diff options
| author | Chris Provenzano <proven@mit.edu> | 1995-01-13 22:05:49 +0000 |
|---|---|---|
| committer | Chris Provenzano <proven@mit.edu> | 1995-01-13 22:05:49 +0000 |
| commit | 7a3dfafc7c240ec64248269f97f25fed1009e362 (patch) | |
| tree | b31628fd34740ee0f0bd068df615759084eaa6bb /src/kadmin | |
| parent | ef4a40eef2b466b34a015a9419dccee2a9fd5ee4 (diff) | |
| download | krb5-7a3dfafc7c240ec64248269f97f25fed1009e362.tar.gz krb5-7a3dfafc7c240ec64248269f97f25fed1009e362.tar.xz krb5-7a3dfafc7c240ec64248269f97f25fed1009e362.zip | |
Removed all references to DECLARG and OLDDECLARG.
Added krb5_context to all krb5_*() routines.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@4815 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/kadmin')
27 files changed, 849 insertions, 658 deletions
diff --git a/src/kadmin/client/ChangeLog b/src/kadmin/client/ChangeLog index 26466d09b..c3b2e6745 100644 --- a/src/kadmin/client/ChangeLog +++ b/src/kadmin/client/ChangeLog @@ -1,3 +1,7 @@ +Fri Jan 13 15:23:47 1995 Chris Provenzano (proven@mit.edu) + + * Added krb5_context to all krb5_routines + Mon Oct 3 19:12:43 1994 Theodore Y. Ts'o (tytso@dcl) * Makefile.in: Use $(srcdir) to find manual page for make install. diff --git a/src/kadmin/client/kadmin.c b/src/kadmin/client/kadmin.c index b2e43694d..696e62d5a 100644 --- a/src/kadmin/client/kadmin.c +++ b/src/kadmin/client/kadmin.c @@ -52,15 +52,19 @@ int preauth_search_list[] = { -1 }; -krb5_error_code get_first_ticket - PROTOTYPE((krb5_ccache, - krb5_principal)); +static krb5_error_code get_first_ticket + PROTOTYPE((krb5_context, + krb5_ccache, + krb5_principal)); struct sockaddr_in local_sin, remote_sin; krb5_creds my_creds; -void get_def_princ(); +static void get_def_princ + PROTOTYPE((krb5_context, + krb5_principal * )); + void decode_kadmind_reply(); int print_status_message(); @@ -90,6 +94,7 @@ main(argc,argv) kadmin_requests rd_priv_resp; + krb5_context context; krb5_checksum send_cksum; krb5_data msg_data, inbuf; krb5_int32 seqno; @@ -100,7 +105,9 @@ main(argc,argv) int option; int oper_type; - krb5_init_ets(); + krb5_init_context(&context); + krb5_init_ets(context); + client_name = (char *) malloc(755); memset((char *) client_name, 0, sizeof(client_name)); @@ -108,11 +115,11 @@ main(argc,argv) usage(); if (argc == 1) { /* No User Specified */ - get_def_princ(&client); + get_def_princ(context, &client); strcpy(client_name, client->data[0].data); strncat(client_name, "/admin@", 7); strncat(client_name, client->realm.data, client->realm.length); - if (retval = krb5_parse_name(client_name, &client)) { + if (retval = krb5_parse_name(context, client_name, &client)) { fprintf(stderr, "Unable to Parse Client Name!\n"); usage(); } @@ -123,14 +130,14 @@ main(argc,argv) case 'n': if (argc == 3) { strcpy(client_name, argv[2]); - if (retval = krb5_parse_name(client_name, &client)) { + if (retval = krb5_parse_name(context, client_name, &client)) { fprintf(stderr, "Unable to Parse Client Name!\n"); usage(); } } else { - get_def_princ(&client); - if (retval = krb5_unparse_name(client, &client_name)) { + get_def_princ(context, &client); + if (retval = krb5_unparse_name(context, client, &client_name)) { fprintf(stderr, "Unable to unparse Client Name!\n"); usage(); } @@ -153,7 +160,7 @@ main(argc,argv) fprintf(stderr, "root is not a valid Administrator!\n\n"); usage(); } - if (retval = krb5_parse_name(client_name, &client)) { + if (retval = krb5_parse_name(context, client_name, &client)) { fprintf(stderr, "Error Parsing User Specified Name Option!\n"); exit(1); } @@ -163,11 +170,11 @@ main(argc,argv) /* Create credential cache for kadmin */ (void) sprintf(cache_name, "FILE:/tmp/tkt_adm_%d", getpid()); - if ((retval = krb5_cc_resolve(cache_name, &cache))) { + if ((retval = krb5_cc_resolve(context, cache_name, &cache))) { fprintf(stderr, "Unable to Resolve Cache: %s!\n", cache_name); } - if ((retval = krb5_cc_initialize(cache, client))) { + if ((retval = krb5_cc_initialize(context, cache, client))) { fprintf(stderr, "Error initializing cache: %s!\n", cache_name); exit(1); } @@ -176,20 +183,20 @@ main(argc,argv) * Verify User by Obtaining Initial Credentials prior to Initial Link */ - if ((retval = get_first_ticket(cache, client))) { - (void) krb5_cc_destroy(cache); + if ((retval = get_first_ticket(context, cache, client))) { + (void) krb5_cc_destroy(context, cache); exit(1); } /* my_creds has the necessary credentials for further processing: Destroy credential cache for security reasons */ - (void) krb5_cc_destroy(cache); + (void) krb5_cc_destroy(context, cache); requested_realm = (krb5_data *) &client->realm; /* Initiate Link to Server */ - if ((retval = adm5_init_link(requested_realm, &local_socket))) { - (void) krb5_cc_destroy(cache); + if ((retval = adm5_init_link(context, requested_realm, &local_socket))) { + (void) krb5_cc_destroy(context, cache); exit(1); } @@ -205,10 +212,10 @@ main(argc,argv) { int msg_length = 0; - retval = krb5_net_write(local_socket, (char *) &msg_length + 2, 2); + retval = krb5_net_write(context, local_socket, (char *) &msg_length + 2, 2); if (retval < 0) { fprintf(stderr, "krb5_net_write failure!\n"); - (void) krb5_cc_destroy(cache); + (void) krb5_cc_destroy(context, cache); exit(1); } } @@ -223,14 +230,14 @@ main(argc,argv) /* compute checksum, using CRC-32 */ if (!(send_cksum.contents = (krb5_octet *) - malloc(krb5_checksum_size(CKSUMTYPE_CRC32)))) { + malloc(krb5_checksum_size(context, CKSUMTYPE_CRC32)))) { fprintf(stderr, "Insufficient Memory while Allocating Checksum!\n"); - (void) krb5_cc_destroy(cache); + (void) krb5_cc_destroy(context, cache); exit(1); } /* choose some random stuff to compute checksum from */ - if (retval = krb5_calculate_checksum(CKSUMTYPE_CRC32, + if (retval = krb5_calculate_checksum(context, CKSUMTYPE_CRC32, ADM5_ADM_VERSION, strlen(ADM5_ADM_VERSION), 0, @@ -240,7 +247,7 @@ main(argc,argv) fprintf(stderr, "Error while Computing Checksum: %s!\n", error_message(retval)); free(send_cksum.contents); - (void) krb5_cc_destroy(cache); + (void) krb5_cc_destroy(context, cache); exit(1); } @@ -248,7 +255,7 @@ main(argc,argv) pass it over the socket to the server, and obtain mutual authentication. */ - if ((retval = krb5_sendauth((krb5_pointer) &local_socket, + if ((retval = krb5_sendauth(context, (krb5_pointer) &local_socket, ADM_CPW_VERSION, my_creds.client, my_creds.server, @@ -267,7 +274,7 @@ main(argc,argv) } /* Read back what the server has to say ... */ - if (retval = krb5_read_message(&local_socket, &inbuf)){ + if (retval = krb5_read_message(context, &local_socket, &inbuf)){ fprintf(stderr, " Read Message Error: %s!\n", error_message(retval)); free(send_cksum.contents); @@ -292,7 +299,7 @@ main(argc,argv) inbuf.data[1] = 0xff; inbuf.length = 2; - if ((retval = krb5_mk_priv(&inbuf, + if ((retval = krb5_mk_priv(context, &inbuf, ETYPE_DES_CBC_CRC, &my_creds.keyblock, &local_addr, @@ -311,7 +318,7 @@ main(argc,argv) free(inbuf.data); /* write private message to server */ - if (krb5_write_message(&local_socket, &msg_data)){ + if (krb5_write_message(context, &local_socket, &msg_data)){ fprintf(stderr, "Write Error During First Message Transmission!\n"); free(send_cksum.contents); exit(1); @@ -320,14 +327,14 @@ main(argc,argv) for ( ; ; ) { /* Ok Now let's get the private message */ - if (retval = krb5_read_message(&local_socket, &inbuf)){ + if (retval = krb5_read_message(context, &local_socket, &inbuf)){ fprintf(stderr, "Read Error During First Reply: %s!\n", error_message(retval)); free(send_cksum.contents); exit(1); } - if ((retval = krb5_rd_priv(&inbuf, + if ((retval = krb5_rd_priv(context, &inbuf, &my_creds.keyblock, &foreign_addr, &local_addr, @@ -357,7 +364,7 @@ repeat: if (!strcmp(command_type, "add")) { valid++; oper_type = ADDOPER; - if (retval = kadm_add_user(&my_creds, + if (retval = kadm_add_user(context, &my_creds, rep_ret, &local_addr, &foreign_addr, @@ -369,7 +376,7 @@ repeat: if (!strcmp(command_type, "cpw")) { valid++; oper_type = CHGOPER; - if (retval = kadm_cpw_user(&my_creds, + if (retval = kadm_cpw_user(context, &my_creds, rep_ret, &local_addr, &foreign_addr, @@ -380,7 +387,7 @@ repeat: } if (!strcmp(command_type, "addrnd")) { valid++; - if (retval = kadm_add_user_rnd(&my_creds, + if (retval = kadm_add_user_rnd(context, &my_creds, rep_ret, &local_addr, &foreign_addr, @@ -390,7 +397,7 @@ repeat: } if (!strcmp(command_type, "cpwrnd")) { valid++; - if (retval = kadm_cpw_user_rnd(&my_creds, + if (retval = kadm_cpw_user_rnd(context, &my_creds, rep_ret, &local_addr, &foreign_addr, @@ -400,7 +407,7 @@ repeat: } if (!strcmp(command_type, "del")) { valid++; - if (retval = kadm_del_user(&my_creds, + if (retval = kadm_del_user(context, &my_creds, rep_ret, &local_addr, &foreign_addr, @@ -410,7 +417,7 @@ repeat: } if (!strcmp(command_type, "inq")) { valid++; - if (retval = kadm_inq_user(&my_creds, + if (retval = kadm_inq_user(context, &my_creds, rep_ret, &local_addr, &foreign_addr, @@ -420,7 +427,7 @@ repeat: } if (!strcmp(command_type, "mod")) { valid++; - if (retval = kadm_mod_user(&my_creds, + if (retval = kadm_mod_user(context, &my_creds, rep_ret, &local_addr, &foreign_addr, @@ -431,7 +438,7 @@ repeat: if (!strcmp(command_type, "addv4")) { valid++; oper_type = AD4OPER; - if (retval = kadm_add_user(&my_creds, + if (retval = kadm_add_user(context, &my_creds, rep_ret, &local_addr, &foreign_addr, @@ -443,7 +450,7 @@ repeat: if (!strcmp(command_type, "cpwv4")) { valid++; oper_type = CH4OPER; - if (retval = kadm_cpw_user(&my_creds, + if (retval = kadm_cpw_user(context, &my_creds, rep_ret, &local_addr, &foreign_addr, @@ -454,7 +461,7 @@ repeat: } if (!strcmp(command_type, "q")) { valid++; - retval = kadm_done(&my_creds, + retval = kadm_done(context, &my_creds, rep_ret, &local_addr, &foreign_addr, @@ -475,14 +482,14 @@ repeat: } /* Ok Now let's get the final private message */ - if (retval = krb5_read_message(&local_socket, &inbuf)){ + if (retval = krb5_read_message(context, &local_socket, &inbuf)){ fprintf(stderr, "Read Error During Final Reply: %s!\n", error_message(retval)); free(send_cksum.contents); exit(1); } - if ((retval = krb5_rd_priv(&inbuf, + if ((retval = krb5_rd_priv(context, &inbuf, &my_creds.keyblock, &foreign_addr, &local_addr, @@ -521,11 +528,11 @@ repeat: exit(retval); } -krb5_error_code -get_first_ticket(DECLARG(krb5_ccache, cache), - DECLARG(krb5_principal, client)) -OLDDECLARG(krb5_ccache, cache) -OLDDECLARG(krb5_principal, client) +static krb5_error_code +get_first_ticket(context, cache, client) + krb5_context context; + krb5_ccache cache; + krb5_principal client; { char prompt[255]; /* for the password prompt */ @@ -537,7 +544,7 @@ OLDDECLARG(krb5_principal, client) int pwsize; int i; - if ((retval = krb5_unparse_name(client, &client_name))) { + if ((retval = krb5_unparse_name(context, client, &client_name))) { fprintf(stderr, "Unable to Unparse Client Name!\n"); return(1); } @@ -551,7 +558,7 @@ OLDDECLARG(krb5_principal, client) my_creds.client = client; - if ((retval = krb5_build_principal_ext(&my_creds.server, + if ((retval = krb5_build_principal_ext(context, &my_creds.server, client->realm.length, client->realm.data, strlen(CPWNAME), @@ -562,7 +569,7 @@ OLDDECLARG(krb5_principal, client) 0))) { fprintf(stderr, "Error %s while building client name!\n", error_message(retval)); - krb5_free_addresses(my_addresses); + krb5_free_addresses(context, my_addresses); return(1); } @@ -574,7 +581,7 @@ OLDDECLARG(krb5_principal, client) } pwsize = 255; - if ((retval = krb5_read_password( + if ((retval = krb5_read_password(context, prompt, 0, password, @@ -582,13 +589,13 @@ OLDDECLARG(krb5_principal, client) fprintf(stderr, "Error while reading password for '%s'!\n", client_name); free(password); - krb5_free_addresses(my_addresses); + krb5_free_addresses(context, my_addresses); return(1); } /* Build Request for Initial Credentials */ for (i=0; preauth_search_list[i] >= 0; i++) { - retval = krb5_get_in_tkt_with_password( + retval = krb5_get_in_tkt_with_password(context, 0, /* options */ my_addresses, /* do random preauth */ @@ -607,7 +614,7 @@ OLDDECLARG(krb5_principal, client) /* Do NOT Forget to zap password */ memset((char *) password, 0, pwsize); free(password); - krb5_free_addresses(my_addresses); + krb5_free_addresses(context, my_addresses); if (retval) { fprintf(stderr, "\nUnable to Get Initial Credentials : %s!\n", @@ -619,10 +626,10 @@ OLDDECLARG(krb5_principal, client) } krb5_error_code -adm5_init_link( realm_of_server, local_socket) -krb5_data *realm_of_server; -int * local_socket; - +adm5_init_link(context, realm_of_server, local_socket) + krb5_context context; + krb5_data *realm_of_server; + int * local_socket; { struct servent *service_process; /* service we will talk to */ struct hostent *remote_host; /* host we will talk to */ @@ -647,7 +654,7 @@ int * local_socket; hostlist = 0; /* Identify all Hosts Associated with this Realm */ - if ((retval = krb5_get_krbhst (realm_of_server, &hostlist))) { + if ((retval = krb5_get_krbhst (context, realm_of_server, &hostlist))) { fprintf(stderr, "krb5_get_krbhst: Unable to Determine Server Name!\n"); return(retval); } @@ -670,7 +677,7 @@ int * local_socket; } } - krb5_free_krbhst(hostlist); + krb5_free_krbhst(context, hostlist); /* open a TCP socket */ *local_socket = socket(PF_INET, SOCK_STREAM, 0); @@ -699,8 +706,9 @@ int * local_socket; return 0; } -void -get_def_princ(client) +static void +get_def_princ(context, client) + krb5_context context; krb5_principal *client; { krb5_ccache cache = NULL; @@ -710,7 +718,7 @@ get_def_princ(client) krb5_flags cc_flags; /* Identify Default Credentials Cache */ - if (retval = krb5_cc_default(&cache)) { + if (retval = krb5_cc_default(context, &cache)) { fprintf(stderr, "Error while getting default ccache!\n"); exit(1); } @@ -722,7 +730,7 @@ get_def_princ(client) * retval != 0 ==> Assume ccache does NOT Exist */ cc_flags = 0; - if (retval = krb5_cc_set_flags(cache, cc_flags)) { + if (retval = krb5_cc_set_flags(context, cache, cc_flags)) { /* Search passwd file for client */ pw = getpwuid((int) getuid()); if (pw) { @@ -740,13 +748,13 @@ get_def_princ(client) } /* Use this to get default_realm and format client_name */ - if ((retval = krb5_parse_name(client_name, client))) { + if ((retval = krb5_parse_name(context, client_name, client))) { fprintf(stderr, "Unable to Parse Client Name!\n"); usage(); } } else { /* Read Client from Cache */ - if (retval = krb5_cc_get_principal(cache, client)) { + if (retval = krb5_cc_get_principal(context, cache, client)) { fprintf(stderr, "Unable to Read Principal Credentials File!\n"); exit(1); @@ -758,7 +766,7 @@ get_def_princ(client) usage(); } - (void) krb5_cc_close(cache); + (void) krb5_cc_close(context, cache); } } diff --git a/src/kadmin/client/kadmin_add.c b/src/kadmin/client/kadmin_add.c index f4e986d3f..354814ea0 100644 --- a/src/kadmin/client/kadmin_add.c +++ b/src/kadmin/client/kadmin_add.c @@ -42,15 +42,16 @@ void decode_kadmind_reply(); int print_status_message(); krb5_error_code - kadm_add_user(my_creds, rep_ret, local_addr, foreign_addr, - local_socket, seqno, oper_type, principal) -krb5_creds *my_creds; -krb5_ap_rep_enc_part *rep_ret; -krb5_address *local_addr, *foreign_addr; -int *local_socket; -krb5_int32 *seqno; -int oper_type; -char *principal; +kadm_add_user(context, my_creds, rep_ret, local_addr, foreign_addr, + local_socket, seqno, oper_type, principal) + krb5_context context; + krb5_creds *my_creds; + krb5_ap_rep_enc_part *rep_ret; + krb5_address *local_addr, *foreign_addr; + int *local_socket; + krb5_int32 *seqno; + int oper_type; + char *principal; { krb5_data msg_data, inbuf; kadmin_requests rd_priv_resp; @@ -92,7 +93,7 @@ char *principal; (void) memcpy( inbuf.data + 3, username, strlen(username)); inbuf.length = strlen(username) + 3; - if ((retval = krb5_mk_priv(&inbuf, + if ((retval = krb5_mk_priv(context, &inbuf, ETYPE_DES_CBC_CRC, &my_creds->keyblock, local_addr, @@ -110,20 +111,20 @@ char *principal; free(inbuf.data); /* write private message to server */ - if (krb5_write_message(local_socket, &msg_data)){ + if (krb5_write_message(context, local_socket, &msg_data)){ fprintf(stderr, "Write Error During Second Message Transmission!\n"); return(1); } free(msg_data.data); - if (retval = krb5_read_message(local_socket, &inbuf)){ + if (retval = krb5_read_message(context, local_socket, &inbuf)){ fprintf(stderr, "Read Error During Second Reply: %s!\n", error_message(retval)); return(1); } - if (retval = krb5_rd_priv(&inbuf, + if (retval = krb5_rd_priv(context, &inbuf, &my_creds->keyblock, foreign_addr, local_addr, @@ -188,7 +189,7 @@ char *principal; pwsize = ADM_MAX_PW_LENGTH+1; putchar('\n'); - if (retval = krb5_read_password( + if (retval = krb5_read_password(context, DEFAULT_PWD_STRING1, DEFAULT_PWD_STRING2, password, @@ -213,7 +214,7 @@ char *principal; #endif /* MACH_PASS */ - if ((retval = krb5_mk_priv(&inbuf, + if ((retval = krb5_mk_priv(context, &inbuf, ETYPE_DES_CBC_CRC, &my_creds->keyblock, local_addr, @@ -231,20 +232,20 @@ char *principal; free(inbuf.data); /* write private message to server */ - if (krb5_write_message(local_socket, &msg_data)){ + if (krb5_write_message(context, local_socket, &msg_data)){ fprintf(stderr, "Write Error During Second Message Transmission!\n"); return(1); } free(msg_data.data); /* Ok Now let's get the final private message */ - if (retval = krb5_read_message(local_socket, &inbuf)){ + if (retval = krb5_read_message(context, local_socket, &inbuf)){ fprintf(stderr, "Read Error During Final Reply: %s!\n", error_message(retval)); retval = 1; } - if ((retval = krb5_rd_priv(&inbuf, + if ((retval = krb5_rd_priv(context, &inbuf, &my_creds->keyblock, foreign_addr, local_addr, diff --git a/src/kadmin/client/kadmin_adr.c b/src/kadmin/client/kadmin_adr.c index 21b247a12..8d5c4fcf9 100644 --- a/src/kadmin/client/kadmin_adr.c +++ b/src/kadmin/client/kadmin_adr.c @@ -42,14 +42,15 @@ void decode_kadmind_reply(); int print_status_message(); krb5_error_code - kadm_add_user_rnd(my_creds, rep_ret, local_addr, foreign_addr, - local_socket, seqno, principal) -krb5_creds *my_creds; -krb5_ap_rep_enc_part *rep_ret; -krb5_address *local_addr, *foreign_addr; -int *local_socket; -krb5_int32 *seqno; -char *principal; +kadm_add_user_rnd(context, my_creds, rep_ret, local_addr, foreign_addr, + local_socket, seqno, principal) + krb5_context context; + krb5_creds *my_creds; + krb5_ap_rep_enc_part *rep_ret; + krb5_address *local_addr, *foreign_addr; + int *local_socket; + krb5_int32 *seqno; + char *principal; { krb5_data msg_data, inbuf; kadmin_requests rd_priv_resp; @@ -90,7 +91,7 @@ char *principal; (void) memcpy( inbuf.data + 3, username, strlen(username)); inbuf.length = strlen(username) + 3; - if ((retval = krb5_mk_priv(&inbuf, + if ((retval = krb5_mk_priv(context, &inbuf, ETYPE_DES_CBC_CRC, &my_creds->keyblock, local_addr, @@ -108,7 +109,7 @@ char *principal; free(inbuf.data); /* write private message to server */ - if (krb5_write_message(local_socket, &msg_data)){ + if (krb5_write_message(context, local_socket, &msg_data)){ fprintf(stderr, "Write Error During Second Message Transmission!\n"); return(1); } @@ -116,13 +117,13 @@ char *principal; free(msg_data.data); /* Ok Now let's get the final private message */ - if (retval = krb5_read_message(local_socket, &inbuf)){ + if (retval = krb5_read_message(context, local_socket, &inbuf)){ fprintf(stderr, "Read Error During Final Reply: %s!\n", error_message(retval)); retval = 1; } - if ((retval = krb5_rd_priv(&inbuf, + if ((retval = krb5_rd_priv(context, &inbuf, &my_creds->keyblock, foreign_addr, local_addr, diff --git a/src/kadmin/client/kadmin_cpr.c b/src/kadmin/client/kadmin_cpr.c index 8bb092500..c974aaf5f 100644 --- a/src/kadmin/client/kadmin_cpr.c +++ b/src/kadmin/client/kadmin_cpr.c @@ -43,14 +43,15 @@ void decode_kadmind_reply(); int print_status_message(); krb5_error_code -kadm_cpw_user_rnd(my_creds, rep_ret, local_addr, foreign_addr, +kadm_cpw_user_rnd(context, my_creds, rep_ret, local_addr, foreign_addr, local_socket, seqno, principal) -krb5_creds *my_creds; -krb5_ap_rep_enc_part *rep_ret; -krb5_address *local_addr, *foreign_addr; -int *local_socket; -krb5_int32 *seqno; -char *principal; + krb5_context context; + krb5_creds *my_creds; + krb5_ap_rep_enc_part *rep_ret; + krb5_address *local_addr, *foreign_addr; + int *local_socket; + krb5_int32 *seqno; + char *principal; { krb5_data msg_data, inbuf; kadmin_requests rd_priv_resp; @@ -91,7 +92,7 @@ char *principal; inbuf.length = strlen(username) + 3; /* Transmit Principal Name */ - if ((retval = krb5_mk_priv(&inbuf, + if ((retval = krb5_mk_priv(context, &inbuf, ETYPE_DES_CBC_CRC, &my_creds->keyblock, local_addr, @@ -109,20 +110,20 @@ char *principal; free(inbuf.data); /* write private message to server */ - if (krb5_write_message(local_socket, &msg_data)){ + if (krb5_write_message(context, local_socket, &msg_data)){ fprintf(stderr, "Write Error During Second Message Transmission!\n"); return(1); } free(msg_data.data); /* Ok Now let's get the final private message */ - if (retval = krb5_read_message(local_socket, &inbuf)){ + if (retval = krb5_read_message(context, local_socket, &inbuf)){ fprintf(stderr, "Read Error During Final Reply: %s!\n", error_message(retval)); retval = 1; } - if ((retval = krb5_rd_priv(&inbuf, + if ((retval = krb5_rd_priv(context, &inbuf, &my_creds->keyblock, foreign_addr, local_addr, diff --git a/src/kadmin/client/kadmin_cpw.c b/src/kadmin/client/kadmin_cpw.c index 5d954f035..02d1e117f 100644 --- a/src/kadmin/client/kadmin_cpw.c +++ b/src/kadmin/client/kadmin_cpw.c @@ -43,15 +43,16 @@ void decode_kadmind_reply(); int print_status_message(); krb5_error_code -kadm_cpw_user(my_creds, rep_ret, local_addr, foreign_addr, +kadm_cpw_user(context, my_creds, rep_ret, local_addr, foreign_addr, local_socket, seqno, oper_type, principal) -krb5_creds *my_creds; -krb5_ap_rep_enc_part *rep_ret; -krb5_address *local_addr, *foreign_addr; -int *local_socket; -krb5_int32 *seqno; -int oper_type; -char *principal; + krb5_context context; + krb5_creds *my_creds; + krb5_ap_rep_enc_part *rep_ret; + krb5_address *local_addr, *foreign_addr; + int *local_socket; + krb5_int32 *seqno; + int oper_type; + char *principal; { krb5_data msg_data, inbuf; kadmin_requests rd_priv_resp; @@ -95,7 +96,7 @@ char *principal; inbuf.length = strlen(username) + 3; /* Transmit Principal Name */ - if ((retval = krb5_mk_priv(&inbuf, + if ((retval = krb5_mk_priv(context, &inbuf, ETYPE_DES_CBC_CRC, &my_creds->keyblock, local_addr, @@ -113,20 +114,20 @@ char *principal; free(inbuf.data); /* write private message to server */ - if (krb5_write_message(local_socket, &msg_data)){ + if (krb5_write_message(context, local_socket, &msg_data)){ free(msg_data.data); fprintf(stderr, "Write Error During Second Message Transmission!\n"); return(1); } free(msg_data.data); - if (retval = krb5_read_message(local_socket, &inbuf)){ + if (retval = krb5_read_message(context, local_socket, &inbuf)){ fprintf(stderr, "Read Error During Second Reply: %s!\n", error_message(retval)); return(1); } - if ((retval = krb5_rd_priv(&inbuf, + if ((retval = krb5_rd_priv(context, &inbuf, &my_creds->keyblock, foreign_addr, local_addr, @@ -198,7 +199,7 @@ char *principal; pwsize = ADM_MAX_PW_LENGTH+1; putchar('\n'); - if ((retval = krb5_read_password( + if ((retval = krb5_read_password(context, DEFAULT_PWD_STRING1, DEFAULT_PWD_STRING2, password, @@ -224,7 +225,7 @@ char *principal; #endif /* MACH_PASS */ - if ((retval = krb5_mk_priv(&inbuf, + if ((retval = krb5_mk_priv(context, &inbuf, ETYPE_DES_CBC_CRC, &my_creds->keyblock, local_addr, @@ -242,20 +243,20 @@ char *principal; free(inbuf.data); /* write private message to server */ - if (krb5_write_message(local_socket, &msg_data)){ + if (krb5_write_message(context, local_socket, &msg_data)){ fprintf(stderr, "Write Error During Second Message Transmission!\n"); return(1); } free(msg_data.data); /* Ok Now let's get the final private message */ - if (retval = krb5_read_message(local_socket, &inbuf)){ + if (retval = krb5_read_message(context, local_socket, &inbuf)){ fprintf(stderr, "Read Error During Final Reply: %s!\n", error_message(retval)); retval = 1; } - if ((retval = krb5_rd_priv(&inbuf, + if ((retval = krb5_rd_priv(context, &inbuf, &my_creds->keyblock, foreign_addr, local_addr, diff --git a/src/kadmin/client/kadmin_del.c b/src/kadmin/client/kadmin_del.c index 176d661cd..f96db1a7f 100644 --- a/src/kadmin/client/kadmin_del.c +++ b/src/kadmin/client/kadmin_del.c @@ -40,14 +40,15 @@ void decode_kadmind_reply(); int print_status_message(); krb5_error_code -kadm_del_user(my_creds, rep_ret, local_addr, foreign_addr, +kadm_del_user(context, my_creds, rep_ret, local_addr, foreign_addr, local_socket, seqno, principal) -krb5_creds *my_creds; -krb5_ap_rep_enc_part *rep_ret; -krb5_address *local_addr, *foreign_addr; -int *local_socket; -krb5_int32 *seqno; -char *principal; + krb5_context context; + krb5_creds *my_creds; + krb5_ap_rep_enc_part *rep_ret; + krb5_address *local_addr, *foreign_addr; + int *local_socket; + krb5_int32 *seqno; + char *principal; { krb5_data msg_data, inbuf; kadmin_requests rd_priv_resp; @@ -88,7 +89,7 @@ char *principal; (void) memcpy( inbuf.data + 3, username, strlen(username)); inbuf.length = strlen(username) + 3; - if ((retval = krb5_mk_priv(&inbuf, + if ((retval = krb5_mk_priv(context, &inbuf, ETYPE_DES_CBC_CRC, &my_creds->keyblock, local_addr, @@ -106,7 +107,7 @@ char *principal; free(inbuf.data); /* write private message to server */ - if (krb5_write_message(local_socket, &msg_data)){ + if (krb5_write_message(context, local_socket, &msg_data)){ free(msg_data.data); fprintf(stderr, "Write Error During Second Message Transmission!\n"); return(1); @@ -114,13 +115,13 @@ char *principal; free(msg_data.data); /* Ok Now let's get the final private message */ - if (retval = krb5_read_message(local_socket, &inbuf)){ + if (retval = krb5_read_message(context, local_socket, &inbuf)){ fprintf(stderr, "Read Error During Final Reply: %s!\n", error_message(retval)); return(1); } - if ((retval = krb5_rd_priv(&inbuf, + if ((retval = krb5_rd_priv(context, &inbuf, &my_creds->keyblock, foreign_addr, local_addr, diff --git a/src/kadmin/client/kadmin_done.c b/src/kadmin/client/kadmin_done.c index 0b5f9e7d0..5e9af2b2c 100644 --- a/src/kadmin/client/kadmin_done.c +++ b/src/kadmin/client/kadmin_done.c @@ -37,12 +37,14 @@ #include <krb5/kdb_dbm.h> krb5_error_code -kadm_done(my_creds, rep_ret, local_addr, foreign_addr, local_socket, seqno) -krb5_creds *my_creds; -krb5_ap_rep_enc_part *rep_ret; -krb5_address *local_addr, *foreign_addr; -int *local_socket; -krb5_int32 *seqno; +kadm_done(context, my_creds, rep_ret, local_addr, foreign_addr, + local_socket, seqno) + krb5_context context; + krb5_creds *my_creds; + krb5_ap_rep_enc_part *rep_ret; + krb5_address *local_addr, *foreign_addr; + int *local_socket; + krb5_int32 *seqno; { krb5_data msg_data, inbuf; krb5_error_code retval; /* return code */ @@ -57,7 +59,7 @@ krb5_int32 *seqno; (void) memset( inbuf.data + 4, 0, 4); inbuf.length = 16; - if ((retval = krb5_mk_priv(&inbuf, + if ((retval = krb5_mk_priv(context, &inbuf, ETYPE_DES_CBC_CRC, &my_creds->keyblock, local_addr, @@ -73,7 +75,7 @@ krb5_int32 *seqno; } /* write private message to server */ - if (krb5_write_message(local_socket, &msg_data)) { + if (krb5_write_message(context, local_socket, &msg_data)) { free(msg_data.data); fprintf(stderr, "Write Error During Second Message Transmission!\n"); return(1); diff --git a/src/kadmin/client/kadmin_inq.c b/src/kadmin/client/kadmin_inq.c index 4227e9b00..13f3bb6e6 100644 --- a/src/kadmin/client/kadmin_inq.c +++ b/src/kadmin/client/kadmin_inq.c @@ -41,14 +41,15 @@ void decode_kadmind_reply(); int print_status_message(); krb5_error_code -kadm_inq_user(my_creds, rep_ret, local_addr, foreign_addr, +kadm_inq_user(context, my_creds, rep_ret, local_addr, foreign_addr, local_socket, seqno, principal) -krb5_creds *my_creds; -krb5_ap_rep_enc_part *rep_ret; -krb5_address *local_addr, *foreign_addr; -int *local_socket; -krb5_int32 *seqno; -char *principal; + krb5_context context; + krb5_creds *my_creds; + krb5_ap_rep_enc_part *rep_ret; + krb5_address *local_addr, *foreign_addr; + int *local_socket; + krb5_int32 *seqno; + char *principal; { krb5_data msg_data, inbuf; kadmin_requests rd_priv_resp; @@ -90,7 +91,7 @@ char *principal; (void) memcpy( inbuf.data + 3, username, strlen(username)); inbuf.length = strlen(username) + 3; - if (retval = krb5_mk_priv(&inbuf, + if (retval = krb5_mk_priv(context, &inbuf, ETYPE_DES_CBC_CRC, &my_creds->keyblock, local_addr, @@ -108,20 +109,20 @@ char *principal; free(inbuf.data); /* write private message to server */ - if (krb5_write_message(local_socket, &msg_data)){ + if (krb5_write_message(context, local_socket, &msg_data)){ fprintf(stderr, "Write Error During Second Message Transmission!\n"); return(1); } free(msg_data.data); /* Ok Now let's get the private message */ - if ((retval = krb5_read_message(local_socket, &inbuf))){ + if ((retval = krb5_read_message(context, local_socket, &inbuf))){ fprintf(stderr, "Read Error During Second Reply: %s!\n", error_message(retval)); return(1); } - if (retval = krb5_rd_priv(&inbuf, + if (retval = krb5_rd_priv(context, &inbuf, &my_creds->keyblock, foreign_addr, local_addr, @@ -175,7 +176,7 @@ char *principal; inbuf.data[1] = KADMGOOD; inbuf.length = 2; - if (retval = krb5_mk_priv(&inbuf, + if (retval = krb5_mk_priv(context, &inbuf, ETYPE_DES_CBC_CRC, &my_creds->keyblock, local_addr, @@ -193,7 +194,7 @@ char *principal; free(inbuf.data); /* write private message to server */ - if (krb5_write_message(local_socket, &msg_data)){ + if (krb5_write_message(context, local_socket, &msg_data)){ fprintf(stderr, "Write Error During Second Message Transmission!\n"); free(msg_data.data); return(1); @@ -201,13 +202,13 @@ char *principal; free(msg_data.data); /* Ok Now let's get the final private message */ - if (retval = krb5_read_message(local_socket, &inbuf)){ + if (retval = krb5_read_message(context, local_socket, &inbuf)){ fprintf(stderr, "Read Error During Final Reply: %s!\n", error_message(retval)); retval = 1; } - if (retval = krb5_rd_priv(&inbuf, + if (retval = krb5_rd_priv(context, &inbuf, &my_creds->keyblock, foreign_addr, local_addr, diff --git a/src/kadmin/client/kadmin_mod.c b/src/kadmin/client/kadmin_mod.c index 264dc084b..6bb9c22b9 100644 --- a/src/kadmin/client/kadmin_mod.c +++ b/src/kadmin/client/kadmin_mod.c @@ -41,14 +41,15 @@ void decode_kadmind_reply(); int print_status_message(); krb5_error_code -kadm_mod_user(my_creds, rep_ret, local_addr, foreign_addr, +kadm_mod_user(context, my_creds, rep_ret, local_addr, foreign_addr, local_socket, seqno, principal) -krb5_creds *my_creds; -krb5_ap_rep_enc_part *rep_ret; -krb5_address *local_addr, *foreign_addr; -int *local_socket; -krb5_int32 *seqno; -char *principal; + krb5_context context; + krb5_creds *my_creds; + krb5_ap_rep_enc_part *rep_ret; + krb5_address *local_addr, *foreign_addr; + int *local_socket; + krb5_int32 *seqno; + char *principal; { krb5_data msg_data, inbuf; kadmin_requests rd_priv_resp; @@ -88,7 +89,7 @@ char *principal; (void) memcpy( inbuf.data + 3, username, strlen(username)); inbuf.length = strlen(username) + 3; - if ((retval = krb5_mk_priv(&inbuf, + if ((retval = krb5_mk_priv(context, &inbuf, ETYPE_DES_CBC_CRC, &my_creds->keyblock, local_addr, @@ -106,20 +107,20 @@ char *principal; free(inbuf.data); /* write private message to server */ - if (krb5_write_message(local_socket, &msg_data)){ + if (krb5_write_message(context, local_socket, &msg_data)){ fprintf(stderr, "Write Error During Second Message Transmission!\n"); return(1); } free(msg_data.data); /* Ok Now let's get the private message */ - if (retval = krb5_read_message(local_socket, &inbuf)){ + if (retval = krb5_read_message(context, local_socket, &inbuf)){ fprintf(stderr, "Read Error During Second Reply: %s!\n", error_message(retval)); return(1); } - if ((retval = krb5_rd_priv(&inbuf, + if ((retval = krb5_rd_priv(context, &inbuf, &my_creds->keyblock, foreign_addr, local_addr, @@ -162,7 +163,7 @@ char *principal; inbuf.data[2] = SENDDATA3; inbuf.length = 3; - if ((retval = krb5_mk_priv(&inbuf, + if ((retval = krb5_mk_priv(context, &inbuf, ETYPE_DES_CBC_CRC, &my_creds->keyblock, local_addr, @@ -180,7 +181,7 @@ char *principal; free(inbuf.data); /* write private message to server */ - if (krb5_write_message(local_socket, &msg_data)){ + if (krb5_write_message(context, local_socket, &msg_data)){ fprintf(stderr, "Write Error During Second Message Transmission!\n"); free(msg_data.data); return(1); @@ -188,13 +189,13 @@ char *principal; free(msg_data.data); /* Ok Now let's get the final private message */ - if (retval = krb5_read_message(local_socket, &inbuf)){ + if (retval = krb5_read_message(context, local_socket, &inbuf)){ fprintf(stderr, "Read Error During Final Reply: %s!\n", error_message(retval)); retval = 1; } - if ((retval = krb5_rd_priv(&inbuf, + if ((retval = krb5_rd_priv(context, &inbuf, &my_creds->keyblock, foreign_addr, local_addr, diff --git a/src/kadmin/client/kadmin_msnd.c b/src/kadmin/client/kadmin_msnd.c index b6d6f3eae..c46ad69a5 100644 --- a/src/kadmin/client/kadmin_msnd.c +++ b/src/kadmin/client/kadmin_msnd.c @@ -59,12 +59,14 @@ #endif krb5_error_code -kadm_snd_mod(my_creds, rep_ret, local_addr, foreign_addr, local_socket, seqno) -krb5_creds *my_creds; -krb5_ap_rep_enc_part *rep_ret; -krb5_address *local_addr, *foreign_addr; -int *local_socket; -krb5_int32 *seqno; +kadm_snd_mod(context, my_creds, rep_ret, local_addr, foreign_addr, + local_socket, seqno) + krb5_context context; + krb5_creds *my_creds; + krb5_ap_rep_enc_part *rep_ret; + krb5_address *local_addr, *foreign_addr; + int *local_socket; + krb5_int32 *seqno; { krb5_error_code retval; /* return code */ krb5_data msg_data, inbuf; @@ -225,7 +227,7 @@ repeat3: inbuf.data[1] = MODOPER; inbuf.data[2] = SENDDATA3; - if ((retval = krb5_mk_priv(&inbuf, + if ((retval = krb5_mk_priv(context, &inbuf, ETYPE_DES_CBC_CRC, &my_creds->keyblock, local_addr, @@ -243,20 +245,20 @@ repeat3: free(inbuf.data); /* write private message to server */ - if (krb5_write_message(local_socket, &msg_data)) { + if (krb5_write_message(context, local_socket, &msg_data)) { fprintf(stderr, "Write Error During Second Message Transmission!\n"); return(1); } free(msg_data.data); /* Ok Now let's get the private message */ - if (retval = krb5_read_message(local_socket, &inbuf)){ + if (retval = krb5_read_message(context, local_socket, &inbuf)){ fprintf(stderr, "Read Error During Second Reply: %s!\n", error_message(retval)); return(1); } - if ((retval = krb5_rd_priv(&inbuf, + if ((retval = krb5_rd_priv(context, &inbuf, &my_creds->keyblock, foreign_addr, local_addr, @@ -284,7 +286,7 @@ alldone: inbuf.data[2] = SENDDATA3; inbuf.length = 3; - if ((retval = krb5_mk_priv(&inbuf, + if ((retval = krb5_mk_priv(context, &inbuf, ETYPE_DES_CBC_CRC, &my_creds->keyblock, local_addr, @@ -302,7 +304,7 @@ alldone: free(inbuf.data); /* write private message to server */ - if (krb5_write_message(local_socket, &msg_data)) { + if (krb5_write_message(context, local_socket, &msg_data)) { fprintf(stderr, "Write Error During Second Message Transmission!\n"); return(1); } diff --git a/src/kadmin/kpasswd/ChangeLog b/src/kadmin/kpasswd/ChangeLog index 6379bb495..4dded80ee 100644 --- a/src/kadmin/kpasswd/ChangeLog +++ b/src/kadmin/kpasswd/ChangeLog @@ -1,3 +1,7 @@ +Fri Jan 13 15:23:47 1995 Chris Provenzano (proven@mit.edu) + + * Added krb5_context to all krb5_routines + Tue Dec 27 06:09:03 1994 Richard Basch (probe@tardis) * configure.in: diff --git a/src/kadmin/kpasswd/kpasswd.c b/src/kadmin/kpasswd/kpasswd.c index 9fb56c42e..de57f442a 100644 --- a/src/kadmin/kpasswd/kpasswd.c +++ b/src/kadmin/kpasswd/kpasswd.c @@ -62,9 +62,15 @@ #define MAXPATHLEN 1024 #endif -krb5_error_code get_first_ticket - PROTOTYPE((krb5_ccache, - krb5_principal)); +static krb5_error_code adm5_init_link + PROTOTYPE((krb5_context, + krb5_data *, + int *)); + +static krb5_error_code get_first_ticket + PROTOTYPE((krb5_context, + krb5_ccache, + krb5_principal)); krb5_error_code print_and_choose_password PROTOTYPE((char *, krb5_data *)); @@ -88,6 +94,7 @@ main(argc,argv) int argc; char *argv[]; { + krb5_context context; krb5_ccache cache = NULL; char cache_name[255]; krb5_flags cc_flags; @@ -172,14 +179,15 @@ main(argc,argv) goto finish; } - krb5_init_ets(); + krb5_init_context(&context); + krb5_init_ets(context); memset((char *) default_name, 0, sizeof(default_name)); switch (argc) { case 1: /* No User Specified */ /* Identify Default Credentials Cache */ - if ((retval = krb5_cc_default(&cache))) { + if ((retval = krb5_cc_default(context, &cache))) { fprintf(stderr, "Error while getting default ccache!\n"); goto finish; } @@ -191,7 +199,7 @@ main(argc,argv) * retval != 0 ==> Assume ccache does NOT Exist */ cc_flags = 0; - if ((retval = krb5_cc_set_flags(cache, cc_flags))) { + if ((retval = krb5_cc_set_flags(context, cache, cc_flags))) { /* Search passwd file for client */ pw = getpwuid((int) getuid()); if (pw) { @@ -204,12 +212,12 @@ main(argc,argv) } /* Use this to get default_realm and format client_name */ - if ((retval = krb5_parse_name(default_name, &client))) { + if ((retval = krb5_parse_name(context,default_name, &client))) { fprintf(stderr, "Unable to Parse Client Name!\n"); goto finish; } - if ((retval = krb5_unparse_name(client, &client_name))) { + if ((retval = krb5_unparse_name(context,client,&client_name))) { fprintf(stderr, "Unable to Parse Client Name!\n"); goto finish; } @@ -220,14 +228,14 @@ main(argc,argv) requested_realm.length); } else { /* Read Client from Cache */ - if ((retval = krb5_cc_get_principal(cache, + if ((retval = krb5_cc_get_principal(context, cache, (krb5_principal *) &client))) { fprintf(stderr, "Unable to Read Customer Credentials File!\n"); goto finish; } - if ((retval = krb5_unparse_name(client, &client_name))) { + if ((retval = krb5_unparse_name(context,client,&client_name))) { fprintf(stderr, "Unable to Parse Client Name!\n"); goto finish; } @@ -237,7 +245,7 @@ main(argc,argv) (char *) client->realm.data, requested_realm.length); - (void) krb5_cc_close(cache); + (void) krb5_cc_close(context, cache); } break; @@ -245,7 +253,7 @@ main(argc,argv) /* Hand Parse Entry */ strcpy(input_string, argv[1]); - if (retval = krb5_parse_name(input_string, &client)) { + if (retval = krb5_parse_name(context, input_string, &client)) { fprintf(stderr, "Error Parsing -u option contents!\n"); exit(0); } @@ -264,11 +272,11 @@ main(argc,argv) /* Create credential cache for changepw */ (void) sprintf(cache_name, "FILE:/tmp/tkt_cpw_%d", getpid()); - if ((retval = krb5_cc_resolve(cache_name, &cache))) { + if ((retval = krb5_cc_resolve(context, cache_name, &cache))) { fprintf(stderr, "Unable to Resolve Cache: %s\n", cache_name); } - if ((retval = krb5_cc_initialize(cache, client))) { + if ((retval = krb5_cc_initialize(context, cache, client))) { fprintf(stderr, "Error initializing cache: %s\n", cache_name); goto finish; } @@ -277,12 +285,12 @@ main(argc,argv) * Verify User by Obtaining Initial Credentials prior to Initial Link */ - if ((retval = get_first_ticket(cache, client))) { + if ((retval = get_first_ticket(context, cache, client))) { goto finish; } /* Initiate Link to Server */ - if ((retval = adm5_init_link(&requested_realm, &local_socket))) { + if ((retval = adm5_init_link(context, &requested_realm, &local_socket))) { goto finish; } @@ -296,7 +304,7 @@ main(argc,argv) { int msg_length = 0; - retval = krb5_net_write(local_socket, (char *) &msg_length + 2, 2); + retval = krb5_net_write(context, local_socket, (char *) &msg_length + 2, 2); if (retval < 0) { fprintf(stderr, "krb5_net_write failure!\n"); goto finish; @@ -314,13 +322,13 @@ main(argc,argv) /* compute checksum, using CRC-32 */ if (!(send_cksum.contents = (krb5_octet *) - malloc(krb5_checksum_size(CKSUMTYPE_CRC32)))) { + malloc(krb5_checksum_size(context, CKSUMTYPE_CRC32)))) { fprintf(stderr, "Insufficient Memory while Allocating Checksum!\n"); goto finish; } cksum_alloc++; /* choose some random stuff to compute checksum from */ - if (retval = krb5_calculate_checksum(CKSUMTYPE_CRC32, + if (retval = krb5_calculate_checksum(context, CKSUMTYPE_CRC32, ADM_CPW_VERSION, strlen(ADM_CPW_VERSION), 0, @@ -336,7 +344,7 @@ main(argc,argv) pass it over the socket to the server, and obtain mutual authentication. */ - if ((retval = krb5_sendauth((krb5_pointer) &local_socket, + if ((retval = krb5_sendauth(context, (krb5_pointer) &local_socket, ADM_CPW_VERSION, my_creds.client, my_creds.server, @@ -354,7 +362,7 @@ main(argc,argv) } /* Get credentials : to use for safe and private messages */ - if (retval = krb5_get_credentials(0, cache, &my_creds)){ + if (retval = krb5_get_credentials(context, 0, cache, &my_creds)){ fprintf(stderr, "Error Obtaining Credentials: %s!\n", error_message(retval)); goto finish; @@ -362,7 +370,7 @@ main(argc,argv) /* Read back what the server has to say... */ - if (retval = krb5_read_message(&local_socket, &inbuf)){ + if (retval = krb5_read_message(context, &local_socket, &inbuf)){ fprintf(stderr, " Read Message Error: %s!\n", error_message(retval)); goto finish; @@ -377,7 +385,7 @@ main(argc,argv) inbuf.data[1] = CHGOPER; inbuf.length = 2; - if ((retval = krb5_mk_priv(&inbuf, + if ((retval = krb5_mk_priv(context, &inbuf, ETYPE_DES_CBC_CRC, &my_creds.keyblock, &local_addr, @@ -394,7 +402,7 @@ main(argc,argv) free(inbuf.data); /* write private message to server */ - if (krb5_write_message(&local_socket, &msg_data)){ + if (krb5_write_message(context, &local_socket, &msg_data)){ fprintf(stderr, "Write Error During First Message Transmission!\n"); retval = 1; goto finish; @@ -403,14 +411,14 @@ main(argc,argv) #ifdef MACH_PASS /* Machine-generated Passwords */ /* Ok Now let's get the private message */ - if (retval = krb5_read_message(&local_socket, &inbuf)){ + if (retval = krb5_read_message(context, &local_socket, &inbuf)){ fprintf(stderr, "Read Error During First Reply: %s!\n", error_message(retval)); retval = 1; goto finish; } - if ((retval = krb5_rd_priv(&inbuf, + if ((retval = krb5_rd_priv(context, &inbuf, &my_creds.keyblock, &foreign_addr, &local_addr, @@ -442,7 +450,7 @@ main(argc,argv) #else new_pwsize = ADM_MAX_PW_LENGTH+1; putchar('\n'); - if ((retval = krb5_read_password( + if ((retval = krb5_read_password(context, "Enter new password: ", "Re-enter new password for verification: ", new_password, @@ -463,7 +471,7 @@ main(argc,argv) inbuf.data = new_password; inbuf.length = strlen(new_password); - if ((retval = krb5_mk_priv(&inbuf, + if ((retval = krb5_mk_priv(context, &inbuf, ETYPE_DES_CBC_CRC, &my_creds.keyblock, &local_addr, @@ -481,7 +489,7 @@ main(argc,argv) free(inbuf.data); /* write private message to server */ - if (krb5_write_message(&local_socket, &msg_data)){ + if (krb5_write_message(context, &local_socket, &msg_data)){ fprintf(stderr, "Write Error During Second Message Transmission!\n"); retval = 1; goto finish; @@ -489,14 +497,14 @@ main(argc,argv) free(msg_data.data); /* Ok Now let's get the private message */ - if (retval = krb5_read_message(&local_socket, &inbuf)){ + if (retval = krb5_read_message(context, &local_socket, &inbuf)){ fprintf(stderr, "Read Error During Second Reply: %s!\n", error_message(retval)); retval = 1; goto finish; } - if ((retval = krb5_rd_priv(&inbuf, + if ((retval = krb5_rd_priv(context, &inbuf, &my_creds.keyblock, &foreign_addr, &local_addr, @@ -545,7 +553,7 @@ main(argc,argv) finish: - (void) krb5_cc_destroy(cache); + (void) krb5_cc_destroy(context, cache); free(client_name); free(requested_realm.data); @@ -569,11 +577,11 @@ krb5_data cpwname = { CPWNAME }; -krb5_error_code -get_first_ticket(DECLARG(krb5_ccache, cache), - DECLARG(krb5_principal, client)) -OLDDECLARG(krb5_ccache, cache) -OLDDECLARG(krb5_principal, client) +static krb5_error_code +get_first_ticket(context, cache, client) + krb5_context context; + krb5_ccache cache; + krb5_principal client; { char prompt[255]; /* for the password prompt */ char pword[ADM_MAX_PW_LENGTH+1]; /* storage for the password */ @@ -586,7 +594,7 @@ OLDDECLARG(krb5_principal, client) char *client_name; krb5_error_code retval; - if ((retval = krb5_unparse_name(client, &client_name))) { + if ((retval = krb5_unparse_name(context, client, &client_name))) { fprintf(stderr, "Unable to Unparse Client Name\n"); return(1); } @@ -602,7 +610,7 @@ OLDDECLARG(krb5_principal, client) my_creds.client = client; - if ((retval = krb5_build_principal_ext(&my_creds.server, + if ((retval = krb5_build_principal_ext(context, &my_creds.server, client->realm.length, client->realm.data, cpwname.length, /* 6 */ @@ -623,7 +631,7 @@ OLDDECLARG(krb5_principal, client) } old_pwsize = 255; - if ((retval = krb5_read_password( + if ((retval = krb5_read_password(context, prompt, 0, old_password, @@ -635,7 +643,7 @@ OLDDECLARG(krb5_principal, client) /* Build Request for Initial Credentials */ for (i=0; preauth_search_list[i] >= 0; i++) { - retval = krb5_get_in_tkt_with_password( + retval = krb5_get_in_tkt_with_password(context, 0, /* options */ my_addresses, /* do random preauth */ @@ -766,7 +774,7 @@ krb5_error_code retval; new_passwd_length = ADM_MAX_PW_LENGTH+1; /* Read New Password from Terminal (Do Not Print on Screen) */ - if ((retval = krb5_read_password(&prompt[0], 0, + if ((retval = krb5_read_password(context, &prompt[0], 0, new_password, &new_passwd_length))) { fprintf(stderr, "\nError Reading Password Input or Input Aborted\n"); @@ -800,11 +808,11 @@ krb5_error_code retval; } #endif -krb5_error_code -adm5_init_link( realm_of_server, local_socket) -krb5_data *realm_of_server; -int * local_socket; - +static krb5_error_code +adm5_init_link(context, realm_of_server, local_socket) + krb5_context context; + krb5_data *realm_of_server; + int * local_socket; { struct servent *service_process; /* service we will talk to */ struct hostent *remote_host; /* host we will talk to */ @@ -832,7 +840,7 @@ int * local_socket; hostlist = 0; /* Identify all Hosts Associated with this Realm */ - if ((retval = krb5_get_krbhst (realm_of_server, &hostlist))) { + if ((retval = krb5_get_krbhst (context, realm_of_server, &hostlist))) { fprintf(stderr, "krb5_get_krbhst: Unable to Determine Server Name\n"); return(1); } diff --git a/src/kadmin/server/ChangeLog b/src/kadmin/server/ChangeLog index 4720f005b..4ba19147f 100644 --- a/src/kadmin/server/ChangeLog +++ b/src/kadmin/server/ChangeLog @@ -1,3 +1,7 @@ +Fri Jan 13 15:23:47 1995 Chris Provenzano (proven@mit.edu) + + * Added krb5_context to all krb5_routines + Mon Dec 19 18:12:18 1994 Theodore Y. Ts'o (tytso@dcl) * adm_listen.c (kill_children): Use syslog instead of krb_log. diff --git a/src/kadmin/server/adm_adm_func.c b/src/kadmin/server/adm_adm_func.c index 7d05d8af7..6c23dd80b 100644 --- a/src/kadmin/server/adm_adm_func.c +++ b/src/kadmin/server/adm_adm_func.c @@ -52,12 +52,13 @@ extern int classification; #endif krb5_error_code - adm_build_key (newprinc, client_creds, new_passwd, oper_type, entry) -krb5_principal newprinc; -krb5_ticket *client_creds; -char *new_passwd; -int oper_type; -krb5_db_entry entry; +adm_build_key (context, newprinc, client_creds, new_passwd, oper_type, entry) + krb5_context context; + krb5_principal newprinc; + krb5_ticket *client_creds; + char *new_passwd; + int oper_type; + krb5_db_entry entry; { krb5_data outbuf; int retval; @@ -119,7 +120,7 @@ krb5_db_entry entry; #endif /* Encrypt Password and Phrase */ - if (retval = krb5_mk_priv(&outbuf, + if (retval = krb5_mk_priv(context, &outbuf, ETYPE_DES_CBC_CRC, client_creds->enc_part2->session, &client_server_info.server_addr, @@ -148,7 +149,8 @@ krb5_db_entry entry; free(outbuf.data); /* Send private message to Client */ - if (krb5_write_message(&client_server_info.client_socket, &msg_data)){ + if (krb5_write_message(context, &client_server_info.client_socket, + &msg_data)){ free(msg_data.data); com_err("adm_build_key", 0, "Error Performing Password Write"); return(5); /* Protocol Failure */ @@ -157,13 +159,13 @@ krb5_db_entry entry; free(msg_data.data); /* Read Client Response */ - if (krb5_read_message(&client_server_info.client_socket, &inbuf)){ + if (krb5_read_message(context, &client_server_info.client_socket, &inbuf)){ syslog(LOG_ERR | LOG_INFO, "Error Performing Password Read"); return(5); /* Protocol Failure */ } /* Decrypt Client Response */ - if (retval = krb5_rd_priv(&inbuf, + if (retval = krb5_rd_priv(context, &inbuf, client_creds->enc_part2->session, &client_server_info.client_addr, &client_server_info.server_addr, @@ -188,11 +190,12 @@ krb5_db_entry entry; /* kadmin change password request */ krb5_error_code - adm_change_pwd(prog, customer_name, client_creds, salttype) -char *prog; -char *customer_name; -krb5_ticket *client_creds; -int salttype; +adm_change_pwd(context, prog, customer_name, client_creds, salttype) + krb5_context context; + char *prog; + char *customer_name; + krb5_ticket *client_creds; + int salttype; { krb5_db_entry entry; int nprincs = 1; @@ -207,45 +210,42 @@ int salttype; "Remote Administrative Password Change Request for %s by %s", customer_name, client_server_info.name_of_client); - if (retval = krb5_parse_name(customer_name, &newprinc)) { + if (retval = krb5_parse_name(context, customer_name, &newprinc)) { syslog(LOG_ERR | LOG_INFO, "parse failure while parsing '%s'", customer_name); return(5); /* Protocol Failure */ } - if (!(adm_princ_exists("adm_change_pwd", newprinc, + if (!(adm_princ_exists(context, "adm_change_pwd", newprinc, &entry, &nprincs))) { com_err("adm_change_pwd", 0, "Principal does not exist!"); - krb5_free_principal(newprinc); - krb5_db_free_principal(&entry, nprincs); + krb5_free_principal(context, newprinc); + krb5_db_free_principal(context, &entry, nprincs); return(1); /* Principal Unknown */ } if ((new_passwd = (char *) calloc (1, ADM_MAX_PW_LENGTH+1)) == (char *) 0) { com_err("adm_change_pwd", ENOMEM, "while allocating new_passwd!"); - krb5_free_principal(newprinc); - krb5_db_free_principal(&entry, nprincs); + krb5_free_principal(context, newprinc); + krb5_db_free_principal(context, &entry, nprincs); return(3); /* No Memory */ } oper_type = (salttype == KRB5_KDB_SALTTYPE_NORMAL) ? CHGOPER : CH4OPER; - if (retval = adm_build_key(newprinc, - client_creds, - new_passwd, - oper_type, - entry)) { - krb5_free_principal(newprinc); - krb5_db_free_principal(&entry, nprincs); + if (retval = adm_build_key(context, newprinc, client_creds, + new_passwd, oper_type, entry)) { + krb5_free_principal(context, newprinc); + krb5_db_free_principal(context, &entry, nprincs); free(new_passwd); return(retval); } - retval = krb5_unparse_name(newprinc, &composite_name); + retval = krb5_unparse_name(context, newprinc, &composite_name); entry.salt_type = (krb5_int32) salttype; - if (retval = adm_enter_pwd_key("adm_change_pwd", + if (retval = adm_enter_pwd_key(context, "adm_change_pwd", composite_name, newprinc, newprinc, @@ -253,8 +253,8 @@ int salttype; salttype, new_passwd, &entry)) retval = 8; - krb5_free_principal(newprinc); - krb5_db_free_principal(&entry, nprincs); + krb5_free_principal(context, newprinc); + krb5_db_free_principal(context, &entry, nprincs); free(composite_name); (void) memset(new_passwd, 0, strlen(new_passwd)); @@ -264,10 +264,11 @@ int salttype; /* kadmin add new random key function */ krb5_error_code - adm_change_pwd_rnd(cmdname, customer_name, client_creds) -char *cmdname; -char *customer_name; -krb5_ticket *client_creds; +adm_change_pwd_rnd(context, cmdname, customer_name, client_creds) + krb5_context context; + char *cmdname; + char *customer_name; + krb5_ticket *client_creds; { krb5_db_entry entry; int nprincs = 1; @@ -279,46 +280,47 @@ krb5_ticket *client_creds; "Remote Administrative Random Password Change Request for %s by %s", customer_name, client_server_info.name_of_client); - if (retval = krb5_parse_name(customer_name, &newprinc)) { + if (retval = krb5_parse_name(context, customer_name, &newprinc)) { com_err("adm_change_pwd_rnd", retval, "while parsing '%s'", customer_name); return(5); /* Protocol Failure */ } #ifdef SANDIA if (!(newprinc[2])) { if (retval = check_security(newprinc, classification)) { - krb5_free_principal(newprinc); + krb5_free_principal(context, newprinc); syslog(LOG_ERR, "Principal (%s) - Incorrect Classification level", customer_name); return(6); } } #endif - if (!(adm_princ_exists("adm_change_pwd_rnd", newprinc, + if (!(adm_princ_exists(context, "adm_change_pwd_rnd", newprinc, &entry, &nprincs))) { com_err("adm_change_pwd_rnd", 0, "Principal does not exist!"); - krb5_free_principal(newprinc); - krb5_db_free_principal(&entry, nprincs); + krb5_free_principal(context, newprinc); + krb5_db_free_principal(context, &entry, nprincs); return(1); /* Principal Unknown */ } - if (retval = adm_enter_rnd_pwd_key("adm_change_pwd_rnd", + if (retval = adm_enter_rnd_pwd_key(context, "adm_change_pwd_rnd", newprinc, 1, /* change existing entry */ &entry)) retval = 8; - krb5_free_principal(newprinc); - krb5_db_free_principal(&entry, nprincs); + krb5_free_principal(context, newprinc); + krb5_db_free_principal(context, &entry, nprincs); return(retval); } /* kadmin add new key function */ krb5_error_code - adm_add_new_key(cmdname, customer_name, client_creds, salttype) -char *cmdname; -char *customer_name; -krb5_ticket *client_creds; -int salttype; +adm_add_new_key(context, cmdname, customer_name, client_creds, salttype) + krb5_context context; + char *cmdname; + char *customer_name; + krb5_ticket *client_creds; + int salttype; { krb5_db_entry entry; int nprincs = 1; @@ -331,47 +333,47 @@ int salttype; "Remote Administrative Addition Request for %s by %s", customer_name, client_server_info.name_of_client); - if (retval = krb5_parse_name(customer_name, &newprinc)) { + if (retval = krb5_parse_name(context, customer_name, &newprinc)) { com_err("adm_add_new_key", retval, "while parsing '%s'", customer_name); return(5); /* Protocol Failure */ } #ifdef SANDIA if (!(newprinc[2])) { if (retval = check_security(newprinc, classification)) { - krb5_free_principal(newprinc); + krb5_free_principal(context, newprinc); syslog(LOG_ERR, "Principal (%s) - Incorrect Classification level", customer_name); return(6); } } #endif - if (adm_princ_exists("adm_add_new_key", newprinc, &entry, &nprincs)) { + if (adm_princ_exists(context, "adm_add_new_key",newprinc,&entry,&nprincs)) { com_err("adm_add_new_key", 0, "principal '%s' already exists", customer_name); - krb5_free_principal(newprinc); - krb5_db_free_principal(&entry, nprincs); + krb5_free_principal(context, newprinc); + krb5_db_free_principal(context, &entry, nprincs); return(2); /* Principal Already Exists */ } if ((new_passwd = (char *) calloc (1, 255)) == (char *) 0) { com_err("adm_add_new_key", ENOMEM, "for new_passwd"); - krb5_free_principal(newprinc); - krb5_db_free_principal(&entry, nprincs); + krb5_free_principal(context, newprinc); + krb5_db_free_principal(context, &entry, nprincs); return(3); /* No Memory */ } - if (retval = adm_build_key(newprinc, + if (retval = adm_build_key(context, newprinc, client_creds, new_passwd, ADDOPER, entry)) { - krb5_free_principal(newprinc); - krb5_db_free_principal(&entry, nprincs); + krb5_free_principal(context, newprinc); + krb5_db_free_principal(context, &entry, nprincs); free(new_passwd); return(retval); } - if (retval = adm_enter_pwd_key( "adm_add_new_key", + if (retval = adm_enter_pwd_key(context, "adm_add_new_key", customer_name, newprinc, newprinc, @@ -382,17 +384,18 @@ int salttype; retval = 8; (void) memset(new_passwd, 0, strlen(new_passwd)); free(new_passwd); - krb5_free_principal(newprinc); - krb5_db_free_principal(&entry, nprincs); + krb5_free_principal(context, newprinc); + krb5_db_free_principal(context, &entry, nprincs); return(retval); } /* kadmin add new random key function */ krb5_error_code - adm_add_new_key_rnd(cmdname, customer_name, client_creds) -char *cmdname; -char *customer_name; -krb5_ticket *client_creds; +adm_add_new_key_rnd(context, cmdname, customer_name, client_creds) + krb5_context context; + char *cmdname; + char *customer_name; + krb5_ticket *client_creds; { krb5_db_entry entry; int nprincs = 1; @@ -404,44 +407,46 @@ krb5_ticket *client_creds; "Remote Administrative Addition Request for %s by %s", customer_name, client_server_info.name_of_client); - if (retval = krb5_parse_name(customer_name, &newprinc)) { + if (retval = krb5_parse_name(context, customer_name, &newprinc)) { com_err("adm_add_new_key_rnd", retval, "while parsing '%s'", customer_name); return(5); /* Protocol Failure */ } #ifdef SANDIA if (!(newprinc[2])) { if (retval = check_security(newprinc, classification)) { - krb5_free_principal(newprinc); + krb5_free_principal(context, newprinc); syslog(LOG_ERR, "Principal (%s) - Incorrect Classification level", customer_name); return(6); } } #endif - if (adm_princ_exists("adm_add_new_key_rnd", newprinc, &entry, &nprincs)) { + if (adm_princ_exists(context, "adm_add_new_key_rnd", newprinc, + &entry, &nprincs)) { com_err("adm_add_new_key_rnd", 0, "principal '%s' already exists", customer_name); - krb5_free_principal(newprinc); - krb5_db_free_principal(&entry, nprincs); + krb5_free_principal(context, newprinc); + krb5_db_free_principal(context, &entry, nprincs); return(2); /* Principal Already Exists */ } - if (retval = adm_enter_rnd_pwd_key("adm_add_new_key_rnd", + if (retval = adm_enter_rnd_pwd_key(context, "adm_add_new_key_rnd", newprinc, 0, /* new entry */ &entry)) retval = 8; - krb5_free_principal(newprinc); - krb5_db_free_principal(&entry, nprincs); + krb5_free_principal(context, newprinc); + krb5_db_free_principal(context, &entry, nprincs); return(retval); } /* kadmin delete old key function */ krb5_error_code - adm_del_old_key(cmdname, customer_name) -char *cmdname; -char *customer_name; +adm_del_old_key(context, cmdname, customer_name) + krb5_context context; + char *cmdname; + char *customer_name; { krb5_db_entry entry; int nprincs = 1; @@ -454,45 +459,46 @@ char *customer_name; "Remote Administrative Deletion Request for %s by %s", customer_name, client_server_info.name_of_client); - if (retval = krb5_parse_name(customer_name, &newprinc)) { + if (retval = krb5_parse_name(context, customer_name, &newprinc)) { com_err("adm_del_old_key", retval, "while parsing '%s'", customer_name); return(5); /* Protocol Failure */ } - if (!adm_princ_exists("adm_del_old_key", newprinc, + if (!adm_princ_exists(context, "adm_del_old_key", newprinc, &entry, &nprincs)) { com_err("adm_del_old_key", 0, "principal '%s' is not in the database", customer_name); - krb5_free_principal(newprinc); - krb5_db_free_principal(&entry, nprincs); + krb5_free_principal(context, newprinc); + krb5_db_free_principal(context, &entry, nprincs); return(1); } - if (retval = krb5_db_delete_principal(newprinc, &one)) { + if (retval = krb5_db_delete_principal(context, newprinc, &one)) { com_err("adm_del_old_key", retval, "while deleting '%s'", customer_name); - krb5_free_principal(newprinc); - krb5_db_free_principal(&entry, nprincs); + krb5_free_principal(context, newprinc); + krb5_db_free_principal(context, &entry, nprincs); return(8); } else if (one != 1) { com_err("adm_del_old_key", 0, "no principal deleted - unknown error"); - krb5_free_principal(newprinc); - krb5_db_free_principal(&entry, nprincs); + krb5_free_principal(context, newprinc); + krb5_db_free_principal(context, &entry, nprincs); return(8); } - krb5_free_principal(newprinc); - krb5_db_free_principal(&entry, nprincs); + krb5_free_principal(context, newprinc); + krb5_db_free_principal(context, &entry, nprincs); return(0); } /* kadmin modify existing Principal function */ krb5_error_code - adm_mod_old_key(cmdname, customer_name, client_creds) -char *cmdname; -char *customer_name; -krb5_ticket *client_creds; +adm_mod_old_key(context, cmdname, customer_name, client_creds) + krb5_context context; + char *cmdname; + char *customer_name; + krb5_ticket *client_creds; { krb5_db_entry entry; int nprincs = 1; @@ -510,27 +516,27 @@ krb5_ticket *client_creds; "Remote Administrative Modification Request for %s by %s", customer_name, client_server_info.name_of_client); - if (retval = krb5_parse_name(customer_name, &newprinc)) { + if (retval = krb5_parse_name(context, customer_name, &newprinc)) { com_err("adm_mod_old_key", retval, "while parsing '%s'", customer_name); return(5); /* Protocol Failure */ } for ( ; ; ) { - if (!adm_princ_exists("adm_mod_old_key", newprinc, + if (!adm_princ_exists(context, "adm_mod_old_key", newprinc, &entry, &nprincs)) { - krb5_db_free_principal(&entry, nprincs); + krb5_db_free_principal(context, &entry, nprincs); com_err("adm_mod_old_key", 0, "principal '%s' is not in the database", customer_name); - krb5_free_principal(newprinc); + krb5_free_principal(context, newprinc); return(1); } /* Send Acknowledgement */ if ((outbuf.data = (char *) calloc (1, 255)) == (char *) 0) { - krb5_free_principal(newprinc); - krb5_db_free_principal(&entry, nprincs); + krb5_free_principal(context, newprinc); + krb5_db_free_principal(context, &entry, nprincs); com_err("adm_mod_old_key", ENOMEM, "for outbuf.data"); return(3); /* No Memory */ } @@ -540,7 +546,7 @@ krb5_ticket *client_creds; outbuf.data[1] = MODOPER; outbuf.data[2] = SENDDATA3; - if (retval = krb5_mk_priv(&outbuf, + if (retval = krb5_mk_priv(context, &outbuf, ETYPE_DES_CBC_CRC, client_creds->enc_part2->session, &client_server_info.server_addr, @@ -550,18 +556,19 @@ krb5_ticket *client_creds; 0, 0, &msg_data)) { - krb5_free_principal(newprinc); - krb5_db_free_principal(&entry, nprincs); + krb5_free_principal(context, newprinc); + krb5_db_free_principal(context, &entry, nprincs); com_err("adm_mod_old_key", retval, "during mk_priv"); free(outbuf.data); return(5); /* Protocol Failure */ } free(outbuf.data); - if (krb5_write_message(&client_server_info.client_socket, &msg_data)){ + if (krb5_write_message(context, &client_server_info.client_socket, + &msg_data)){ free(msg_data.data); - krb5_free_principal(newprinc); - krb5_db_free_principal(&entry, nprincs); + krb5_free_principal(context, newprinc); + krb5_db_free_principal(context, &entry, nprincs); com_err("adm_mod_old_key", 0, "Error Performing Modification Write"); return(5); /* Protocol Failure */ @@ -569,16 +576,16 @@ krb5_ticket *client_creds; free(msg_data.data); /* Read Client Response */ - if (krb5_read_message(&client_server_info.client_socket, &inbuf)){ - krb5_free_principal(newprinc); - krb5_db_free_principal(&entry, nprincs); + if (krb5_read_message(context, &client_server_info.client_socket, &inbuf)){ + krb5_free_principal(context, newprinc); + krb5_db_free_principal(context, &entry, nprincs); com_err("adm_mod_old_key", errno, "Error Performing Modification Read"); return(5); /* Protocol Failure */ } /* Decrypt Client Response */ - if (retval = krb5_rd_priv(&inbuf, + if (retval = krb5_rd_priv(context, &inbuf, client_creds->enc_part2->session, &client_server_info.client_addr, &client_server_info.server_addr, @@ -590,8 +597,8 @@ krb5_ticket *client_creds; com_err("adm_mod_old_key", retval, "krb5_rd_priv error %s", error_message(retval)); free(inbuf.data); - krb5_free_principal(newprinc); - krb5_db_free_principal(&entry, nprincs); + krb5_free_principal(context, newprinc); + krb5_db_free_principal(context, &entry, nprincs); return(5); /* Protocol Failure */ } @@ -602,8 +609,8 @@ krb5_ticket *client_creds; /* Decode Message - Modify Database */ if (msg_data.data[2] != SENDDATA3) { free(msg_data.data); - krb5_free_principal(newprinc); - krb5_db_free_principal(&entry, nprincs); + krb5_free_principal(context, newprinc); + krb5_db_free_principal(context, &entry, nprincs); return(5); /* Protocol Failure */ } #ifdef SANDIA @@ -670,34 +677,34 @@ krb5_ticket *client_creds; free(msg_data.data); entry.mod_name = client_server_info.client; - if (retval = krb5_timeofday(&entry.mod_date)) { + if (retval = krb5_timeofday(context, &entry.mod_date)) { com_err("adm_mod_old_key", retval, "while fetching date"); - krb5_free_principal(newprinc); - krb5_db_free_principal(&entry, nprincs); + krb5_free_principal(context, newprinc); + krb5_db_free_principal(context, &entry, nprincs); return(5); /* Protocol Failure */ } - retval = krb5_db_put_principal(&entry, &one); + retval = krb5_db_put_principal(context, &entry, &one); if (retval) { com_err("adm_mod_old_key", retval, "while storing principal"); - krb5_free_principal(newprinc); - krb5_db_free_principal(&entry, nprincs); + krb5_free_principal(context, newprinc); + krb5_db_free_principal(context, &entry, nprincs); return(8); /* Update failed */ } one = 1; } /* for */ - krb5_db_free_principal(&entry, nprincs); - krb5_free_principal(newprinc); + krb5_db_free_principal(context, &entry, nprincs); + krb5_free_principal(context, newprinc); /* Read Client Response */ - if (krb5_read_message(&client_server_info.client_socket, &inbuf)){ + if (krb5_read_message(context, &client_server_info.client_socket, &inbuf)){ com_err("adm_mod_old_key", errno, "Error Performing Read"); return(5); /* Protocol Failure */ } /* Decrypt Client Response */ - if (retval = krb5_rd_priv(&inbuf, + if (retval = krb5_rd_priv(context, &inbuf, client_creds->enc_part2->session, &client_server_info.client_addr, &client_server_info.server_addr, @@ -720,10 +727,11 @@ krb5_ticket *client_creds; /* kadmin inquire existing Principal function */ krb5_error_code - adm_inq_old_key(cmdname, customer_name, client_creds) -char *cmdname; -char *customer_name; -krb5_ticket *client_creds; +adm_inq_old_key(context, cmdname, customer_name, client_creds) + krb5_context context; + char *cmdname; + char *customer_name; + krb5_ticket *client_creds; { krb5_db_entry entry; int nprincs = 1; @@ -737,21 +745,21 @@ krb5_ticket *client_creds; "Remote Administrative Inquiry Request for %s by %s", customer_name, client_server_info.name_of_client); - if (retval = krb5_parse_name(customer_name, &newprinc)) { + if (retval = krb5_parse_name(context, customer_name, &newprinc)) { com_err("adm_inq_old_key", retval, "while parsing '%s'", customer_name); return(5); /* Protocol Failure */ } - if (retval = krb5_unparse_name(newprinc, &fullname)) { - krb5_free_principal(newprinc); + if (retval = krb5_unparse_name(context, newprinc, &fullname)) { + krb5_free_principal(context, newprinc); com_err("adm_inq_old_key", retval, "while unparsing"); return(5); /* Protocol Failure */ } - if (!adm_princ_exists("adm_inq_old_key", newprinc, + if (!adm_princ_exists(context, "adm_inq_old_key", newprinc, &entry, &nprincs)) { - krb5_db_free_principal(&entry, nprincs); - krb5_free_principal(newprinc); + krb5_db_free_principal(context, &entry, nprincs); + krb5_free_principal(context, newprinc); free(fullname); com_err("adm_inq_old_key", 0, "principal '%s' is not in the database", customer_name); @@ -759,28 +767,28 @@ krb5_ticket *client_creds; } if ((outbuf.data = (char *) calloc (1, 2048)) == (char *) 0) { - krb5_db_free_principal(&entry, nprincs); - krb5_free_principal(newprinc); + krb5_db_free_principal(context, &entry, nprincs); + krb5_free_principal(context, newprinc); free(fullname); com_err("adm_inq_old_key", ENOMEM, "for outbuf.data"); return(3); /* No Memory */ } /* Format Inquiry Data */ - if ((retval = adm_fmt_prt(&entry, fullname, outbuf.data))) { - krb5_db_free_principal(&entry, nprincs); - krb5_free_principal(newprinc); + if ((retval = adm_fmt_prt(context, &entry, fullname, outbuf.data))) { + krb5_db_free_principal(context, &entry, nprincs); + krb5_free_principal(context, newprinc); free(fullname); com_err("adm_inq_old_key", 0, "Unable to Format Inquiry Data"); return(5); /* XXX protocol failure --- not right, but.. */ } outbuf.length = strlen(outbuf.data); - krb5_db_free_principal(&entry, nprincs); - krb5_free_principal(newprinc); + krb5_db_free_principal(context, &entry, nprincs); + krb5_free_principal(context, newprinc); free(fullname); /* Encrypt Inquiry Data */ - if (retval = krb5_mk_priv(&outbuf, + if (retval = krb5_mk_priv(context, &outbuf, ETYPE_DES_CBC_CRC, client_creds->enc_part2->session, &client_server_info.server_addr, @@ -797,7 +805,8 @@ krb5_ticket *client_creds; free(outbuf.data); /* Send Inquiry Information */ - if (krb5_write_message(&client_server_info.client_socket, &msg_data)){ + if (krb5_write_message(context, &client_server_info.client_socket, + &msg_data)){ free(msg_data.data); com_err("adm_inq_old_key", 0, "Error Performing Write"); return(5); /* Protocol Failure */ @@ -806,14 +815,14 @@ krb5_ticket *client_creds; free(msg_data.data); /* Read Client Response */ - if (krb5_read_message(&client_server_info.client_socket, &inbuf)){ + if (krb5_read_message(context, &client_server_info.client_socket, &inbuf)){ com_err("adm_inq_old_key", errno, "Error Performing Read"); syslog(LOG_ERR, "adm_inq sock %d", client_server_info.client_socket); return(5); /* Protocol Failure */ } /* Decrypt Client Response */ - if (retval = krb5_rd_priv(&inbuf, + if (retval = krb5_rd_priv(context, &inbuf, client_creds->enc_part2->session, &client_server_info.client_addr, &client_server_info.server_addr, diff --git a/src/kadmin/server/adm_check.c b/src/kadmin/server/adm_check.c index cd645c8fb..b36c03df5 100644 --- a/src/kadmin/server/adm_check.c +++ b/src/kadmin/server/adm_check.c @@ -49,8 +49,8 @@ krb5_error_code adm_check_acl(name_of_client, acl_type) -char *name_of_client; -char *acl_type; + char *name_of_client; + char *acl_type; { FILE *acl_file; char input_string[255]; diff --git a/src/kadmin/server/adm_extern.h b/src/kadmin/server/adm_extern.h index 7764588c2..6c7ad4f86 100644 --- a/src/kadmin/server/adm_extern.h +++ b/src/kadmin/server/adm_extern.h @@ -87,5 +87,160 @@ extern char *kadmind_kpasswd_response[]; extern char *kadmind_ksrvutil_response[]; extern char *kadmind_kadmin_response[]; +/* PROTOTYPES */ + +krb5_error_code adm_build_key + PROTOTYPE((krb5_context, + krb5_principal, + krb5_ticket *, + char *, + int, + krb5_db_entry)); + +krb5_error_code adm_change_pwd + PROTOTYPE((krb5_context, + char *, + char *, + krb5_ticket *, + int)); + +krb5_error_code adm_change_pwd_rnd + PROTOTYPE((krb5_context, + char *, + char *, + krb5_ticket *)); + +krb5_error_code adm_add_new_key + PROTOTYPE((krb5_context, + char *, + char *, + krb5_ticket *, + int)); + +krb5_error_code adm_add_new_key_rnd + PROTOTYPE((krb5_context, + char *, + char *, + krb5_ticket *)); + +krb5_error_code adm_del_old_key + PROTOTYPE((krb5_context, + char *, + char *)); + +krb5_error_code adm_mod_old_key + PROTOTYPE((krb5_context, + char *, + char *, + krb5_ticket* )); + +krb5_error_code adm_inq_old_key + PROTOTYPE((krb5_context, + char *, + char *, + krb5_ticket *)); + +krb5_error_code adm_print_exp_time + PROTOTYPE((krb5_context, + char *, + krb5_timestamp)); + +krb5_kvno adm_princ_exists + PROTOTYPE((krb5_context, + char *, + krb5_principal, + krb5_db_entry *, + int *)); + +krb5_error_code adm_enter_rnd_pwd_key + PROTOTYPE((krb5_context, + char *, + krb5_principal, + int, + krb5_db_entry *)); + +krb5_error_code adm5_kadmin + PROTOTYPE((krb5_context, + char *, + krb5_authenticator *, + krb5_ticket *, + char *, + int *)); + +krb5_error_code adm_negotiate_key + PROTOTYPE((krb5_context, + char const *, + krb5_ticket *, + char *)); + +krb5_error_code setup_network + PROTOTYPE((krb5_context, + const char *)); + +krb5_error_code cpw_keyproc + PROTOTYPE((krb5_context, + krb5_pointer, + krb5_principal, + krb5_kvno, + krb5_keyblock **)); + +krb5_error_code process_client + PROTOTYPE((krb5_context, + char *)); + +krb5_error_code cleanexit + PROTOTYPE((krb5_context, + int)); + +krb5_error_code closedown_db + PROTOTYPE((krb5_context)); + +krb5_error_code process_args + PROTOTYPE((krb5_context, + int, + char **)); + +krb5_error_code init_db + PROTOTYPE((krb5_context, + char *, + krb5_principal, + krb5_keyblock *)); + +void setup_com_err + PROTOTYPE((krb5_context)); + +krb5_error_code princ_exists + PROTOTYPE((krb5_context, + krb5_principal, + krb5_db_entry *)); + +krb5_error_code adm_enter_pwd_key + PROTOTYPE((krb5_context, + char * , + char * , + krb5_const_principal , + krb5_const_principal , + int , + int , + char * , + krb5_db_entry * )); + +krb5_error_code adm5_change + PROTOTYPE((krb5_context, + char *, + krb5_principal , + krb5_ticket *)); + +int adm5_listen_and_process + PROTOTYPE((krb5_context, + const char *)); + +krb5_error_code adm5_kpasswd + PROTOTYPE((krb5_context, + char *, + kadmin_requests *, + krb5_ticket *, + char *, + int *)); #endif /* __ADM_EXTERN__ */ diff --git a/src/kadmin/server/adm_fmt_inq.c b/src/kadmin/server/adm_fmt_inq.c index 8a106d343..9914b6abc 100644 --- a/src/kadmin/server/adm_fmt_inq.c +++ b/src/kadmin/server/adm_fmt_inq.c @@ -114,9 +114,10 @@ krb5_flags attribs; } krb5_error_code -adm_print_exp_time(ret_data, time_input) -char *ret_data; -krb5_timestamp *time_input; +adm_print_exp_time(context, ret_data, time_input) + krb5_context context; + char *ret_data; + krb5_timestamp *time_input; { char *my_data; struct tm *exp_time; @@ -140,10 +141,11 @@ krb5_timestamp *time_input; } krb5_error_code -adm_fmt_prt(entry, Principal_name, ret_data) -krb5_db_entry *entry; -char *Principal_name; -char *ret_data; +adm_fmt_prt(context, entry, Principal_name, ret_data) + krb5_context context; + krb5_db_entry *entry; + char *Principal_name; + char *ret_data; { struct tm *mod_time; krb5_error_code retval; @@ -168,7 +170,7 @@ char *ret_data; strcat(my_data, thisline); sprintf(thisline, "Principal Key Version (PKV) = %d\n", entry->kvno); strcat(my_data, thisline); - if (retval = adm_print_exp_time(my_data, &entry->expiration)) { + if (retval = adm_print_exp_time(context, my_data, &entry->expiration)) { free(my_data); return retval; } @@ -204,7 +206,7 @@ char *ret_data; sprintf(thisline, "Invalid Authentication Count (FCNT) = %d\n", entry->fail_auth_count); strcat(my_data, thisline); - retval = krb5_timeofday(&now); + retval = krb5_timeofday(context, &now); pwd_expire = (now - entry->last_pwd_change) / 86400; sprintf(thisline, "Password Age is %d Days\n", pwd_expire); strcat(my_data, thisline); diff --git a/src/kadmin/server/adm_funcs.c b/src/kadmin/server/adm_funcs.c index 315767d99..1f8a3ff2a 100644 --- a/src/kadmin/server/adm_funcs.c +++ b/src/kadmin/server/adm_funcs.c @@ -72,43 +72,34 @@ krb5_error_code adm_get_rnd_key PROTOTYPE((char *, int, krb5_db_entry *)); -krb5_error_code adm_modify_kdb PROTOTYPE((char const *, - char const *, - krb5_const_principal, - const krb5_keyblock *, - const krb5_keyblock *, - int, - struct saltblock *, - struct saltblock *, - krb5_db_entry *)); - -krb5_error_code adm_enter_pwd_key PROTOTYPE((char *, - char *, - krb5_const_principal, - krb5_const_principal, - int, - int, - char *, - krb5_db_entry *)); - -krb5_error_code adm_negotiate_key PROTOTYPE((char const *, - krb5_ticket *, - char *)); +static krb5_error_code adm_modify_kdb + PROTOTYPE((krb5_context, + char const *, + char const *, + krb5_const_principal, + const krb5_keyblock *, + const krb5_keyblock *, + int, + struct saltblock *, + struct saltblock *, + krb5_db_entry *)); #include <krb5/narrow.h> krb5_kvno -adm_princ_exists(cmdname, principal, entry, nprincs) -char *cmdname; -krb5_principal principal; -krb5_db_entry *entry; -int *nprincs; +adm_princ_exists(context, cmdname, principal, entry, nprincs) + krb5_context context; + char *cmdname; + krb5_principal principal; + krb5_db_entry *entry; + int *nprincs; { krb5_boolean more; krb5_error_code retval; - if (retval = krb5_db_get_principal(principal, entry, nprincs, &more)) { + if (retval = krb5_db_get_principal(context, principal, entry, + nprincs, &more)) { com_err("adm_princ_exists", retval, "while attempting to verify principal's existence"); return(0); @@ -119,26 +110,19 @@ int *nprincs; return(*nprincs); } -krb5_error_code -adm_modify_kdb(DECLARG(char const *, cmdname), - DECLARG(char const *, newprinc), - DECLARG(krb5_const_principal, principal), - DECLARG(const krb5_keyblock *, key), - DECLARG(const krb5_keyblock *, alt_key), - DECLARG(int, req_type), - DECLARG(struct saltblock *, salt), - DECLARG(struct saltblock *, altsalt), - DECLARG(krb5_db_entry *, entry)) -OLDDECLARG(char const *, cmdname) -OLDDECLARG(char const *, newprinc) -OLDDECLARG(krb5_const_principal, principal) -OLDDECLARG(const krb5_keyblock *, key) -OLDDECLARG(const krb5_keyblock *, alt_key) -OLDDECLARG(int, req_type) -OLDDECLARG(struct saltblock *, salt) -OLDDECLARG(struct saltblock *, altsalt) -OLDDECLARG(krb5_db_entry *, entry) - +static krb5_error_code +adm_modify_kdb(context, cmdname, newprinc, principal, key, alt_key, req_type, + salt, altsalt, entry) + krb5_context context; + char const * cmdname; + char const * newprinc; + krb5_const_principal principal; + const krb5_keyblock * key; + const krb5_keyblock * alt_key; + int req_type; + struct saltblock * salt; + struct saltblock * altsalt; + krb5_db_entry * entry; { krb5_error_code retval; int one = 1; @@ -148,7 +132,7 @@ OLDDECLARG(krb5_db_entry *, entry) if (!req_type) { /* New entry - initialize */ memset((char *) entry, 0, sizeof(krb5_db_entry)); - retval = krb5_copy_principal(principal, &entry->principal); + retval = krb5_copy_principal(context, principal, &entry->principal); if (retval) return retval; entry->kvno = KDB5_VERSION_NUM; @@ -156,9 +140,9 @@ OLDDECLARG(krb5_db_entry *, entry) entry->max_renewable_life = master_entry.max_renewable_life; entry->mkvno = master_entry.mkvno; entry->expiration = master_entry.expiration; - retval = krb5_copy_principal(master_princ, &entry->mod_name); + retval = krb5_copy_principal(context, master_princ, &entry->mod_name); if (retval) { - krb5_free_principal(entry->principal); + krb5_free_principal(context, entry->principal); entry->principal = 0; return retval; } @@ -167,13 +151,13 @@ OLDDECLARG(krb5_db_entry *, entry) #ifdef SANDIA entry->attributes &= ~KRB5_KDB_REQUIRES_PWCHANGE; #endif - retval = krb5_copy_principal(principal, &entry->mod_name); + retval = krb5_copy_principal(context, principal, &entry->mod_name); if (retval) return retval; } if (key && key->length) { - retval = krb5_kdb_encrypt_key(&master_encblock, + retval = krb5_kdb_encrypt_key(context, &master_encblock, key, &entry->key); if (retval) { @@ -184,7 +168,7 @@ OLDDECLARG(krb5_db_entry *, entry) } if (alt_key && alt_key->length) { - retval = krb5_kdb_encrypt_key(&master_encblock, + retval = krb5_kdb_encrypt_key(context, &master_encblock, alt_key, &entry->alt_key); if (retval) { @@ -199,7 +183,7 @@ OLDDECLARG(krb5_db_entry *, entry) } } - if (retval = krb5_timeofday(&entry->mod_date)) { + if (retval = krb5_timeofday(context, &entry->mod_date)) { com_err("adm_modify_kdb", retval, "while fetching date"); if (entry->key.contents) { memset((char *) entry->key.contents, 0, entry->key.length); @@ -252,7 +236,7 @@ OLDDECLARG(krb5_db_entry *, entry) entry->alt_salt = 0; } } else { - if (retval = krb5_timeofday(&entry->last_pwd_change)) { + if (retval = krb5_timeofday(context, &entry->last_pwd_change)) { com_err("adm_modify_kdb", retval, "while fetching date"); if (entry->key.contents) { memset((char *) entry->key.contents, 0, entry->key.length); @@ -269,7 +253,7 @@ OLDDECLARG(krb5_db_entry *, entry) } } - retval = krb5_db_put_principal(entry, &one); + retval = krb5_db_put_principal(context, entry, &one); if (entry->key.contents) { memset((char *) entry->key.contents, 0, entry->key.length); @@ -295,22 +279,17 @@ OLDDECLARG(krb5_db_entry *, entry) } krb5_error_code -adm_enter_pwd_key(DECLARG(char *, cmdname), - DECLARG(char *, newprinc), - DECLARG(krb5_const_principal, princ), - DECLARG(krb5_const_principal, string_princ), - DECLARG(int, req_type), - DECLARG(int, salttype), - DECLARG(char *, new_password), - DECLARG(krb5_db_entry *, entry)) -OLDDECLARG(char *, cmdname) -OLDDECLARG(char *, newprinc) -OLDDECLARG(krb5_const_principal, princ) -OLDDECLARG(krb5_const_principal, string_princ) -OLDDECLARG(int, req_type) -OLDDECLARG(int, salttype) -OLDDECLARG(char *, new_password) -OLDDECLARG(krb5_db_entry *, entry) +adm_enter_pwd_key(context, cmdname, newprinc, princ, string_princ, req_type, + salttype, new_password, entry) + krb5_context context; + char * cmdname; + char * newprinc; + krb5_const_principal princ; + krb5_const_principal string_princ; + int req_type; + int salttype; + char * new_password; + krb5_db_entry * entry; { krb5_error_code retval; krb5_keyblock tempkey; @@ -329,7 +308,7 @@ OLDDECLARG(krb5_db_entry *, entry) switch (salttype) { case KRB5_KDB_SALTTYPE_NORMAL: - if (retval = krb5_principal2salt(string_princ, &salt.saltdata)) { + if (retval = krb5_principal2salt(context,string_princ,&salt.saltdata)) { com_err("adm_enter_pwd_key", retval, "while converting principal to salt for '%s'", newprinc); goto cleanup; @@ -343,7 +322,8 @@ OLDDECLARG(krb5_db_entry *, entry) case KRB5_KDB_SALTTYPE_V4: salt.saltdata.data = 0; salt.saltdata.length = 0; - if (retval = krb5_principal2salt(string_princ, &altsalt.saltdata)) { + if (retval = krb5_principal2salt(context, string_princ, + &altsalt.saltdata)) { com_err("adm_enter_pwd_key", retval, "while converting principal to altsalt for '%s'", newprinc); goto cleanup; @@ -353,7 +333,7 @@ OLDDECLARG(krb5_db_entry *, entry) break; case KRB5_KDB_SALTTYPE_NOREALM: - if (retval = krb5_principal2salt_norealm(string_princ, + if (retval = krb5_principal2salt_norealm(context, string_princ, &salt.saltdata)) { com_err("adm_enter_pwd_key", retval, "while converting principal to salt for '%s'", newprinc); @@ -368,7 +348,8 @@ OLDDECLARG(krb5_db_entry *, entry) case KRB5_KDB_SALTTYPE_ONLYREALM: { krb5_data *foo; - if (retval = krb5_copy_data(krb5_princ_realm(string_princ), + if (retval = krb5_copy_data(context, + krb5_princ_realm(context, string_princ), &foo)) { com_err("adm_enter_pwd_key", retval, "while converting principal to salt for '%s'", newprinc); @@ -389,7 +370,7 @@ OLDDECLARG(krb5_db_entry *, entry) goto cleanup; } - if (retval = krb5_string_to_key(&master_encblock, + if (retval = krb5_string_to_key(context, &master_encblock, master_keyblock.keytype, &tempkey, &pwd, @@ -399,7 +380,7 @@ OLDDECLARG(krb5_db_entry *, entry) goto cleanup; } - if (retval = krb5_string_to_key(&master_encblock, + if (retval = krb5_string_to_key(context, &master_encblock, master_keyblock.keytype, &alttempkey, &pwd, @@ -411,7 +392,7 @@ OLDDECLARG(krb5_db_entry *, entry) memset((char *) new_password, 0, sizeof(new_password)); /* erase it */ - retval = adm_modify_kdb("adm_enter_pwd_key", + retval = adm_modify_kdb(context, "adm_enter_pwd_key", newprinc, princ, &tempkey, @@ -439,10 +420,11 @@ cleanup: } krb5_error_code -adm5_change(prog, newprinc, client_creds) -char *prog; -krb5_principal newprinc; -krb5_ticket *client_creds; +adm5_change(context, prog, newprinc, client_creds) + krb5_context context; + char *prog; + krb5_principal newprinc; + krb5_ticket *client_creds; { krb5_db_entry entry; int nprincs = 1; @@ -451,26 +433,26 @@ krb5_ticket *client_creds; char *composite_name; char new_passwd[ADM_MAX_PW_LENGTH + 1]; - if (!(adm_princ_exists("adm5_change", newprinc, + if (!(adm_princ_exists(context, "adm5_change", newprinc, &entry, &nprincs))) { com_err("adm5_change", 0, "No principal exists!"); - krb5_free_principal(newprinc); + krb5_free_principal(context, newprinc); return(1); } memset((char *) new_passwd, 0, ADM_MAX_PW_LENGTH + 1); /* Negotiate for New Key */ - if (retval = adm_negotiate_key("adm5_change", client_creds, + if (retval = adm_negotiate_key(context, "adm5_change", client_creds, new_passwd)) { - krb5_db_free_principal(&entry, nprincs); - krb5_free_principal(newprinc); + krb5_db_free_principal(context, &entry, nprincs); + krb5_free_principal(context, newprinc); return(1); } - if (retval = krb5_unparse_name(newprinc, &composite_name)) { - krb5_free_principal(newprinc); - krb5_db_free_principal(&entry, nprincs); + if (retval = krb5_unparse_name(context, newprinc, &composite_name)) { + krb5_free_principal(context, newprinc); + krb5_db_free_principal(context, &entry, nprincs); return retval; } @@ -480,7 +462,7 @@ krb5_ticket *client_creds; com_err("adm5_change", 0, "Converting v4user to v5user"); } - retval = adm_enter_pwd_key("adm5_change", + retval = adm_enter_pwd_key(context, "adm5_change", composite_name, newprinc, newprinc, @@ -489,8 +471,8 @@ krb5_ticket *client_creds; new_passwd, &entry); (void) memset(new_passwd, 0, strlen(new_passwd)); - krb5_free_principal(newprinc); - krb5_db_free_principal(&entry, nprincs); + krb5_free_principal(context, newprinc); + krb5_db_free_principal(context, &entry, nprincs); free(composite_name); return(retval); } @@ -536,14 +518,12 @@ krb5_ticket *client_creds; #define MAXMSGSZ 255 krb5_error_code -adm_enter_rnd_pwd_key(DECLARG(char *, cmdname), - DECLARG(krb5_principal, change_princ), - DECLARG(int, req_type), - DECLARG(krb5_db_entry *, entry)) -OLDDECLARG(char *, cmdname) -OLDDECLARG(krb5_principal, change_princ) -OLDDECLARG(int, req_type) -OLDDECLARG(krb5_db_entry *, entry) +adm_enter_rnd_pwd_key(context, cmdname, change_princ, req_type, entry) + krb5_context context; + char * cmdname; + krb5_principal change_princ; + int req_type; + krb5_db_entry * entry; { krb5_error_code retval; krb5_keyblock *tempkey; @@ -555,18 +535,18 @@ OLDDECLARG(krb5_db_entry *, entry) salt.salttype = salttype; entry->salt_type = salttype; - if (retval = krb5_init_random_key(&master_encblock, + if (retval = krb5_init_random_key(context, &master_encblock, &master_keyblock, &master_random)) { com_err("adm_enter_rnd_pwd_key", 0, "Unable to Initialize Random Key"); - (void) krb5_finish_key(&master_encblock); + (void) krb5_finish_key(context, &master_encblock); memset((char *)master_keyblock.contents, 0, master_keyblock.length); krb5_xfree(master_keyblock.contents); goto finish; } /* Get Random Key */ - if (retval = krb5_random_key(&master_encblock, + if (retval = krb5_random_key(context, &master_encblock, master_random, &tempkey)) { com_err("adm_enter_rnd_pwd_key", 0, "Unable to Obtain Random Key"); @@ -574,16 +554,16 @@ OLDDECLARG(krb5_db_entry *, entry) } /* Tie the Random Key to the Principal */ - if (retval = krb5_principal2salt(change_princ, &salt.saltdata)) { + if (retval = krb5_principal2salt(context, change_princ, &salt.saltdata)) { com_err("adm_enter_rnd_pwd_key", 0, "Principal2salt Failure"); goto finish; } - if (retval = krb5_unparse_name(change_princ, &principal_name)) + if (retval = krb5_unparse_name(context, change_princ, &principal_name)) goto finish; /* Modify Database */ - retval = adm_modify_kdb("adm_enter_rnd_pwd_key", + retval = adm_modify_kdb(context, "adm_enter_rnd_pwd_key", principal_name, change_princ, tempkey, @@ -604,7 +584,7 @@ OLDDECLARG(krb5_db_entry *, entry) if (tempkey->contents) { memset((char *) tempkey->contents, 0, tempkey->length); - krb5_free_keyblock(tempkey); + krb5_free_keyblock(context, tempkey); } return(retval); diff --git a/src/kadmin/server/adm_kadmin.c b/src/kadmin/server/adm_kadmin.c index f5b62e04d..a499e557e 100644 --- a/src/kadmin/server/adm_kadmin.c +++ b/src/kadmin/server/adm_kadmin.c @@ -37,12 +37,13 @@ #include "adm_extern.h" krb5_error_code -adm5_kadmin(prog, client_auth_data, client_creds, retbuf, otype) -char *prog; -krb5_authenticator *client_auth_data; -krb5_ticket *client_creds; -char *retbuf; /* Allocated in Calling Routine */ -int *otype; +adm5_kadmin(context, prog, client_auth_data, client_creds, retbuf, otype) + krb5_context context; + char *prog; + krb5_authenticator *client_auth_data; + krb5_ticket *client_creds; + char *retbuf; /* Allocated in Calling Routine */ + int *otype; { krb5_error_code retval; kadmin_requests request_type; @@ -65,7 +66,7 @@ int *otype; retbuf[2] = SENDDATA2; outbuf.length = 3; - retval = krb5_mk_priv(&outbuf, + retval = krb5_mk_priv(context, &outbuf, ETYPE_DES_CBC_CRC, client_creds->enc_part2->session, &client_server_info.server_addr, @@ -82,7 +83,7 @@ int *otype; } /* Send Acknowledgement Reply to Client */ - if (retval = krb5_write_message(&client_server_info.client_socket, + if (retval = krb5_write_message(context, &client_server_info.client_socket, &msg_data)){ free(msg_data.data); syslog(LOG_ERR, @@ -93,13 +94,13 @@ int *otype; free(msg_data.data); /* Read Username */ - if (krb5_read_message(&client_server_info.client_socket, &inbuf)){ + if (krb5_read_message(context, &client_server_info.client_socket, &inbuf)){ syslog(LOG_ERR | LOG_INFO, "Error Performing Username Read"); return(5); /* Protocol Failure */ } /* Decrypt Client Response */ - if ((retval = krb5_rd_priv(&inbuf, + if ((retval = krb5_rd_priv(context, &inbuf, client_creds->enc_part2->session, &client_server_info.client_addr, &client_server_info.server_addr, @@ -168,7 +169,7 @@ int *otype; } *otype = 1; salttype = KRB5_KDB_SALTTYPE_NORMAL; - retval = adm_add_new_key("adm5_kadmin", customer_name, + retval = adm_add_new_key(context, "adm5_kadmin", customer_name, client_creds, salttype); goto process_retval; @@ -181,7 +182,7 @@ int *otype; } *otype = 2; salttype = KRB5_KDB_SALTTYPE_NORMAL; - retval = adm_change_pwd("adm5_kadmin", customer_name, + retval = adm_change_pwd(context, "adm5_kadmin", customer_name, client_creds, salttype); goto process_retval; @@ -193,8 +194,8 @@ int *otype; goto process_retval; } *otype = 3; - retval = adm_add_new_key_rnd("adm5_kadmin", customer_name, - client_creds); + retval = adm_add_new_key_rnd(context, "adm5_kadmin", + customer_name, client_creds); goto process_retval; case CHROPER: @@ -205,8 +206,8 @@ int *otype; goto process_retval; } *otype = 4; - retval = adm_change_pwd_rnd("adm5_kadmin", customer_name, - client_creds); + retval = adm_change_pwd_rnd(context, "adm5_kadmin", + customer_name, client_creds); goto process_retval; case DELOPER: @@ -217,7 +218,7 @@ int *otype; goto process_retval; } *otype = 5; - retval = adm_del_old_key("adm5_kadmin", customer_name); + retval = adm_del_old_key(context, "adm5_kadmin", customer_name); goto process_retval; case MODOPER: @@ -228,7 +229,7 @@ int *otype; goto process_retval; } *otype = 6; - retval = adm_mod_old_key("adm5_kadmin", customer_name, + retval = adm_mod_old_key(context, "adm5_kadmin", customer_name, client_creds); goto process_retval; @@ -240,7 +241,7 @@ int *otype; goto process_retval; } *otype = 7; - retval = adm_inq_old_key("adm5_kadmin", customer_name, + retval = adm_inq_old_key(context, "adm5_kadmin", customer_name, client_creds); goto process_retval; @@ -253,7 +254,7 @@ int *otype; } *otype = 8; salttype = KRB5_KDB_SALTTYPE_V4; - retval = adm_add_new_key("adm5_kadmin", customer_name, + retval = adm_add_new_key(context, "adm5_kadmin", customer_name, client_creds, salttype); goto process_retval; @@ -266,7 +267,7 @@ int *otype; } *otype = 9; salttype = KRB5_KDB_SALTTYPE_V4; - retval = adm_change_pwd("adm5_kadmin", customer_name, + retval = adm_change_pwd(context, "adm5_kadmin", customer_name, client_creds, salttype); goto process_retval; @@ -336,7 +337,7 @@ send_last: outbuf.length = strlen(retbuf) + 1; /* Send Completion Message */ - if (retval = krb5_mk_priv(&outbuf, + if (retval = krb5_mk_priv(context, &outbuf, ETYPE_DES_CBC_CRC, client_creds->enc_part2->session, &client_server_info.server_addr, @@ -351,7 +352,7 @@ send_last: } /* Send Final Reply to Client */ - if (retval = krb5_write_message(&client_server_info.client_socket, + if (retval = krb5_write_message(context, &client_server_info.client_socket, &msg_data)){ free(msg_data.data); syslog(LOG_ERR, "adm5_kadmin - Error Performing Final Write: %s", diff --git a/src/kadmin/server/adm_kpasswd.c b/src/kadmin/server/adm_kpasswd.c index 660d3efe6..ce7b308bf 100644 --- a/src/kadmin/server/adm_kpasswd.c +++ b/src/kadmin/server/adm_kpasswd.c @@ -46,12 +46,13 @@ struct cpw_keyproc_arg { }; krb5_error_code -adm5_kpasswd(prog, request_type, client_creds, retbuf, otype) -char *prog; -kadmin_requests *request_type; -krb5_ticket *client_creds; -char *retbuf; -int *otype; +adm5_kpasswd(context, prog, request_type, client_creds, retbuf, otype) + krb5_context context; + char *prog; + kadmin_requests *request_type; + krb5_ticket *client_creds; + char *retbuf; + int *otype; { char completion_msg[520]; krb5_error_code retval; @@ -61,7 +62,7 @@ int *otype; *otype = 3; syslog(LOG_AUTH | LOG_INFO, "adm_kpasswd: kpasswd change received"); - retval = adm5_change("adm5_kpasswd", + retval = adm5_change(context, "adm5_kpasswd", client_server_info.client, client_creds); diff --git a/src/kadmin/server/adm_listen.c b/src/kadmin/server/adm_listen.c index f0b224bfa..803a64fc2 100644 --- a/src/kadmin/server/adm_listen.c +++ b/src/kadmin/server/adm_listen.c @@ -99,11 +99,12 @@ kill_children() } #endif /* HAVE_SIGSET */ -/* -adm5_listen_and_process - listen on the admin servers port for a request -*/ -adm5_listen_and_process(prog) -const char *prog; +/* adm5_listen_and_process - listen on the admin servers port for a request */ + +int +adm5_listen_and_process(context, prog) + krb5_context context; + const char *prog; { extern int errno; int found; @@ -155,16 +156,16 @@ const char *prog; } if (adm_debug_flag) { - retval = process_client("adm5_listen_and_process"); + retval = process_client(context, "adm5_listen_and_process"); exit(retval); } /* if you want a sep daemon for each server */ - if (!(pid = fork())) { + if (!(pid = fork())) { /* child */ (void) close(client_server_info.server_socket); - retval = process_client("adm5_listen_and_process"); + retval = process_client(context, "adm5_listen_and_process"); exit(retval); } else { /* parent */ diff --git a/src/kadmin/server/adm_nego.c b/src/kadmin/server/adm_nego.c index e763cec6c..a6edff3f2 100644 --- a/src/kadmin/server/adm_nego.c +++ b/src/kadmin/server/adm_nego.c @@ -49,13 +49,11 @@ #include "adm_extern.h" krb5_error_code -adm_negotiate_key(DECLARG(char const *, prog), - DECLARG(krb5_ticket *, client_creds), - DECLARG(char *, new_passwd)) -OLDDECLARG(char const *, prog) -OLDDECLARG(krb5_ticket *, client_creds) -OLDDECLARG(char *, new_passwd) - +adm_negotiate_key(context, prog, client_creds, new_passwd) + krb5_context context; + char const * prog; + krb5_ticket * client_creds; + char * new_passwd; { krb5_data msg_data, inbuf; krb5_error_code retval; @@ -229,7 +227,7 @@ OLDDECLARG(char *, new_passwd) free_phrases(); /* Encrypt Password/Phrases Encoding */ - retval = krb5_mk_priv(encoded_pw_string, + retval = krb5_mk_priv(context, encoded_pw_string, ETYPE_DES_CBC_CRC, client_creds->enc_part2->session, &client_server_info.server_addr, @@ -249,7 +247,7 @@ OLDDECLARG(char *, new_passwd) } /* Send Encrypted/Encoded Passwords and Phrases to Client */ - if (krb5_write_message(&client_server_info.client_socket, &msg_data)){ + if (krb5_write_message(context, &client_server_info.client_socket, &msg_data)){ free(msg_data.data); free_passwds(); free_pwd_and_phrase_structures(); @@ -262,7 +260,7 @@ OLDDECLARG(char *, new_passwd) #endif /* MACH_PASS - Machine-gen. passwords */ /* Read Client Response */ - if (krb5_read_message(&client_server_info.client_socket, &inbuf)){ + if (krb5_read_message(context, &client_server_info.client_socket, &inbuf)){ #if defined(MACH_PASS) || defined(SANDIA) free_passwds(); free_pwd_and_phrase_structures(); @@ -274,7 +272,7 @@ OLDDECLARG(char *, new_passwd) } /* Decrypt Client Response */ - if ((retval = krb5_rd_priv(&inbuf, + if ((retval = krb5_rd_priv(context, &inbuf, client_creds->enc_part2->session, &client_server_info.client_addr, &client_server_info.server_addr, diff --git a/src/kadmin/server/adm_network.c b/src/kadmin/server/adm_network.c index 0deec9f7e..6d31f8b09 100644 --- a/src/kadmin/server/adm_network.c +++ b/src/kadmin/server/adm_network.c @@ -124,8 +124,9 @@ do_child() } krb5_error_code -setup_network(prog) -const char *prog; +setup_network(context, prog) + krb5_context context; + const char *prog; { krb5_error_code retval; char server_host_name[MAXHOSTNAMELEN]; @@ -150,7 +151,7 @@ const char *prog; } - if (retval = krb5_get_default_realm(&lrealm)) { + if (retval = krb5_get_default_realm(context, &lrealm)) { free(client_server_info.name_of_service); com_err( "setup_network", 0, "adm_network: Unable to get Default Realm"); @@ -166,7 +167,7 @@ const char *prog; client_server_info.name_of_service); #endif /* DEBUG */ - if ((retval = krb5_parse_name(client_server_info.name_of_service, + if ((retval = krb5_parse_name(context, client_server_info.name_of_service, &client_server_info.server))) { free(client_server_info.name_of_service); com_err( "setup_network", retval, @@ -176,7 +177,7 @@ const char *prog; if (gethostname(server_host_name, sizeof(server_host_name))) { retval = errno; - krb5_free_principal(client_server_info.server); + krb5_free_principal(context, client_server_info.server); free(client_server_info.name_of_service); com_err( "setup_network", retval, "adm_network: Unable to Identify Who I am"); @@ -214,7 +215,7 @@ const char *prog; service_servent = getservbyname(adm5_tcp_portname, "tcp"); if (!service_servent) { - krb5_free_principal(client_server_info.server); + krb5_free_principal(context, client_server_info.server); free(client_server_info.name_of_service); com_err("setup_network", 0, "adm_network: %s/tcp service unknown", adm5_tcp_portname); @@ -230,7 +231,7 @@ const char *prog; if ((client_server_info.server_socket = socket(AF_INET, SOCK_STREAM, 0)) < 0) { retval = errno; - krb5_free_principal(client_server_info.server); + krb5_free_principal(context, client_server_info.server); free(client_server_info.name_of_service); com_err("setup_network", retval, "adm_network: Cannot create server socket."); @@ -252,7 +253,7 @@ const char *prog; &client_server_info.server_name, sizeof(client_server_info.server_name)) < 0) { retval = errno; - krb5_free_principal(client_server_info.server); + krb5_free_principal(context, client_server_info.server); free(client_server_info.name_of_service); com_err("setup_network", retval, "adm_network: Cannot bind server socket."); diff --git a/src/kadmin/server/adm_process.c b/src/kadmin/server/adm_process.c index 7f0c8e4a6..f92cbc6d9 100644 --- a/src/kadmin/server/adm_process.c +++ b/src/kadmin/server/adm_process.c @@ -45,17 +45,13 @@ struct cpw_keyproc_arg { krb5_keyblock *key; }; -#include <krb5/widen.h> -static krb5_error_code -cpw_keyproc(DECLARG(krb5_pointer, keyprocarg), - DECLARG(krb5_principal, server), - DECLARG(krb5_kvno, key_vno), - DECLARG(krb5_keyblock **, key)) -OLDDECLARG(krb5_pointer, keyprocarg) -OLDDECLARG(krb5_principal, server) -OLDDECLARG(krb5_kvno, key_vno) -OLDDECLARG(krb5_keyblock **, key) -#include <krb5/narrow.h> +krb5_error_code +cpw_keyproc(context, keyprocarg, server, key_vno, key) + krb5_context context; + krb5_pointer keyprocarg; + krb5_principal server; + krb5_kvno key_vno; + krb5_keyblock ** key; { krb5_error_code retval; krb5_db_entry cpw_entry; @@ -71,11 +67,11 @@ OLDDECLARG(krb5_keyblock **, key) arg = ( struct cpw_keyproc_arg *) keyprocarg; if (arg->key) { - retval = krb5_copy_keyblock(arg->key, key); + retval = krb5_copy_keyblock(context, arg->key, key); if (retval) return retval; } else { - if (retval = krb5_parse_name(client_server_info.name_of_service, + if (retval = krb5_parse_name(context, client_server_info.name_of_service, &cpw_krb)) { syslog(LOG_ERR, "cpw_keyproc %d while attempting to parse \"%s\"", @@ -83,7 +79,7 @@ OLDDECLARG(krb5_keyblock **, key) return(retval); } - if (retval = krb5_db_get_principal(cpw_krb, &cpw_entry, + if (retval = krb5_db_get_principal(context, cpw_krb, &cpw_entry, &nprincs, &more)) { syslog(LOG_ERR, "cpw_keyproc %d while extracting %s entry", @@ -95,18 +91,18 @@ OLDDECLARG(krb5_keyblock **, key) if ((realkey = (krb5_keyblock *) calloc (1, sizeof(krb5_keyblock))) == (krb5_keyblock * ) 0) { - krb5_db_free_principal(&cpw_entry, nprincs); + krb5_db_free_principal(context, &cpw_entry, nprincs); syslog(LOG_ERR, "cpw_keyproc: No Memory for server key"); close(client_server_info.client_socket); return(ENOMEM); } /* Extract the real kadmin/<realm> keyblock */ - if (retval = krb5_kdb_decrypt_key( + if (retval = krb5_kdb_decrypt_key(context, &master_encblock, &cpw_entry.key, realkey)) { - krb5_db_free_principal(&cpw_entry, nprincs); + krb5_db_free_principal(context, &cpw_entry, nprincs); free(realkey); syslog(LOG_ERR, "cpw_keyproc: Cannot extract %s from master key", @@ -121,8 +117,9 @@ OLDDECLARG(krb5_keyblock **, key) } krb5_error_code -process_client(prog) -char *prog; +process_client(context, prog) + krb5_context context; + char *prog; { krb5_error_code retval; @@ -161,7 +158,7 @@ char *prog; /* V4 kpasswd Protocol Hack */ /* Read Length of Data */ - retval = krb5_net_read(client_server_info.client_socket, + retval = krb5_net_read(context, client_server_info.client_socket, (char *) &data_len, 2); if (retval < 0) { syslog(LOG_ERR, "kadmind error: net_read Length Failure"); @@ -169,7 +166,7 @@ char *prog; exit(0); } - if (retval = krb5_db_init()) { /* Open as client */ + if (retval = krb5_db_init(context)) { /* Open as client */ syslog(LOG_ERR, "adm_process: Can't Open Database"); close(client_server_info.client_socket); exit(0); @@ -179,7 +176,7 @@ char *prog; * Messages Note: Here client is the kadmin/<realm> server */ number_of_entries = 1; - if ((retval = krb5_db_get_principal(client_server_info.server, + if ((retval = krb5_db_get_principal(context, client_server_info.server, &server_entry, &number_of_entries, &more))) { @@ -190,13 +187,13 @@ char *prog; } if (more) { - krb5_db_free_principal(&server_entry, number_of_entries); + krb5_db_free_principal(context, &server_entry, number_of_entries); syslog(LOG_ERR, "kadmind error: kadmin/<realm> service not unique"); exit(1); } if (number_of_entries != 1) { - krb5_db_free_principal(&server_entry, number_of_entries); + krb5_db_free_principal(context, &server_entry, number_of_entries); syslog(LOG_ERR, "kadmind error: kadmin/<realm> service UNKNOWN"); close(client_server_info.client_socket); exit(0); @@ -204,7 +201,7 @@ char *prog; if ((cpw_key.key = (krb5_keyblock *) calloc (1, sizeof(krb5_keyblock))) == (krb5_keyblock *) 0) { - krb5_db_free_principal(&server_entry, number_of_entries); + krb5_db_free_principal(context, &server_entry, number_of_entries); syslog(LOG_ERR, "kadmind error: No Memory for server key"); close(client_server_info.client_socket); @@ -212,11 +209,11 @@ char *prog; } /* Extract the real kadmin/<realm> keyblock */ - if (retval = krb5_kdb_decrypt_key( + if (retval = krb5_kdb_decrypt_key(context, &master_encblock, &server_entry.key, (krb5_keyblock *) cpw_key.key)) { - krb5_db_free_principal(&server_entry, number_of_entries); + krb5_db_free_principal(context, &server_entry, number_of_entries); free(cpw_key.key); syslog(LOG_ERR, "kadmind error: Cannot extract kadmin/<realm> from master key"); @@ -251,13 +248,13 @@ char *prog; client_server_info.server_addr.contents = (krb5_octet *) &client_server_info.server_name.sin_addr; - krb5_init_ets(); + krb5_init_ets(context); syslog(LOG_AUTH | LOG_INFO, "Request for Administrative Service Received from %s - Authenticating.", inet_ntoa( client_server_info.client_name.sin_addr )); - if ((retval = krb5_recvauth( + if ((retval = krb5_recvauth(context, (krb5_pointer) &client_server_info.client_socket, ADM5_CPW_VERSION, client_server_info.server, @@ -276,10 +273,10 @@ char *prog; error_message(retval)); (void) sprintf(retbuf, "kadmind error during recvauth: %s\n", error_message(retval)); - krb5_free_keyblock(cpw_key.key); + krb5_free_keyblock(context, cpw_key.key); goto finish; } - krb5_free_keyblock(cpw_key.key); + krb5_free_keyblock(context, cpw_key.key); /* Check if ticket was issued using password (and not tgt) * within the last 5 minutes @@ -291,7 +288,7 @@ char *prog; exit(0); } - if (retval = krb5_timeofday(&adm_time)) { + if (retval = krb5_timeofday(context, &adm_time)) { syslog(LOG_ERR, "Can't get time of day"); close(client_server_info.client_socket); exit(0); @@ -312,7 +309,7 @@ char *prog; exit(0); } - if ((retval = krb5_unparse_name(client_server_info.client, + if ((retval = krb5_unparse_name(context, client_server_info.client, &client_server_info.name_of_client))) { syslog(LOG_ERR, "kadmind error: unparse failed.", error_message(retval)); @@ -330,7 +327,7 @@ char *prog; outbuf.length = 2; /* write back the response */ - if ((retval = krb5_write_message(&client_server_info.client_socket, + if ((retval = krb5_write_message(context, &client_server_info.client_socket, &outbuf))){ syslog(LOG_ERR, "kadmind error: Write Message Failure: %s", error_message(retval)); @@ -339,7 +336,7 @@ char *prog; } /* Ok Now let's get the first private message and respond */ - if (retval = krb5_read_message(&client_server_info.client_socket, + if (retval = krb5_read_message(context, &client_server_info.client_socket, &inbuf)){ syslog(LOG_ERR, "kadmind error: read First Message Failure: %s", error_message(retval)); @@ -347,7 +344,7 @@ char *prog; goto finish; } - if ((retval = krb5_rd_priv(&inbuf, + if ((retval = krb5_rd_priv(context, &inbuf, client_creds->enc_part2->session, &client_server_info.client_addr, &client_server_info.server_addr, @@ -370,7 +367,7 @@ char *prog; switch (request_type.appl_code) { case KPASSWD: req_type = "kpasswd"; - if (retval = adm5_kpasswd("process_client", &request_type, + if (retval = adm5_kpasswd(context, "process_client", &request_type, client_creds, retbuf, &otype)) { goto finish; } @@ -378,8 +375,9 @@ char *prog; case KADMIN: req_type = "kadmin"; - if (retval = adm5_kadmin("process_client", client_auth_data, - client_creds, retbuf, &otype)) { + if (retval = adm5_kadmin(context, "process_client", + client_auth_data, client_creds, + retbuf, &otype)) { goto finish; } retbuf[0] = KADMIN; @@ -410,7 +408,7 @@ char *prog; final_msg.length = strlen(retbuf) + 1; /* Send Completion Message */ - if (retval = krb5_mk_priv(&final_msg, + if (retval = krb5_mk_priv(context, &final_msg, ETYPE_DES_CBC_CRC, client_creds->enc_part2->session, &client_server_info.server_addr, @@ -425,7 +423,7 @@ char *prog; } /* Send Final Reply to Client */ - if (retval = krb5_write_message(&client_server_info.client_socket, + if (retval = krb5_write_message(context, &client_server_info.client_socket, &msg_data)){ free(msg_data.data); syslog(LOG_ERR, "Error Performing Final Write: %s", diff --git a/src/kadmin/server/adm_server.c b/src/kadmin/server/adm_server.c index a5a140f64..1757a0b74 100644 --- a/src/kadmin/server/adm_server.c +++ b/src/kadmin/server/adm_server.c @@ -77,30 +77,32 @@ krb5_db_entry master_entry; krb5_flags NEW_ATTRIBUTES; -cleanexit(val) +cleanexit(context, val) + krb5_context context; int val; { - (void) krb5_db_fini(); + (void) krb5_db_fini(context); exit(val); } krb5_error_code -closedown_db() +closedown_db(context) + krb5_context context; { krb5_error_code retval; /* clean up master key stuff */ - retval = krb5_finish_key(&master_encblock); + retval = krb5_finish_key(context, &master_encblock); memset((char *)&master_encblock, 0, sizeof(master_encblock)); memset((char *)tgs_key.contents, 0, tgs_key.length); /* close database */ if (retval) { - (void) krb5_db_fini(); + (void) krb5_db_fini(context); return(retval); } else - return(krb5_db_fini()); + return(krb5_db_fini(context)); } void @@ -114,9 +116,10 @@ char *name; } krb5_error_code -process_args(argc, argv) -int argc; -char **argv; +process_args(context, argc, argv) + krb5_context context; + int argc; + char **argv; { krb5_error_code retval; int c; @@ -162,7 +165,7 @@ char **argv; case 'd': /* put code to deal with alt database place */ dbm_db_name = optarg; - if (retval = krb5_dbm_db_set_name(dbm_db_name)) { + if (retval = krb5_dbm_db_set_name(context, dbm_db_name)) { fprintf(stderr, "opening database %s: %s", dbm_db_name, error_message(retval)); exit(1); @@ -204,7 +207,7 @@ char **argv; if (!db_realm) { /* no realm specified, use default realm */ - if (retval = krb5_get_default_realm(&local_realm)) { + if (retval = krb5_get_default_realm(context, &local_realm)) { com_err(argv[0], retval, "while attempting to retrieve default realm"); exit(1); @@ -221,7 +224,7 @@ char **argv; } /* assemble & parse the master key name */ - if (retval = krb5_db_setup_mkey_name(mkey_name, + if (retval = krb5_db_setup_mkey_name(context, mkey_name, db_realm, (char **) 0, &master_princ)) { @@ -234,9 +237,9 @@ char **argv; "while setting up etype %d", kdc_etype); exit(1); } - krb5_use_cstype(&master_encblock, kdc_etype); + krb5_use_cstype(context, &master_encblock, kdc_etype); - if (retval = krb5_db_fetch_mkey( + if (retval = krb5_db_fetch_mkey(context, master_princ, &master_encblock, manual, @@ -265,11 +268,11 @@ char **argv; } krb5_error_code -init_db(dbname, masterkeyname, masterkeyblock) -char *dbname; -krb5_principal masterkeyname; -krb5_keyblock *masterkeyblock; - +init_db(context, dbname, masterkeyname, masterkeyblock) + krb5_context context; + char *dbname; + krb5_principal masterkeyname; + krb5_keyblock *masterkeyblock; { krb5_error_code retval; @@ -279,14 +282,14 @@ krb5_keyblock *masterkeyblock; char tgs_name[255]; /* set db name if appropriate */ - if (dbname && (retval = krb5_db_set_name(dbname))) + if (dbname && (retval = krb5_db_set_name(context, dbname))) return(retval); /* initialize database */ - if (retval = krb5_db_init()) + if (retval = krb5_db_init(context)) return(retval); - if (retval = krb5_db_verify_master_key(masterkeyname, + if (retval = krb5_db_verify_master_key(context, masterkeyname, masterkeyblock, &master_encblock)) { master_encblock.crypto_entry = 0; @@ -294,9 +297,9 @@ krb5_keyblock *masterkeyblock; } /* do any necessary key pre-processing */ - if (retval = krb5_process_key(&master_encblock, masterkeyblock)) { + if (retval = krb5_process_key(context, &master_encblock, masterkeyblock)) { master_encblock.crypto_entry = 0; - (void) krb5_db_fini(); + (void) krb5_db_fini(context); return(retval); } @@ -304,16 +307,16 @@ krb5_keyblock *masterkeyblock; * fetch the master database entry, and hold on to it. */ number_of_entries = 1; - if (retval = krb5_db_get_principal(masterkeyname, &master_entry, + if (retval = krb5_db_get_principal(context, masterkeyname, &master_entry, &number_of_entries, &more)) { return(retval); } if (number_of_entries != 1) { if (number_of_entries) - krb5_db_free_principal(&master_entry, number_of_entries); + krb5_db_free_principal(context, &master_entry, number_of_entries); return(KRB5_KDB_NOMASTERKEY); } else if (more) { - krb5_db_free_principal(&master_entry, number_of_entries); + krb5_db_free_principal(context, &master_entry, number_of_entries); return(KRB5KDC_ERR_PRINCIPAL_NOT_UNIQUE); } @@ -327,12 +330,12 @@ krb5_keyblock *masterkeyblock; strcat(tgs_name, masterkeyname->realm.data); strcat(tgs_name, "@"); strcat(tgs_name, masterkeyname->realm.data); - krb5_parse_name(tgs_name, &tgs_server); + krb5_parse_name(context, tgs_name, &tgs_server); tgs_server->type = KRB5_NT_SRV_INST; number_of_entries = 1; - if (retval = krb5_db_get_principal( + if (retval = krb5_db_get_principal(context, tgs_server, &server_entry, &number_of_entries, @@ -341,16 +344,16 @@ krb5_keyblock *masterkeyblock; } if (more) { - krb5_db_free_principal(&server_entry, number_of_entries); - (void) krb5_finish_key(&master_encblock); + krb5_db_free_principal(context, &server_entry, number_of_entries); + (void) krb5_finish_key(context, &master_encblock); memset((char *)&master_encblock, 0, sizeof(master_encblock)); - (void) krb5_db_fini(); + (void) krb5_db_fini(context); return(KRB5KDC_ERR_PRINCIPAL_NOT_UNIQUE); } else if (number_of_entries != 1) { - krb5_db_free_principal(&server_entry, number_of_entries); - (void) krb5_finish_key(&master_encblock); + krb5_db_free_principal(context, &server_entry, number_of_entries); + (void) krb5_finish_key(context, &master_encblock); memset((char *)&master_encblock, 0, sizeof(master_encblock)); - (void) krb5_db_fini(); + (void) krb5_db_fini(context); return(KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN); } @@ -358,16 +361,16 @@ krb5_keyblock *masterkeyblock; convert server.key into a real key (it may be encrypted in the database) */ - if (retval = KDB_CONVERT_KEY_OUTOF_DB(&server_entry.key, &tgs_key)) { - krb5_db_free_principal(&server_entry, number_of_entries); - (void) krb5_finish_key(&master_encblock); + if (retval = KDB_CONVERT_KEY_OUTOF_DB(context,&server_entry.key,&tgs_key)) { + krb5_db_free_principal(context, &server_entry, number_of_entries); + (void) krb5_finish_key(context, &master_encblock); memset((char *)&master_encblock, 0, sizeof(master_encblock)); - (void) krb5_db_fini(); + (void) krb5_db_fini(context); return(retval); } tgs_kvno = server_entry.kvno; - krb5_db_free_principal(&server_entry, number_of_entries); + krb5_db_free_principal(context, &server_entry, number_of_entries); return(0); } @@ -441,9 +444,10 @@ kdc_com_err_proc(whoami, code, format, pvar) } void -setup_com_err() +setup_com_err(context) + krb5_context context; { - krb5_init_ets(); + krb5_init_ets(context); (void) set_com_err_hook(kdc_com_err_proc); return; @@ -457,6 +461,7 @@ main(argc, argv) /* adm_server main routine */ int argc; char **argv; { + krb5_context context; krb5_error_code retval; int errout = 0; @@ -466,7 +471,8 @@ char **argv; if (strrchr(argv[0], '/')) argv[0] = (char *)strrchr(argv[0], '/') + 1; - setup_com_err(); + krb5_init_context(&context); + setup_com_err(context); /* Use Syslog for Messages */ #ifndef LOG_AUTH /* 4.2 syslog */ @@ -476,38 +482,36 @@ char **argv; openlog(argv[0], LOG_AUTH|LOG_CONS|LOG_NDELAY|LOG_PID, LOG_LOCAL6); #endif /* LOG_AUTH */ - process_args(argc, argv); /* includes reading master key */ + process_args(context, argc, argv); /* includes reading master key */ setup_signal_handlers(); - if (retval = init_db(dbm_db_name, - master_princ, - &master_keyblock)) { + if (retval = init_db(context, dbm_db_name, master_princ,&master_keyblock)) { com_err(argv[0], retval, "while initializing database"); exit(1); } - if (retval = setup_network(argv[0])) { + if (retval = setup_network(context, argv[0])) { exit(1); } syslog(LOG_AUTH | LOG_INFO, "Admin Server Commencing Operation"); - if (retval = adm5_listen_and_process(argv[0])){ - krb5_free_principal(client_server_info.server); + if (retval = adm5_listen_and_process(context, argv[0])){ + krb5_free_principal(context, client_server_info.server); com_err(argv[0], retval, "while processing network requests"); errout++; } free(client_server_info.name_of_service); - krb5_free_principal(client_server_info.server); + krb5_free_principal(context, client_server_info.server); if (errout = closedown_network(argv[0])) { com_err(argv[0], retval, "while shutting down network"); retval = retval + errout; } - if (errout = closedown_db()) { + if (errout = closedown_db(context)) { com_err(argv[0], retval, "while closing database"); retval = retval + errout; } diff --git a/src/kadmin/server/adm_v4_pwd.c b/src/kadmin/server/adm_v4_pwd.c index 65ccefe5c..09fb66cff 100644 --- a/src/kadmin/server/adm_v4_pwd.c +++ b/src/kadmin/server/adm_v4_pwd.c @@ -249,13 +249,13 @@ struct cpw_keyproc_arg *cpw_key; dlen = htons(dlen); - if (krb5_net_write(client_server_info.client_socket, + if (krb5_net_write(context, client_server_info.client_socket, (char *) &dlen, 2) < 0) { syslog(LOG_ERR, "process_v4_kpasswd: Error writing dlen to client"); (void) close(client_server_info.client_socket); } - if (krb5_net_write(client_server_info.client_socket, + if (krb5_net_write(context, client_server_info.client_socket, (char *) *dat, *dat_len) < 0) { syslog(LOG_ERR, "writing to client: %s",error_message(errno)); (void) close(client_server_info.client_socket); @@ -268,9 +268,10 @@ struct cpw_keyproc_arg *cpw_key; } krb5_kvno -princ_exists(principal, entry) -krb5_principal principal; -krb5_db_entry *entry; +princ_exists(context, principal, entry) + krb5_context context; + krb5_principal principal; + krb5_db_entry *entry; { int nprincs = 1; krb5_boolean more; @@ -278,7 +279,8 @@ krb5_db_entry *entry; krb5_kvno vno; nprincs = 1; - if (retval = krb5_db_get_principal(principal, entry, &nprincs, &more)) { + if (retval = krb5_db_get_principal(context, principal, entry, + &nprincs, &more)) { return 0; } @@ -343,7 +345,7 @@ int *outlen; /* Zero Next Output Entry */ memset((char *) &entry, 0, sizeof(entry)); - if (retval = krb5_parse_name(v5_principal, &entry.principal)) { + if (retval = krb5_parse_name(context, v5_principal, &entry.principal)) { syslog(LOG_ERR, "adm_v4_cpw - Error parsing %s", v5_principal); return(1); @@ -374,7 +376,7 @@ int *outlen; memcpy(v5_keyblock->contents, v4_clear_key, 8); - if (retval = krb5_kdb_encrypt_key(&master_encblock, + if (retval = krb5_kdb_encrypt_key(context, &master_encblock, v5_keyblock, &entry.key)) { syslog(LOG_ERR, @@ -389,7 +391,7 @@ int *outlen; #ifdef SANDIA entry.attributes &= ~KRB5_KDB_REQUIRES_PWCHANGE; #endif - if (retval = krb5_timeofday(&entry.mod_date)) { + if (retval = krb5_timeofday(context, &entry.mod_date)) { syslog(LOG_ERR, "adm_v4_cpw - Error while fetching date"); return(1); } @@ -399,7 +401,7 @@ int *outlen; entry.mod_name = entry.principal; /* Should be Person who did Action */ /* Write the Modified Principal to the V5 Database */ - if (retval = krb5_db_put_principal(&entry, &one)) { + if (retval = krb5_db_put_principal(context, &entry, &one)) { syslog(LOG_ERR, "adm_v4_cpw - Error %d while Entering Principal for '%s'", retval, v5_principal); |