summaryrefslogtreecommitdiffstats
path: root/src/kadmin/server
diff options
context:
space:
mode:
authorKen Raeburn <raeburn@mit.edu>2005-06-21 01:36:03 +0000
committerKen Raeburn <raeburn@mit.edu>2005-06-21 01:36:03 +0000
commitf72c3ffaca4600d4e75282857ce4dda11106d5e7 (patch)
tree89df6e717f00e1687994fc089fd6df9ff8a5c21c /src/kadmin/server
parentf4aaa29ac68e3dd5a2ae326cd54918c7250558e9 (diff)
downloadkrb5-f72c3ffaca4600d4e75282857ce4dda11106d5e7.tar.gz
krb5-f72c3ffaca4600d4e75282857ce4dda11106d5e7.tar.xz
krb5-f72c3ffaca4600d4e75282857ce4dda11106d5e7.zip
Novell Database Abstraction Layer merge.
Will probably break things. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17258 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/kadmin/server')
-rw-r--r--src/kadmin/server/ChangeLog8
-rw-r--r--src/kadmin/server/Makefile.in3
-rw-r--r--src/kadmin/server/misc.c6
-rw-r--r--src/kadmin/server/ovsec_kadmd.c75
-rw-r--r--src/kadmin/server/server_stubs.c637
5 files changed, 600 insertions, 129 deletions
diff --git a/src/kadmin/server/ChangeLog b/src/kadmin/server/ChangeLog
index 24694c31c..12c9bce4c 100644
--- a/src/kadmin/server/ChangeLog
+++ b/src/kadmin/server/ChangeLog
@@ -1,3 +1,11 @@
+2005-06-20 Ken Raeburn <raeburn@mit.edu>
+
+ Novell merge.
+ * Makefile.in:
+ * misc.c:
+ * ovsec_kadmd.c:
+ * server_stubs.c:
+
2005-04-13 Ken Raeburn <raeburn@mit.edu>
* schpw.c (NEED_SOCKETS): Don't define.
diff --git a/src/kadmin/server/Makefile.in b/src/kadmin/server/Makefile.in
index 17406e77a..74a8e1bb3 100644
--- a/src/kadmin/server/Makefile.in
+++ b/src/kadmin/server/Makefile.in
@@ -2,6 +2,7 @@ thisconfigdir=./..
myfulldir=kadmin/server
mydir=server
BUILDTOP=$(REL)..$(S)..
+KDB_DEP_LIB=-ldl -lpthread
LOCALINCLUDES = -I$(SRCTOP)/lib/gssapi/generic -I$(SRCTOP)/lib/gssapi/krb5 \
-I$(BUILDTOP)/lib/gssapi/generic -I$(BUILDTOP)/lib/gssapi/krb5
@@ -15,7 +16,7 @@ OBJS = kadm_rpc_svc.o server_stubs.o ovsec_kadmd.o schpw.o misc.o server_glue_v1
all:: $(PROG)
$(PROG): $(OBJS) $(KADMSRV_DEPLIBS) $(KRB5_BASE_DEPLIBS) $(APPUTILS_DEPLIB)
- $(CC_LINK) -o $(PROG) $(OBJS) $(KADMSRV_LIBS) $(KRB5_BASE_LIBS) $(APPUTILS_LIB)
+ $(CC_LINK) -o $(PROG) $(OBJS) $(KADMSRV_LIBS) $(KDB_DEP_LIB) $(KRB5_BASE_LIBS) $(APPUTILS_LIB)
install::
$(INSTALL_PROGRAM) $(PROG) ${DESTDIR}$(SERVER_BINDIR)/$(PROG)
diff --git a/src/kadmin/server/misc.c b/src/kadmin/server/misc.c
index f2afd23af..fb9c3a541 100644
--- a/src/kadmin/server/misc.c
+++ b/src/kadmin/server/misc.c
@@ -3,9 +3,9 @@
*
*/
-#include <kadm5/adb.h>
-#include <kadm5/server_internal.h>
+#include <k5-int.h>
#include <krb5/kdb.h>
+#include <kadm5/server_internal.h>
#include "misc.h"
/*
@@ -125,7 +125,7 @@ check_min_life(void *server_handle, krb5_principal principal)
ret = kadm5_get_principal(handle->lhandle, principal,
&princ, KADM5_PRINCIPAL_NORMAL_MASK);
- if(ret != OSA_ADB_OK)
+ if(ret)
return ret;
if(princ.aux_attributes & KADM5_POLICY) {
if((ret=kadm5_get_policy(handle->lhandle,
diff --git a/src/kadmin/server/ovsec_kadmd.c b/src/kadmin/server/ovsec_kadmd.c
index 8709198d6..31cc25223 100644
--- a/src/kadmin/server/ovsec_kadmd.c
+++ b/src/kadmin/server/ovsec_kadmd.c
@@ -41,6 +41,7 @@
#include <unistd.h>
#include <netinet/in.h>
#include <arpa/inet.h> /* inet_ntoa */
+#include <netdb.h>
#include <gssrpc/rpc.h>
#include <gssapi/gssapi.h>
#include "gssapiP_krb5.h" /* for kg_get_context */
@@ -130,11 +131,14 @@ void kadm5_set_use_password_server (void);
static void usage()
{
- fprintf(stderr, "Usage: kadmind [-r realm] [-m] [-nofork] "
+ fprintf(stderr, "Usage: kadmind [-x db_args]* [-r realm] [-m] [-nofork] "
#ifdef USE_PASSWORD_SERVER
"[-passwordserver] "
#endif
- "[-port port-number]\n");
+ "[-port port-number]\n"
+ "\nwhere,\n\t[-x db_args]* - any number of database specific arguments.\n"
+ "\t\t\tLook at each database documentation for supported arguments\n"
+ );
exit(1);
}
@@ -210,6 +214,8 @@ int main(int argc, char *argv[])
gss_buffer_desc gssbuf;
gss_OID nt_krb5_name_oid;
kadm5_config_params params;
+ char **db_args = NULL;
+ int db_args_size = 0;
setvbuf(stderr, NULL, _IONBF, 0);
@@ -238,7 +244,24 @@ int main(int argc, char *argv[])
argc--; argv++;
while (argc) {
- if (strcmp(*argv, "-r") == 0) {
+ if (strcmp(*argv, "-x") == 0) {
+ argc--; argv++;
+ if (!argc)
+ usage();
+ db_args_size++;
+ {
+ char **temp = realloc( db_args, sizeof(char*) * (db_args_size+1)); /* one for NULL */
+ if( temp == NULL )
+ {
+ fprintf(stderr,"%s: cannot initialize. Not enough memory\n",
+ whoami);
+ exit(1);
+ }
+ db_args = temp;
+ }
+ db_args[db_args_size-1] = *argv;
+ db_args[db_args_size] = NULL;
+ }else if (strcmp(*argv, "-r") == 0) {
argc--; argv++;
if (!argc)
usage();
@@ -290,22 +313,30 @@ int main(int argc, char *argv[])
NULL, &params,
KADM5_STRUCT_VERSION,
KADM5_API_VERSION_2,
+ db_args,
&global_server_handle)) !=
KADM5_OK) {
+ const char *e_txt = error_message(ret);
krb5_klog_syslog(LOG_ERR, "%s while initializing, aborting",
- error_message(ret));
+ e_txt);
fprintf(stderr, "%s: %s while initializing, aborting\n",
- whoami, error_message(ret));
+ whoami, e_txt);
krb5_klog_close(context);
exit(1);
}
+
+ if( db_args )
+ {
+ free(db_args), db_args=NULL;
+ }
if ((ret = kadm5_get_config_params(context, NULL, NULL, &params,
&params))) {
+ const char *e_txt = error_message(ret);
krb5_klog_syslog(LOG_ERR, "%s: %s while initializing, aborting",
- whoami, error_message(ret));
+ whoami, e_txt);
fprintf(stderr, "%s: %s while initializing, aborting\n",
- whoami, error_message(ret));
+ whoami, e_txt);
kadm5_destroy(global_server_handle);
krb5_klog_close(context);
exit(1);
@@ -331,21 +362,23 @@ int main(int argc, char *argv[])
addr.sin_port = htons(params.kadmind_port);
if ((s = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
+ const char *e_txt = error_message(errno);
krb5_klog_syslog(LOG_ERR, "Cannot create TCP socket: %s",
- error_message(errno));
+ e_txt);
fprintf(stderr, "Cannot create TCP socket: %s",
- error_message(errno));
+ e_txt);
kadm5_destroy(global_server_handle);
krb5_klog_close(context);
exit(1);
}
if ((schpw = socket(AF_INET, SOCK_DGRAM, 0)) < 0) {
+ const char *e_txt = error_message(errno);
krb5_klog_syslog(LOG_ERR,
"cannot create simple chpw socket: %s",
- error_message(errno));
+ e_txt);
fprintf(stderr, "Cannot create simple chpw socket: %s",
- error_message(errno));
+ e_txt);
kadm5_destroy(global_server_handle);
krb5_klog_close(context);
exit(1);
@@ -369,22 +402,24 @@ int main(int argc, char *argv[])
SO_REUSEADDR,
(char *) &allowed,
sizeof(allowed)) < 0) {
+ const char *e_txt = error_message(errno);
krb5_klog_syslog(LOG_ERR, "Cannot set SO_REUSEADDR: %s",
- error_message(errno));
+ e_txt);
fprintf(stderr, "Cannot set SO_REUSEADDR: %s",
- error_message(errno));
+ e_txt);
kadm5_destroy(global_server_handle);
krb5_klog_close(context);
exit(1);
}
if (setsockopt(schpw, SOL_SOCKET, SO_REUSEADDR,
(char *) &allowed, sizeof(allowed)) < 0) {
+ const char *e_txt = error_message(errno);
krb5_klog_syslog(LOG_ERR, "main",
"cannot set SO_REUSEADDR on simple chpw socket: %s",
- error_message(errno));
+ e_txt);
fprintf(stderr,
"Cannot set SO_REUSEADDR on simple chpw socket: %s",
- error_message(errno));
+ e_txt);
kadm5_destroy(global_server_handle);
krb5_klog_close(context);
}
@@ -398,11 +433,12 @@ int main(int argc, char *argv[])
if (bind(s, (struct sockaddr *)&addr, sizeof(addr)) < 0) {
int oerrno = errno;
+ const char *e_txt = error_message(errno);
fprintf(stderr, "%s: Cannot bind socket.\n", whoami);
- fprintf(stderr, "bind: %s\n", error_message(oerrno));
+ fprintf(stderr, "bind: %s\n", e_txt);
errno = oerrno;
krb5_klog_syslog(LOG_ERR, "Cannot bind socket: %s",
- error_message(errno));
+ e_txt);
if(oerrno == EADDRINUSE) {
char *w = strrchr(whoami, '/');
if (w) {
@@ -438,12 +474,13 @@ int main(int argc, char *argv[])
if (bind(schpw, (struct sockaddr *)&addr, sizeof(addr)) < 0) {
char portbuf[32];
int oerrno = errno;
+ const char *e_txt = error_message(errno);
fprintf(stderr, "%s: Cannot bind socket.\n", whoami);
- fprintf(stderr, "bind: %s\n", error_message(oerrno));
+ fprintf(stderr, "bind: %s\n", e_txt);
errno = oerrno;
sprintf(portbuf, "%d", ntohs(addr.sin_port));
krb5_klog_syslog(LOG_ERR, "cannot bind simple chpw socket: %s",
- error_message(oerrno));
+ e_txt);
if(oerrno == EADDRINUSE) {
char *w = strrchr(whoami, '/');
if (w) {
diff --git a/src/kadmin/server/server_stubs.c b/src/kadmin/server/server_stubs.c
index 579498fc1..016288773 100644
--- a/src/kadmin/server/server_stubs.c
+++ b/src/kadmin/server/server_stubs.c
@@ -250,22 +250,22 @@ create_principal_1_svc(cprinc_arg *arg, struct svc_req *rqstp)
xdr_free(xdr_generic_ret, &ret);
if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
- return &ret;
+ goto exit_func;
if ((ret.code = check_handle((void *)handle))) {
free_server_handle(handle);
- return &ret;
+ goto exit_func;
}
ret.api_version = handle->api_version;
if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
ret.code = KADM5_FAILURE;
- return &ret;
+ goto exit_func;
}
if (krb5_unparse_name(handle->context, arg->rec.principal, &prime_arg)) {
ret.code = KADM5_BAD_PRINCIPAL;
- return &ret;
+ goto exit_func;
}
if (CHANGEPW_SERVICE(rqstp)
@@ -281,16 +281,37 @@ create_principal_1_svc(cprinc_arg *arg, struct svc_req *rqstp)
ret.code = kadm5_create_principal((void *)handle,
&arg->rec, arg->mask,
arg->passwd);
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_create_principal",
- prime_arg,((ret.code == 0) ? "success" :
- error_message(ret.code)),
+ prime_arg, ret.err_str,
client_name.value, service_name.value,
inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
}
free_server_handle(handle);
free(prime_arg);
gss_release_buffer(&minor_stat, &client_name);
gss_release_buffer(&minor_stat, &service_name);
+
+ exit_func:
+ if( ret.err_str == NULL )
+ {
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
+ }
return &ret;
}
@@ -307,22 +328,22 @@ create_principal3_1_svc(cprinc3_arg *arg, struct svc_req *rqstp)
xdr_free(xdr_generic_ret, &ret);
if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
- return &ret;
+ goto exit_func;
if ((ret.code = check_handle((void *)handle))) {
free_server_handle(handle);
- return &ret;
+ goto exit_func;
}
ret.api_version = handle->api_version;
if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
ret.code = KADM5_FAILURE;
- return &ret;
+ goto exit_func;
}
if (krb5_unparse_name(handle->context, arg->rec.principal, &prime_arg)) {
ret.code = KADM5_BAD_PRINCIPAL;
- return &ret;
+ goto exit_func;
}
if (CHANGEPW_SERVICE(rqstp)
@@ -340,16 +361,36 @@ create_principal3_1_svc(cprinc3_arg *arg, struct svc_req *rqstp)
arg->n_ks_tuple,
arg->ks_tuple,
arg->passwd);
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_create_principal",
- prime_arg,((ret.code == 0) ? "success" :
- error_message(ret.code)),
+ prime_arg, ret.err_str,
client_name.value, service_name.value,
inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
}
free_server_handle(handle);
free(prime_arg);
gss_release_buffer(&minor_stat, &client_name);
gss_release_buffer(&minor_stat, &service_name);
+exit_func:
+ if( ret.err_str == NULL )
+ {
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
+ }
return &ret;
}
@@ -366,22 +407,22 @@ delete_principal_1_svc(dprinc_arg *arg, struct svc_req *rqstp)
xdr_free(xdr_generic_ret, &ret);
if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
- return &ret;
+ goto exit_func;
if ((ret.code = check_handle((void *)handle))) {
free_server_handle(handle);
- return &ret;
+ goto exit_func;
}
ret.api_version = handle->api_version;
if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
ret.code = KADM5_FAILURE;
- return &ret;
+ goto exit_func;
}
if (krb5_unparse_name(handle->context, arg->princ, &prime_arg)) {
ret.code = KADM5_BAD_PRINCIPAL;
- return &ret;
+ goto exit_func;
}
if (CHANGEPW_SERVICE(rqstp)
@@ -393,15 +434,37 @@ delete_principal_1_svc(dprinc_arg *arg, struct svc_req *rqstp)
inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
} else {
ret.code = kadm5_delete_principal((void *)handle, arg->princ);
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_delete_principal", prime_arg,
- ((ret.code == 0) ? "success" : error_message(ret.code)),
+ ret.err_str,
client_name.value, service_name.value,
inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
}
free(prime_arg);
free_server_handle(handle);
gss_release_buffer(&minor_stat, &client_name);
gss_release_buffer(&minor_stat, &service_name);
+ exit_func:
+ if( ret.err_str == NULL )
+ {
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
+ }
+
return &ret;
}
@@ -419,20 +482,20 @@ modify_principal_1_svc(mprinc_arg *arg, struct svc_req *rqstp)
xdr_free(xdr_generic_ret, &ret);
if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
- return &ret;
+ goto exit_func;
if ((ret.code = check_handle((void *)handle))) {
free_server_handle(handle);
- return &ret;
+ goto exit_func;
}
if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
ret.code = KADM5_FAILURE;
- return &ret;
+ goto exit_func;
}
if (krb5_unparse_name(handle->context, arg->rec.principal, &prime_arg)) {
ret.code = KADM5_BAD_PRINCIPAL;
- return &ret;
+ goto exit_func;
}
if (CHANGEPW_SERVICE(rqstp)
@@ -447,16 +510,36 @@ modify_principal_1_svc(mprinc_arg *arg, struct svc_req *rqstp)
} else {
ret.code = kadm5_modify_principal((void *)handle, &arg->rec,
arg->mask);
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_modify_principal",
- prime_arg, ((ret.code == 0) ? "success" :
- error_message(ret.code)),
+ prime_arg, ret.err_str,
client_name.value, service_name.value,
inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
}
free_server_handle(handle);
free(prime_arg);
gss_release_buffer(&minor_stat, &client_name);
gss_release_buffer(&minor_stat, &service_name);
+exit_func:
+ if( ret.err_str == NULL )
+ {
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
+ }
return &ret;
}
@@ -476,21 +559,21 @@ rename_principal_1_svc(rprinc_arg *arg, struct svc_req *rqstp)
xdr_free(xdr_generic_ret, &ret);
if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
- return &ret;
+ goto exit_func;
if ((ret.code = check_handle((void *)handle))) {
free_server_handle(handle);
- return &ret;
+ goto exit_func;
}
if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
ret.code = KADM5_FAILURE;
- return &ret;
+ goto exit_func;
}
if (krb5_unparse_name(handle->context, arg->src, &prime_arg1) ||
krb5_unparse_name(handle->context, arg->dest, &prime_arg2)) {
ret.code = KADM5_BAD_PRINCIPAL;
- return &ret;
+ goto exit_func;
}
sprintf(prime_arg, "%s to %s", prime_arg1, prime_arg2);
@@ -516,17 +599,37 @@ rename_principal_1_svc(rprinc_arg *arg, struct svc_req *rqstp)
} else {
ret.code = kadm5_rename_principal((void *)handle, arg->src,
arg->dest);
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_rename_principal",
- prime_arg, ((ret.code == 0) ? "success" :
- error_message(ret.code)),
+ prime_arg, ret.err_str,
client_name.value, service_name.value,
inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
}
free_server_handle(handle);
free(prime_arg1);
free(prime_arg2);
gss_release_buffer(&minor_stat, &client_name);
gss_release_buffer(&minor_stat, &service_name);
+exit_func:
+ if( ret.err_str == NULL )
+ {
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
+ }
return &ret;
}
@@ -544,11 +647,11 @@ get_principal_1_svc(gprinc_arg *arg, struct svc_req *rqstp)
xdr_free(xdr_gprinc_ret, &ret);
if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
- return &ret;
+ goto exit_func;
if ((ret.code = check_handle((void *)handle))) {
free_server_handle(handle);
- return &ret;
+ goto exit_func;
}
ret.api_version = handle->api_version;
@@ -558,11 +661,11 @@ get_principal_1_svc(gprinc_arg *arg, struct svc_req *rqstp)
if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
ret.code = KADM5_FAILURE;
- return &ret;
+ goto exit_func;
}
if (krb5_unparse_name(handle->context, arg->princ, &prime_arg)) {
ret.code = KADM5_BAD_PRINCIPAL;
- return &ret;
+ goto exit_func;
}
if (! cmp_gss_krb5_name(handle, rqst2name(rqstp), arg->princ) &&
@@ -589,16 +692,37 @@ get_principal_1_svc(gprinc_arg *arg, struct svc_req *rqstp)
arg->mask);
}
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
krb5_klog_syslog(LOG_NOTICE, LOG_DONE, funcname,
prime_arg,
- ((ret.code == 0) ? "success" : error_message(ret.code)),
+ ret.err_str,
client_name.value, service_name.value,
inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
}
free_server_handle(handle);
free(prime_arg);
gss_release_buffer(&minor_stat, &client_name);
gss_release_buffer(&minor_stat, &service_name);
+exit_func:
+ if( ret.err_str == NULL )
+ {
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
+ }
return &ret;
}
@@ -615,18 +739,18 @@ get_princs_1_svc(gprincs_arg *arg, struct svc_req *rqstp)
xdr_free(xdr_gprincs_ret, &ret);
if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
- return &ret;
+ goto exit_func;
if ((ret.code = check_handle((void *)handle))) {
free_server_handle(handle);
- return &ret;
+ goto exit_func;
}
ret.api_version = handle->api_version;
if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
ret.code = KADM5_FAILURE;
- return &ret;
+ goto exit_func;
}
prime_arg = arg->exp;
if (prime_arg == NULL)
@@ -645,15 +769,36 @@ get_princs_1_svc(gprincs_arg *arg, struct svc_req *rqstp)
ret.code = kadm5_get_principals((void *)handle,
arg->exp, &ret.princs,
&ret.count);
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_get_principals",
prime_arg,
- ((ret.code == 0) ? "success" : error_message(ret.code)),
+ ret.err_str,
client_name.value, service_name.value,
inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
}
free_server_handle(handle);
gss_release_buffer(&minor_stat, &client_name);
gss_release_buffer(&minor_stat, &service_name);
+exit_func:
+ if( ret.err_str == NULL )
+ {
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
+ }
return &ret;
}
@@ -670,22 +815,22 @@ chpass_principal_1_svc(chpass_arg *arg, struct svc_req *rqstp)
xdr_free(xdr_generic_ret, &ret);
if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
- return &ret;
+ goto exit_func;
if ((ret.code = check_handle((void *)handle))) {
free_server_handle(handle);
- return &ret;
+ goto exit_func;
}
ret.api_version = handle->api_version;
if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
ret.code = KADM5_FAILURE;
- return &ret;
+ goto exit_func;
}
if (krb5_unparse_name(handle->context, arg->princ, &prime_arg)) {
ret.code = KADM5_BAD_PRINCIPAL;
- return &ret;
+ goto exit_func;
}
if (cmp_gss_krb5_name(handle, rqst2name(rqstp), arg->princ)) {
@@ -704,17 +849,37 @@ chpass_principal_1_svc(chpass_arg *arg, struct svc_req *rqstp)
}
if(ret.code != KADM5_AUTH_CHANGEPW) {
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_chpass_principal",
- prime_arg, ((ret.code == 0) ? "success" :
- error_message(ret.code)),
+ prime_arg, ret.err_str,
client_name.value, service_name.value,
inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
}
free_server_handle(handle);
free(prime_arg);
gss_release_buffer(&minor_stat, &client_name);
gss_release_buffer(&minor_stat, &service_name);
+exit_func:
+ if( ret.err_str == NULL )
+ {
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
+ }
return &ret;
}
@@ -731,22 +896,22 @@ chpass_principal3_1_svc(chpass3_arg *arg, struct svc_req *rqstp)
xdr_free(xdr_generic_ret, &ret);
if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
- return &ret;
+ goto exit_func;
if ((ret.code = check_handle((void *)handle))) {
free_server_handle(handle);
- return &ret;
+ goto exit_func;
}
ret.api_version = handle->api_version;
if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
ret.code = KADM5_FAILURE;
- return &ret;
+ goto exit_func;
}
if (krb5_unparse_name(handle->context, arg->princ, &prime_arg)) {
ret.code = KADM5_BAD_PRINCIPAL;
- return &ret;
+ goto exit_func;
}
if (cmp_gss_krb5_name(handle, rqst2name(rqstp), arg->princ)) {
@@ -771,17 +936,37 @@ chpass_principal3_1_svc(chpass3_arg *arg, struct svc_req *rqstp)
}
if(ret.code != KADM5_AUTH_CHANGEPW) {
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_chpass_principal",
- prime_arg, ((ret.code == 0) ? "success" :
- error_message(ret.code)),
+ prime_arg, ret.err_str,
client_name.value, service_name.value,
inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
}
free_server_handle(handle);
free(prime_arg);
gss_release_buffer(&minor_stat, &client_name);
gss_release_buffer(&minor_stat, &service_name);
+exit_func:
+ if( ret.err_str == NULL )
+ {
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
+ }
return &ret;
}
@@ -798,22 +983,22 @@ setv4key_principal_1_svc(setv4key_arg *arg, struct svc_req *rqstp)
xdr_free(xdr_generic_ret, &ret);
if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
- return &ret;
+ goto exit_func;
if ((ret.code = check_handle((void *)handle))) {
free_server_handle(handle);
- return &ret;
+ goto exit_func;
}
ret.api_version = handle->api_version;
if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
ret.code = KADM5_FAILURE;
- return &ret;
+ goto exit_func;
}
if (krb5_unparse_name(handle->context, arg->princ, &prime_arg)) {
ret.code = KADM5_BAD_PRINCIPAL;
- return &ret;
+ goto exit_func;
}
if (!(CHANGEPW_SERVICE(rqstp)) &&
@@ -829,17 +1014,37 @@ setv4key_principal_1_svc(setv4key_arg *arg, struct svc_req *rqstp)
}
if(ret.code != KADM5_AUTH_SETKEY) {
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_setv4key_principal",
- prime_arg, ((ret.code == 0) ? "success" :
- error_message(ret.code)),
+ prime_arg, ret.err_str,
client_name.value, service_name.value,
inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
}
free_server_handle(handle);
free(prime_arg);
gss_release_buffer(&minor_stat, &client_name);
gss_release_buffer(&minor_stat, &service_name);
+exit_func:
+ if( ret.err_str == NULL )
+ {
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
+ }
return &ret;
}
@@ -856,22 +1061,22 @@ setkey_principal_1_svc(setkey_arg *arg, struct svc_req *rqstp)
xdr_free(xdr_generic_ret, &ret);
if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
- return &ret;
+ goto exit_func;
if ((ret.code = check_handle((void *)handle))) {
free_server_handle(handle);
- return &ret;
+ goto exit_func;
}
ret.api_version = handle->api_version;
if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
ret.code = KADM5_FAILURE;
- return &ret;
+ goto exit_func;
}
if (krb5_unparse_name(handle->context, arg->princ, &prime_arg)) {
ret.code = KADM5_BAD_PRINCIPAL;
- return &ret;
+ goto exit_func;
}
if (!(CHANGEPW_SERVICE(rqstp)) &&
@@ -887,17 +1092,37 @@ setkey_principal_1_svc(setkey_arg *arg, struct svc_req *rqstp)
}
if(ret.code != KADM5_AUTH_SETKEY) {
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_setkey_principal",
- prime_arg, ((ret.code == 0) ? "success" :
- error_message(ret.code)),
+ prime_arg, ret.err_str,
client_name.value, service_name.value,
inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
}
free_server_handle(handle);
free(prime_arg);
gss_release_buffer(&minor_stat, &client_name);
gss_release_buffer(&minor_stat, &service_name);
+exit_func:
+ if( ret.err_str == NULL )
+ {
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
+ }
return &ret;
}
@@ -914,22 +1139,22 @@ setkey_principal3_1_svc(setkey3_arg *arg, struct svc_req *rqstp)
xdr_free(xdr_generic_ret, &ret);
if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
- return &ret;
+ goto exit_func;
if ((ret.code = check_handle((void *)handle))) {
free_server_handle(handle);
- return &ret;
+ goto exit_func;
}
ret.api_version = handle->api_version;
if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
ret.code = KADM5_FAILURE;
- return &ret;
+ goto exit_func;
}
if (krb5_unparse_name(handle->context, arg->princ, &prime_arg)) {
ret.code = KADM5_BAD_PRINCIPAL;
- return &ret;
+ goto exit_func;
}
if (!(CHANGEPW_SERVICE(rqstp)) &&
@@ -948,17 +1173,37 @@ setkey_principal3_1_svc(setkey3_arg *arg, struct svc_req *rqstp)
}
if(ret.code != KADM5_AUTH_SETKEY) {
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_setkey_principal",
- prime_arg, ((ret.code == 0) ? "success" :
- error_message(ret.code)),
+ prime_arg, ret.err_str,
client_name.value, service_name.value,
inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
}
free_server_handle(handle);
free(prime_arg);
gss_release_buffer(&minor_stat, &client_name);
gss_release_buffer(&minor_stat, &service_name);
+exit_func:
+ if( ret.err_str == NULL )
+ {
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
+ }
return &ret;
}
@@ -977,11 +1222,12 @@ chrand_principal_1_svc(chrand_arg *arg, struct svc_req *rqstp)
xdr_free(xdr_chrand_ret, &ret);
if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
- return &ret;
+ goto exit_func;
+
if ((ret.code = check_handle((void *)handle))) {
free_server_handle(handle);
- return &ret;
+ goto exit_func;
}
ret.api_version = handle->api_version;
@@ -992,11 +1238,11 @@ chrand_principal_1_svc(chrand_arg *arg, struct svc_req *rqstp)
if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
ret.code = KADM5_FAILURE;
free_server_handle(handle);
- return &ret;
+ goto exit_func;
}
if (krb5_unparse_name(handle->context, arg->princ, &prime_arg)) {
ret.code = KADM5_BAD_PRINCIPAL;
- return &ret;
+ goto exit_func;
}
if (cmp_gss_krb5_name(handle, rqst2name(rqstp), arg->princ)) {
@@ -1025,16 +1271,36 @@ chrand_principal_1_svc(chrand_arg *arg, struct svc_req *rqstp)
}
if(ret.code != KADM5_AUTH_CHANGEPW) {
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
krb5_klog_syslog(LOG_NOTICE, LOG_DONE, funcname,
- prime_arg, ((ret.code == 0) ? "success" :
- error_message(ret.code)),
+ prime_arg, ret.err_str,
client_name.value, service_name.value,
inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
}
free_server_handle(handle);
free(prime_arg);
gss_release_buffer(&minor_stat, &client_name);
gss_release_buffer(&minor_stat, &service_name);
+exit_func:
+ if( ret.err_str == NULL )
+ {
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
+ }
return &ret;
}
@@ -1053,11 +1319,11 @@ chrand_principal3_1_svc(chrand3_arg *arg, struct svc_req *rqstp)
xdr_free(xdr_chrand_ret, &ret);
if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
- return &ret;
+ goto exit_func;
if ((ret.code = check_handle((void *)handle))) {
free_server_handle(handle);
- return &ret;
+ goto exit_func;
}
ret.api_version = handle->api_version;
@@ -1068,11 +1334,11 @@ chrand_principal3_1_svc(chrand3_arg *arg, struct svc_req *rqstp)
if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
ret.code = KADM5_FAILURE;
free_server_handle(handle);
- return &ret;
+ goto exit_func;
}
if (krb5_unparse_name(handle->context, arg->princ, &prime_arg)) {
ret.code = KADM5_BAD_PRINCIPAL;
- return &ret;
+ goto exit_func;
}
if (cmp_gss_krb5_name(handle, rqst2name(rqstp), arg->princ)) {
@@ -1107,16 +1373,36 @@ chrand_principal3_1_svc(chrand3_arg *arg, struct svc_req *rqstp)
}
if(ret.code != KADM5_AUTH_CHANGEPW) {
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
krb5_klog_syslog(LOG_NOTICE, LOG_DONE, funcname,
- prime_arg, ((ret.code == 0) ? "success" :
- error_message(ret.code)),
+ prime_arg, ret.err_str,
client_name.value, service_name.value,
inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
}
free_server_handle(handle);
free(prime_arg);
gss_release_buffer(&minor_stat, &client_name);
gss_release_buffer(&minor_stat, &service_name);
+exit_func:
+ if( ret.err_str == NULL )
+ {
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
+ }
return &ret;
}
@@ -1133,18 +1419,18 @@ create_policy_1_svc(cpol_arg *arg, struct svc_req *rqstp)
xdr_free(xdr_generic_ret, &ret);
if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
- return &ret;
+ goto exit_func;
if ((ret.code = check_handle((void *)handle))) {
free_server_handle(handle);
- return &ret;
+ goto exit_func;
}
ret.api_version = handle->api_version;
if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
ret.code = KADM5_FAILURE;
- return &ret;
+ goto exit_func;
}
prime_arg = arg->rec.policy;
@@ -1159,15 +1445,36 @@ create_policy_1_svc(cpol_arg *arg, struct svc_req *rqstp)
} else {
ret.code = kadm5_create_policy((void *)handle, &arg->rec,
arg->mask);
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_create_policy",
((prime_arg == NULL) ? "(null)" : prime_arg),
- ((ret.code == 0) ? "success" : error_message(ret.code)),
+ ret.err_str,
client_name.value, service_name.value,
inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
}
free_server_handle(handle);
gss_release_buffer(&minor_stat, &client_name);
gss_release_buffer(&minor_stat, &service_name);
+exit_func:
+ if( ret.err_str == NULL )
+ {
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
+ }
return &ret;
}
@@ -1184,18 +1491,18 @@ delete_policy_1_svc(dpol_arg *arg, struct svc_req *rqstp)
xdr_free(xdr_generic_ret, &ret);
if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
- return &ret;
+ goto exit_func;
if ((ret.code = check_handle((void *)handle))) {
free_server_handle(handle);
- return &ret;
+ goto exit_func;
}
ret.api_version = handle->api_version;
if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
ret.code = KADM5_FAILURE;
- return &ret;
+ goto exit_func;
}
prime_arg = arg->name;
@@ -1208,15 +1515,36 @@ delete_policy_1_svc(dpol_arg *arg, struct svc_req *rqstp)
ret.code = KADM5_AUTH_DELETE;
} else {
ret.code = kadm5_delete_policy((void *)handle, arg->name);
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_delete_policy",
((prime_arg == NULL) ? "(null)" : prime_arg),
- ((ret.code == 0) ? "success" : error_message(ret.code)),
+ ret.err_str,
client_name.value, service_name.value,
inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
}
free_server_handle(handle);
gss_release_buffer(&minor_stat, &client_name);
gss_release_buffer(&minor_stat, &service_name);
+exit_func:
+ if( ret.err_str == NULL )
+ {
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
+ }
return &ret;
}
@@ -1233,18 +1561,18 @@ modify_policy_1_svc(mpol_arg *arg, struct svc_req *rqstp)
xdr_free(xdr_generic_ret, &ret);
if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
- return &ret;
+ goto exit_func;
if ((ret.code = check_handle((void *)handle))) {
free_server_handle(handle);
- return &ret;
+ goto exit_func;
}
ret.api_version = handle->api_version;
if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
ret.code = KADM5_FAILURE;
- return &ret;
+ goto exit_func;
}
prime_arg = arg->rec.policy;
@@ -1258,15 +1586,36 @@ modify_policy_1_svc(mpol_arg *arg, struct svc_req *rqstp)
} else {
ret.code = kadm5_modify_policy((void *)handle, &arg->rec,
arg->mask);
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_modify_policy",
((prime_arg == NULL) ? "(null)" : prime_arg),
- ((ret.code == 0) ? "success" : error_message(ret.code)),
+ ret.err_str,
client_name.value, service_name.value,
inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
}
free_server_handle(handle);
gss_release_buffer(&minor_stat, &client_name);
gss_release_buffer(&minor_stat, &service_name);
+exit_func:
+ if( ret.err_str == NULL )
+ {
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
+ }
return &ret;
}
@@ -1286,11 +1635,11 @@ get_policy_1_svc(gpol_arg *arg, struct svc_req *rqstp)
xdr_free(xdr_gpol_ret, &ret);
if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
- return &ret;
+ goto exit_func;
if ((ret.code = check_handle((void *)handle))) {
free_server_handle(handle);
- return &ret;
+ goto exit_func;
}
ret.api_version = handle->api_version;
@@ -1300,7 +1649,7 @@ get_policy_1_svc(gpol_arg *arg, struct svc_req *rqstp)
if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
ret.code = KADM5_FAILURE;
- return &ret;
+ goto exit_func;
}
prime_arg = arg->name;
@@ -1337,11 +1686,20 @@ get_policy_1_svc(gpol_arg *arg, struct svc_req *rqstp)
&ret.rec);
}
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
krb5_klog_syslog(LOG_NOTICE, LOG_DONE, funcname,
((prime_arg == NULL) ? "(null)" : prime_arg),
- ((ret.code == 0) ? "success" : error_message(ret.code)),
+ ret.err_str,
client_name.value, service_name.value,
inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
} else {
krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, funcname,
prime_arg, client_name.value, service_name.value,
@@ -1350,6 +1708,18 @@ get_policy_1_svc(gpol_arg *arg, struct svc_req *rqstp)
free_server_handle(handle);
gss_release_buffer(&minor_stat, &client_name);
gss_release_buffer(&minor_stat, &service_name);
+exit_func:
+ if( ret.err_str == NULL )
+ {
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
+ }
return &ret;
}
@@ -1367,18 +1737,18 @@ get_pols_1_svc(gpols_arg *arg, struct svc_req *rqstp)
xdr_free(xdr_gpols_ret, &ret);
if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
- return &ret;
+ goto exit_func;
if ((ret.code = check_handle((void *)handle))) {
free_server_handle(handle);
- return &ret;
+ goto exit_func;
}
ret.api_version = handle->api_version;
if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
ret.code = KADM5_FAILURE;
- return &ret;
+ goto exit_func;
}
prime_arg = arg->exp;
if (prime_arg == NULL)
@@ -1395,15 +1765,36 @@ get_pols_1_svc(gpols_arg *arg, struct svc_req *rqstp)
ret.code = kadm5_get_policies((void *)handle,
arg->exp, &ret.pols,
&ret.count);
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_get_policies",
prime_arg,
- ((ret.code == 0) ? "success" : error_message(ret.code)),
+ ret.err_str,
client_name.value, service_name.value,
inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
}
free_server_handle(handle);
gss_release_buffer(&minor_stat, &client_name);
gss_release_buffer(&minor_stat, &service_name);
+exit_func:
+ if( ret.err_str == NULL )
+ {
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
+ }
return &ret;
}
@@ -1417,29 +1808,51 @@ getprivs_ret * get_privs_1_svc(krb5_ui_4 *arg, struct svc_req *rqstp)
xdr_free(xdr_getprivs_ret, &ret);
if ((ret.code = new_server_handle(*arg, rqstp, &handle)))
- return &ret;
+ goto exit_func;
if ((ret.code = check_handle((void *)handle))) {
free_server_handle(handle);
- return &ret;
+ goto exit_func;
}
ret.api_version = handle->api_version;
if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
ret.code = KADM5_FAILURE;
- return &ret;
+ goto exit_func;
}
ret.code = kadm5_get_privs((void *)handle, &ret.privs);
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_get_privs",
client_name.value,
- ((ret.code == 0) ? "success" : error_message(ret.code)),
+ ret.err_str,
client_name.value, service_name.value,
inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr));
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
+
free_server_handle(handle);
gss_release_buffer(&minor_stat, &client_name);
gss_release_buffer(&minor_stat, &service_name);
+exit_func:
+ if( ret.err_str == NULL )
+ {
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
+ }
return &ret;
}
@@ -1454,7 +1867,7 @@ generic_ret *init_1_svc(krb5_ui_4 *arg, struct svc_req *rqstp)
xdr_free(xdr_generic_ret, &ret);
if ((ret.code = new_server_handle(*arg, rqstp, &handle)))
- return &ret;
+ goto exit_func;
if (! (ret.code = check_handle((void *)handle))) {
ret.api_version = handle->api_version;
}
@@ -1463,7 +1876,7 @@ generic_ret *init_1_svc(krb5_ui_4 *arg, struct svc_req *rqstp)
if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
ret.code = KADM5_FAILURE;
- return &ret;
+ goto exit_func;
}
krb5_klog_syslog(LOG_NOTICE, LOG_DONE ", flavor=%d",
@@ -1477,6 +1890,18 @@ generic_ret *init_1_svc(krb5_ui_4 *arg, struct svc_req *rqstp)
gss_release_buffer(&minor_stat, &client_name);
gss_release_buffer(&minor_stat, &service_name);
+exit_func:
+ if( ret.err_str == NULL )
+ {
+ if( ret.code == 0 )
+ ret.err_str = "success";
+ else
+ ret.err_str = error_message(ret.code);
+
+ /* xdr free frees this string. so make a copy */
+ ret.err_str = strdup( ret.err_str );
+ /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */
+ }
return(&ret);
}
generated by cgit (git 2.34.1) at 2026-01-05 21:42:55 +0000