diff options
| author | Greg Hudson <ghudson@mit.edu> | 2011-09-21 16:29:00 +0000 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2011-09-21 16:29:00 +0000 |
| commit | af105268217bc5d8b93c3c0c66eca087ffb10085 (patch) | |
| tree | 53fccb58581d01e3bd8c0e693b785ff12e4bf1ce /src/kadmin/server | |
| parent | 237e57c297708c8009cf2af4833b78abc4e05bbc (diff) | |
| download | krb5-af105268217bc5d8b93c3c0c66eca087ffb10085.tar.gz krb5-af105268217bc5d8b93c3c0c66eca087ffb10085.tar.xz krb5-af105268217bc5d8b93c3c0c66eca087ffb10085.zip | |
Add kadmin functionality for string attributes
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25215 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/kadmin/server')
| -rw-r--r-- | src/kadmin/server/kadm_rpc_svc.c | 12 | ||||
| -rw-r--r-- | src/kadmin/server/ovsec_kadmd.c | 4 | ||||
| -rw-r--r-- | src/kadmin/server/server_stubs.c | 112 |
3 files changed, 127 insertions, 1 deletions
diff --git a/src/kadmin/server/kadm_rpc_svc.c b/src/kadmin/server/kadm_rpc_svc.c index a9bccf599..a75bdb89d 100644 --- a/src/kadmin/server/kadm_rpc_svc.c +++ b/src/kadmin/server/kadm_rpc_svc.c @@ -213,6 +213,18 @@ void kadm_1(rqstp, transp) local = (char *(*)()) purgekeys_2_svc; break; + case GET_STRINGS: + xdr_argument = xdr_gstrings_arg; + xdr_result = xdr_gstrings_ret; + local = (char *(*)()) get_strings_2_svc; + break; + + case SET_STRING: + xdr_argument = xdr_sstring_arg; + xdr_result = xdr_generic_ret; + local = (char *(*)()) set_string_2_svc; + break; + default: krb5_klog_syslog(LOG_ERR, "Invalid KADM5 procedure number: %s, %d", inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr), diff --git a/src/kadmin/server/ovsec_kadmd.c b/src/kadmin/server/ovsec_kadmd.c index 63d1787cb..f38f209f1 100644 --- a/src/kadmin/server/ovsec_kadmd.c +++ b/src/kadmin/server/ovsec_kadmd.c @@ -746,7 +746,9 @@ void log_badverf(gss_name_t client_name, gss_name_t server_name, {19, "CHPASS_PRINCIPAL3"}, {20, "CHRAND_PRINCIPAL3"}, {21, "SETKEY_PRINCIPAL3"}, - {22, "PURGEKEYS"} + {22, "PURGEKEYS"}, + {23, "GET_STRINGS"}, + {24, "SET_STRING"} }; #define NPROCNAMES (sizeof (proc_names) / sizeof (struct procnames)) OM_uint32 minor; diff --git a/src/kadmin/server/server_stubs.c b/src/kadmin/server/server_stubs.c index 6a2ed7551..8dbe756d6 100644 --- a/src/kadmin/server/server_stubs.c +++ b/src/kadmin/server/server_stubs.c @@ -1604,6 +1604,118 @@ exit_func: return &ret; } +gstrings_ret * +get_strings_2_svc(gstrings_arg *arg, struct svc_req *rqstp) +{ + static gstrings_ret ret; + char *prime_arg; + gss_buffer_desc client_name, + service_name; + OM_uint32 minor_stat; + kadm5_server_handle_t handle; + const char *errmsg = NULL; + + xdr_free(xdr_gstrings_ret, &ret); + + if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle))) + goto exit_func; + + if ((ret.code = check_handle((void *)handle))) + goto exit_func; + + ret.api_version = handle->api_version; + + if (setup_gss_names(rqstp, &client_name, &service_name) < 0) { + ret.code = KADM5_FAILURE; + goto exit_func; + } + if (krb5_unparse_name(handle->context, arg->princ, &prime_arg)) { + ret.code = KADM5_BAD_PRINCIPAL; + goto exit_func; + } + + if (CHANGEPW_SERVICE(rqstp) || !kadm5int_acl_check(handle->context, + rqst2name(rqstp), + ACL_LIST, NULL, NULL)) { + ret.code = KADM5_AUTH_LIST; + log_unauth("kadm5_get_strings", prime_arg, + &client_name, &service_name, rqstp); + } else { + ret.code = kadm5_get_strings((void *)handle, arg->princ, &ret.strings, + &ret.count); + if (ret.code != 0) + errmsg = krb5_get_error_message(handle->context, ret.code); + + log_done("kadm5_get_strings", prime_arg, errmsg, + &client_name, &service_name, rqstp); + + if (errmsg != NULL) + krb5_free_error_message(handle->context, errmsg); + } + free(prime_arg); + gss_release_buffer(&minor_stat, &client_name); + gss_release_buffer(&minor_stat, &service_name); +exit_func: + free_server_handle(handle); + return &ret; +} + +generic_ret * +set_string_2_svc(sstring_arg *arg, struct svc_req *rqstp) +{ + static generic_ret ret; + char *prime_arg; + gss_buffer_desc client_name, + service_name; + OM_uint32 minor_stat; + kadm5_server_handle_t handle; + const char *errmsg = NULL; + + xdr_free(xdr_generic_ret, &ret); + + if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle))) + goto exit_func; + + if ((ret.code = check_handle((void *)handle))) + goto exit_func; + + ret.api_version = handle->api_version; + + if (setup_gss_names(rqstp, &client_name, &service_name) < 0) { + ret.code = KADM5_FAILURE; + goto exit_func; + } + if (krb5_unparse_name(handle->context, arg->princ, &prime_arg)) { + ret.code = KADM5_BAD_PRINCIPAL; + goto exit_func; + } + + if (CHANGEPW_SERVICE(rqstp) || !kadm5int_acl_check(handle->context, + rqst2name(rqstp), + ACL_LIST, NULL, NULL)) { + ret.code = KADM5_AUTH_LIST; + log_unauth("kadm5_mod_strings", prime_arg, + &client_name, &service_name, rqstp); + } else { + ret.code = kadm5_set_string((void *)handle, arg->princ, arg->key, + arg->value); + if (ret.code != 0) + errmsg = krb5_get_error_message(handle->context, ret.code); + + log_done("kadm5_mod_strings", prime_arg, errmsg, + &client_name, &service_name, rqstp); + + if (errmsg != NULL) + krb5_free_error_message(handle->context, errmsg); + } + free(prime_arg); + gss_release_buffer(&minor_stat, &client_name); + gss_release_buffer(&minor_stat, &service_name); +exit_func: + free_server_handle(handle); + return &ret; +} + generic_ret *init_2_svc(krb5_ui_4 *arg, struct svc_req *rqstp) { static generic_ret ret; |