krb5_ticket *client_creds;
+ int salttype;
{
krb5_db_entry entry;
int nprincs = 1;
@@ -207,45 +210,42 @@ int salttype;
"Remote Administrative Password Change Request for %s by %s",
customer_name, client_server_info.name_of_client);
- if (retval = krb5_parse_name(customer_name, &newprinc)) {
+ if (retval = krb5_parse_name(context, customer_name, &newprinc)) {
syslog(LOG_ERR | LOG_INFO, "parse failure while parsing '%s'",
customer_name);
return(5); /* Protocol Failure */
}
- if (!(adm_princ_exists("adm_change_pwd", newprinc,
+ if (!(adm_princ_exists(context, "adm_change_pwd", newprinc,
&entry, &nprincs))) {
com_err("adm_change_pwd", 0, "Principal does not exist!");
- krb5_free_principal(newprinc);
- krb5_db_free_principal(&entry, nprincs);
+ krb5_free_principal(context, newprinc);
+ krb5_db_free_principal(context, &entry, nprincs);
return(1); /* Principal Unknown */
}
if ((new_passwd = (char *) calloc (1, ADM_MAX_PW_LENGTH+1)) == (char *) 0) {
com_err("adm_change_pwd", ENOMEM, "while allocating new_passwd!");
- krb5_free_principal(newprinc);
- krb5_db_free_principal(&entry, nprincs);
+ krb5_free_principal(context, newprinc);
+ krb5_db_free_principal(context, &entry, nprincs);
return(3); /* No Memory */
}
oper_type = (salttype == KRB5_KDB_SALTTYPE_NORMAL) ? CHGOPER : CH4OPER;
- if (retval = adm_build_key(newprinc,
- client_creds,
- new_passwd,
- oper_type,
- entry)) {
- krb5_free_principal(newprinc);
- krb5_db_free_principal(&entry, nprincs);
+ if (retval = adm_build_key(context, newprinc, client_creds,
+ new_passwd, oper_type, entry)) {
+ krb5_free_principal(context, newprinc);
+ krb5_db_free_principal(context, &entry, nprincs);
free(new_passwd);
return(retval);
}
- retval = krb5_unparse_name(newprinc, &composite_name);
+ retval = krb5_unparse_name(context, newprinc, &composite_name);
entry.salt_type = (krb5_int32) salttype;
- if (retval = adm_enter_pwd_key("adm_change_pwd",
+ if (retval = adm_enter_pwd_key(context, "adm_change_pwd",
composite_name,
newprinc,
newprinc,
@@ -253,8 +253,8 @@ int salttype;
salttype,
new_passwd,
&entry)) retval = 8;
- krb5_free_principal(newprinc);
- krb5_db_free_principal(&entry, nprincs);
+ krb5_free_principal(context, newprinc);
+ krb5_db_free_principal(context, &entry, nprincs);
free(composite_name);
(void) memset(new_passwd, 0, strlen(new_passwd));
@@ -264,10 +264,11 @@ int salttype;
/* kadmin add new random key function */
krb5_error_code
- adm_change_pwd_rnd(cmdname, customer_name, client_creds)
-char *cmdname;
-char *customer_name;
-krb5_ticket *client_creds;
+adm_change_pwd_rnd(context, cmdname, customer_name, client_creds)
+ krb5_context context;
+ char *cmdname;
+ char *customer_name;
+ krb5_ticket *client_creds;
{
krb5_db_entry entry;
int nprincs = 1;
@@ -279,46 +280,47 @@ krb5_ticket *client_creds;
"Remote Administrative Random Password Change Request for %s by %s",
customer_name, client_server_info.name_of_client);
- if (retval = krb5_parse_name(customer_name, &newprinc)) {
+ if (retval = krb5_parse_name(context, customer_name, &newprinc)) {
com_err("adm_change_pwd_rnd", retval, "while parsing '%s'", customer_name);
return(5); /* Protocol Failure */
}
#ifdef SANDIA
if (!(newprinc[2])) {
if (retval = check_security(newprinc, classification)) {
- krb5_free_principal(newprinc);
+ krb5_free_principal(context, newprinc);
syslog(LOG_ERR, "Principal (%s) - Incorrect Classification level",
customer_name);
return(6);
}
}
#endif
- if (!(adm_princ_exists("adm_change_pwd_rnd", newprinc,
+ if (!(adm_princ_exists(context, "adm_change_pwd_rnd", newprinc,
&entry, &nprincs))) {
com_err("adm_change_pwd_rnd", 0, "Principal does not exist!");
- krb5_free_principal(newprinc);
- krb5_db_free_principal(&entry, nprincs);
+ krb5_free_principal(context, newprinc);
+ krb5_db_free_principal(context, &entry, nprincs);
return(1); /* Principal Unknown */
}
- if (retval = adm_enter_rnd_pwd_key("adm_change_pwd_rnd",
+ if (retval = adm_enter_rnd_pwd_key(context, "adm_change_pwd_rnd",
newprinc,
1, /* change existing entry */
&entry))
retval = 8;
- krb5_free_principal(newprinc);
- krb5_db_free_principal(&entry, nprincs);
+ krb5_free_principal(context, newprinc);
+ krb5_db_free_principal(context, &entry, nprincs);
return(retval);
}
/* kadmin add new key function */
krb5_error_code
- adm_add_new_key(cmdname, customer_name, client_creds, salttype)
-char *cmdname;
-char *customer_name;
-krb5_ticket *client_creds;
-int salttype;
+adm_add_new_key(context, cmdname, customer_name, client_creds, salttype)
+ krb5_context context;
+ char *cmdname;
+ char *customer_name;
+ krb5_ticket *client_creds;
+ int salttype;
{
krb5_db_entry entry;
int nprincs = 1;
@@ -331,47 +333,47 @@ int salttype;
"Remote Administrative Addition Request for %s by %s",
customer_name, client_server_info.name_of_client);
- if (retval = krb5_parse_name(customer_name, &newprinc)) {
+ if (retval = krb5_parse_name(context, customer_name, &newprinc)) {
com_err("adm_add_new_key", retval, "while parsing '%s'", customer_name);
return(5); /* Protocol Failure */
}
#ifdef SANDIA
if (!(newprinc[2])) {
if (retval = check_security(newprinc, classification)) {
- krb5_free_principal(newprinc);
+ krb5_free_principal(context, newprinc);
syslog(LOG_ERR, "Principal (%s) - Incorrect Classification level",
customer_name);
return(6);
}
}
#endif
- if (adm_princ_exists("adm_add_new_key", newprinc, &entry, &nprincs)) {
+ if (adm_princ_exists(context, "adm_add_new_key",newprinc,&entry,&nprincs)) {
com_err("adm_add_new_key", 0,
"principal '%s' already exists", customer_name);
- krb5_free_principal(newprinc);
- krb5_db_free_principal(&entry, nprincs);
+ krb5_free_principal(context, newprinc);
+ krb5_db_free_principal(context, &entry, nprincs);
return(2); /* Principal Already Exists */
}
if ((new_passwd = (char *) calloc (1, 255)) == (char *) 0) {
com_err("adm_add_new_key", ENOMEM, "for new_passwd");
- krb5_free_principal(newprinc);
- krb5_db_free_principal(&entry, nprincs);
+ krb5_free_principal(context, newprinc);
+ krb5_db_free_principal(context, &entry, nprincs);
return(3); /* No Memory */
}
- if (retval = adm_build_key(newprinc,
+ if (retval = adm_build_key(context, newprinc,
client_creds,
new_passwd,
ADDOPER,
entry)) {
- krb5_free_principal(newprinc);
- krb5_db_free_principal(&entry, nprincs);
+ krb5_free_principal(context, newprinc);
+ krb5_db_free_principal(context, &entry, nprincs);
free(new_passwd);
return(retval);
}
- if (retval = adm_enter_pwd_key( "adm_add_new_key",
+ if (retval = adm_enter_pwd_key(context, "adm_add_new_key",
customer_name,
newprinc,
newprinc,
@@ -382,17 +384,18 @@ int salttype;
retval = 8;
(void) memset(new_passwd, 0, strlen(new_passwd));
free(new_passwd);
- krb5_free_principal(newprinc);
- krb5_db_free_principal(&entry, nprincs);
+ krb5_free_principal(context, newprinc);
+ krb5_db_free_principal(context, &entry, nprincs);
return(retval);
}
/* kadmin add new random key function */
krb5_error_code
- adm_add_new_key_rnd(cmdname, customer_name, client_creds)
-char *cmdname;
-char *customer_name;
-krb5_ticket *client_creds;
+adm_add_new_key_rnd(context, cmdname, customer_name, client_creds)
+ krb5_context context;
+ char *cmdname;
+ char *customer_name;
+ krb5_ticket *client_creds;
{
krb5_db_entry entry;
int nprincs = 1;
@@ -404,44 +407,46 @@ krb5_ticket *client_creds;
"Remote Administrative Addition Request for %s by %s",
customer_name, client_server_info.name_of_client);
- if (retval = krb5_parse_name(customer_name, &newprinc)) {
+ if (retval = krb5_parse_name(context, customer_name, &newprinc)) {
com_err("adm_add_new_key_rnd", retval, "while parsing '%s'", customer_name);
return(5); /* Protocol Failure */
}
#ifdef SANDIA
if (!(newprinc[2])) {
if (retval = check_security(newprinc, classification)) {
- krb5_free_principal(newprinc);
+ krb5_free_principal(context, newprinc);
syslog(LOG_ERR, "Principal (%s) - Incorrect Classification level",
customer_name);
return(6);
}
}
#endif
- if (adm_princ_exists("adm_add_new_key_rnd", newprinc, &entry, &nprincs)) {
+ if (adm_princ_exists(context, "adm_add_new_key_rnd", newprinc,
+ &entry, &nprincs)) {
com_err("adm_add_new_key_rnd", 0,
"principal '%s' already exists", customer_name);
- krb5_free_principal(newprinc);
- krb5_db_free_principal(&entry, nprincs);
+ krb5_free_principal(context, newprinc);
+ krb5_db_free_principal(context, &entry, nprincs);
return(2); /* Principal Already Exists */
}
- if (retval = adm_enter_rnd_pwd_key("adm_add_new_key_rnd",
+ if (retval = adm_enter_rnd_pwd_key(context, "adm_add_new_key_rnd",
newprinc,
0, /* new entry */
&entry))
retval = 8;
- krb5_free_principal(newprinc);
- krb5_db_free_principal(&entry, nprincs);
+ krb5_free_principal(context, newprinc);
+ krb5_db_free_principal(context, &entry, nprincs);
return(retval);
}
/* kadmin delete old key function */
krb5_error_code
- adm_del_old_key(cmdname, customer_name)
-char *cmdname;
-char *customer_name;
+adm_del_old_key(context, cmdname, customer_name)
+ krb5_context context;
+ char *cmdname;
+ char *customer_name;
{
krb5_db_entry entry;
int nprincs = 1;
@@ -454,45 +459,46 @@ char *customer_name;
"Remote Administrative Deletion Request for %s by %s",
customer_name, client_server_info.name_of_client);
- if (retval = krb5_parse_name(customer_name, &newprinc)) {
+ if (retval = krb5_parse_name(context, customer_name, &newprinc)) {
com_err("adm_del_old_key", retval, "while parsing '%s'", customer_name);
return(5); /* Protocol Failure */
}
- if (!adm_princ_exists("adm_del_old_key", newprinc,
+ if (!adm_princ_exists(context, "adm_del_old_key", newprinc,
&entry, &nprincs)) {
com_err("adm_del_old_key", 0, "principal '%s' is not in the database",
customer_name);
- krb5_free_principal(newprinc);
- krb5_db_free_principal(&entry, nprincs);
+ krb5_free_principal(context, newprinc);
+ krb5_db_free_principal(context, &entry, nprincs);
return(1);
}
- if (retval = krb5_db_delete_principal(newprinc, &one)) {
+ if (retval = krb5_db_delete_principal(context, newprinc, &one)) {
com_err("adm_del_old_key", retval,
"while deleting '%s'", customer_name);
- krb5_free_principal(newprinc);
- krb5_db_free_principal(&entry, nprincs);
+ krb5_free_principal(context, newprinc);
+ krb5_db_free_principal(context, &entry, nprincs);
return(8);
} else if (one != 1) {
com_err("adm_del_old_key", 0,
"no principal deleted - unknown error");
- krb5_free_principal(newprinc);
- krb5_db_free_principal(&entry, nprincs);
+ krb5_free_principal(context, newprinc);
+ krb5_db_free_principal(context, &entry, nprincs);
return(8);
}
- krb5_free_principal(newprinc);
- krb5_db_free_principal(&entry, nprincs);
+ krb5_free_principal(context, newprinc);
+ krb5_db_free_principal(context, &entry, nprincs);
return(0);
}
/* kadmin modify existing Principal function */
krb5_error_code
- adm_mod_old_key(cmdname, customer_name, client_creds)
-char *cmdname;
-char *customer_name;
-krb5_ticket *client_creds;
+adm_mod_old_key(context, cmdname, customer_name, client_creds)
+ krb5_context context;
+ char *cmdname;
+ char *customer_name;
+ krb5_ticket *client_creds;
{
krb5_db_entry entry;
int nprincs = 1;
@@ -510,27 +516,27 @@ krb5_ticket *client_creds;
"Remote Administrative Modification Request for %s by %s",
customer_name, client_server_info.name_of_client);
- if (retval = krb5_parse_name(customer_name, &newprinc)) {
+ if (retval = krb5_parse_name(context, customer_name, &newprinc)) {
com_err("adm_mod_old_key", retval, "while parsing '%s'", customer_name);
return(5); /* Protocol Failure */
}
for ( ; ; ) {
- if (!adm_princ_exists("adm_mod_old_key", newprinc,
+ if (!adm_princ_exists(context, "adm_mod_old_key", newprinc,
&entry, &nprincs)) {
- krb5_db_free_principal(&entry, nprincs);
+ krb5_db_free_principal(context, &entry, nprincs);
com_err("adm_mod_old_key", 0,
"principal '%s' is not in the database",
customer_name);
- krb5_free_principal(newprinc);
+ krb5_free_principal(context, newprinc);
return(1);
}
/* Send Acknowledgement */
if ((outbuf.data = (char *) calloc (1, 255)) == (char *) 0) {
- krb5_free_principal(newprinc);
- krb5_db_free_principal(&entry, nprincs);
+ krb5_free_principal(context, newprinc);
+ krb5_db_free_principal(context, &entry, nprincs);
com_err("adm_mod_old_key", ENOMEM, "for outbuf.data");
return(3); /* No Memory */
}
@@ -540,7 +546,7 @@ krb5_ticket *client_creds;
outbuf.data[1] = MODOPER;
outbuf.data[2] = SENDDATA3;
- if (retval = krb5_mk_priv(&outbuf,
+ if (retval = krb5_mk_priv(context, &outbuf,
ETYPE_DES_CBC_CRC,
client_creds->enc_part2->session,
&client_server_info.server_addr,
@@ -550,18 +556,19 @@ krb5_ticket *client_creds;
0,
0,
&msg_data)) {
- krb5_free_principal(newprinc);
- krb5_db_free_principal(&entry, nprincs);
+ krb5_free_principal(context, newprinc);
+ krb5_db_free_principal(context, &entry, nprincs);
com_err("adm_mod_old_key", retval, "during mk_priv");
free(outbuf.data);
return(5); /* Protocol Failure */
}
free(outbuf.data);
- if (krb5_write_message(&client_server_info.client_socket, &msg_data)){
+ if (krb5_write_message(context, &client_server_info.client_socket,
+ &msg_data)){
free(msg_data.data);
- krb5_free_principal(newprinc);
- krb5_db_free_principal(&entry, nprincs);
+ krb5_free_principal(context, newprinc);
+ krb5_db_free_principal(context, &entry, nprincs);
com_err("adm_mod_old_key", 0,
"Error Performing Modification Write");
return(5); /* Protocol Failure */
@@ -569,16 +576,16 @@ krb5_ticket *client_creds;
free(msg_data.data);
/* Read Client Response */
- if (krb5_read_message(&client_server_info.client_socket, &inbuf)){
- krb5_free_principal(newprinc);
- krb5_db_free_principal(&entry, nprincs);
+ if (krb5_read_message(context, &client_server_info.client_socket, &inbuf)){
+ krb5_free_principal(context, newprinc);
+ krb5_db_free_principal(context, &entry, nprincs);
com_err("adm_mod_old_key", errno,
"Error Performing Modification Read");
return(5); /* Protocol Failure */
}
/* Decrypt Client Response */
- if (retval = krb5_rd_priv(&inbuf,
+ if (retval = krb5_rd_priv(context, &inbuf,
client_creds->enc_part2->session,
&client_server_info.client_addr,
&client_server_info.server_addr,
@@ -590,8 +597,8 @@ krb5_ticket *client_creds;
com_err("adm_mod_old_key", retval, "krb5_rd_priv error %s",
error_message(retval));
free(inbuf.data);
- krb5_free_principal(newprinc);
- krb5_db_free_principal(&entry, nprincs);
+ krb5_free_principal(context, newprinc);
+ krb5_db_free_principal(context, &entry, nprincs);
return(5); /* Protocol Failure */
}
@@ -602,8 +609,8 @@ krb5_ticket *client_creds;
/* Decode Message - Modify Database */
if (msg_data.data[2] != SENDDATA3) {
free(msg_data.data);
- krb5_free_principal(newprinc);
- krb5_db_free_principal(&entry, nprincs);
+ krb5_free_principal(context, newprinc);
+ krb5_db_free_principal(context, &entry, nprincs);
return(5); /* Protocol Failure */
}
#ifdef SANDIA
@@ -670,34 +677,34 @@ krb5_ticket *client_creds;
free(msg_data.data);
entry.mod_name = client_server_info.client;
- if (retval = krb5_timeofday(&entry.mod_date)) {
+ if (retval = krb5_timeofday(context, &entry.mod_date)) {
com_err("adm_mod_old_key", retval, "while fetching date");
- krb5_free_principal(newprinc);
- krb5_db_free_principal(&entry, nprincs);
+ krb5_free_principal(context, newprinc);
+ krb5_db_free_principal(context, &entry, nprincs);
return(5); /* Protocol Failure */
}
- retval = krb5_db_put_principal(&entry, &one);
+ retval = krb5_db_put_principal(context, &entry, &one);
if (retval) {
com_err("adm_mod_old_key", retval, "while storing principal");
- krb5_free_principal(newprinc);
- krb5_db_free_principal(&entry, nprincs);
+ krb5_free_principal(context, newprinc);
+ krb5_db_free_principal(context, &entry, nprincs);
return(8); /* Update failed */
}
one = 1;
} /* for */
- krb5_db_free_principal(&entry, nprincs);
- krb5_free_principal(newprinc);
+ krb5_db_free_principal(context, &entry, nprincs);
+ krb5_free_principal(context, newprinc);
/* Read Client Response */
- if (krb5_read_message(&client_server_info.client_socket, &inbuf)){
+ if (krb5_read_message(context, &client_server_info.client_socket, &inbuf)){
com_err("adm_mod_old_key", errno, "Error Performing Read");
return(5); /* Protocol Failure */
}
/* Decrypt Client Response */
- if (retval = krb5_rd_priv(&inbuf,
+ if (retval = krb5_rd_priv(context, &inbuf,
client_creds->enc_part2->session,
&client_server_info.client_addr,
&client_server_info.server_addr,
@@ -720,10 +727,11 @@ krb5_ticket *client_creds;
/* kadmin inquire existing Principal function */
krb5_error_code
- adm_inq_old_key(cmdname, customer_name, client_creds)
-char *cmdname;
-char *customer_name;
-krb5_ticket *client_creds;
+adm_inq_old_key(context, cmdname, customer_name, client_creds)
+ krb5_context context;
+ char *cmdname;
+ char *customer_name;
+ krb5_ticket *client_creds;
{
krb5_db_entry entry;
int nprincs = 1;
@@ -737,21 +745,21 @@ krb5_ticket *client_creds;
"Remote Administrative Inquiry Request for %s by %s",
customer_name, client_server_info.name_of_client);
- if (retval = krb5_parse_name(customer_name, &newprinc)) {
+ if (retval = krb5_parse_name(context, customer_name, &newprinc)) {
com_err("adm_inq_old_key", retval, "while parsing '%s'", customer_name);
return(5); /* Protocol Failure */
}
- if (retval = krb5_unparse_name(newprinc, &fullname)) {
- krb5_free_principal(newprinc);
+ if (retval = krb5_unparse_name(context, newprinc, &fullname)) {
+ krb5_free_principal(context, newprinc);
com_err("adm_inq_old_key", retval, "while unparsing");
return(5); /* Protocol Failure */
}
- if (!adm_princ_exists("adm_inq_old_key", newprinc,
+ if (!adm_princ_exists(context, "adm_inq_old_key", newprinc,
&entry, &nprincs)) {
- krb5_db_free_principal(&entry, nprincs);
- krb5_free_principal(newprinc);
+ krb5_db_free_principal(context, &entry, nprincs);
+ krb5_free_principal(context, newprinc);
free(fullname);
com_err("adm_inq_old_key", 0, "principal '%s' is not in the database",
customer_name);
@@ -759,28 +767,28 @@ krb5_ticket *client_creds;
}
if ((outbuf.data = (char *) calloc (1, 2048)) == (char *) 0) {
- krb5_db_free_principal(&entry, nprincs);
- krb5_free_principal(newprinc);
+ krb5_db_free_principal(context, &entry, nprincs);
+ krb5_free_principal(context, newprinc);
free(fullname);
com_err("adm_inq_old_key", ENOMEM, "for outbuf.data");
return(3); /* No Memory */
}
/* Format Inquiry Data */
- if ((retval = adm_fmt_prt(&entry, fullname, outbuf.data))) {
- krb5_db_free_principal(&entry, nprincs);
- krb5_free_principal(newprinc);
+ if ((retval = adm_fmt_prt(context, &entry, fullname, outbuf.data))) {
+ krb5_db_free_principal(context, &entry, nprincs);
+ krb5_free_principal(context, newprinc);
free(fullname);
com_err("adm_inq_old_key", 0, "Unable to Format Inquiry Data");
return(5); /* XXX protocol failure --- not right, but.. */
}
outbuf.length = strlen(outbuf.data);
- krb5_db_free_principal(&entry, nprincs);
- krb5_free_principal(newprinc);
+ krb5_db_free_principal(context, &entry, nprincs);
+ krb5_free_principal(context, newprinc);
free(fullname);
/* Encrypt Inquiry Data */
- if (retval = krb5_mk_priv(&outbuf,
+ if (retval = krb5_mk_priv(context, &outbuf,
ETYPE_DES_CBC_CRC,
client_creds->enc_part2->session,
&client_server_info.server_addr,
@@ -797,7 +805,8 @@ krb5_ticket *client_creds;
free(outbuf.data);
/* Send Inquiry Information */
- if (krb5_write_message(&client_server_info.client_socket, &msg_data)){
+ if (krb5_write_message(context, &client_server_info.client_socket,
+ &msg_data)){
free(msg_data.data);
com_err("adm_inq_old_key", 0, "Error Performing Write");
return(5); /* Protocol Failure */
@@ -806,14 +815,14 @@ krb5_ticket *client_creds;
free(msg_data.data);
/* Read Client Response */
- if (krb5_read_message(&client_server_info.client_socket, &inbuf)){
+ if (krb5_read_message(context, &client_server_info.client_socket, &inbuf)){
com_err("adm_inq_old_key", errno, "Error Performing Read");
syslog(LOG_ERR, "adm_inq sock %d", client_server_info.client_socket);
return(5); /* Protocol Failure */
}
/* Decrypt Client Response */
- if (retval = krb5_rd_priv(&inbuf,
+ if (retval = krb5_rd_priv(context, &inbuf,
client_creds->enc_part2->session,
&client_server_info.client_addr,
&client_server_info.server_addr,
diff --git a/src/kadmin/server/adm_check.c b/src/kadmin/server/adm_check.c
index cd645c8fb..b36c03df5 100644
--- a/src/kadmin/server/adm_check.c
+++ b/src/kadmin/server/adm_check.c
@@ -49,8 +49,8 @@
krb5_error_code
adm_check_acl(name_of_client, acl_type)
-char *name_of_client;
-char *acl_type;
+ char *name_of_client;
+ char *acl_type;
{
FILE *acl_file;
char input_string[255];
diff --git a/src/kadmin/server/adm_extern.h b/src/kadmin/server/adm_extern.h
index 7764588c2..6c7ad4f86 100644
--- a/src/kadmin/server/adm_extern.h
+++ b/src/kadmin/server/adm_extern.h
@@ -87,5 +87,160 @@ extern char *kadmind_kpasswd_response[];
extern char *kadmind_ksrvutil_response[];
extern char *kadmind_kadmin_response[];
+/* PROTOTYPES */
+
+krb5_error_code adm_build_key
+ PROTOTYPE((krb5_context,
+ krb5_principal,
+ krb5_ticket *,
+ char *,
+ int,
+ krb5_db_entry));
+
+krb5_error_code adm_change_pwd
+ PROTOTYPE((krb5_context,
+ char *,
+ char *,
+ krb5_ticket *,
+ int));
+
+krb5_error_code adm_change_pwd_rnd
+ PROTOTYPE((krb5_context,
+ char *,
+ char *,
+ krb5_ticket *));
+
+krb5_error_code adm_add_new_key
+ PROTOTYPE((krb5_context,
+ char *,
+ char *,
+ krb5_ticket *,
+ int));
+
+krb5_error_code adm_add_new_key_rnd
+ PROTOTYPE((krb5_context,
+ char *,
+ char *,
+ krb5_ticket *));
+
+krb5_error_code adm_del_old_key
+ PROTOTYPE((krb5_context,
+ char *,
+ char *));
+
+krb5_error_code adm_mod_old_key
+ PROTOTYPE((krb5_context,
+ char *,
+ char *,
+ krb5_ticket* ));
+
+krb5_error_code adm_inq_old_key
+ PROTOTYPE((krb5_context,
+ char *,
+ char *,
+ krb5_ticket *));
+
+krb5_error_code adm_print_exp_time
+ PROTOTYPE((krb5_context,
+ char *,
+ krb5_timestamp));
+
+krb5_kvno adm_princ_exists
+ PROTOTYPE((krb5_context,
+ char *,
+ krb5_principal,
+ krb5_db_entry *,
+ int *));
+
+krb5_error_code adm_enter_rnd_pwd_key
+ PROTOTYPE((krb5_context,
+ char *,
+ krb5_principal,
+ int,
+ krb5_db_entry *));
+
+krb5_error_code adm5_kadmin
+ PROTOTYPE((krb5_context,
+ char *,
+ krb5_authenticator *,
+ krb5_ticket *,
+ char *,
+ int *));
+
+krb5_error_code adm_negotiate_key
+ PROTOTYPE((krb5_context,
+ char const *,
+ krb5_ticket *,
+ char *));
+
+krb5_error_code setup_network
+ PROTOTYPE((krb5_context,
+ const char *));
+
+krb5_error_code cpw_keyproc
+ PROTOTYPE((krb5_context,
+ krb5_pointer,
+ krb5_principal,
+ krb5_kvno,
+ krb5_keyblock **));
+
+krb5_error_code process_client
+ PROTOTYPE((krb5_context,
+ char *));
+
+krb5_error_code cleanexit
+ PROTOTYPE((krb5_context,
+ int));
+
+krb5_error_code closedown_db
+ PROTOTYPE((krb5_context));
+
+krb5_error_code process_args
+ PROTOTYPE((krb5_context,
+ int,
+ char **));
+
+krb5_error_code init_db
+ PROTOTYPE((krb5_context,
+ char *,
+ krb5_principal,
+ krb5_keyblock *));
+
+void setup_com_err
+ PROTOTYPE((krb5_context));
+
+krb5_error_code princ_exists
+ PROTOTYPE((krb5_context,
+ krb5_principal,
+ krb5_db_entry *));
+
+krb5_error_code adm_enter_pwd_key
+ PROTOTYPE((krb5_context,
+ char * ,
+ char * ,
+ krb5_const_principal ,
+ krb5_const_principal ,
+ int ,
+ int ,
+ char * ,
+ krb5_db_entry * ));
+
+krb5_error_code adm5_change
+ PROTOTYPE((krb5_context,
+ char *,
+ krb5_principal ,
+ krb5_ticket *));
+
+int adm5_listen_and_process
+ PROTOTYPE((krb5_context,
+ const char *));
+
+krb5_error_code adm5_kpasswd
+ PROTOTYPE((krb5_context,
+ char *,
+ kadmin_requests *,
+ krb5_ticket *,
+ char *,
+ int *));
#endif /* __ADM_EXTERN__ */
diff --git a/src/kadmin/server/adm_fmt_inq.c b/src/kadmin/server/adm_fmt_inq.c
index 8a106d343..9914b6abc 100644
--- a/src/kadmin/server/adm_fmt_inq.c
+++ b/src/kadmin/server/adm_fmt_inq.c
@@ -114,9 +114,10 @@ krb5_flags attribs;
}
krb5_error_code
-adm_print_exp_time(ret_data, time_input)
-char *ret_data;
-krb5_timestamp *time_input;
+adm_print_exp_time(context, ret_data, time_input)
+ krb5_context context;
+ char *ret_data;
+ krb5_timestamp *time_input;
{
char *my_data;
struct tm *exp_time;
@@ -140,10 +141,11 @@ krb5_timestamp *time_input;
}
krb5_error_code
-adm_fmt_prt(entry, Principal_name, ret_data)
-krb5_db_entry *entry;
-char *Principal_name;
-char *ret_data;
+adm_fmt_prt(context, entry, Principal_name, ret_data)
+ krb5_context context;
+ krb5_db_entry *entry;
+ char *Principal_name;
+ char *ret_data;
{
struct tm *mod_time;
krb5_error_code retval;
@@ -168,7 +170,7 @@ char *ret_data;
strcat(my_data, thisline);
sprintf(thisline, "Principal Key Version (PKV) = %d\n", entry->kvno);
strcat(my_data, thisline);
- if (retval = adm_print_exp_time(my_data, &entry->expiration)) {
+ if (retval = adm_print_exp_time(context, my_data, &entry->expiration)) {
free(my_data);
return retval;
}
@@ -204,7 +206,7 @@ char *ret_data;
sprintf(thisline,
"Invalid Authentication Count (FCNT) = %d\n", entry->fail_auth_count);
strcat(my_data, thisline);
- retval = krb5_timeofday(&now);
+ retval = krb5_timeofday(context, &now);
pwd_expire = (now - entry->last_pwd_change) / 86400;
sprintf(thisline, "Password Age is %d Days\n", pwd_expire);
strcat(my_data, thisline);
diff --git a/src/kadmin/server/adm_funcs.c b/src/kadmin/server/adm_funcs.c
index 315767d99..1f8a3ff2a 100644
--- a/src/kadmin/server/adm_funcs.c
+++ b/src/kadmin/server/adm_funcs.c
@@ -72,43 +72,34 @@ krb5_error_code adm_get_rnd_key PROTOTYPE((char *,
int,
krb5_db_entry *));
-krb5_error_code adm_modify_kdb PROTOTYPE((char const *,
- char const *,
- krb5_const_principal,
- const krb5_keyblock *,
- const krb5_keyblock *,
- int,
- struct saltblock *,
- struct saltblock *,
- krb5_db_entry *));
-
-krb5_error_code adm_enter_pwd_key PROTOTYPE((char *,
- char *,
- krb5_const_principal,
- krb5_const_principal,
- int,
- int,
- char *,
- krb5_db_entry *));
-
-krb5_error_code adm_negotiate_key PROTOTYPE((char const *,
- krb5_ticket *,
- char *));
+static krb5_error_code adm_modify_kdb
+ PROTOTYPE((krb5_context,
+ char const *,
+ char const *,
+ krb5_const_principal,
+ const krb5_keyblock *,
+ const krb5_keyblock *,
+ int,
+ struct saltblock *,
+ struct saltblock *,
+ krb5_db_entry *));
#include <krb5/narrow.h>
krb5_kvno
-adm_princ_exists(cmdname, principal, entry, nprincs)
-char *cmdname;
-krb5_principal principal;
-krb5_db_entry *entry;
-int *nprincs;
+adm_princ_exists(context, cmdname, principal, entry, nprincs)
+ krb5_context context;
+ char *cmdname;
+ krb5_principal principal;
+ krb5_db_entry *entry;
+ int *nprincs;
{
krb5_boolean more;
krb5_error_code retval;
- if (retval = krb5_db_get_principal(principal, entry, nprincs, &more)) {
+ if (retval = krb5_db_get_principal(context, principal, entry,
+ nprincs, &more)) {
com_err("adm_princ_exists", retval,
"while attempting to verify principal's existence");
return(0);
@@ -119,26 +110,19 @@ int *nprincs;
return(*nprincs);
}
-krb5_error_code
-adm_modify_kdb(DECLARG(char const *, cmdname),
- DECLARG(char const *, newprinc),
- DECLARG(krb5_const_principal, principal),
- DECLARG(const krb5_keyblock *, key),
- DECLARG(const krb5_keyblock *, alt_key),
- DECLARG(int, req_type),
- DECLARG(struct saltblock *, salt),
- DECLARG(struct saltblock *, altsalt),
- DECLARG(krb5_db_entry *, entry))
-OLDDECLARG(char const *, cmdname)
-OLDDECLARG(char const *, newprinc)
-OLDDECLARG(krb5_const_principal, principal)
-OLDDECLARG(const krb5_keyblock *, key)
-OLDDECLARG(const krb5_keyblock *, alt_key)
-OLDDECLARG(int, req_type)
-OLDDECLARG(struct saltblock *, salt)
-OLDDECLARG(struct saltblock *, altsalt)
-OLDDECLARG(krb5_db_entry *, entry)
-
+static krb5_error_code
+adm_modify_kdb(context, cmdname, newprinc, principal, key, alt_key, req_type,
+ salt, altsalt, entry)
+ krb5_context context;
+ char const * cmdname;
+ char const * newprinc;
+ krb5_const_principal principal;
+ const krb5_keyblock * key;
+ const krb5_keyblock * alt_key;
+ int req_type;
+ struct saltblock * salt;
+ struct saltblock * altsalt;
+ krb5_db_entry * entry;
{
krb5_error_code retval;
int one = 1;
@@ -148,7 +132,7 @@ OLDDECLARG(krb5_db_entry *, entry)
if (!req_type) { /* New entry - initialize */
memset((char *) entry, 0, sizeof(krb5_db_entry));
- retval = krb5_copy_principal(principal, &entry->principal);
+ retval = krb5_copy_principal(context, principal, &entry->principal);
if (retval)
return retval;
entry->kvno = KDB5_VERSION_NUM;
@@ -156,9 +140,9 @@ OLDDECLARG(krb5_db_entry *, entry)
entry->max_renewable_life = master_entry.max_renewable_life;
entry->mkvno = master_entry.mkvno;
entry->expiration = master_entry.expiration;
- retval = krb5_copy_principal(master_princ, &entry->mod_name);
+ retval = krb5_copy_principal(context, master_princ, &entry->mod_name);
if (retval) {
- krb5_free_principal(entry->principal);
+ krb5_free_principal(context, entry->principal);
entry->principal = 0;
return retval;
}
@@ -167,13 +151,13 @@ OLDDECLARG(krb5_db_entry *, entry)
#ifdef SANDIA
entry->attributes &= ~KRB5_KDB_REQUIRES_PWCHANGE;
#endif
- retval = krb5_copy_principal(principal, &entry->mod_name);
+ retval = krb5_copy_principal(context, principal, &entry->mod_name);
if (retval)
return retval;
}
if (key && key->length) {
- retval = krb5_kdb_encrypt_key(&master_encblock,
+ retval = krb5_kdb_encrypt_key(context, &master_encblock,
key,
&entry->key);
if (retval) {
@@ -184,7 +168,7 @@ OLDDECLARG(krb5_db_entry *, entry)
}
if (alt_key && alt_key->length) {
- retval = krb5_kdb_encrypt_key(&master_encblock,
+ retval = krb5_kdb_encrypt_key(context, &master_encblock,
alt_key,
&entry->alt_key);
if (retval) {
@@ -199,7 +183,7 @@ OLDDECLARG(krb5_db_entry *, entry)
}
}
- if (retval = krb5_timeofday(&entry->mod_date)) {
+ if (retval = krb5_timeofday(context, &entry->mod_date)) {
com_err("adm_modify_kdb", retval, "while fetching date");
if (entry->key.contents) {
memset((char *) entry->key.contents, 0, entry->key.length);
@@ -252,7 +236,7 @@ OLDDECLARG(krb5_db_entry *, entry)
entry->alt_salt = 0;
}
} else {
- if (retval = krb5_timeofday(&entry->last_pwd_change)) {
+ if (retval = krb5_timeofday(context, &entry->last_pwd_change)) {
com_err("adm_modify_kdb", retval, "while fetching date");
if (entry->key.contents) {
memset((char *) entry->key.contents, 0, entry->key.length);
@@ -269,7 +253,7 @@ OLDDECLARG(krb5_db_entry *, entry)
}
}
- retval = krb5_db_put_principal(entry, &one);
+ retval = krb5_db_put_principal(context, entry, &one);
if (entry->key.contents) {
memset((char *) entry->key.contents, 0, entry->key.length);
@@ -295,22 +279,17 @@ OLDDECLARG(krb5_db_entry *, entry)
}
krb5_error_code
-adm_enter_pwd_key(DECLARG(char *, cmdname),
- DECLARG(char *, newprinc),
- DECLARG(krb5_const_principal, princ),
- DECLARG(krb5_const_principal, string_princ),
- DECLARG(int, req_type),
- DECLARG(int, salttype),
- DECLARG(char *, new_password),
- DECLARG(krb5_db_entry *, entry))
-OLDDECLARG(char *, cmdname)
-OLDDECLARG(char *, newprinc)
-OLDDECLARG(krb5_const_principal, princ)
-OLDDECLARG(krb5_const_principal, string_princ)
-OLDDECLARG(int, req_type)
-OLDDECLARG(int, salttype)
-OLDDECLARG(char *, new_password)
-OLDDECLARG(krb5_db_entry *, entry)
+adm_enter_pwd_key(context, cmdname, newprinc, princ, string_princ, req_type,
+ salttype, new_password, entry)
+ krb5_context context;
+ char * cmdname;
+ char * newprinc;
+ krb5_const_principal princ;
+ krb5_const_principal string_princ;
+ int req_type;
+ int salttype;
+ char * new_password;
+ krb5_db_entry * entry;
{
krb5_error_code retval;
krb5_keyblock tempkey;
@@ -329,7 +308,7 @@ OLDDECLARG(krb5_db_entry *, entry)
switch (salttype) {
case KRB5_KDB_SALTTYPE_NORMAL:
- if (retval = krb5_principal2salt(string_princ, &salt.saltdata)) {
+ if (retval = krb5_principal2salt(context,string_princ,&salt.saltdata)) {
com_err("adm_enter_pwd_key", retval,
"while converting principal to salt for '%s'", newprinc);
goto cleanup;
@@ -343,7 +322,8 @@ OLDDECLARG(krb5_db_entry *, entry)
case KRB5_KDB_SALTTYPE_V4:
salt.saltdata.data = 0;
salt.saltdata.length = 0;
- if (retval = krb5_principal2salt(string_princ, &altsalt.saltdata)) {
+ if (retval = krb5_principal2salt(context, string_princ,
+ &altsalt.saltdata)) {
com_err("adm_enter_pwd_key", retval,
"while converting principal to altsalt for '%s'", newprinc);
goto cleanup;
@@ -353,7 +333,7 @@ OLDDECLARG(krb5_db_entry *, entry)
break;
case KRB5_KDB_SALTTYPE_NOREALM:
- if (retval = krb5_principal2salt_norealm(string_princ,
+ if (retval = krb5_principal2salt_norealm(context, string_princ,
&salt.saltdata)) {
com_err("adm_enter_pwd_key", retval,
"while converting principal to salt for '%s'", newprinc);
@@ -368,7 +348,8 @@ OLDDECLARG(krb5_db_entry *, entry)
case KRB5_KDB_SALTTYPE_ONLYREALM:
{
krb5_data *foo;
- if (retval = krb5_copy_data(krb5_princ_realm(string_princ),
+ if (retval = krb5_copy_data(context,
+ krb5_princ_realm(context, string_princ),
&foo)) {
com_err("adm_enter_pwd_key", retval,
"while converting principal to salt for '%s'", newprinc);
@@ -389,7 +370,7 @@ OLDDECLARG(krb5_db_entry *, entry)
goto cleanup;
}
- if (retval = krb5_string_to_key(&master_encblock,
+ if (retval = krb5_string_to_key(context, &master_encblock,
master_keyblock.keytype,
&tempkey,
&pwd,
@@ -399,7 +380,7 @@ OLDDECLARG(krb5_db_entry *, entry)
goto cleanup;
}
- if (retval = krb5_string_to_key(&master_encblock,
+ if (retval = krb5_string_to_key(context, &master_encblock,
master_keyblock.keytype,
&alttempkey,
&pwd,
@@ -411,7 +392,7 @@ OLDDECLARG(krb5_db_entry *, entry)
memset((char *) new_password, 0, sizeof(new_password)); /* erase it */
- retval = adm_modify_kdb("adm_enter_pwd_key",
+ retval = adm_modify_kdb(context, "adm_enter_pwd_key",
newprinc,
princ,
&tempkey,
@@ -439,10 +420,11 @@ cleanup:
}
krb5_error_code
-adm5_change(prog, newprinc, client_creds)
-char *prog;
-krb5_principal newprinc;
-krb5_ticket *client_creds;
+adm5_change(context, prog, newprinc, client_creds)
+ krb5_context context;
+ char *prog;
+ krb5_principal newprinc;
+ krb5_ticket *client_creds;
{
krb5_db_entry entry;
int nprincs = 1;
@@ -451,26 +433,26 @@ krb5_ticket *client_creds;
char *composite_name;
char new_passwd[ADM_MAX_PW_LENGTH + 1];
- if (!(adm_princ_exists("adm5_change", newprinc,
+ if (!(adm_princ_exists(context, "adm5_change", newprinc,
&entry, &nprincs))) {
com_err("adm5_change", 0, "No principal exists!");
- krb5_free_principal(newprinc);
+ krb5_free_principal(context, newprinc);
return(1);
}
memset((char *) new_passwd, 0, ADM_MAX_PW_LENGTH + 1);
/* Negotiate for New Key */
- if (retval = adm_negotiate_key("adm5_change", client_creds,
+ if (retval = adm_negotiate_key(context, "adm5_change", client_creds,
new_passwd)) {
- krb5_db_free_principal(&entry, nprincs);
- krb5_free_principal(newprinc);
+ krb5_db_free_principal(context, &entry, nprincs);
+ krb5_free_principal(context, newprinc);
return(1);
}
- if (retval = krb5_unparse_name(newprinc, &composite_name)) {
- krb5_free_principal(newprinc);
- krb5_db_free_principal(&entry, nprincs);
+ if (retval = krb5_unparse_name(context, newprinc, &composite_name)) {
+ krb5_free_principal(context, newprinc);
+ krb5_db_free_principal(context, &entry, nprincs);
return retval;
}
@@ -480,7 +462,7 @@ krb5_ticket *client_creds;
com_err("adm5_change", 0, "Converting v4user to v5user");
}
- retval = adm_enter_pwd_key("adm5_change",
+ retval = adm_enter_pwd_key(context, "adm5_change",
composite_name,
newprinc,
newprinc,
@@ -489,8 +471,8 @@ krb5_ticket *client_creds;
new_passwd,
&entry);
(void) memset(new_passwd, 0, strlen(new_passwd));
- krb5_free_principal(newprinc);
- krb5_db_free_principal(&entry, nprincs);
+ krb5_free_principal(context, newprinc);
+ krb5_db_free_principal(context, &entry, nprincs);
free(composite_name);
return(retval);
}
@@ -536,14 +518,12 @@ krb5_ticket *client_creds;
#define MAXMSGSZ 255
krb5_error_code
-adm_enter_rnd_pwd_key(DECLARG(char *, cmdname),
- DECLARG(krb5_principal, change_princ),
- DECLARG(int, req_type),
- DECLARG(krb5_db_entry *, entry))
-OLDDECLARG(char *, cmdname)
-OLDDECLARG(krb5_principal, change_princ)
-OLDDECLARG(int, req_type)
-OLDDECLARG(krb5_db_entry *, entry)
+adm_enter_rnd_pwd_key(context, cmdname, change_princ, req_type, entry)
+ krb5_context context;
+ char * cmdname;
+ krb5_principal change_princ;
+ int req_type;
+ krb5_db_entry * entry;
{
krb5_error_code retval;
krb5_keyblock *tempkey;
@@ -555,18 +535,18 @@ OLDDECLARG(krb5_db_entry *, entry)
salt.salttype = salttype;
entry->salt_type = salttype;
- if (retval = krb5_init_random_key(&master_encblock,
+ if (retval = krb5_init_random_key(context, &master_encblock,
&master_keyblock,
&master_random)) {
com_err("adm_enter_rnd_pwd_key", 0, "Unable to Initialize Random Key");
- (void) krb5_finish_key(&master_encblock);
+ (void) krb5_finish_key(context, &master_encblock);
memset((char *)master_keyblock.contents, 0, master_keyblock.length);
krb5_xfree(master_keyblock.contents);
goto finish;
}
/* Get Random Key */
- if (retval = krb5_random_key(&master_encblock,
+ if (retval = krb5_random_key(context, &master_encblock,
master_random,
&tempkey)) {
com_err("adm_enter_rnd_pwd_key", 0, "Unable to Obtain Random Key");
@@ -574,16 +554,16 @@ OLDDECLARG(krb5_db_entry *, entry)
}
/* Tie the Random Key to the Principal */
- if (retval = krb5_principal2salt(change_princ, &salt.saltdata)) {
+ if (retval = krb5_principal2salt(context, change_princ, &salt.saltdata)) {
com_err("adm_enter_rnd_pwd_key", 0, "Principal2salt Failure");
goto finish;
}
- if (retval = krb5_unparse_name(change_princ, &principal_name))
+ if (retval = krb5_unparse_name(context, change_princ, &principal_name))
goto finish;
/* Modify Database */
- retval = adm_modify_kdb("adm_enter_rnd_pwd_key",
+ retval = adm_modify_kdb(context, "adm_enter_rnd_pwd_key",
principal_name,
change_princ,
tempkey,
@@ -604,7 +584,7 @@ OLDDECLARG(krb5_db_entry *, entry)
if (tempkey->contents) {
memset((char *) tempkey->contents, 0, tempkey->length);
- krb5_free_keyblock(tempkey);
+ krb5_free_keyblock(context, tempkey);
}
return(retval);
diff --git a/src/kadmin/server/adm_kadmin.c b/src/kadmin/server/adm_kadmin.c
index f5b62e04d..a499e557e 100644
--- a/src/kadmin/server/adm_kadmin.c
+++ b/src/kadmin/server/adm_kadmin.c
@@ -37,12 +37,13 @@
#include "adm_extern.h"
krb5_error_code
-adm5_kadmin(prog, client_auth_data, client_creds, retbuf, otype)
-char *prog;
-krb5_authenticator *client_auth_data;
-krb5_ticket *client_creds;
-char *retbuf; /* Allocated in Calling Routine */
-int *otype;
+adm5_kadmin(context, prog, client_auth_data, client_creds, retbuf, otype)
+ krb5_context context;
+ char *prog;
+ krb5_authenticator *client_auth_data;
+ krb5_ticket *client_creds;
+ char *retbuf; /* Allocated in Calling Routine */
+ int *otype;
{
krb5_error_code retval;
kadmin_requests request_type;
@@ -65,7 +66,7 @@ int *otype;
retbuf[2] = SENDDATA2;
outbuf.length = 3;
- retval = krb5_mk_priv(&outbuf,
+ retval = krb5_mk_priv(context, &outbuf,
ETYPE_DES_CBC_CRC,
client_creds->enc_part2->session,
&client_server_info.server_addr,
@@ -82,7 +83,7 @@ int *otype;
}
/* Send Acknowledgement Reply to Client */
- if (retval = krb5_write_message(&client_server_info.client_socket,
+ if (retval = krb5_write_message(context, &client_server_info.client_socket,
&msg_data)){
free(msg_data.data);
syslog(LOG_ERR,
@@ -93,13 +94,13 @@ int *otype;
free(msg_data.data);
/* Read Username */
- if (krb5_read_message(&client_server_info.client_socket, &inbuf)){
+ if (krb5_read_message(context, &client_server_info.client_socket, &inbuf)){
syslog(LOG_ERR | LOG_INFO, "Error Performing Username Read");
return(5); /* Protocol Failure */
}
/* Decrypt Client Response */
- if ((retval = krb5_rd_priv(&inbuf,
+ if ((retval = krb5_rd_priv(context, &inbuf,
client_creds->enc_part2->session,
&client_server_info.client_addr,
&client_server_info.server_addr,
@@ -168,7 +169,7 @@ int *otype;
}
*otype = 1;
salttype = KRB5_KDB_SALTTYPE_NORMAL;
- retval = adm_add_new_key("adm5_kadmin", customer_name,
+ retval = adm_add_new_key(context, "adm5_kadmin", customer_name,
client_creds, salttype);
goto process_retval;
@@ -181,7 +182,7 @@ int *otype;
}
*otype = 2;
salttype = KRB5_KDB_SALTTYPE_NORMAL;
- retval = adm_change_pwd("adm5_kadmin", customer_name,
+ retval = adm_change_pwd(context, "adm5_kadmin", customer_name,
client_creds, salttype);
goto process_retval;
@@ -193,8 +194,8 @@ int *otype;
goto process_retval;
}
*otype = 3;
- retval = adm_add_new_key_rnd("adm5_kadmin", customer_name,
- client_creds);
+ retval = adm_add_new_key_rnd(context, "adm5_kadmin",
+ customer_name, client_creds);
goto process_retval;
case CHROPER:
@@ -205,8 +206,8 @@ int *otype;
goto process_retval;
}
*otype = 4;
- retval = adm_change_pwd_rnd("adm5_kadmin", customer_name,
- client_creds);
+ retval = adm_change_pwd_rnd(context, "adm5_kadmin",
+ customer_name, client_creds);
goto process_retval;
case DELOPER:
@@ -217,7 +218,7 @@ int *otype;
goto process_retval;
}
*otype = 5;
- retval = adm_del_old_key("adm5_kadmin", customer_name);
+ retval = adm_del_old_key(context, "adm5_kadmin", customer_name);
goto process_retval;
case MODOPER:
@@ -228,7 +229,7 @@ int *otype;
goto process_retval;
}
*otype = 6;
- retval = adm_mod_old_key("adm5_kadmin", customer_name,
+ retval = adm_mod_old_key(context, "adm5_kadmin", customer_name,
client_creds);
goto process_retval;
@@ -240,7 +241,7 @@ int *otype;
goto process_retval;
}
*otype = 7;
- retval = adm_inq_old_key("adm5_kadmin", customer_name,
+ retval = adm_inq_old_key(context, "adm5_kadmin", customer_name,
client_creds);
goto process_retval;
@@ -253,7 +254,7 @@ int *otype;
}
*otype = 8;
salttype = KRB5_KDB_SALTTYPE_V4;
- retval = adm_add_new_key("adm5_kadmin", customer_name,
+ retval = adm_add_new_key(context, "adm5_kadmin", customer_name,
client_creds, salttype);
goto process_retval;
@@ -266,7 +267,7 @@ int *otype;
}
*otype = 9;
salttype = KRB5_KDB_SALTTYPE_V4;
- retval = adm_change_pwd("adm5_kadmin", customer_name,
+ retval = adm_change_pwd(context, "adm5_kadmin", customer_name,
client_creds, salttype);
goto process_retval;
@@ -336,7 +337,7 @@ send_last:
outbuf.length = strlen(retbuf) + 1;
/* Send Completion Message */
- if (retval = krb5_mk_priv(&outbuf,
+ if (retval = krb5_mk_priv(context, &outbuf,
ETYPE_DES_CBC_CRC,
client_creds->enc_part2->session,
&client_server_info.server_addr,
@@ -351,7 +352,7 @@ send_last:
}
/* Send Final Reply to Client */
- if (retval = krb5_write_message(&client_server_info.client_socket,
+ if (retval = krb5_write_message(context, &client_server_info.client_socket,
&msg_data)){
free(msg_data.data);
syslog(LOG_ERR, "adm5_kadmin - Error Performing Final Write: %s",
diff --git a/src/kadmin/server/adm_kpasswd.c b/src/kadmin/server/adm_kpasswd.c
index 660d3efe6..ce7b308bf 100644
--- a/src/kadmin/server/adm_kpasswd.c
+++ b/src/kadmin/server/adm_kpasswd.c
@@ -46,12 +46,13 @@ struct cpw_keyproc_arg {
};
krb5_error_code
-adm5_kpasswd(prog, request_type, client_creds, retbuf, otype)
-char *prog;
-kadmin_requests *request_type;
-krb5_ticket *client_creds;
-char *retbuf;
-int *otype;
+adm5_kpasswd(context, prog, request_type, client_creds, retbuf, otype)
+ krb5_context context;
+ char *prog;
+ kadmin_requests *request_type;
+ krb5_ticket *client_creds;
+ char *retbuf;
+ int *otype;
{
char completion_msg[520];
krb5_error_code retval;
@@ -61,7 +62,7 @@ int *otype;
*otype = 3;
syslog(LOG_AUTH | LOG_INFO,
"adm_kpasswd: kpasswd change received");
- retval = adm5_change("adm5_kpasswd",
+ retval = adm5_change(context, "adm5_kpasswd",
client_server_info.client,
client_creds);
diff --git a/src/kadmin/server/adm_listen.c b/src/kadmin/server/adm_listen.c
index f0b224bfa..803a64fc2 100644
--- a/src/kadmin/server/adm_listen.c
+++ b/src/kadmin/server/adm_listen.c
@@ -99,11 +99,12 @@ kill_children()
}
#endif /* HAVE_SIGSET */
-/*
-adm5_listen_and_process - listen on the admin servers port for a request
-*/
-adm5_listen_and_process(prog)
-const char *prog;
+/* adm5_listen_and_process - listen on the admin servers port for a request */
+
+int
+adm5_listen_and_process(context, prog)
+ krb5_context context;
+ const char *prog;
{
extern int errno;
int found;
@@ -155,16 +156,16 @@ const char *prog;
}
if (adm_debug_flag) {
- retval = process_client("adm5_listen_and_process");
+ retval = process_client(context, "adm5_listen_and_process");
exit(retval);
}
/* if you want a sep daemon for each server */
- if (!(pid = fork())) {
+ if (!(pid = fork())) {
/* child */
(void) close(client_server_info.server_socket);
- retval = process_client("adm5_listen_and_process");
+ retval = process_client(context, "adm5_listen_and_process");
exit(retval);
} else {
/* parent */
diff --git a/src/kadmin/server/adm_nego.c b/src/kadmin/server/adm_nego.c
index e763cec6c..a6edff3f2 100644
--- a/src/kadmin/server/adm_nego.c
+++ b/src/kadmin/server/adm_nego.c
@@ -49,13 +49,11 @@
#include "adm_extern.h"
krb5_error_code
-adm_negotiate_key(DECLARG(char const *, prog),
- DECLARG(krb5_ticket *, client_creds),
- DECLARG(char *, new_passwd))
-OLDDECLARG(char const *, prog)
-OLDDECLARG(krb5_ticket *, client_creds)
-OLDDECLARG(char *, new_passwd)
-
+adm_negotiate_key(context, prog, client_creds, new_passwd)
+ krb5_context context;
+ char const * prog;
+ krb5_ticket * client_creds;
+ char * new_passwd;
{
krb5_data msg_data, inbuf;
krb5_error_code retval;
@@ -229,7 +227,7 @@ OLDDECLARG(char *, new_passwd)
free_phrases();
/* Encrypt Password/Phrases Encoding */
- retval = krb5_mk_priv(encoded_pw_string,
+ retval = krb5_mk_priv(context, encoded_pw_string,
ETYPE_DES_CBC_CRC,
client_creds->enc_part2->session,
&client_server_info.server_addr,
@@ -249,7 +247,7 @@ OLDDECLARG(char *, new_passwd)
}
/* Send Encrypted/Encoded Passwords and Phrases to Client */
- if (krb5_write_message(&client_server_info.client_socket, &msg_data)){
+ if (krb5_write_message(context, &client_server_info.client_socket, &msg_data)){
free(msg_data.data);
free_passwds();
free_pwd_and_phrase_structures();
@@ -262,7 +260,7 @@ OLDDECLARG(char *, new_passwd)
#endif /* MACH_PASS - Machine-gen. passwords */
/* Read Client Response */
- if (krb5_read_message(&client_server_info.client_socket, &inbuf)){
+ if (krb5_read_message(context, &client_server_info.client_socket, &inbuf)){
#if defined(MACH_PASS) || defined(SANDIA)
free_passwds();
free_pwd_and_phrase_structures();
@@ -274,7 +272,7 @@ OLDDECLARG(char *, new_passwd)
}
/* Decrypt Client Response */
- if ((retval = krb5_rd_priv(&inbuf,
+ if ((retval = krb5_rd_priv(context, &inbuf,
client_creds->enc_part2->session,
&client_server_info.client_addr,
&client_server_info.server_addr,
diff --git a/src/kadmin/server/adm_network.c b/src/kadmin/server/adm_network.c
index 0deec9f7e..6d31f8b09 100644
--- a/src/kadmin/server/adm_network.c
+++ b/src/kadmin/server/adm_network.c
@@ -124,8 +124,9 @@ do_child()
}
krb5_error_code
-setup_network(prog)
-const char *prog;
+setup_network(context, prog)
+ krb5_context context;
+ const char *prog;
{
krb5_error_code retval;
char server_host_name[MAXHOSTNAMELEN];
@@ -150,7 +151,7 @@ const char *prog;
}
- if (retval = krb5_get_default_realm(&lrealm)) {
+ if (retval = krb5_get_default_realm(context, &lrealm)) {
free(client_server_info.name_of_service);
com_err( "setup_network", 0,
"adm_network: Unable to get Default Realm");
@@ -166,7 +167,7 @@ const char *prog;
client_server_info.name_of_service);
#endif /* DEBUG */
- if ((retval = krb5_parse_name(client_server_info.name_of_service,
+ if ((retval = krb5_parse_name(context, client_server_info.name_of_service,
&client_server_info.server))) {
free(client_server_info.name_of_service);
com_err( "setup_network", retval,
@@ -176,7 +177,7 @@ const char *prog;
if (gethostname(server_host_name, sizeof(server_host_name))) {
retval = errno;
- krb5_free_principal(client_server_info.server);
+ krb5_free_principal(context, client_server_info.server);
free(client_server_info.name_of_service);
com_err( "setup_network", retval,
"adm_network: Unable to Identify Who I am");
@@ -214,7 +215,7 @@ const char *prog;
service_servent = getservbyname(adm5_tcp_portname, "tcp");
if (!service_servent) {
- krb5_free_principal(client_server_info.server);
+ krb5_free_principal(context, client_server_info.server);
free(client_server_info.name_of_service);
com_err("setup_network", 0, "adm_network: %s/tcp service unknown",
adm5_tcp_portname);
@@ -230,7 +231,7 @@ const char *prog;
if ((client_server_info.server_socket =
socket(AF_INET, SOCK_STREAM, 0)) < 0) {
retval = errno;
- krb5_free_principal(client_server_info.server);
+ krb5_free_principal(context, client_server_info.server);
free(client_server_info.name_of_service);
com_err("setup_network", retval,
"adm_network: Cannot create server socket.");
@@ -252,7 +253,7 @@ const char *prog;
&client_server_info.server_name,
sizeof(client_server_info.server_name)) < 0) {
retval = errno;
- krb5_free_principal(client_server_info.server);
+ krb5_free_principal(context, client_server_info.server);
free(client_server_info.name_of_service);
com_err("setup_network", retval,
"adm_network: Cannot bind server socket.");
diff --git a/src/kadmin/server/adm_process.c b/src/kadmin/server/adm_process.c
index 7f0c8e4a6..f92cbc6d9 100644
--- a/src/kadmin/server/adm_process.c
+++ b/src/kadmin/server/adm_process.c
@@ -45,17 +45,13 @@ struct cpw_keyproc_arg {
krb5_keyblock *key;
};
-#include <krb5/widen.h>
-static krb5_error_code
-cpw_keyproc(DECLARG(krb5_pointer, keyprocarg),
- DECLARG(krb5_principal, server),
- DECLARG(krb5_kvno, key_vno),
- DECLARG(krb5_keyblock **, key))
-OLDDECLARG(krb5_pointer, keyprocarg)
-OLDDECLARG(krb5_principal, server)
-OLDDECLARG(krb5_kvno, key_vno)
-OLDDECLARG(krb5_keyblock **, key)
-#include <krb5/narrow.h>
+krb5_error_code
+cpw_keyproc(context, keyprocarg, server, key_vno, key)
+ krb5_context context;
+ krb5_pointer keyprocarg;
+ krb5_principal server;
+ krb5_kvno key_vno;
+ krb5_keyblock ** key;
{
krb5_error_code retval;
krb5_db_entry cpw_entry;
@@ -71,11 +67,11 @@ OLDDECLARG(krb5_keyblock **, key)
arg = ( struct cpw_keyproc_arg *) keyprocarg;
if (arg->key) {
- retval = krb5_copy_keyblock(arg->key, key);
+ retval = krb5_copy_keyblock(context, arg->key, key);
if (retval)
return retval;
} else {
- if (retval = krb5_parse_name(client_server_info.name_of_service,
+ if (retval = krb5_parse_name(context, client_server_info.name_of_service,
&cpw_krb)) {
syslog(LOG_ERR,
"cpw_keyproc %d while attempting to parse \"%s\"",
@@ -83,7 +79,7 @@ OLDDECLARG(krb5_keyblock **, key)
return(retval);
}
- if (retval = krb5_db_get_principal(cpw_krb, &cpw_entry,
+ if (retval = krb5_db_get_principal(context, cpw_krb, &cpw_entry,
&nprincs, &more)) {
syslog(LOG_ERR,
"cpw_keyproc %d while extracting %s entry",
@@ -95,18 +91,18 @@ OLDDECLARG(krb5_keyblock **, key)
if ((realkey = (krb5_keyblock *) calloc (1,
sizeof(krb5_keyblock))) == (krb5_keyblock * ) 0) {
- krb5_db_free_principal(&cpw_entry, nprincs);
+ krb5_db_free_principal(context, &cpw_entry, nprincs);
syslog(LOG_ERR, "cpw_keyproc: No Memory for server key");
close(client_server_info.client_socket);
return(ENOMEM);
}
/* Extract the real kadmin/<realm> keyblock */
- if (retval = krb5_kdb_decrypt_key(
+ if (retval = krb5_kdb_decrypt_key(context,
&master_encblock,
&cpw_entry.key,
realkey)) {
- krb5_db_free_principal(&cpw_entry, nprincs);
+ krb5_db_free_principal(context, &cpw_entry, nprincs);
free(realkey);
syslog(LOG_ERR,
"cpw_keyproc: Cannot extract %s from master key",
@@ -121,8 +117,9 @@ OLDDECLARG(krb5_keyblock **, key)
}
krb5_error_code
-process_client(prog)
-char *prog;
+process_client(context, prog)
+ krb5_context context;
+ char *prog;
{
krb5_error_code retval;
@@ -161,7 +158,7 @@ char *prog;
/* V4 kpasswd Protocol Hack */
/* Read Length of Data */
- retval = krb5_net_read(client_server_info.client_socket,
+ retval = krb5_net_read(context, client_server_info.client_socket,
(char *) &data_len, 2);
if (retval < 0) {
syslog(LOG_ERR, "kadmind error: net_read Length Failure");
@@ -169,7 +166,7 @@ char *prog;
exit(0);
}
- if (retval = krb5_db_init()) { /* Open as client */
+ if (retval = krb5_db_init(context)) { /* Open as client */
syslog(LOG_ERR, "adm_process: Can't Open Database");
close(client_server_info.client_socket);
exit(0);
@@ -179,7 +176,7 @@ char *prog;
* Messages Note: Here client is the kadmin/<realm> server
*/
number_of_entries = 1;
- if ((retval = krb5_db_get_principal(client_server_info.server,
+ if ((retval = krb5_db_get_principal(context, client_server_info.server,
&server_entry,
&number_of_entries,
&more))) {
@@ -190,13 +187,13 @@ char *prog;
}
if (more) {
- krb5_db_free_principal(&server_entry, number_of_entries);
+ krb5_db_free_principal(context, &server_entry, number_of_entries);
syslog(LOG_ERR, "kadmind error: kadmin/<realm> service not unique");
exit(1);
}
if (number_of_entries != 1) {
- krb5_db_free_principal(&server_entry, number_of_entries);
+ krb5_db_free_principal(context, &server_entry, number_of_entries);
syslog(LOG_ERR, "kadmind error: kadmin/<realm> service UNKNOWN");
close(client_server_info.client_socket);
exit(0);
@@ -204,7 +201,7 @@ char *prog;
if ((cpw_key.key = (krb5_keyblock *) calloc (1,
sizeof(krb5_keyblock))) == (krb5_keyblock *) 0) {
- krb5_db_free_principal(&server_entry, number_of_entries);
+ krb5_db_free_principal(context, &server_entry, number_of_entries);
syslog(LOG_ERR,
"kadmind error: No Memory for server key");
close(client_server_info.client_socket);
@@ -212,11 +209,11 @@ char *prog;
}
/* Extract the real kadmin/<realm> keyblock */
- if (retval = krb5_kdb_decrypt_key(
+ if (retval = krb5_kdb_decrypt_key(context,
&master_encblock,
&server_entry.key,
(krb5_keyblock *) cpw_key.key)) {
- krb5_db_free_principal(&server_entry, number_of_entries);
+ krb5_db_free_principal(context, &server_entry, number_of_entries);
free(cpw_key.key);
syslog(LOG_ERR,
"kadmind error: Cannot extract kadmin/<realm> from master key");
@@ -251,13 +248,13 @@ char *prog;
client_server_info.server_addr.contents =
(krb5_octet *) &client_server_info.server_name.sin_addr;
- krb5_init_ets();
+ krb5_init_ets(context);
syslog(LOG_AUTH | LOG_INFO,
"Request for Administrative Service Received from %s - Authenticating.",
inet_ntoa( client_server_info.client_name.sin_addr ));
- if ((retval = krb5_recvauth(
+ if ((retval = krb5_recvauth(context,
(krb5_pointer) &client_server_info.client_socket,
ADM5_CPW_VERSION,
client_server_info.server,
@@ -276,10 +273,10 @@ char *prog;
error_message(retval));
(void) sprintf(retbuf, "kadmind error during recvauth: %s\n",
error_message(retval));
- krb5_free_keyblock(cpw_key.key);
+ krb5_free_keyblock(context, cpw_key.key);
goto finish;
}
- krb5_free_keyblock(cpw_key.key);
+ krb5_free_keyblock(context, cpw_key.key);
/* Check if ticket was issued using password (and not tgt)
* within the last 5 minutes
@@ -291,7 +288,7 @@ char *prog;
exit(0);
}
- if (retval = krb5_timeofday(&adm_time)) {
+ if (retval = krb5_timeofday(context, &adm_time)) {
syslog(LOG_ERR, "Can't get time of day");
close(client_server_info.client_socket);
exit(0);
@@ -312,7 +309,7 @@ char *prog;
exit(0);
}
- if ((retval = krb5_unparse_name(client_server_info.client,
+ if ((retval = krb5_unparse_name(context, client_server_info.client,
&client_server_info.name_of_client))) {
syslog(LOG_ERR, "kadmind error: unparse failed.",
error_message(retval));
@@ -330,7 +327,7 @@ char *prog;
outbuf.length = 2;
/* write back the response */
- if ((retval = krb5_write_message(&client_server_info.client_socket,
+ if ((retval = krb5_write_message(context, &client_server_info.client_socket,
&outbuf))){
syslog(LOG_ERR, "kadmind error: Write Message Failure: %s",
error_message(retval));
@@ -339,7 +336,7 @@ char *prog;
}
/* Ok Now let's get the first private message and respond */
- if (retval = krb5_read_message(&client_server_info.client_socket,
+ if (retval = krb5_read_message(context, &client_server_info.client_socket,
&inbuf)){
syslog(LOG_ERR, "kadmind error: read First Message Failure: %s",
error_message(retval));
@@ -347,7 +344,7 @@ char *prog;
goto finish;
}
- if ((retval = krb5_rd_priv(&inbuf,
+ if ((retval = krb5_rd_priv(context, &inbuf,
client_creds->enc_part2->session,
&client_server_info.client_addr,
&client_server_info.server_addr,
@@ -370,7 +367,7 @@ char *prog;
switch (request_type.appl_code) {
case KPASSWD:
req_type = "kpasswd";
- if (retval = adm5_kpasswd("process_client", &request_type,
+ if (retval = adm5_kpasswd(context, "process_client", &request_type,
client_creds, retbuf, &otype)) {
goto finish;
}
@@ -378,8 +375,9 @@ char *prog;
case KADMIN:
req_type = "kadmin";
- if (retval = adm5_kadmin("process_client", client_auth_data,
- client_creds, retbuf, &otype)) {
+ if (retval = adm5_kadmin(context, "process_client",
+ client_auth_data, client_creds,
+ retbuf, &otype)) {
goto finish;
}
retbuf[0] = KADMIN;
@@ -410,7 +408,7 @@ char *prog;
final_msg.length = strlen(retbuf) + 1;
/* Send Completion Message */
- if (retval = krb5_mk_priv(&final_msg,
+ if (retval = krb5_mk_priv(context, &final_msg,
ETYPE_DES_CBC_CRC,
client_creds->enc_part2->session,
&client_server_info.server_addr,
@@ -425,7 +423,7 @@ char *prog;
}
/* Send Final Reply to Client */
- if (retval = krb5_write_message(&client_server_info.client_socket,
+ if (retval = krb5_write_message(context, &client_server_info.client_socket,
&msg_data)){
free(msg_data.data);
syslog(LOG_ERR, "Error Performing Final Write: %s",
diff --git a/src/kadmin/server/adm_server.c b/src/kadmin/server/adm_server.c
index a5a140f64..1757a0b74 100644
--- a/src/kadmin/server/adm_server.c
+++ b/src/kadmin/server/adm_server.c
@@ -77,30 +77,32 @@ krb5_db_entry master_entry;
krb5_flags NEW_ATTRIBUTES;
-cleanexit(val)
+cleanexit(context, val)
+ krb5_context context;
int val;
{
- (void) krb5_db_fini();
+ (void) krb5_db_fini(context);
exit(val);
}
krb5_error_code
-closedown_db()
+closedown_db(context)
+ krb5_context context;
{
krb5_error_code retval;
/* clean up master key stuff */
- retval = krb5_finish_key(&master_encblock);
+ retval = krb5_finish_key(context, &master_encblock);
memset((char *)&master_encblock, 0, sizeof(master_encblock));
memset((char *)tgs_key.contents, 0, tgs_key.length);
/* close database */
if (retval) {
- (void) krb5_db_fini();
+ (void) krb5_db_fini(context);
return(retval);
} else
- return(krb5_db_fini());
+ return(krb5_db_fini(context));
}
void
@@ -114,9 +116,10 @@ char *name;
}
krb5_error_code
-process_args(argc, argv)
-int argc;
-char **argv;
+process_args(context, argc, argv)
+ krb5_context context;
+ int argc;
+ char **argv;
{
krb5_error_code retval;
int c;
@@ -162,7 +165,7 @@ char **argv;
case 'd':
/* put code to deal with alt database place */
dbm_db_name = optarg;
- if (retval = krb5_dbm_db_set_name(dbm_db_name)) {
+ if (retval = krb5_dbm_db_set_name(context, dbm_db_name)) {
fprintf(stderr, "opening database %s: %s",
dbm_db_name, error_message(retval));
exit(1);
@@ -204,7 +207,7 @@ char **argv;
if (!db_realm) {
/* no realm specified, use default realm */
- if (retval = krb5_get_default_realm(&local_realm)) {
+ if (retval = krb5_get_default_realm(context, &local_realm)) {
com_err(argv[0], retval,
"while attempting to retrieve default realm");
exit(1);
@@ -221,7 +224,7 @@ char **argv;
}
/* assemble & parse the master key name */
- if (retval = krb5_db_setup_mkey_name(mkey_name,
+ if (retval = krb5_db_setup_mkey_name(context, mkey_name,
db_realm,
(char **) 0,
&master_princ)) {
@@ -234,9 +237,9 @@ char **argv;
"while setting up etype %d", kdc_etype);
exit(1);
}
- krb5_use_cstype(&master_encblock, kdc_etype);
+ krb5_use_cstype(context, &master_encblock, kdc_etype);
- if (retval = krb5_db_fetch_mkey(
+ if (retval = krb5_db_fetch_mkey(context,
master_princ,
&master_encblock,
manual,
@@ -265,11 +268,11 @@ char **argv;
}
krb5_error_code
-init_db(dbname, masterkeyname, masterkeyblock)
-char *dbname;
-krb5_principal masterkeyname;
-krb5_keyblock *masterkeyblock;
-
+init_db(context, dbname, masterkeyname, masterkeyblock)
+ krb5_context context;
+ char *dbname;
+ krb5_principal masterkeyname;
+ krb5_keyblock *masterkeyblock;
{
krb5_error_code retval;
@@ -279,14 +282,14 @@ krb5_keyblock *masterkeyblock;
char tgs_name[255];
/* set db name if appropriate */
- if (dbname && (retval = krb5_db_set_name(dbname)))
+ if (dbname && (retval = krb5_db_set_name(context, dbname)))
return(retval);
/* initialize database */
- if (retval = krb5_db_init())
+ if (retval = krb5_db_init(context))
return(retval);
- if (retval = krb5_db_verify_master_key(masterkeyname,
+ if (retval = krb5_db_verify_master_key(context, masterkeyname,
masterkeyblock,
&master_encblock)) {
master_encblock.crypto_entry = 0;
@@ -294,9 +297,9 @@ krb5_keyblock *masterkeyblock;
}
/* do any necessary key pre-processing */
- if (retval = krb5_process_key(&master_encblock, masterkeyblock)) {
+ if (retval = krb5_process_key(context, &master_encblock, masterkeyblock)) {
master_encblock.crypto_entry = 0;
- (void) krb5_db_fini();
+ (void) krb5_db_fini(context);
return(retval);
}
@@ -304,16 +307,16 @@ krb5_keyblock *masterkeyblock;
* fetch the master database entry, and hold on to it.
*/
number_of_entries = 1;
- if (retval = krb5_db_get_principal(masterkeyname, &master_entry,
+ if (retval = krb5_db_get_principal(context, masterkeyname, &master_entry,
&number_of_entries, &more)) {
return(retval);
}
if (number_of_entries != 1) {
if (number_of_entries)
- krb5_db_free_principal(&master_entry, number_of_entries);
+ krb5_db_free_principal(context, &master_entry, number_of_entries);
return(KRB5_KDB_NOMASTERKEY);
} else if (more) {
- krb5_db_free_principal(&master_entry, number_of_entries);
+ krb5_db_free_principal(context, &master_entry, number_of_entries);
return(KRB5KDC_ERR_PRINCIPAL_NOT_UNIQUE);
}
@@ -327,12 +330,12 @@ krb5_keyblock *masterkeyblock;
strcat(tgs_name, masterkeyname->realm.data);
strcat(tgs_name, "@");
strcat(tgs_name, masterkeyname->realm.data);
- krb5_parse_name(tgs_name, &tgs_server);
+ krb5_parse_name(context, tgs_name, &tgs_server);
tgs_server->type = KRB5_NT_SRV_INST;
number_of_entries = 1;
- if (retval = krb5_db_get_principal(
+ if (retval = krb5_db_get_principal(context,
tgs_server,
&server_entry,
&number_of_entries,
@@ -341,16 +344,16 @@ krb5_keyblock *masterkeyblock;
}
if (more) {
- krb5_db_free_principal(&server_entry, number_of_entries);
- (void) krb5_finish_key(&master_encblock);
+ krb5_db_free_principal(context, &server_entry, number_of_entries);
+ (void) krb5_finish_key(context, &master_encblock);
memset((char *)&master_encblock, 0, sizeof(master_encblock));
- (void) krb5_db_fini();
+ (void) krb5_db_fini(context);
return(KRB5KDC_ERR_PRINCIPAL_NOT_UNIQUE);
} else if (number_of_entries != 1) {
- krb5_db_free_principal(&server_entry, number_of_entries);
- (void) krb5_finish_key(&master_encblock);
+ krb5_db_free_principal(context, &server_entry, number_of_entries);
+ (void) krb5_finish_key(context, &master_encblock);
memset((char *)&master_encblock, 0, sizeof(master_encblock));
- (void) krb5_db_fini();
+ (void) krb5_db_fini(context);
return(KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN);
}
@@ -358,16 +361,16 @@ krb5_keyblock *masterkeyblock;
convert server.key into a real key
(it may be encrypted in the database)
*/
- if (retval = KDB_CONVERT_KEY_OUTOF_DB(&server_entry.key, &tgs_key)) {
- krb5_db_free_principal(&server_entry, number_of_entries);
- (void) krb5_finish_key(&master_encblock);
+ if (retval = KDB_CONVERT_KEY_OUTOF_DB(context,&server_entry.key,&tgs_key)) {
+ krb5_db_free_principal(context, &server_entry, number_of_entries);
+ (void) krb5_finish_key(context, &master_encblock);
memset((char *)&master_encblock, 0, sizeof(master_encblock));
- (void) krb5_db_fini();
+ (void) krb5_db_fini(context);
return(retval);
}
tgs_kvno = server_entry.kvno;
- krb5_db_free_principal(&server_entry, number_of_entries);
+ krb5_db_free_principal(context, &server_entry, number_of_entries);
return(0);
}
@@ -441,9 +444,10 @@ kdc_com_err_proc(whoami, code, format, pvar)
}
void
-setup_com_err()
+setup_com_err(context)
+ krb5_context context;
{
- krb5_init_ets();
+ krb5_init_ets(context);
(void) set_com_err_hook(kdc_com_err_proc);
return;
@@ -457,6 +461,7 @@ main(argc, argv) /* adm_server main routine */
int argc;
char **argv;
{
+ krb5_context context;
krb5_error_code retval;
int errout = 0;
@@ -466,7 +471,8 @@ char **argv;
if (strrchr(argv[0], '/'))
argv[0] = (char *)strrchr(argv[0], '/') + 1;
- setup_com_err();
+ krb5_init_context(&context);
+ setup_com_err(context);
/* Use Syslog for Messages */
#ifndef LOG_AUTH /* 4.2 syslog */
@@ -476,38 +482,36 @@ char **argv;
openlog(argv[0], LOG_AUTH|LOG_CONS|LOG_NDELAY|LOG_PID, LOG_LOCAL6);
#endif /* LOG_AUTH */
- process_args(argc, argv); /* includes reading master key */
+ process_args(context, argc, argv); /* includes reading master key */
setup_signal_handlers();
- if (retval = init_db(dbm_db_name,
- master_princ,
- &master_keyblock)) {
+ if (retval = init_db(context, dbm_db_name, master_princ,&master_keyblock)) {
com_err(argv[0], retval, "while initializing database");
exit(1);
}
- if (retval = setup_network(argv[0])) {
+ if (retval = setup_network(context, argv[0])) {
exit(1);
}
syslog(LOG_AUTH | LOG_INFO, "Admin Server Commencing Operation");
- if (retval = adm5_listen_and_process(argv[0])){
- krb5_free_principal(client_server_info.server);
+ if (retval = adm5_listen_and_process(context, argv[0])){
+ krb5_free_principal(context, client_server_info.server);
com_err(argv[0], retval, "while processing network requests");
errout++;
}
free(client_server_info.name_of_service);
- krb5_free_principal(client_server_info.server);
+ krb5_free_principal(context, client_server_info.server);
if (errout = closedown_network(argv[0])) {
com_err(argv[0], retval, "while shutting down network");
retval = retval + errout;
}
- if (errout = closedown_db()) {
+ if (errout = closedown_db(context)) {
com_err(argv[0], retval, "while closing database");
retval = retval + errout;
}
diff --git a/src/kadmin/server/adm_v4_pwd.c b/src/kadmin/server/adm_v4_pwd.c
index 65ccefe5c..09fb66cff 100644
--- a/src/kadmin/server/adm_v4_pwd.c
+++ b/src/kadmin/server/adm_v4_pwd.c
@@ -249,13 +249,13 @@ struct cpw_keyproc_arg *cpw_key;
dlen = htons(dlen);
- if (krb5_net_write(client_server_info.client_socket,
+ if (krb5_net_write(context, client_server_info.client_socket,
(char *) &dlen, 2) < 0) {
syslog(LOG_ERR, "process_v4_kpasswd: Error writing dlen to client");
(void) close(client_server_info.client_socket);
}
- if (krb5_net_write(client_server_info.client_socket,
+ if (krb5_net_write(context, client_server_info.client_socket,
(char *) *dat, *dat_len) < 0) {
syslog(LOG_ERR, "writing to client: %s",error_message(errno));
(void) close(client_server_info.client_socket);
@@ -268,9 +268,10 @@ struct cpw_keyproc_arg *cpw_key;
}
krb5_kvno
-princ_exists(principal, entry)
-krb5_principal principal;
-krb5_db_entry *entry;
+princ_exists(context, principal, entry)
+ krb5_context context;
+ krb5_principal principal;
+ krb5_db_entry *entry;
{
int nprincs = 1;
krb5_boolean more;
@@ -278,7 +279,8 @@ krb5_db_entry *entry;
krb5_kvno vno;
nprincs = 1;
- if (retval = krb5_db_get_principal(principal, entry, &nprincs, &more)) {
+ if (retval = krb5_db_get_principal(context, principal, entry,
+ &nprincs, &more)) {
return 0;
}
@@ -343,7 +345,7 @@ int *outlen;
/* Zero Next Output Entry */
memset((char *) &entry, 0, sizeof(entry));
- if (retval = krb5_parse_name(v5_principal, &entry.principal)) {
+ if (retval = krb5_parse_name(context, v5_principal, &entry.principal)) {
syslog(LOG_ERR, "adm_v4_cpw - Error parsing %s",
v5_principal);
return(1);
@@ -374,7 +376,7 @@ int *outlen;
memcpy(v5_keyblock->contents, v4_clear_key, 8);
- if (retval = krb5_kdb_encrypt_key(&master_encblock,
+ if (retval = krb5_kdb_encrypt_key(context, &master_encblock,
v5_keyblock,
&entry.key)) {
syslog(LOG_ERR,
@@ -389,7 +391,7 @@ int *outlen;
#ifdef SANDIA
entry.attributes &= ~KRB5_KDB_REQUIRES_PWCHANGE;
#endif
- if (retval = krb5_timeofday(&entry.mod_date)) {
+ if (retval = krb5_timeofday(context, &entry.mod_date)) {
syslog(LOG_ERR, "adm_v4_cpw - Error while fetching date");
return(1);
}
@@ -399,7 +401,7 @@ int *outlen;
entry.mod_name = entry.principal; /* Should be Person who did Action */
/* Write the Modified Principal to the V5 Database */
- if (retval = krb5_db_put_principal(&entry, &one)) {
+ if (retval = krb5_db_put_principal(context, &entry, &one)) {
syslog(LOG_ERR,
"adm_v4_cpw - Error %d while Entering Principal for '%s'",
retval, v5_principal);
generated by cgit (git 2.34.1) at 2026-02-13 05:31:18 +0000