diff options
| author | Greg Hudson <ghudson@mit.edu> | 2009-11-24 23:52:25 +0000 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2009-11-24 23:52:25 +0000 |
| commit | 1db2647c62d10cccadadabacba7224eb565ec042 (patch) | |
| tree | 850eea7750db1c0247652069637ce2df2d94396e /src/plugins/kdb/db2 | |
| parent | b4fef608040800e4927c10146d6d386f97335e06 (diff) | |
Mark and reindent plugins, except for pkinit, which needs a little
cleanup first.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23353 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/plugins/kdb/db2')
| -rw-r--r-- | src/plugins/kdb/db2/adb_openclose.c | 742 | ||||
| -rw-r--r-- | src/plugins/kdb/db2/adb_policy.c | 327 | ||||
| -rw-r--r-- | src/plugins/kdb/db2/db2_exp.c | 297 | ||||
| -rw-r--r-- | src/plugins/kdb/db2/kdb_db2.c | 1261 | ||||
| -rw-r--r-- | src/plugins/kdb/db2/kdb_db2.h | 188 | ||||
| -rw-r--r-- | src/plugins/kdb/db2/kdb_ext.c | 2 | ||||
| -rw-r--r-- | src/plugins/kdb/db2/kdb_xdr.c | 427 | ||||
| -rw-r--r-- | src/plugins/kdb/db2/kdb_xdr.h | 26 | ||||
| -rw-r--r-- | src/plugins/kdb/db2/lockout.c | 2 | ||||
| -rw-r--r-- | src/plugins/kdb/db2/policy_db.h | 87 |
10 files changed, 1644 insertions, 1715 deletions
diff --git a/src/plugins/kdb/db2/adb_openclose.c b/src/plugins/kdb/db2/adb_openclose.c index 58c49328c..5c09a9bb3 100644 --- a/src/plugins/kdb/db2/adb_openclose.c +++ b/src/plugins/kdb/db2/adb_openclose.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 OpenVision Technologies, Inc., All Rights Reserved * @@ -8,409 +9,416 @@ static char *rcsid = "$Header$"; #endif -#include <sys/file.h> -#include <fcntl.h> -#include <unistd.h> +#include <sys/file.h> +#include <fcntl.h> +#include <unistd.h> #include <k5-int.h> -#include "policy_db.h" -#include <stdlib.h> +#include "policy_db.h" +#include <stdlib.h> #include <db.h> #define MAX_LOCK_TRIES 5 struct _locklist { - osa_adb_lock_ent lockinfo; - struct _locklist *next; + osa_adb_lock_ent lockinfo; + struct _locklist *next; }; -krb5_error_code osa_adb_create_db(char *filename, char *lockfilename, - int magic) +krb5_error_code +osa_adb_create_db(char *filename, char *lockfilename, int magic) { - int lf; - DB *db; - BTREEINFO btinfo; - - memset(&btinfo, 0, sizeof(btinfo)); - btinfo.flags = 0; - btinfo.cachesize = 0; - btinfo.psize = 4096; - btinfo.lorder = 0; - btinfo.minkeypage = 0; - btinfo.compare = NULL; - btinfo.prefix = NULL; - db = dbopen(filename, O_RDWR | O_CREAT | O_EXCL, 0600, DB_BTREE, &btinfo); - if (db == NULL) - return errno; - if (db->close(db) < 0) - return errno; - - /* only create the lock file if we successfully created the db */ - lf = THREEPARAMOPEN(lockfilename, O_RDWR | O_CREAT | O_EXCL, 0600); - if (lf == -1) - return errno; - (void) close(lf); - - return OSA_ADB_OK; + int lf; + DB *db; + BTREEINFO btinfo; + + memset(&btinfo, 0, sizeof(btinfo)); + btinfo.flags = 0; + btinfo.cachesize = 0; + btinfo.psize = 4096; + btinfo.lorder = 0; + btinfo.minkeypage = 0; + btinfo.compare = NULL; + btinfo.prefix = NULL; + db = dbopen(filename, O_RDWR | O_CREAT | O_EXCL, 0600, DB_BTREE, &btinfo); + if (db == NULL) + return errno; + if (db->close(db) < 0) + return errno; + + /* only create the lock file if we successfully created the db */ + lf = THREEPARAMOPEN(lockfilename, O_RDWR | O_CREAT | O_EXCL, 0600); + if (lf == -1) + return errno; + (void) close(lf); + + return OSA_ADB_OK; } -krb5_error_code osa_adb_destroy_db(char *filename, char *lockfilename, - int magic) +krb5_error_code +osa_adb_destroy_db(char *filename, char *lockfilename, int magic) { - /* the admin databases do not contain security-critical data */ - if (unlink(filename) < 0 || - unlink(lockfilename) < 0) - return errno; - return OSA_ADB_OK; + /* the admin databases do not contain security-critical data */ + if (unlink(filename) < 0 || + unlink(lockfilename) < 0) + return errno; + return OSA_ADB_OK; } -krb5_error_code osa_adb_rename_db(char *filefrom, char *lockfrom, - char *fileto, char *lockto, int magic) +krb5_error_code +osa_adb_rename_db(char *filefrom, char *lockfrom, char *fileto, char *lockto, + int magic) { - osa_adb_db_t fromdb, todb; - krb5_error_code ret; - - /* make sure todb exists */ - if ((ret = osa_adb_create_db(fileto, lockto, magic)) && - ret != EEXIST) - return ret; - - if ((ret = osa_adb_init_db(&fromdb, filefrom, lockfrom, magic))) - return ret; - if ((ret = osa_adb_init_db(&todb, fileto, lockto, magic))) { - (void) osa_adb_fini_db(fromdb, magic); - return ret; - } - if ((ret = osa_adb_get_lock(fromdb, KRB5_DB_LOCKMODE_PERMANENT))) { - (void) osa_adb_fini_db(fromdb, magic); - (void) osa_adb_fini_db(todb, magic); - return ret; - } - if ((ret = osa_adb_get_lock(todb, KRB5_DB_LOCKMODE_PERMANENT))) { - (void) osa_adb_fini_db(fromdb, magic); - (void) osa_adb_fini_db(todb, magic); - return ret; - } - if ((rename(filefrom, fileto) < 0)) { - (void) osa_adb_fini_db(fromdb, magic); - (void) osa_adb_fini_db(todb, magic); - return errno; - } - /* - * Do not release the lock on fromdb because it is being renamed - * out of existence; no one can ever use it again. - */ - if ((ret = osa_adb_release_lock(todb))) { - (void) osa_adb_fini_db(fromdb, magic); - (void) osa_adb_fini_db(todb, magic); - return ret; - } - - (void) osa_adb_fini_db(fromdb, magic); - (void) osa_adb_fini_db(todb, magic); - return 0; + osa_adb_db_t fromdb, todb; + krb5_error_code ret; + + /* make sure todb exists */ + if ((ret = osa_adb_create_db(fileto, lockto, magic)) && + ret != EEXIST) + return ret; + + if ((ret = osa_adb_init_db(&fromdb, filefrom, lockfrom, magic))) + return ret; + if ((ret = osa_adb_init_db(&todb, fileto, lockto, magic))) { + (void) osa_adb_fini_db(fromdb, magic); + return ret; + } + if ((ret = osa_adb_get_lock(fromdb, KRB5_DB_LOCKMODE_PERMANENT))) { + (void) osa_adb_fini_db(fromdb, magic); + (void) osa_adb_fini_db(todb, magic); + return ret; + } + if ((ret = osa_adb_get_lock(todb, KRB5_DB_LOCKMODE_PERMANENT))) { + (void) osa_adb_fini_db(fromdb, magic); + (void) osa_adb_fini_db(todb, magic); + return ret; + } + if ((rename(filefrom, fileto) < 0)) { + (void) osa_adb_fini_db(fromdb, magic); + (void) osa_adb_fini_db(todb, magic); + return errno; + } + /* + * Do not release the lock on fromdb because it is being renamed + * out of existence; no one can ever use it again. + */ + if ((ret = osa_adb_release_lock(todb))) { + (void) osa_adb_fini_db(fromdb, magic); + (void) osa_adb_fini_db(todb, magic); + return ret; + } + + (void) osa_adb_fini_db(fromdb, magic); + (void) osa_adb_fini_db(todb, magic); + return 0; } -krb5_error_code osa_adb_init_db(osa_adb_db_t *dbp, char *filename, - char *lockfilename, int magic) +krb5_error_code +osa_adb_init_db(osa_adb_db_t *dbp, char *filename, char *lockfilename, + int magic) { - osa_adb_db_t db; - static struct _locklist *locklist = NULL; - struct _locklist *lockp; - krb5_error_code code; - - if (dbp == NULL || filename == NULL) - return EINVAL; - - db = (osa_adb_princ_t) malloc(sizeof(osa_adb_db_ent)); - if (db == NULL) - return ENOMEM; - - memset(db, 0, sizeof(*db)); - db->info.hash = NULL; - db->info.bsize = 256; - db->info.ffactor = 8; - db->info.nelem = 25000; - db->info.lorder = 0; - - db->btinfo.flags = 0; - db->btinfo.cachesize = 0; - db->btinfo.psize = 4096; - db->btinfo.lorder = 0; - db->btinfo.minkeypage = 0; - db->btinfo.compare = NULL; - db->btinfo.prefix = NULL; - /* - * A process is allowed to open the same database multiple times - * and access it via different handles. If the handles use - * distinct lockinfo structures, things get confused: lock(A), - * lock(B), release(B) will result in the kernel unlocking the - * lock file but handle A will still think the file is locked. - * Therefore, all handles using the same lock file must share a - * single lockinfo structure. - * - * It is not sufficient to have a single lockinfo structure, - * however, because a single process may also wish to open - * multiple different databases simultaneously, with different - * lock files. This code used to use a single static lockinfo - * structure, which means that the second database opened used - * the first database's lock file. This was Bad. - * - * We now maintain a linked list of lockinfo structures, keyed by - * lockfilename. An entry is added when this function is called - * with a new lockfilename, and all subsequent calls with that - * lockfilename use the existing entry, updating the refcnt. - * When the database is closed with fini_db(), the refcnt is - * decremented, and when it is zero the lockinfo structure is - * freed and reset. The entry in the linked list, however, is - * never removed; it will just be reinitialized the next time - * init_db is called with the right lockfilename. - */ - - /* find or create the lockinfo structure for lockfilename */ - lockp = locklist; - while (lockp) { - if (strcmp(lockp->lockinfo.filename, lockfilename) == 0) - break; - else - lockp = lockp->next; - } - if (lockp == NULL) { - /* doesn't exist, create it, add to list */ - lockp = (struct _locklist *) malloc(sizeof(*lockp)); - if (lockp == NULL) { - free(db); - return ENOMEM; - } - memset(lockp, 0, sizeof(*lockp)); - lockp->next = locklist; - locklist = lockp; - } - - /* now initialize lockp->lockinfo if necessary */ - if (lockp->lockinfo.lockfile == NULL) { - if ((code = krb5int_init_context_kdc(&lockp->lockinfo.context))) { - free(db); - return((krb5_error_code) code); - } - - /* - * needs be open read/write so that write locking can work with - * POSIX systems - */ - lockp->lockinfo.filename = strdup(lockfilename); - if ((lockp->lockinfo.lockfile = fopen(lockfilename, "r+")) == NULL) { - /* - * maybe someone took away write permission so we could only - * get shared locks? - */ - if ((lockp->lockinfo.lockfile = fopen(lockfilename, "r")) - == NULL) { - free(db); - return OSA_ADB_NOLOCKFILE; - } - } - set_cloexec_file(lockp->lockinfo.lockfile); - lockp->lockinfo.lockmode = lockp->lockinfo.lockcnt = 0; - } - - /* lockp is set, lockinfo is initialized, update the reference count */ - db->lock = &lockp->lockinfo; - db->lock->refcnt++; - - db->opencnt = 0; - db->filename = strdup(filename); - db->magic = magic; - - *dbp = db; - - return OSA_ADB_OK; + osa_adb_db_t db; + static struct _locklist *locklist = NULL; + struct _locklist *lockp; + krb5_error_code code; + + if (dbp == NULL || filename == NULL) + return EINVAL; + + db = (osa_adb_princ_t) malloc(sizeof(osa_adb_db_ent)); + if (db == NULL) + return ENOMEM; + + memset(db, 0, sizeof(*db)); + db->info.hash = NULL; + db->info.bsize = 256; + db->info.ffactor = 8; + db->info.nelem = 25000; + db->info.lorder = 0; + + db->btinfo.flags = 0; + db->btinfo.cachesize = 0; + db->btinfo.psize = 4096; + db->btinfo.lorder = 0; + db->btinfo.minkeypage = 0; + db->btinfo.compare = NULL; + db->btinfo.prefix = NULL; + /* + * A process is allowed to open the same database multiple times + * and access it via different handles. If the handles use + * distinct lockinfo structures, things get confused: lock(A), + * lock(B), release(B) will result in the kernel unlocking the + * lock file but handle A will still think the file is locked. + * Therefore, all handles using the same lock file must share a + * single lockinfo structure. + * + * It is not sufficient to have a single lockinfo structure, + * however, because a single process may also wish to open + * multiple different databases simultaneously, with different + * lock files. This code used to use a single static lockinfo + * structure, which means that the second database opened used + * the first database's lock file. This was Bad. + * + * We now maintain a linked list of lockinfo structures, keyed by + * lockfilename. An entry is added when this function is called + * with a new lockfilename, and all subsequent calls with that + * lockfilename use the existing entry, updating the refcnt. + * When the database is closed with fini_db(), the refcnt is + * decremented, and when it is zero the lockinfo structure is + * freed and reset. The entry in the linked list, however, is + * never removed; it will just be reinitialized the next time + * init_db is called with the right lockfilename. + */ + + /* find or create the lockinfo structure for lockfilename */ + lockp = locklist; + while (lockp) { + if (strcmp(lockp->lockinfo.filename, lockfilename) == 0) + break; + else + lockp = lockp->next; + } + if (lockp == NULL) { + /* doesn't exist, create it, add to list */ + lockp = (struct _locklist *) malloc(sizeof(*lockp)); + if (lockp == NULL) { + free(db); + return ENOMEM; + } + memset(lockp, 0, sizeof(*lockp)); + lockp->next = locklist; + locklist = lockp; + } + + /* now initialize lockp->lockinfo if necessary */ + if (lockp->lockinfo.lockfile == NULL) { + if ((code = krb5int_init_context_kdc(&lockp->lockinfo.context))) { + free(db); + return((krb5_error_code) code); + } + + /* + * needs be open read/write so that write locking can work with + * POSIX systems + */ + lockp->lockinfo.filename = strdup(lockfilename); + if ((lockp->lockinfo.lockfile = fopen(lockfilename, "r+")) == NULL) { + /* + * maybe someone took away write permission so we could only + * get shared locks? + */ + if ((lockp->lockinfo.lockfile = fopen(lockfilename, "r")) + == NULL) { + free(db); + return OSA_ADB_NOLOCKFILE; + } + } + set_cloexec_file(lockp->lockinfo.lockfile); + lockp->lockinfo.lockmode = lockp->lockinfo.lockcnt = 0; + } + + /* lockp is set, lockinfo is initialized, update the reference count */ + db->lock = &lockp->lockinfo; + db->lock->refcnt++; + + db->opencnt = 0; + db->filename = strdup(filename); + db->magic = magic; + + *dbp = db; + + return OSA_ADB_OK; } -krb5_error_code osa_adb_fini_db(osa_adb_db_t db, int magic) +krb5_error_code +osa_adb_fini_db(osa_adb_db_t db, int magic) { - if (db->magic != magic) - return EINVAL; - if (db->lock->refcnt == 0) { - /* barry says this can't happen */ - return OSA_ADB_FAILURE; - } else { - db->lock->refcnt--; - } - - if (db->lock->refcnt == 0) { - /* - * Don't free db->lock->filename, it is used as a key to - * find the lockinfo entry in the linked list. If the - * lockfile doesn't exist, we must be closing the database - * after trashing it. This has to be allowed, so don't - * generate an error. - */ - if (db->lock->lockmode != KRB5_DB_LOCKMODE_PERMANENT) - (void) fclose(db->lock->lockfile); - db->lock->lockfile = NULL; - krb5_free_context(db->lock->context); - } - - db->magic = 0; - free(db->filename); - free(db); - return OSA_ADB_OK; + if (db->magic != magic) + return EINVAL; + if (db->lock->refcnt == 0) { + /* barry says this can't happen */ + return OSA_ADB_FAILURE; + } else { + db->lock->refcnt--; + } + + if (db->lock->refcnt == 0) { + /* + * Don't free db->lock->filename, it is used as a key to + * find the lockinfo entry in the linked list. If the + * lockfile doesn't exist, we must be closing the database + * after trashing it. This has to be allowed, so don't + * generate an error. + */ + if (db->lock->lockmode != KRB5_DB_LOCKMODE_PERMANENT) + (void) fclose(db->lock->lockfile); + db->lock->lockfile = NULL; + krb5_free_context(db->lock->context); + } + + db->magic = 0; + free(db->filename); + free(db); + return OSA_ADB_OK; } -krb5_error_code osa_adb_get_lock(osa_adb_db_t db, int mode) +krb5_error_code +osa_adb_get_lock(osa_adb_db_t db, int mode) { - int tries, gotlock, perm, krb5_mode, ret = 0; - - if (db->lock->lockmode >= mode) { - /* No need to upgrade lock, just incr refcnt and return */ - db->lock->lockcnt++; - return(OSA_ADB_OK); - } - - perm = 0; - switch (mode) { - case KRB5_DB_LOCKMODE_PERMANENT: - perm = 1; - case KRB5_DB_LOCKMODE_EXCLUSIVE: - krb5_mode = KRB5_LOCKMODE_EXCLUSIVE; - break; - case KRB5_DB_LOCKMODE_SHARED: - krb5_mode = KRB5_LOCKMODE_SHARED; - break; - default: - return(EINVAL); - } - - for (gotlock = tries = 0; tries < MAX_LOCK_TRIES; tries++) { - if ((ret = krb5_lock_file(db->lock->context, - fileno(db->lock->lockfile), - krb5_mode|KRB5_LOCKMODE_DONTBLOCK)) == 0) { - gotlock++; - break; - } else if (ret == EBADF && mode == KRB5_DB_LOCKMODE_EXCLUSIVE) - /* tried to exclusive-lock something we don't have */ - /* write access to */ - return OSA_ADB_NOEXCL_PERM; - - sleep(1); - } - - /* test for all the likely "can't get lock" error codes */ - if (ret == EACCES || ret == EAGAIN || ret == EWOULDBLOCK) - return OSA_ADB_CANTLOCK_DB; - else if (ret != 0) - return ret; - - /* - * If the file no longer exists, someone acquired a permanent - * lock. If that process terminates its exclusive lock is lost, - * but if we already had the file open we can (probably) lock it - * even though it has been unlinked. So we need to insist that - * it exist. - */ - if (access(db->lock->filename, F_OK) < 0) { - (void) krb5_lock_file(db->lock->context, - fileno(db->lock->lockfile), - KRB5_LOCKMODE_UNLOCK); - return OSA_ADB_NOLOCKFILE; - } - - /* we have the shared/exclusive lock */ - - if (perm) { - if (unlink(db->lock->filename) < 0) { - /* somehow we can't delete the file, but we already */ - /* have the lock, so release it and return */ - - ret = errno; - (void) krb5_lock_file(db->lock->context, - fileno(db->lock->lockfile), - KRB5_LOCKMODE_UNLOCK); - - /* maybe we should return CANTLOCK_DB.. but that would */ - /* look just like the db was already locked */ - return ret; - } - - /* this releases our exclusive lock.. which is okay because */ - /* now no one else can get one either */ - (void) fclose(db->lock->lockfile); - } - - db->lock->lockmode = mode; - db->lock->lockcnt++; - return OSA_ADB_OK; + int tries, gotlock, perm, krb5_mode, ret = 0; + + if (db->lock->lockmode >= mode) { + /* No need to upgrade lock, just incr refcnt and return */ + db->lock->lockcnt++; + return(OSA_ADB_OK); + } + + perm = 0; + switch (mode) { + case KRB5_DB_LOCKMODE_PERMANENT: + perm = 1; + case KRB5_DB_LOCKMODE_EXCLUSIVE: + krb5_mode = KRB5_LOCKMODE_EXCLUSIVE; + break; + case KRB5_DB_LOCKMODE_SHARED: + krb5_mode = KRB5_LOCKMODE_SHARED; + break; + default: + return(EINVAL); + } + + for (gotlock = tries = 0; tries < MAX_LOCK_TRIES; tries++) { + if ((ret = krb5_lock_file(db->lock->context, + fileno(db->lock->lockfile), + krb5_mode|KRB5_LOCKMODE_DONTBLOCK)) == 0) { + gotlock++; + break; + } else if (ret == EBADF && mode == KRB5_DB_LOCKMODE_EXCLUSIVE) + /* tried to exclusive-lock something we don't have */ + /* write access to */ + return OSA_ADB_NOEXCL_PERM; + + sleep(1); + } + + /* test for all the likely "can't get lock" error codes */ + if (ret == EACCES || ret == EAGAIN || ret == EWOULDBLOCK) + return OSA_ADB_CANTLOCK_DB; + else if (ret != 0) + return ret; + + /* + * If the file no longer exists, someone acquired a permanent + * lock. If that process terminates its exclusive lock is lost, + * but if we already had the file open we can (probably) lock it + * even though it has been unlinked. So we need to insist that + * it exist. + */ + if (access(db->lock->filename, F_OK) < 0) { + (void) krb5_lock_file(db->lock->context, + fileno(db->lock->lockfile), + KRB5_LOCKMODE_UNLOCK); + return OSA_ADB_NOLOCKFILE; + } + + /* we have the shared/exclusive lock */ + + if (perm) { + if (unlink(db->lock->filename) < 0) { + /* somehow we can't delete the file, but we already */ + /* have the lock, so release it and return */ + + ret = errno; + (void) krb5_lock_file(db->lock->context, + fileno(db->lock->lockfile), + KRB5_LOCKMODE_UNLOCK); + + /* maybe we should return CANTLOCK_DB.. but that would */ + /* look just like the db was already locked */ + return ret; + } + + /* this releases our exclusive lock.. which is okay because */ + /* now no one else can get one either */ + (void) fclose(db->lock->lockfile); + } + + db->lock->lockmode = mode; + db->lock->lockcnt++; + return OSA_ADB_OK; } -krb5_error_code osa_adb_release_lock(osa_adb_db_t db) +krb5_error_code +osa_adb_release_lock(osa_adb_db_t db) { - int ret, fd; - - if (!db->lock->lockcnt) /* lock already unlocked */ - return OSA_ADB_NOTLOCKED; - - if (--db->lock->lockcnt == 0) { - if (db->lock->lockmode == KRB5_DB_LOCKMODE_PERMANENT) { - /* now we need to create the file since it does not exist */ - fd = THREEPARAMOPEN(db->lock->filename,O_RDWR | O_CREAT | O_EXCL, - 0600); - if (fd < 0) - return OSA_ADB_NOLOCKFILE; - set_cloexec_fd(fd); - if ((db->lock->lockfile = fdopen(fd, "w+")) == NULL) - return OSA_ADB_NOLOCKFILE; - } else if ((ret = krb5_lock_file(db->lock->context, - fileno(db->lock->lockfile), - KRB5_LOCKMODE_UNLOCK))) - return ret; - - db->lock->lockmode = 0; - } - return OSA_ADB_OK; + int ret, fd; + + if (!db->lock->lockcnt) /* lock already unlocked */ + return OSA_ADB_NOTLOCKED; + + if (--db->lock->lockcnt == 0) { + if (db->lock->lockmode == KRB5_DB_LOCKMODE_PERMANENT) { + /* now we need to create the file since it does not exist */ + fd = THREEPARAMOPEN(db->lock->filename,O_RDWR | O_CREAT | O_EXCL, + 0600); + if (fd < 0) + return OSA_ADB_NOLOCKFILE; + set_cloexec_fd(fd); + if ((db->lock->lockfile = fdopen(fd, "w+")) == NULL) + return OSA_ADB_NOLOCKFILE; + } else if ((ret = krb5_lock_file(db->lock->context, + fileno(db->lock->lockfile), + KRB5_LOCKMODE_UNLOCK))) + return ret; + + db->lock->lockmode = 0; + } + return OSA_ADB_OK; } -krb5_error_code osa_adb_open_and_lock(osa_adb_princ_t db, int locktype) +krb5_error_code +osa_adb_open_and_lock(osa_adb_princ_t db, int locktype) { - int ret; - - ret = osa_adb_get_lock(db, locktype); - if (ret != OSA_ADB_OK) - return ret; - if (db->opencnt) - goto open_ok; - - db->db = dbopen(db->filename, O_RDWR, 0600, DB_BTREE, &db->btinfo); - if (db->db != NULL) - goto open_ok; - switch (errno) { + int ret; + + ret = osa_adb_get_lock(db, locktype); + if (ret != OSA_ADB_OK) + return ret; + if (db->opencnt) + goto open_ok; + + db->db = dbopen(db->filename, O_RDWR, 0600, DB_BTREE, &db->btinfo); + if (db->db != NULL) + goto open_ok; + switch (errno) { #ifdef EFTYPE - case EFTYPE: + case EFTYPE: #endif - case EINVAL: - db->db = dbopen(db->filename, O_RDWR, 0600, DB_HASH, &db->info); - if (db->db != NULL) - goto open_ok; - default: - (void) osa_adb_release_lock(db); - if (errno == EINVAL) - return OSA_ADB_BAD_DB; - return errno; - } + case EINVAL: + db->db = dbopen(db->filename, O_RDWR, 0600, DB_HASH, &db->info); + if (db->db != NULL) + goto open_ok; + default: + (void) osa_adb_release_lock(db); + if (errno == EINVAL) + return OSA_ADB_BAD_DB; + return errno; + } open_ok: - db->opencnt++; - return OSA_ADB_OK; + db->opencnt++; + return OSA_ADB_OK; } -krb5_error_code osa_adb_close_and_unlock(osa_adb_princ_t db) +krb5_error_code +osa_adb_close_and_unlock(osa_adb_princ_t db) { - if (--db->opencnt) - return osa_adb_release_lock(db); - if(db->db != NULL && db->db->close(db->db) == -1) { - (void) osa_adb_release_lock(db); - return OSA_ADB_FAILURE; - } + if (--db->opencnt) + return osa_adb_release_lock(db); + if(db->db != NULL && db->db->close(db->db) == -1) { + (void) osa_adb_release_lock(db); + return OSA_ADB_FAILURE; + } - db->db = NULL; + db->db = NULL; - return(osa_adb_release_lock(db)); + return(osa_adb_release_lock(db)); } diff --git a/src/plugins/kdb/db2/adb_policy.c b/src/plugins/kdb/db2/adb_policy.c index d585c0852..2b6c1214f 100644 --- a/src/plugins/kdb/db2/adb_policy.c +++ b/src/plugins/kdb/db2/adb_policy.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 OpenVision Technologies, Inc., All Rights Reserved * @@ -8,30 +9,30 @@ static char *rcsid = "$Header$"; #endif -#include <sys/file.h> -#include <fcntl.h> -#include "policy_db.h" -#include <stdlib.h> -#include <string.h> +#include <sys/file.h> +#include <fcntl.h> +#include "policy_db.h" +#include <stdlib.h> +#include <string.h> #include <errno.h> -#define OPENLOCK(db, mode) \ -{ \ - int olret; \ - if (db == NULL) \ - return EINVAL; \ - else if (db->magic != OSA_ADB_POLICY_DB_MAGIC) \ - return OSA_ADB_DBINIT; \ - else if ((olret = osa_adb_open_and_lock(db, mode)) != OSA_ADB_OK) \ - return olret; \ - } - -#define CLOSELOCK(db) \ -{ \ - int cl_ret; \ - if ((cl_ret = osa_adb_close_and_unlock(db)) != OSA_ADB_OK) \ - return cl_ret; \ -} +#define OPENLOCK(db, mode) \ + { \ + int olret; \ + if (db == NULL) \ + return EINVAL; \ + else if (db->magic != OSA_ADB_POLICY_DB_MAGIC) \ + return OSA_ADB_DBINIT; \ + else if ((olret = osa_adb_open_and_lock(db, mode)) != OSA_ADB_OK) \ + return olret; \ + } + +#define CLOSELOCK(db) \ + { \ + int cl_ret; \ + if ((cl_ret = osa_adb_close_and_unlock(db)) != OSA_ADB_OK) \ + return cl_ret; \ + } /* @@ -40,66 +41,66 @@ static char *rcsid = "$Header$"; * Purpose: create a policy entry in the policy db. * * Arguments: - * entry (input) pointer to the entry to be added - * <return value> OSA_ADB_OK on success, else error code. + * entry (input) pointer to the entry to be added + * <return value> OSA_ADB_OK on success, else error code. * * Requires: - * entry have a valid name. + * entry have a valid name. * * Effects: - * creates the entry in the db + * creates the entry in the db * * Modifies: - * the policy db. + * the policy db. * */ krb5_error_code osa_adb_create_policy(osa_adb_policy_t db, osa_policy_ent_t entry) { - DBT dbkey; - DBT dbdata; - XDR xdrs; - int ret; + DBT dbkey; + DBT dbdata; + XDR xdrs; + int ret; OPENLOCK(db, KRB5_DB_LOCKMODE_EXCLUSIVE); if(entry->name == NULL) { - ret = EINVAL; - goto error; + ret = EINVAL; + goto error; } dbkey.data = entry->name; dbkey.size = (strlen(entry->name) + 1); switch(db->db->get(db->db, &dbkey, &dbdata, 0)) { case 0: - ret = OSA_ADB_DUP; - goto error; + ret = OSA_ADB_DUP; + goto error; case 1: - break; + break; default: - ret = errno; - goto error; + ret = errno; + goto error; } xdralloc_create(&xdrs, XDR_ENCODE); if(!xdr_osa_policy_ent_rec(&xdrs, entry)) { - xdr_destroy(&xdrs); - ret = OSA_ADB_XDR_FAILURE; - goto error; + xdr_destroy(&xdrs); + ret = OSA_ADB_XDR_FAILURE; + goto error; } dbdata.data = xdralloc_getdata(&xdrs); dbdata.size = xdr_getpos(&xdrs); switch(db->db->put(db->db, &dbkey, &dbdata, R_NOOVERWRITE)) { case 0: - if((db->db->sync(db->db, 0)) == -1) - ret = OSA_ADB_FAILURE; - ret = OSA_ADB_OK; - break; + if((db->db->sync(db->db, 0)) == -1) + ret = OSA_ADB_FAILURE; + ret = OSA_ADB_OK; + break; case 1: - ret = OSA_ADB_DUP; - break; + ret = OSA_ADB_DUP; + break; default: - ret = OSA_ADB_FAILURE; - break; + ret = OSA_ADB_FAILURE; + break; } xdr_destroy(&xdrs); @@ -114,31 +115,31 @@ error: * Purpose: destroy a policy entry * * Arguments: - * db (input) database handle - * name (input) name of policy - * <return value> OSA_ADB_OK on success, or error code. + * db (input) database handle + * name (input) name of policy + * <return value> OSA_ADB_OK on success, or error code. * * Requires: - * db being valid. - * name being non-null. + * db being valid. + * name being non-null. * Effects: - * deletes policy from db. + * deletes policy from db. * * Modifies: - * policy db. + * policy db. * */ krb5_error_code osa_adb_destroy_policy(osa_adb_policy_t db, char *name) { - DBT dbkey; - int status, ret; + DBT dbkey; + int status, ret; OPENLOCK(db, KRB5_DB_LOCKMODE_EXCLUSIVE); if(name == NULL) { - ret = EINVAL; - goto error; + ret = EINVAL; + goto error; } dbkey.data = name; dbkey.size = (strlen(name) + 1); @@ -146,18 +147,18 @@ osa_adb_destroy_policy(osa_adb_policy_t db, char *name) status = db->db->del(db->db, &dbkey, 0); switch(status) { case 1: - ret = OSA_ADB_NOENT; - goto error; + ret = OSA_ADB_NOENT; + goto error; case 0: - if ((db->db->sync(db->db, 0)) == -1) { - ret = OSA_ADB_FAILURE; - goto error; - } - ret = OSA_ADB_OK; - break; + if ((db->db->sync(db->db, 0)) == -1) { + ret = OSA_ADB_FAILURE; + goto error; + } + ret = OSA_ADB_OK; + break; default: - ret = OSA_ADB_FAILURE; - goto error; + ret = OSA_ADB_FAILURE; + goto error; } error: @@ -171,11 +172,11 @@ error: * Purpose: retrieve policy * * Arguments: - * db (input) db handle - * name (input) name of policy - * entry (output) policy entry + * db (input) db handle + * name (input) name of policy + * entry (output) policy entry * cnt (inout) Number of entries - * <return value> 0 on success, error code on failure. + * <return value> 0 on success, error code on failure. * * Requires: * Effects: @@ -183,21 +184,21 @@ error: */ krb5_error_code osa_adb_get_policy(osa_adb_policy_t db, char *name, - osa_policy_ent_t *entry, int *cnt) + osa_policy_ent_t *entry, int *cnt) { - DBT dbkey; - DBT dbdata; - XDR xdrs; - int ret; - char *aligned_data; + DBT dbkey; + DBT dbdata; + XDR xdrs; + int ret; + char *aligned_data; OPENLOCK(db, KRB5_DB_LOCKMODE_SHARED); *cnt = 1; if(name == NULL) { - ret = EINVAL; - goto error; + ret = EINVAL; + goto error; } dbkey.data = name; dbkey.size = (strlen(dbkey.data) + 1); @@ -205,28 +206,28 @@ osa_adb_get_policy(osa_adb_policy_t db, char *name, dbdata.size = 0; switch((db->db->get(db->db, &dbkey, &dbdata, 0))) { case 1: - ret = 0; - *cnt = 0; - goto error; + ret = 0; + *cnt = 0; + goto error; case 0: - break; + break; default: - ret = OSA_ADB_FAILURE; - goto error; + ret = OSA_ADB_FAILURE; + goto error; } if (!(*(entry) = (osa_policy_ent_t)malloc(sizeof(osa_policy_ent_rec)))) { - ret = ENOMEM; - goto error; + ret = ENOMEM; + goto error; } if (!(aligned_data = (char *) malloc(dbdata.size))) { - ret = ENOMEM; - goto error; + ret = ENOMEM; + goto error; } memcpy(aligned_data, dbdata.data, dbdata.size); memset(*entry, 0, sizeof(osa_policy_ent_rec)); xdrmem_create(&xdrs, aligned_data, dbdata.size, XDR_DECODE); if (!xdr_osa_policy_ent_rec(&xdrs, *entry)) - ret = OSA_ADB_FAILURE; + ret = OSA_ADB_FAILURE; else ret = OSA_ADB_OK; xdr_destroy(&xdrs); free(aligned_data); @@ -242,64 +243,64 @@ error: * Purpose: update a policy in the dababase * * Arguments: - * db (input) db handle - * entry (input) policy entry - * <return value> 0 on success error code on failure. + * db (input) db handle + * entry (input) policy entry + * <return value> 0 on success error code on failure. * * Requires: - * [requires] + * [requires] * * Effects: - * [effects] + * [effects] * * Modifies: - * [modifies] + * [modifies] * */ krb5_error_code osa_adb_put_policy(osa_adb_policy_t db, osa_policy_ent_t entry) { - DBT dbkey; - DBT dbdata; - DBT tmpdb; - XDR xdrs; - int ret; + DBT dbkey; + DBT dbdata; + DBT tmpdb; + XDR xdrs; + int ret; OPENLOCK(db, KRB5_DB_LOCKMODE_EXCLUSIVE); if(entry->name == NULL) { - ret = EINVAL; - goto error; + ret = EINVAL; + goto error; } dbkey.data = entry->name; dbkey.size = (strlen(entry->name) + 1); switch(db->db->get(db->db, &dbkey, &tmpdb, 0)) { case 0: - break; + break; case 1: - ret = OSA_ADB_NOENT; - goto error; + ret = OSA_ADB_NOENT; + goto error; default: - ret = OSA_ADB_FAILURE; - goto error; + ret = OSA_ADB_FAILURE; + goto error; } xdralloc_create(&xdrs, XDR_ENCODE); if(!xdr_osa_policy_ent_rec(&xdrs, entry)) { - xdr_destroy(&xdrs); - ret = OSA_ADB_XDR_FAILURE; - goto error; + xdr_destroy(&xdrs); + ret = OSA_ADB_XDR_FAILURE; + goto error; } dbdata.data = xdralloc_getdata(&xdrs); dbdata.size = xdr_getpos(&xdrs); switch(db->db->put(db->db, &dbkey, &dbdata, 0)) { case 0: - if((db->db->sync(db->db, 0)) == -1) - ret = OSA_ADB_FAILURE; - ret = OSA_ADB_OK; - break; + if((db->db->sync(db->db, 0)) == -1) + ret = OSA_ADB_FAILURE; + ret = OSA_ADB_OK; + break; default: - ret = OSA_ADB_FAILURE; - break; + ret = OSA_ADB_FAILURE; + break; } xdr_destroy(&xdrs); @@ -314,10 +315,10 @@ error: * Purpose: iterate over the policy database. * * Arguments: - * db (input) db handle - * func (input) fucntion pointer to call - * data opaque data type - * <return value> 0 on success error code on failure + * db (input) db handle + * func (input) fucntion pointer to call + * data opaque data type + * <return value> 0 on success error code on failure * * Requires: * Effects: @@ -325,51 +326,51 @@ error: */ krb5_error_code osa_adb_iter_policy(osa_adb_policy_t db, osa_adb_iter_policy_func func, - void *data) + void *data) { - DBT dbkey, - dbdata; - XDR xdrs; - int ret; - osa_policy_ent_t entry; - char *aligned_data; + DBT dbkey, + dbdata; + XDR xdrs; + int ret; + osa_policy_ent_t entry; + char *aligned_data; OPENLOCK(db, KRB5_DB_LOCKMODE_EXCLUSIVE); /* hmmm */ if((ret = db->db->seq(db->db, &dbkey, &dbdata, R_FIRST)) == -1) { - ret = errno; - goto error; + ret = errno; + goto error; } while (ret == 0) { - if (!(entry = (osa_policy_ent_t) malloc(sizeof(osa_policy_ent_rec)))) { - ret = ENOMEM; - goto error; - } - - if(!(aligned_data = (char *) malloc(dbdata.size))) { - ret = ENOMEM; - goto error; - } - memcpy(aligned_data, dbdata.data, dbdata.size); - - memset(entry, 0, sizeof(osa_policy_ent_rec)); - xdrmem_create(&xdrs, aligned_data, dbdata.size, XDR_DECODE); - if(!xdr_osa_policy_ent_rec(&xdrs, entry)) { - xdr_destroy(&xdrs); - free(aligned_data); - osa_free_policy_ent(entry); - ret = OSA_ADB_FAILURE; - goto error; - } - (*func)(data, entry); - xdr_destroy(&xdrs); - free(aligned_data); - osa_free_policy_ent(entry); - ret = db->db->seq(db->db, &dbkey, &dbdata, R_NEXT); + if (!(entry = (osa_policy_ent_t) malloc(sizeof(osa_policy_ent_rec)))) { + ret = ENOMEM; + goto error; + } + + if(!(aligned_data = (char *) malloc(dbdata.size))) { + ret = ENOMEM; + goto error; + } + memcpy(aligned_data, dbdata.data, dbdata.size); + + memset(entry, 0, sizeof(osa_policy_ent_rec)); + xdrmem_create(&xdrs, aligned_data, dbdata.size, XDR_DECODE); + if(!xdr_osa_policy_ent_rec(&xdrs, entry)) { + xdr_destroy(&xdrs); + free(aligned_data); + osa_free_policy_ent(entry); + ret = OSA_ADB_FAILURE; + goto error; + } + (*func)(data, entry); + xdr_destroy(&xdrs); + free(aligned_data); + osa_free_policy_ent(entry); + ret = db->db->seq(db->db, &dbkey, &dbdata, R_NEXT); } if(ret == -1) - ret = errno; + ret = errno; else ret = OSA_ADB_OK; error: @@ -380,11 +381,11 @@ error: void osa_free_policy_ent(osa_policy_ent_t val) { - XDR xdrs; + XDR xdrs; - xdrmem_create(&xdrs, NULL, 0, XDR_FREE); + xdrmem_create(&xdrs, NULL, 0, XDR_FREE); - xdr_osa_policy_ent_rec(&xdrs, val); + xdr_osa_policy_ent_rec(&xdrs, val); - free(val); + free(val); } diff --git a/src/plugins/kdb/db2/db2_exp.c b/src/plugins/kdb/db2/db2_exp.c index 356f6dfca..f96c1a4dd 100644 --- a/src/plugins/kdb/db2/db2_exp.c +++ b/src/plugins/kdb/db2/db2_exp.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 2006 by the Massachusetts Institute of Technology. * All Rights Reserved. @@ -23,14 +24,14 @@ */ /********************************************************************** -* -* C %name: db2_exp.c % -* Instance: idc_sec_2 -* Description: -* %created_by: spradeep % -* %date_created: Tue Apr 5 11:44:00 2005 % -* -**********************************************************************/ + * + * C %name: db2_exp.c % + * Instance: idc_sec_2 + * Description: + * %created_by: spradeep % + * %date_created: Tue Apr 5 11:44:00 2005 % + * + **********************************************************************/ #ifndef lint static char *_csrc = "@(#) %filespec: db2_exp.c~5 % (%full_filespec: db2_exp.c~5:csrc:idc_sec#2 %)"; #endif @@ -61,148 +62,148 @@ static char *_csrc = "@(#) %filespec: db2_exp.c~5 % (%full_filespec: db2_exp.c~ k5_mutex_t *krb5_db2_mutex; -#define WRAP(NAME,TYPE,ARGLIST,ARGNAMES,ERROR_RESULT) \ - static TYPE wrap_##NAME ARGLIST \ - { \ - TYPE result; \ - int code = k5_mutex_lock (krb5_db2_mutex); \ - if (code) { return ERROR_RESULT; } \ - result = NAME ARGNAMES; \ - k5_mutex_unlock (krb5_db2_mutex); \ - return result; \ - } \ - /* hack: decl to allow a following ";" */ \ - static TYPE wrap_##NAME () +#define WRAP(NAME,TYPE,ARGLIST,ARGNAMES,ERROR_RESULT) \ + static TYPE wrap_##NAME ARGLIST \ + { \ + TYPE result; \ + int code = k5_mutex_lock (krb5_db2_mutex); \ + if (code) { return ERROR_RESULT; } \ + result = NAME ARGNAMES; \ + k5_mutex_unlock (krb5_db2_mutex); \ + return result; \ + } \ + /* hack: decl to allow a following ";" */ \ + static TYPE wrap_##NAME () /* Two special cases: void (can't assign result), and krb5_error_code (return error from locking code). */ -#define WRAP_VOID(NAME,ARGLIST,ARGNAMES) \ - static void wrap_##NAME ARGLIST \ - { \ - int code = k5_mutex_lock (krb5_db2_mutex); \ - if (code) { return; } \ - NAME ARGNAMES; \ - k5_mutex_unlock (krb5_db2_mutex); \ - } \ - /* hack: decl to allow a following ";" */ \ - static void wrap_##NAME () +#define WRAP_VOID(NAME,ARGLIST,ARGNAMES) \ + static void wrap_##NAME ARGLIST \ + { \ + int code = k5_mutex_lock (krb5_db2_mutex); \ + if (code) { return; } \ + NAME ARGNAMES; \ + k5_mutex_unlock (krb5_db2_mutex); \ + } \ + /* hack: decl to allow a following ";" */ \ + static void wrap_##NAME () -#define WRAP_K(NAME,ARGLIST,ARGNAMES) \ - WRAP(NAME,krb5_error_code,ARGLIST,ARGNAMES,code) +#define WRAP_K(NAME,ARGLIST,ARGNAMES) \ + WRAP(NAME,krb5_error_code,ARGLIST,ARGNAMES,code) WRAP_K (krb5_db2_open, - ( krb5_context kcontext, - char *conf_section, - char **db_args, - int mode ), - (kcontext, conf_section, db_args, mode)); + ( krb5_context kcontext, + char *conf_section, + char **db_args, + int mode ), + (kcontext, conf_section, db_args, mode)); WRAP_K (krb5_db2_db_fini, (krb5_context ctx), (ctx)); WRAP_K (krb5_db2_create, - ( krb5_context kcontext, char *conf_section, char **db_args ), - (kcontext, conf_section, db_args)); + ( krb5_context kcontext, char *conf_section, char **db_args ), + (kcontext, conf_section, db_args)); WRAP_K (krb5_db2_destroy, - ( krb5_context kcontext, char *conf_section, char **db_args ), - (kcontext, conf_section, db_args)); + ( krb5_context kcontext, char *conf_section, char **db_args ), + (kcontext, conf_section, db_args)); WRAP_K (krb5_db2_db_get_age, - (krb5_context ctx, - char *s, - time_t *t), - (ctx, s, t)); + (krb5_context ctx, + char *s, + time_t *t), + (ctx, s, t)); WRAP_K (krb5_db2_db_set_option, - ( krb5_context kcontext, - int option, - void *value ), - (kcontext, option, value)); + ( krb5_context kcontext, + int option, + void *value ), + (kcontext, option, value)); WRAP_K (krb5_db2_db_lock, - ( krb5_context context, - int in_mode), - (context, in_mode)); + ( krb5_context context, + int in_mode), + (context, in_mode)); WRAP_K (krb5_db2_db_unlock, (krb5_context ctx), (ctx)); WRAP_K (krb5_db2_db_get_principal, - (krb5_context ctx, - krb5_const_principal p, - unsigned int flags, - krb5_db_entry *d, - int * i, - krb5_boolean *b), - (ctx, p, d, i, b)); + (krb5_context ctx, + krb5_const_principal p, + unsigned int flags, + krb5_db_entry *d, + int * i, + krb5_boolean *b), + (ctx, p, d, i, b)); WRAP_K (krb5_db2_db_free_principal, - (krb5_context ctx, - krb5_db_entry *d, - int i), - (ctx, d, i)); + (krb5_context ctx, + krb5_db_entry *d, + int i), + (ctx, d, i)); WRAP_K (krb5_db2_db_put_principal, - (krb5_context ctx, - krb5_db_entry *d, - int *i, - char **db_args), - (ctx, d, i, db_args)); + (krb5_context ctx, + krb5_db_entry *d, + int *i, + char **db_args), + (ctx, d, i, db_args)); WRAP_K (krb5_db2_db_delete_principal, - (krb5_context context, - krb5_const_principal searchfor, - int *nentries), - (context, searchfor, nentries)); + (krb5_context context, + krb5_const_principal searchfor, + int *nentries), + (context, searchfor, nentries)); WRAP_K (krb5_db2_db_iterate, - (krb5_context ctx, char *s, - krb5_error_code (*f) (krb5_pointer, - krb5_db_entry *), - krb5_pointer p), - (ctx, s, f, p)); + (krb5_context ctx, char *s, + krb5_error_code (*f) (krb5_pointer, + krb5_db_entry *), + krb5_pointer p), + (ctx, s, f, p)); WRAP_K (krb5_db2_create_policy, - (krb5_context context, osa_policy_ent_t entry), - (context, entry)); + (krb5_context context, osa_policy_ent_t entry), + (context, entry)); WRAP_K (krb5_db2_get_policy, - ( krb5_context kcontext, - char *name, - osa_policy_ent_t *policy, - int *cnt), - (kcontext, name, policy, cnt)); + ( krb5_context kcontext, + char *name, + osa_policy_ent_t *policy, + int *cnt), + (kcontext, name, policy, cnt)); WRAP_K (krb5_db2_put_policy, - ( krb5_context kcontext, osa_policy_ent_t policy ), - (kcontext, policy)); + ( krb5_context kcontext, osa_policy_ent_t policy ), + (kcontext, policy)); WRAP_K (krb5_db2_iter_policy, - ( krb5_context kcontext, - char *match_entry, - osa_adb_iter_policy_func func, - void *data ), - (kcontext, match_entry, func, data)); + ( krb5_context kcontext, + char *match_entry, + osa_adb_iter_policy_func func, + void *data ), + (kcontext, match_entry, func, data)); WRAP_K (krb5_db2_delete_policy, - ( krb5_context kcontext, char *policy ), - (kcontext, policy)); + ( krb5_context kcontext, char *policy ), + (kcontext, policy)); WRAP_VOID (krb5_db2_free_policy, - ( krb5_context kcontext, osa_policy_ent_t entry ), - (kcontext, entry)); + ( krb5_context kcontext, osa_policy_ent_t entry ), + (kcontext, entry)); WRAP_K (krb5_db2_set_master_key_ext, - ( krb5_context kcontext, char *pwd, krb5_keyblock *key), - (kcontext, pwd, key)); + ( krb5_context kcontext, char *pwd, krb5_keyblock *key), + (kcontext, pwd, key)); WRAP_K (krb5_db2_db_get_mkey, - ( krb5_context context, krb5_keyblock **key), - (context, key)); + ( krb5_context context, krb5_keyblock **key), + (context, key)); WRAP_K (krb5_db2_db_set_mkey_list, - ( krb5_context kcontext, krb5_keylist_node *keylist), - (kcontext, keylist)); + ( krb5_context kcontext, krb5_keylist_node *keylist), + (kcontext, keylist)); WRAP_K (krb5_db2_db_get_mkey_list, - ( krb5_context context, krb5_keylist_node **keylist), - (context, keylist)); + ( krb5_context context, krb5_keylist_node **keylist), + (context, keylist)); WRAP_K (krb5_db2_promote_db, - ( krb5_context kcontext, char *conf_section, char **db_args ), - (kcontext, conf_section, db_args)); + ( krb5_context kcontext, char *conf_section, char **db_args ), + (kcontext, conf_section, db_args)); WRAP_K (krb5_db2_invoke, - (krb5_context kcontext, - unsigned int method, - const krb5_data *request, - krb5_data *response), - (kcontext, method, request, response)); + (krb5_context kcontext, + unsigned int method, + const krb5_data *request, + krb5_data *response), + (kcontext, method, request, response)); static krb5_error_code hack_init () @@ -210,7 +211,7 @@ hack_init () krb5_error_code c; c = krb5int_mutex_alloc (&krb5_db2_mutex); if (c) - return c; + return c; return krb5_db2_lib_init (); } @@ -228,41 +229,41 @@ hack_cleanup (void) */ kdb_vftabl PLUGIN_SYMBOL_NAME(krb5_db2, kdb_function_table) = { - 1, /* major version number 1 */ - 0, /* minor version number 0 */ - /* init_library */ hack_init, - /* fini_library */ hack_cleanup, - /* init_module */ wrap_krb5_db2_open, - /* fini_module */ wrap_krb5_db2_db_fini, - /* db_create */ wrap_krb5_db2_create, - /* db_destroy */ wrap_krb5_db2_destroy, - /* db_get_age */ wrap_krb5_db2_db_get_age, - /* db_set_option */ wrap_krb5_db2_db_set_option, - /* db_lock */ wrap_krb5_db2_db_lock, - /* db_unlock */ wrap_krb5_db2_db_unlock, - /* db_get_principal */ wrap_krb5_db2_db_get_principal, - /* db_free_principal */ wrap_krb5_db2_db_free_principal, - /* db_put_principal */ wrap_krb5_db2_db_put_principal, - /* db_delete_principal */ wrap_krb5_db2_db_delete_principal, - /* db_iterate */ wrap_krb5_db2_db_iterate, - /* db_create_policy */ wrap_krb5_db2_create_policy, - /* db_get_policy */ wrap_krb5_db2_get_policy, - /* db_put_policy */ wrap_krb5_db2_put_policy, - /* db_iter_policy */ wrap_krb5_db2_iter_policy, - /* db_delete_policy */ wrap_krb5_db2_delete_policy, - /* db_free_policy */ wrap_krb5_db2_free_policy, - /* db_supported_realms */ NULL, - /* db_free_supported_realms */ NULL, - /* errcode_2_string */ NULL, - /* release_errcode_string */ NULL, - /* db_alloc */ krb5_db2_alloc, - /* db_free */ krb5_db2_free, - /* set_master_key */ wrap_krb5_db2_set_master_key_ext, - /* get_master_key */ wrap_krb5_db2_db_get_mkey, - /* set_master_key_list */ wrap_krb5_db2_db_set_mkey_list, - /* get_master_key_list */ wrap_krb5_db2_db_get_mkey_list, - /* blah blah blah */ 0,0,0,0,0,0,0,0, - /* promote_db */ wrap_krb5_db2_promote_db, - 0, 0, - /* invoke */ wrap_krb5_db2_invoke + 1, /* major version number 1 */ + 0, /* minor version number 0 */ + /* init_library */ hack_init, + /* fini_library */ hack_cleanup, + /* init_module */ wrap_krb5_db2_open, + /* fini_module */ wrap_krb5_db2_db_fini, + /* db_create */ wrap_krb5_db2_create, + /* db_destroy */ wrap_krb5_db2_destroy, + /* db_get_age */ wrap_krb5_db2_db_get_age, + /* db_set_option */ wrap_krb5_db2_db_set_option, + /* db_lock */ wrap_krb5_db2_db_lock, + /* db_unlock */ wrap_krb5_db2_db_unlock, + /* db_get_principal */ wrap_krb5_db2_db_get_principal, + /* db_free_principal */ wrap_krb5_db2_db_free_principal, + /* db_put_principal */ wrap_krb5_db2_db_put_principal, + /* db_delete_principal */ wrap_krb5_db2_db_delete_principal, + /* db_iterate */ wrap_krb5_db2_db_iterate, + /* db_create_policy */ wrap_krb5_db2_create_policy, + /* db_get_policy */ wrap_krb5_db2_get_policy, + /* db_put_policy */ wrap_krb5_db2_put_policy, + /* db_iter_policy */ wrap_krb5_db2_iter_policy, + /* db_delete_policy */ wrap_krb5_db2_delete_policy, + /* db_free_policy */ wrap_krb5_db2_free_policy, + /* db_supported_realms */ NULL, + /* db_free_supported_realms */ NULL, + /* errcode_2_string */ NULL, + /* release_errcode_string */ NULL, + /* db_alloc */ krb5_db2_alloc, + /* db_free */ krb5_db2_free, + /* set_master_key */ wrap_krb5_db2_set_master_key_ext, + /* get_master_key */ wrap_krb5_db2_db_get_mkey, + /* set_master_key_list */ wrap_krb5_db2_db_set_mkey_list, + /* get_master_key_list */ wrap_krb5_db2_db_get_mkey_list, + /* blah blah blah */ 0,0,0,0,0,0,0,0, + /* promote_db */ wrap_krb5_db2_promote_db, + 0, 0, + /* invoke */ wrap_krb5_db2_invoke }; diff --git a/src/plugins/kdb/db2/kdb_db2.c b/src/plugins/kdb/db2/kdb_db2.c index 363a1f3d1..042649e49 100644 --- a/src/plugins/kdb/db2/kdb_db2.c +++ b/src/plugins/kdb/db2/kdb_db2.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/kdb/kdb_db2.c * @@ -130,8 +131,8 @@ static char default_db_name[] = DEFAULT_KDB_FILE; /* * Routines to deal with context. */ -#define k5db2_inited(c) (c && c->dal_handle \ - && c->dal_handle->db_context \ +#define k5db2_inited(c) (c && c->dal_handle \ + && c->dal_handle->db_context \ && ((krb5_db2_context *) c->dal_handle->db_context)->db_inited) static krb5_error_code @@ -139,23 +140,23 @@ krb5_db2_get_db_opt(char *input, char **opt, char **val) { char *pos = strchr(input, '='); if (pos == NULL) { - *opt = NULL; - *val = strdup(input); - if (*val == NULL) { - return ENOMEM; - } + *opt = NULL; + *val = strdup(input); + if (*val == NULL) { + return ENOMEM; + } } else { - *opt = malloc((pos - input) + 1); - *val = strdup(pos + 1); - if (!*opt || !*val) { - free(*opt); - *opt = NULL; - free(*val); - *val = NULL; - return ENOMEM; - } - memcpy(*opt, input, pos - input); - (*opt)[pos - input] = '\0'; + *opt = malloc((pos - input) + 1); + *val = strdup(pos + 1); + if (!*opt || !*val) { + free(*opt); + *opt = NULL; + free(*val); + *val = NULL; + return ENOMEM; + } + memcpy(*opt, input, pos - input); + (*opt)[pos - input] = '\0'; } return (0); @@ -172,9 +173,9 @@ k5db2_clear_context(krb5_db2_context *dbctx) * are the caller's problem. */ if (dbctx->db_lf_name) - free(dbctx->db_lf_name); + free(dbctx->db_lf_name); if (dbctx->db_name && (dbctx->db_name != default_db_name)) - free(dbctx->db_name); + free(dbctx->db_name); /* * Clear the structure and reset the defaults. */ @@ -193,14 +194,14 @@ k5db2_init_context(krb5_context context) dal_handle = context->dal_handle; if (dal_handle->db_context == NULL) { - db_ctx = (krb5_db2_context *) malloc(sizeof(krb5_db2_context)); - if (db_ctx == NULL) - return ENOMEM; - else { - memset(db_ctx, 0, sizeof(krb5_db2_context)); - k5db2_clear_context((krb5_db2_context *) db_ctx); - dal_handle->db_context = (void *) db_ctx; - } + db_ctx = (krb5_db2_context *) malloc(sizeof(krb5_db2_context)); + if (db_ctx == NULL) + return ENOMEM; + else { + memset(db_ctx, 0, sizeof(krb5_db2_context)); + k5db2_clear_context((krb5_db2_context *) db_ctx); + dal_handle->db_context = (void *) db_ctx; + } } return (0); } @@ -215,10 +216,10 @@ gen_dbsuffix(char *db_name, char *sfx) char *dbsuffix; if (sfx == NULL) - return ((char *) NULL); + return ((char *) NULL); if (asprintf(&dbsuffix, "%s%s", db_name, sfx) < 0) - return (0); + return (0); return dbsuffix; } @@ -237,14 +238,14 @@ k5db2_dbopen(krb5_db2_context *dbc, char *fname, int flags, int mode, int tempdb bti.prefix = NULL; if (tempdb) { - fname = gen_dbsuffix(fname, "~"); + fname = gen_dbsuffix(fname, "~"); } else { - fname = strdup(fname); + fname = strdup(fname); } if (fname == NULL) { - errno = ENOMEM; - return NULL; + errno = ENOMEM; + return NULL; } @@ -256,25 +257,25 @@ k5db2_dbopen(krb5_db2_context *dbc, char *fname, int flags, int mode, int tempdb hashi.nelem = 1; db = dbopen(fname, flags, mode, - dbc->hashfirst ? DB_HASH : DB_BTREE, - dbc->hashfirst ? (void *) &hashi : (void *) &bti); + dbc->hashfirst ? DB_HASH : DB_BTREE, + dbc->hashfirst ? (void *) &hashi : (void *) &bti); if (db != NULL) { - free(fname); - return db; + free(fname); + return db; } switch (errno) { #ifdef EFTYPE case EFTYPE: #endif case EINVAL: - db = dbopen(fname, flags, mode, - dbc->hashfirst ? DB_BTREE : DB_HASH, - dbc->hashfirst ? (void *) &bti : (void *) &hashi); - if (db != NULL) - dbc->hashfirst = !dbc->hashfirst; + db = dbopen(fname, flags, mode, + dbc->hashfirst ? DB_BTREE : DB_HASH, + dbc->hashfirst ? (void *) &bti : (void *) &hashi); + if (db != NULL) + dbc->hashfirst = !dbc->hashfirst; default: - free(fname); - return db; + free(fname); + return db; } } @@ -285,7 +286,7 @@ krb5_db2_db_set_hashfirst(krb5_context context, int hashfirst) kdb5_dal_handle *dal_handle; if (k5db2_inited(context)) - return KRB5_KDB_DBNOTINITED; + return KRB5_KDB_DBNOTINITED; dal_handle = context->dal_handle; dbc = (krb5_db2_context *) dal_handle->db_context; dbc->hashfirst = hashfirst; @@ -306,51 +307,51 @@ krb5_db2_db_init(krb5_context context) char policy_db_name[1024], policy_lock_name[1024]; if (k5db2_inited(context)) - return 0; + return 0; /* Check for presence of our context, if not present, allocate one. */ if ((retval = k5db2_init_context(context))) - return (retval); + return (retval); dal_handle = context->dal_handle; db_ctx = dal_handle->db_context; db_ctx->db = NULL; if (!(filename = gen_dbsuffix(db_ctx->db_name, db_ctx->tempdb - ?KDB2_TEMP_LOCK_EXT:KDB2_LOCK_EXT))) - return ENOMEM; - db_ctx->db_lf_name = filename; /* so it gets freed by clear_context */ + ?KDB2_TEMP_LOCK_EXT:KDB2_LOCK_EXT))) + return ENOMEM; + db_ctx->db_lf_name = filename; /* so it gets freed by clear_context */ /* * should be opened read/write so that write locking can work with * POSIX systems */ if ((db_ctx->db_lf_file = open(filename, O_RDWR, 0666)) < 0) { - if ((db_ctx->db_lf_file = open(filename, O_RDONLY, 0666)) < 0) { - retval = errno; - goto err_out; - } + if ((db_ctx->db_lf_file = open(filename, O_RDONLY, 0666)) < 0) { + retval = errno; + goto err_out; + } } set_cloexec_fd(db_ctx->db_lf_file); db_ctx->db_inited++; if ((retval = krb5_db2_db_get_age(context, NULL, &db_ctx->db_lf_time))) - goto err_out; + goto err_out; snprintf(policy_db_name, sizeof(policy_db_name), - db_ctx->tempdb ? "%s~.kadm5" : "%s.kadm5", - db_ctx->db_name); + db_ctx->tempdb ? "%s~.kadm5" : "%s.kadm5", + db_ctx->db_name); snprintf(policy_lock_name, sizeof(policy_lock_name), - "%s.lock", policy_db_name); + "%s.lock", policy_db_name); if ((retval = osa_adb_init_db(&db_ctx->policy_db, policy_db_name, - policy_lock_name, OSA_ADB_POLICY_DB_MAGIC))) + policy_lock_name, OSA_ADB_POLICY_DB_MAGIC))) { - goto err_out; + goto err_out; } return 0; - err_out: +err_out: db_ctx->db = NULL; k5db2_clear_context(db_ctx); return (retval); @@ -369,28 +370,28 @@ krb5_db2_db_fini(krb5_context context) dal_handle = context->dal_handle; if (dal_handle == NULL) { - return 0; + return 0; } db_ctx = (krb5_db2_context *) dal_handle->db_context; if (k5db2_inited(context)) { - if (close(db_ctx->db_lf_file)) - retval = errno; - else - retval = 0; + if (close(db_ctx->db_lf_file)) + retval = errno; + else + retval = 0; } if (db_ctx) { - if (db_ctx->policy_db) { - retval = - osa_adb_fini_db(db_ctx->policy_db, OSA_ADB_POLICY_DB_MAGIC); - if (retval) - return retval; - } + if (db_ctx->policy_db) { + retval = + osa_adb_fini_db(db_ctx->policy_db, OSA_ADB_POLICY_DB_MAGIC); + if (retval) + return retval; + } - k5db2_clear_context(db_ctx); - /* free(dal_handle->db_context); */ - dal_handle->db_context = NULL; + k5db2_clear_context(db_ctx); + /* free(dal_handle->db_context); */ + dal_handle->db_context = NULL; } return retval; } @@ -405,7 +406,7 @@ krb5_db2_db_set_mkey(krb5_context context, krb5_keyblock *key) kdb5_dal_handle *dal_handle; if (!k5db2_inited(context)) - return (KRB5_KDB_DBNOTINITED); + return (KRB5_KDB_DBNOTINITED); dal_handle = context->dal_handle; db_ctx = dal_handle->db_context; @@ -420,7 +421,7 @@ krb5_db2_db_get_mkey(krb5_context context, krb5_keyblock **key) kdb5_dal_handle *dal_handle; if (!k5db2_inited(context)) - return (KRB5_KDB_DBNOTINITED); + return (KRB5_KDB_DBNOTINITED); dal_handle = context->dal_handle; db_ctx = dal_handle->db_context; @@ -436,7 +437,7 @@ krb5_db2_db_set_mkey_list(krb5_context context, krb5_keylist_node *key_list) kdb5_dal_handle *dal_handle; if (!k5db2_inited(context)) - return (KRB5_KDB_DBNOTINITED); + return (KRB5_KDB_DBNOTINITED); dal_handle = context->dal_handle; db_ctx = dal_handle->db_context; @@ -451,7 +452,7 @@ krb5_db2_db_get_mkey_list(krb5_context context, krb5_keylist_node **key_list) kdb5_dal_handle *dal_handle; if (!k5db2_inited(context)) - return (KRB5_KDB_DBNOTINITED); + return (KRB5_KDB_DBNOTINITED); dal_handle = context->dal_handle; db_ctx = dal_handle->db_context; @@ -478,21 +479,21 @@ krb5_db2_db_set_name(krb5_context context, char *name, int tempdb) kdb5_dal_handle *dal_handle; if (k5db2_inited(context)) - return KRB5_KDB_DBINITED; + return KRB5_KDB_DBINITED; /* Check for presence of our context, if not present, allocate one. */ if ((kret = k5db2_init_context(context))) - return (kret); + return (kret); if (name == NULL) - name = default_db_name; + name = default_db_name; dal_handle = context->dal_handle; db_ctx = dal_handle->db_context; db_ctx->tempdb = tempdb; db = k5db2_dbopen(db_ctx, name, O_RDONLY, 0, tempdb); if (db == NULL) - return errno; + return errno; db_ctx->db_name = strdup(name); (*db->close) (db); @@ -513,14 +514,14 @@ krb5_db2_db_get_age(krb5_context context, char *db_name, time_t *age) struct stat st; if (!k5db2_inited(context)) - return (KRB5_KDB_DBNOTINITED); + return (KRB5_KDB_DBNOTINITED); dal_handle = context->dal_handle; db_ctx = (krb5_db2_context *) dal_handle->db_context; if (fstat(db_ctx->db_lf_file, &st) < 0) - *age = -1; + *age = -1; else - *age = st.st_mtime; + *age = st.st_mtime; return 0; } @@ -549,29 +550,29 @@ krb5_db2_db_end_update(krb5_context context) struct utimbuf utbuf; if (!k5db2_inited(context)) - return (KRB5_KDB_DBNOTINITED); + return (KRB5_KDB_DBNOTINITED); retval = 0; dal_handle = context->dal_handle; db_ctx = dal_handle->db_context; now = time((time_t *) NULL); if (fstat(db_ctx->db_lf_file, &st) == 0) { - if (st.st_mtime >= now) { - utbuf.actime = st.st_mtime + 1; - utbuf.modtime = st.st_mtime + 1; - if (utime(db_ctx->db_lf_name, &utbuf)) - retval = errno; - } else { - if (utime(db_ctx->db_lf_name, (struct utimbuf *) NULL)) - retval = errno; - } + if (st.st_mtime >= now) { + utbuf.actime = st.st_mtime + 1; + utbuf.modtime = st.st_mtime + 1; + if (utime(db_ctx->db_lf_name, &utbuf)) + retval = errno; + } else { + if (utime(db_ctx->db_lf_name, (struct utimbuf *) NULL)) + retval = errno; + } } else - retval = errno; + retval = errno; if (!retval) { - if (fstat(db_ctx->db_lf_file, &st) == 0) - db_ctx->db_lf_time = st.st_mtime; - else - retval = errno; + if (fstat(db_ctx->db_lf_file, &st) == 0) + db_ctx->db_lf_time = st.st_mtime; + else + retval = errno; } return (retval); } @@ -591,76 +592,76 @@ krb5_db2_db_lock(krb5_context context, int in_mode) switch (in_mode) { case KRB5_DB_LOCKMODE_PERMANENT: - mode = KRB5_DB_LOCKMODE_EXCLUSIVE; - break; + mode = KRB5_DB_LOCKMODE_EXCLUSIVE; + break; case KRB5_DB_LOCKMODE_EXCLUSIVE: - mode = KRB5_LOCKMODE_EXCLUSIVE; - break; + mode = KRB5_LOCKMODE_EXCLUSIVE; + break; case KRB5_DB_LOCKMODE_SHARED: - mode = KRB5_LOCKMODE_SHARED; - break; + mode = KRB5_LOCKMODE_SHARED; + break; default: - return EINVAL; + return EINVAL; } if (!k5db2_inited(context)) - return KRB5_KDB_DBNOTINITED; + return KRB5_KDB_DBNOTINITED; dal_handle = context->dal_handle; db_ctx = (krb5_db2_context *) dal_handle->db_context; if (db_ctx->db_locks_held && (db_ctx->db_lock_mode >= mode)) { - /* No need to upgrade lock, just return */ - db_ctx->db_locks_held++; - goto policy_lock; + /* No need to upgrade lock, just return */ + db_ctx->db_locks_held++; + goto policy_lock; } if ((mode != KRB5_LOCKMODE_SHARED) && (mode != KRB5_LOCKMODE_EXCLUSIVE)) - return KRB5_KDB_BADLOCKMODE; + return KRB5_KDB_BADLOCKMODE; krb5_lock_mode = mode | KRB5_LOCKMODE_DONTBLOCK; for (gotlock = tries = 0; tries < MAX_LOCK_TRIES; tries++) { - retval = krb5_lock_file(context, db_ctx->db_lf_file, krb5_lock_mode); - if (retval == 0) { - gotlock++; - break; - } else if (retval == EBADF && mode == KRB5_DB_LOCKMODE_EXCLUSIVE) - /* tried to exclusive-lock something we don't have */ - /* write access to */ - return KRB5_KDB_CANTLOCK_DB; - sleep(1); + retval = krb5_lock_file(context, db_ctx->db_lf_file, krb5_lock_mode); + if (retval == 0) { + gotlock++; + break; + } else if (retval == EBADF && mode == KRB5_DB_LOCKMODE_EXCLUSIVE) + /* tried to exclusive-lock something we don't have */ + /* write access to */ + return KRB5_KDB_CANTLOCK_DB; + sleep(1); } if (retval == EACCES) - return KRB5_KDB_CANTLOCK_DB; + return KRB5_KDB_CANTLOCK_DB; else if (retval == EAGAIN || retval == EWOULDBLOCK) - return OSA_ADB_CANTLOCK_DB; + return OSA_ADB_CANTLOCK_DB; else if (retval != 0) - return retval; + return retval; if ((retval = krb5_db2_db_get_age(context, NULL, &mod_time))) - goto lock_error; + goto lock_error; db = k5db2_dbopen(db_ctx, db_ctx->db_name, - mode == KRB5_LOCKMODE_SHARED ? O_RDONLY : O_RDWR, 0600, db_ctx->tempdb); + mode == KRB5_LOCKMODE_SHARED ? O_RDONLY : O_RDWR, 0600, db_ctx->tempdb); if (db) { - db_ctx->db_lf_time = mod_time; - db_ctx->db = db; + db_ctx->db_lf_time = mod_time; + db_ctx->db = db; } else { - retval = errno; - db_ctx->db = NULL; - goto lock_error; + retval = errno; + db_ctx->db = NULL; + goto lock_error; } db_ctx->db_lock_mode = mode; db_ctx->db_locks_held++; - policy_lock: +policy_lock: if ((retval = osa_adb_get_lock(db_ctx->policy_db, in_mode))) { - krb5_db2_db_unlock(context); + krb5_db2_db_unlock(context); } return retval; - lock_error:; +lock_error:; db_ctx->db_lock_mode = 0; db_ctx->db_locks_held = 0; krb5_db2_db_unlock(context); @@ -676,26 +677,26 @@ krb5_db2_db_unlock(krb5_context context) krb5_error_code retval; if (!k5db2_inited(context)) - return KRB5_KDB_DBNOTINITED; + return KRB5_KDB_DBNOTINITED; dal_handle = context->dal_handle; db_ctx = (krb5_db2_context *) dal_handle->db_context; if ((retval = osa_adb_release_lock(db_ctx->policy_db))) { - return retval; + return retval; } - if (!db_ctx->db_locks_held) /* lock already unlocked */ - return KRB5_KDB_NOTLOCKED; + if (!db_ctx->db_locks_held) /* lock already unlocked */ + return KRB5_KDB_NOTLOCKED; db = db_ctx->db; if (--(db_ctx->db_locks_held) == 0) { - (*db->close) (db); - db_ctx->db = NULL; + (*db->close) (db); + db_ctx->db = NULL; - retval = krb5_lock_file(context, db_ctx->db_lf_file, - KRB5_LOCKMODE_UNLOCK); - db_ctx->db_lock_mode = 0; - return (retval); + retval = krb5_lock_file(context, db_ctx->db_lf_file, + KRB5_LOCKMODE_UNLOCK); + db_ctx->db_lock_mode = 0; + return (retval); } return 0; } @@ -716,49 +717,49 @@ krb5_db2_db_create(krb5_context context, char *db_name, krb5_int32 flags) char policy_db_name[1024], policy_lock_name[1024]; if ((retval = k5db2_init_context(context))) - return (retval); + return (retval); dal_handle = context->dal_handle; db_ctx = (krb5_db2_context *) dal_handle->db_context; switch (flags) { case KRB5_KDB_CREATE_HASH: - if ((retval = krb5_db2_db_set_hashfirst(context, TRUE))) - return retval; - break; + if ((retval = krb5_db2_db_set_hashfirst(context, TRUE))) + return retval; + break; case KRB5_KDB_CREATE_BTREE: case 0: - if ((retval = krb5_db2_db_set_hashfirst(context, FALSE))) - return retval; - break; + if ((retval = krb5_db2_db_set_hashfirst(context, FALSE))) + return retval; + break; default: - return KRB5_KDB_BAD_CREATEFLAGS; + return KRB5_KDB_BAD_CREATEFLAGS; } db = k5db2_dbopen(db_ctx, db_name, O_RDWR | O_CREAT | O_EXCL, 0600, db_ctx->tempdb); if (db == NULL) - return errno; + return errno; (*db->close) (db); db_name2 = db_ctx->tempdb ? gen_dbsuffix(db_name, "~") : strdup(db_name); if (db_name2 == NULL) - return ENOMEM; + return ENOMEM; okname = gen_dbsuffix(db_name2, KDB2_LOCK_EXT); if (!okname) - retval = ENOMEM; + retval = ENOMEM; else { - fd = open(okname, O_CREAT | O_RDWR | O_TRUNC, 0600); - if (fd < 0) - retval = errno; - else - close(fd); - free_dbsuffix(okname); + fd = open(okname, O_CREAT | O_RDWR | O_TRUNC, 0600); + if (fd < 0) + retval = errno; + else + close(fd); + free_dbsuffix(okname); } snprintf(policy_db_name, sizeof(policy_db_name), "%s.kadm5", db_name2); snprintf(policy_lock_name, sizeof(policy_lock_name), - "%s.lock", policy_db_name); + "%s.lock", policy_db_name); retval = osa_adb_create_db(policy_db_name, - policy_lock_name, OSA_ADB_POLICY_DB_MAGIC); + policy_lock_name, OSA_ADB_POLICY_DB_MAGIC); free(db_name2); return retval; } @@ -772,7 +773,7 @@ destroy_file_suffix(char *dbname, char *suffix) char *filename; struct stat statb; int nb, fd; - int j; + int j; off_t pos; char buf[BUFSIZ]; char zbuf[BUFSIZ]; @@ -780,19 +781,19 @@ destroy_file_suffix(char *dbname, char *suffix) filename = gen_dbsuffix(dbname, suffix); if (filename == 0) - return ENOMEM; + return ENOMEM; if ((fd = open(filename, O_RDWR, 0)) < 0) { - free(filename); - return errno; + free(filename); + return errno; } set_cloexec_fd(fd); /* fstat() will probably not fail unless using a remote filesystem * (which is inappropriate for the kerberos database) so this check * is mostly paranoia. */ if (fstat(fd, &statb) == -1) { - int retval = errno; - free(filename); - return retval; + int retval = errno; + free(filename); + return retval; } /* * Stroll through the file, reading in BUFSIZ chunks. If everything @@ -805,31 +806,31 @@ destroy_file_suffix(char *dbname, char *suffix) memset(zbuf, 0, BUFSIZ); pos = 0; while (pos < statb.st_size) { - dowrite = 0; - nb = read(fd, buf, BUFSIZ); - if (nb < 0) { - int retval = errno; - free(filename); - return retval; - } - for (j = 0; j < nb; j++) { - if (buf[j] != '\0') { - dowrite = 1; - break; - } - } - /* For signedness */ - j = nb; - if (dowrite) { - lseek(fd, pos, SEEK_SET); - nb = write(fd, zbuf, j); - if (nb < 0) { - int retval = errno; - free(filename); - return retval; - } - } - pos += nb; + dowrite = 0; + nb = read(fd, buf, BUFSIZ); + if (nb < 0) { + int retval = errno; + free(filename); + return retval; + } + for (j = 0; j < nb; j++) { + if (buf[j] != '\0') { + dowrite = 1; + break; + } + } + /* For signedness */ + j = nb; + if (dowrite) { + lseek(fd, pos, SEEK_SET); + nb = write(fd, zbuf, j); + if (nb < 0) { + int retval = errno; + free(filename); + return retval; + } + } + pos += nb; } /* ??? Is fsync really needed? I don't know of any non-networked * filesystem which will discard queued writes to disk if a file @@ -840,8 +841,8 @@ destroy_file_suffix(char *dbname, char *suffix) close(fd); if (unlink(filename)) { - free(filename); - return (errno); + free(filename); + return (errno); } free(filename); return (0); @@ -866,10 +867,10 @@ krb5_db2_db_destroy(krb5_context context, char *dbname) tmpcontext = 0; if (!context->dal_handle - || !context->dal_handle->db_context) { - tmpcontext = 1; - if ((retval1 = k5db2_init_context(context))) - return (retval1); + || !context->dal_handle->db_context) { + tmpcontext = 1; + if ((retval1 = k5db2_init_context(context))) + return (retval1); } retval1 = retval2 = 0; @@ -877,20 +878,20 @@ krb5_db2_db_destroy(krb5_context context, char *dbname) retval2 = destroy_file_suffix(dbname, KDB2_LOCK_EXT); if (tmpcontext) { - k5db2_clear_context((krb5_db2_context *) context->dal_handle->db_context); - free(context->dal_handle->db_context); - context->dal_handle->db_context = NULL; + k5db2_clear_context((krb5_db2_context *) context->dal_handle->db_context); + free(context->dal_handle->db_context); + context->dal_handle->db_context = NULL; } if (retval1 || retval2) - return (retval1 ? retval1 : retval2); + return (retval1 ? retval1 : retval2); snprintf(policy_db_name, sizeof(policy_db_name), "%s.kadm5", dbname); snprintf(policy_lock_name, sizeof(policy_lock_name), - "%s.lock", policy_db_name); + "%s.lock", policy_db_name); retval1 = osa_adb_destroy_db(policy_db_name, - policy_lock_name, OSA_ADB_POLICY_DB_MAGIC); + policy_lock_name, OSA_ADB_POLICY_DB_MAGIC); return retval1; } @@ -903,10 +904,10 @@ krb5_db2_db_destroy(krb5_context context, char *dbname) krb5_error_code krb5_db2_db_get_principal(krb5_context context, - krb5_const_principal searchfor, - krb5_db_entry *entries, /* filled in */ - int *nentries, /* how much room/how many found */ - krb5_boolean *more) /* are there more? */ + krb5_const_principal searchfor, + krb5_db_entry *entries, /* filled in */ + int *nentries, /* how much room/how many found */ + krb5_boolean *more) /* are there more? */ { krb5_db2_context *db_ctx; krb5_error_code retval; @@ -920,27 +921,27 @@ krb5_db2_db_get_principal(krb5_context context, *nentries = 0; if (!k5db2_inited(context)) - return KRB5_KDB_DBNOTINITED; + return KRB5_KDB_DBNOTINITED; dal_handle = context->dal_handle; db_ctx = (krb5_db2_context *) dal_handle->db_context; for (trynum = 0; trynum < KRB5_DB2_MAX_RETRY; trynum++) { - if ((retval = krb5_db2_db_lock(context, KRB5_LOCKMODE_SHARED))) { - if (db_ctx->db_nb_locks) - return (retval); - sleep(1); - continue; - } - break; + if ((retval = krb5_db2_db_lock(context, KRB5_LOCKMODE_SHARED))) { + if (db_ctx->db_nb_locks) + return (retval); + sleep(1); + continue; + } + break; } if (trynum == KRB5_DB2_MAX_RETRY) - return KRB5_KDB_DB_INUSE; + return KRB5_KDB_DB_INUSE; /* XXX deal with wildcard lookups */ retval = krb5_encode_princ_dbkey(context, &keydata, searchfor); if (retval) - goto cleanup; + goto cleanup; key.data = keydata.data; key.size = keydata.length; @@ -950,35 +951,35 @@ krb5_db2_db_get_principal(krb5_context context, krb5_free_data_contents(context, &keydata); switch (dbret) { case 1: - retval = 0; + retval = 0; case -1: default: - *nentries = 0; - goto cleanup; + *nentries = 0; + goto cleanup; case 0: - contdata.data = contents.data; - contdata.length = contents.size; - retval = krb5_decode_princ_contents(context, &contdata, entries); - if (!retval) - *nentries = 1; - break; + contdata.data = contents.data; + contdata.length = contents.size; + retval = krb5_decode_princ_contents(context, &contdata, entries); + if (!retval) + *nentries = 1; + break; } - cleanup: - (void) krb5_db2_db_unlock(context); /* unlock read lock */ +cleanup: + (void) krb5_db2_db_unlock(context); /* unlock read lock */ return retval; } /* Free stuff returned by krb5_db2_db_get_principal. - */ +*/ krb5_error_code krb5_db2_db_free_principal(krb5_context context, krb5_db_entry *entries, - int nentries) + int nentries) { register int i; for (i = 0; i < nentries; i++) - krb5_dbe_free_contents(context, &entries[i]); + krb5_dbe_free_contents(context, &entries[i]); return 0; } @@ -990,13 +991,13 @@ krb5_db2_db_free_principal(krb5_context context, krb5_db_entry *entries, acutally stored; the first *"nstored" records will have been stored in the database (even if an error occurs). - */ +*/ krb5_error_code krb5_db2_db_put_principal(krb5_context context, - krb5_db_entry *entries, - int *nentries, /* number of entry structs to update */ - char **db_args) + krb5_db_entry *entries, + int *nentries, /* number of entry structs to update */ + char **db_args) { int i, n, dbret; DB *db; @@ -1008,55 +1009,55 @@ krb5_db2_db_put_principal(krb5_context context, krb5_clear_error_message (context); if (db_args) { - /* DB2 does not support db_args DB arguments for principal */ - krb5_set_error_message(context, EINVAL, - "Unsupported argument \"%s\" for db2", - db_args[0]); - return EINVAL; + /* DB2 does not support db_args DB arguments for principal */ + krb5_set_error_message(context, EINVAL, + "Unsupported argument \"%s\" for db2", + db_args[0]); + return EINVAL; } n = *nentries; *nentries = 0; if (!k5db2_inited(context)) - return KRB5_KDB_DBNOTINITED; + return KRB5_KDB_DBNOTINITED; dal_handle = context->dal_handle; db_ctx = (krb5_db2_context *) dal_handle->db_context; if ((retval = krb5_db2_db_lock(context, KRB5_LOCKMODE_EXCLUSIVE))) - return retval; + return retval; db = db_ctx->db; if ((retval = krb5_db2_db_start_update(context))) { - (void) krb5_db2_db_unlock(context); - return retval; + (void) krb5_db2_db_unlock(context); + return retval; } /* for each one, stuff temps, and do replace/append */ for (i = 0; i < n; i++) { - retval = krb5_encode_princ_contents(context, &contdata, entries); - if (retval) - break; - contents.data = contdata.data; - contents.size = contdata.length; - retval = krb5_encode_princ_dbkey(context, &keydata, entries->princ); - if (retval) { - krb5_free_data_contents(context, &contdata); - break; - } - - key.data = keydata.data; - key.size = keydata.length; - dbret = (*db->put) (db, &key, &contents, 0); - retval = dbret ? errno : 0; - krb5_free_data_contents(context, &keydata); - krb5_free_data_contents(context, &contdata); - if (retval) - break; - entries++; /* bump to next struct */ + retval = krb5_encode_princ_contents(context, &contdata, entries); + if (retval) + break; + contents.data = contdata.data; + contents.size = contdata.length; + retval = krb5_encode_princ_dbkey(context, &keydata, entries->princ); + if (retval) { + krb5_free_data_contents(context, &contdata); + break; + } + + key.data = keydata.data; + key.size = keydata.length; + dbret = (*db->put) (db, &key, &contents, 0); + retval = dbret ? errno : 0; + krb5_free_data_contents(context, &keydata); + krb5_free_data_contents(context, &contdata); + if (retval) + break; + entries++; /* bump to next struct */ } (void) krb5_db2_db_end_update(context); - (void) krb5_db2_db_unlock(context); /* unlock database */ + (void) krb5_db2_db_unlock(context); /* unlock database */ *nentries = i; return (retval); } @@ -1068,8 +1069,8 @@ krb5_db2_db_put_principal(krb5_context context, krb5_error_code krb5_db2_db_delete_principal(krb5_context context, - krb5_const_principal searchfor, - int *nentries) /* how many found & deleted */ + krb5_const_principal searchfor, + int *nentries) /* how many found & deleted */ { krb5_error_code retval; krb5_db_entry entry; @@ -1081,20 +1082,20 @@ krb5_db2_db_delete_principal(krb5_context context, kdb5_dal_handle *dal_handle; if (!k5db2_inited(context)) - return KRB5_KDB_DBNOTINITED; + return KRB5_KDB_DBNOTINITED; dal_handle = context->dal_handle; db_ctx = (krb5_db2_context *) dal_handle->db_context; if ((retval = krb5_db2_db_lock(context, KRB5_LOCKMODE_EXCLUSIVE))) - return (retval); + return (retval); if ((retval = krb5_db2_db_start_update(context))) { - (void) krb5_db2_db_unlock(context); /* unlock write lock */ - return (retval); + (void) krb5_db2_db_unlock(context); /* unlock write lock */ + return (retval); } if ((retval = krb5_encode_princ_dbkey(context, &keydata, searchfor))) - goto cleanup; + goto cleanup; key.data = keydata.data; key.size = keydata.length; @@ -1103,34 +1104,34 @@ krb5_db2_db_delete_principal(krb5_context context, retval = errno; switch (dbret) { case 1: - retval = KRB5_KDB_NOENTRY; + retval = KRB5_KDB_NOENTRY; case -1: default: - *nentries = 0; - goto cleankey; + *nentries = 0; + goto cleankey; case 0: - ; + ; } memset(&entry, 0, sizeof(entry)); contdata.data = contents.data; contdata.length = contents.size; retval = krb5_decode_princ_contents(context, &contdata, &entry); if (retval) - goto cleankey; + goto cleankey; *nentries = 1; /* Clear encrypted key contents */ for (i = 0; i < entry.n_key_data; i++) { - if (entry.key_data[i].key_data_length[0]) { - memset(entry.key_data[i].key_data_contents[0], 0, - (unsigned) entry.key_data[i].key_data_length[0]); - } + if (entry.key_data[i].key_data_length[0]) { + memset(entry.key_data[i].key_data_contents[0], 0, + (unsigned) entry.key_data[i].key_data_length[0]); + } } retval = krb5_encode_princ_contents(context, &contdata, &entry); krb5_dbe_free_contents(context, &entry); if (retval) - goto cleankey; + goto cleankey; contents.data = contdata.data; contents.size = contdata.length; @@ -1138,23 +1139,23 @@ krb5_db2_db_delete_principal(krb5_context context, retval = dbret ? errno : 0; krb5_free_data_contents(context, &contdata); if (retval) - goto cleankey; + goto cleankey; dbret = (*db->del) (db, &key, 0); retval = dbret ? errno : 0; - cleankey: +cleankey: krb5_free_data_contents(context, &keydata); - cleanup: +cleanup: (void) krb5_db2_db_end_update(context); - (void) krb5_db2_db_unlock(context); /* unlock write lock */ + (void) krb5_db2_db_unlock(context); /* unlock write lock */ return retval; } krb5_error_code krb5_db2_db_iterate_ext(krb5_context context, - krb5_error_code(*func) (krb5_pointer, krb5_db_entry *), - krb5_pointer func_arg, - int backwards, int recursive) + krb5_error_code(*func) (krb5_pointer, krb5_db_entry *), + krb5_pointer func_arg, + int backwards, int recursive) { krb5_db2_context *db_ctx; DB *db; @@ -1168,75 +1169,75 @@ krb5_db2_db_iterate_ext(krb5_context context, cookie = NULL; if (!k5db2_inited(context)) - return KRB5_KDB_DBNOTINITED; + return KRB5_KDB_DBNOTINITED; dal_handle = context->dal_handle; db_ctx = (krb5_db2_context *) dal_handle->db_context; retval = krb5_db2_db_lock(context, KRB5_LOCKMODE_SHARED); if (retval) - return retval; + return retval; db = db_ctx->db; if (recursive && db->type != DB_BTREE) { - (void) krb5_db2_db_unlock(context); - return KRB5_KDB_UK_RERROR; /* Not optimal, but close enough. */ + (void) krb5_db2_db_unlock(context); + return KRB5_KDB_UK_RERROR; /* Not optimal, but close enough. */ } if (!recursive) { - dbret = (*db->seq) (db, &key, &contents, backwards ? R_LAST : R_FIRST); + dbret = (*db->seq) (db, &key, &contents, backwards ? R_LAST : R_FIRST); } else { #ifdef HAVE_BT_RSEQ - dbret = bt_rseq(db, &key, &contents, &cookie, - backwards ? R_LAST : R_FIRST); + dbret = bt_rseq(db, &key, &contents, &cookie, + backwards ? R_LAST : R_FIRST); #else - (void) krb5_db2_db_unlock(context); - return KRB5_KDB_UK_RERROR; /* Not optimal, but close enough. */ + (void) krb5_db2_db_unlock(context); + return KRB5_KDB_UK_RERROR; /* Not optimal, but close enough. */ #endif } while (dbret == 0) { - krb5_error_code retval2; - - contdata.data = contents.data; - contdata.length = contents.size; - retval = krb5_decode_princ_contents(context, &contdata, &entries); - if (retval) - break; - retval = k5_mutex_unlock(krb5_db2_mutex); - if (retval) - break; - retval = (*func) (func_arg, &entries); - krb5_dbe_free_contents(context, &entries); - retval2 = k5_mutex_lock(krb5_db2_mutex); - /* Note: If re-locking fails, the wrapper in db2_exp.c will - still try to unlock it again. That would be a bug. Fix - when integrating the locking better. */ - if (retval) - break; - if (retval2) { - retval = retval2; - break; - } - if (!recursive) { - dbret = (*db->seq) (db, &key, &contents, - backwards ? R_PREV : R_NEXT); - } else { + krb5_error_code retval2; + + contdata.data = contents.data; + contdata.length = contents.size; + retval = krb5_decode_princ_contents(context, &contdata, &entries); + if (retval) + break; + retval = k5_mutex_unlock(krb5_db2_mutex); + if (retval) + break; + retval = (*func) (func_arg, &entries); + krb5_dbe_free_contents(context, &entries); + retval2 = k5_mutex_lock(krb5_db2_mutex); + /* Note: If re-locking fails, the wrapper in db2_exp.c will + still try to unlock it again. That would be a bug. Fix + when integrating the locking better. */ + if (retval) + break; + if (retval2) { + retval = retval2; + break; + } + if (!recursive) { + dbret = (*db->seq) (db, &key, &contents, + backwards ? R_PREV : R_NEXT); + } else { #ifdef HAVE_BT_RSEQ - dbret = bt_rseq(db, &key, &contents, &cookie, - backwards ? R_PREV : R_NEXT); + dbret = bt_rseq(db, &key, &contents, &cookie, + backwards ? R_PREV : R_NEXT); #else - (void) krb5_db2_db_unlock(context); - return KRB5_KDB_UK_RERROR; /* Not optimal, but close enough. */ + (void) krb5_db2_db_unlock(context); + return KRB5_KDB_UK_RERROR; /* Not optimal, but close enough. */ #endif - } + } } switch (dbret) { case 1: case 0: - break; + break; case -1: default: - retval = errno; + retval = errno; } (void) krb5_db2_db_unlock(context); return retval; @@ -1244,9 +1245,9 @@ krb5_db2_db_iterate_ext(krb5_context context, krb5_error_code krb5_db2_db_iterate(krb5_context context, - char *match_expr, - krb5_error_code(*func) (krb5_pointer, krb5_db_entry *), - krb5_pointer func_arg) + char *match_expr, + krb5_error_code(*func) (krb5_pointer, krb5_db_entry *), + krb5_pointer func_arg) { return krb5_db2_db_iterate_ext(context, func, func_arg, 0, 0); } @@ -1261,8 +1262,8 @@ krb5_db2_db_set_lockmode(krb5_context context, krb5_boolean mode) dal_handle = context->dal_handle; old = mode; if (dal_handle && (db_ctx = (krb5_db2_context *) dal_handle->db_context)) { - old = db_ctx->db_nb_locks; - db_ctx->db_nb_locks = mode; + old = db_ctx->db_nb_locks; + db_ctx->db_nb_locks = mode; } return old; } @@ -1285,7 +1286,7 @@ krb5_db2_lib_cleanup() krb5_error_code krb5_db2_open(krb5_context kcontext, - char *conf_section, char **db_args, int mode) + char *conf_section, char **db_args, int mode) { krb5_error_code status = 0; char **t_ptr = db_args; @@ -1295,75 +1296,75 @@ krb5_db2_open(krb5_context kcontext, krb5_clear_error_message (kcontext); if (k5db2_inited(kcontext)) - return 0; + return 0; while (t_ptr && *t_ptr) { - char *opt = NULL, *val = NULL; - - krb5_db2_get_db_opt(*t_ptr, &opt, &val); - if (opt && !strcmp(opt, "dbname")) { - if (dbname) free(dbname); - dbname = strdup(val); - if (dbname == NULL) { - free(opt); - free(val); - return ENOMEM; - } - } - else if (!opt && !strcmp(val, "temporary") ) { - tempdb = 1; - } - else if (!opt && !strcmp(val, "merge_nra")) { - ; - } - /* ignore hash argument. Might have been passed from create */ - else if (!opt || strcmp(opt, "hash")) { - krb5_set_error_message(kcontext, EINVAL, - "Unsupported argument \"%s\" for db2", - opt ? opt : val); - free(opt); - free(val); - return EINVAL; - } - - free(opt); - free(val); - t_ptr++; + char *opt = NULL, *val = NULL; + + krb5_db2_get_db_opt(*t_ptr, &opt, &val); + if (opt && !strcmp(opt, "dbname")) { + if (dbname) free(dbname); + dbname = strdup(val); + if (dbname == NULL) { + free(opt); + free(val); + return ENOMEM; + } + } + else if (!opt && !strcmp(val, "temporary") ) { + tempdb = 1; + } + else if (!opt && !strcmp(val, "merge_nra")) { + ; + } + /* ignore hash argument. Might have been passed from create */ + else if (!opt || strcmp(opt, "hash")) { + krb5_set_error_message(kcontext, EINVAL, + "Unsupported argument \"%s\" for db2", + opt ? opt : val); + free(opt); + free(val); + return EINVAL; + } + + free(opt); + free(val); + t_ptr++; } if(dbname) { - status = krb5_db2_db_set_name(kcontext, dbname, tempdb); - free(dbname); - if (status) { - goto clean_n_exit; - } - db_name_set = 1; + status = krb5_db2_db_set_name(kcontext, dbname, tempdb); + free(dbname); + if (status) { + goto clean_n_exit; + } + db_name_set = 1; } if (!db_name_set) { - char *value = NULL; - status = profile_get_string(KRB5_DB_GET_PROFILE(kcontext), KDB_MODULE_SECTION, conf_section, KDB_DB2_DATABASE_NAME, /* under given conf section */ - NULL, &value); + char *value = NULL; + status = profile_get_string(KRB5_DB_GET_PROFILE(kcontext), KDB_MODULE_SECTION, conf_section, KDB_DB2_DATABASE_NAME, /* under given conf section */ + NULL, &value); - if (value == NULL) { - /* special case for db2. We might actually be looking at old type config file where database is specified as part of realm */ - status = profile_get_string(KRB5_DB_GET_PROFILE(kcontext), KDB_REALM_SECTION, KRB5_DB_GET_REALM(kcontext), KDB_DB2_DATABASE_NAME, /* under given realm */ - default_db_name, &value); - if (status) { - goto clean_n_exit; - } - } + if (value == NULL) { + /* special case for db2. We might actually be looking at old type config file where database is specified as part of realm */ + status = profile_get_string(KRB5_DB_GET_PROFILE(kcontext), KDB_REALM_SECTION, KRB5_DB_GET_REALM(kcontext), KDB_DB2_DATABASE_NAME, /* under given realm */ + default_db_name, &value); + if (status) { + goto clean_n_exit; + } + } - status = krb5_db2_db_set_name(kcontext, value, tempdb); - profile_release_string(value); - if (status) { - goto clean_n_exit; - } + status = krb5_db2_db_set_name(kcontext, value, tempdb); + profile_release_string(value); + if (status) { + goto clean_n_exit; + } } status = krb5_db2_db_init(kcontext); - clean_n_exit: +clean_n_exit: return status; } @@ -1379,97 +1380,97 @@ krb5_db2_create(krb5_context kcontext, char *conf_section, char **db_args) krb5_clear_error_message (kcontext); if (k5db2_inited(kcontext)) - return 0; + return 0; while (t_ptr && *t_ptr) { - char *opt = NULL, *val = NULL; - - krb5_db2_get_db_opt(*t_ptr, &opt, &val); - if (opt && !strcmp(opt, "dbname")) { - db_name = strdup(val); - if (db_name == NULL) { - free(opt); - free(val); - return ENOMEM; - } - } - else if (!opt && !strcmp(val, "temporary")) { - tempdb = 1; - } else if (!opt && !strcmp(val, "merge_nra")) { - ; - } else if (opt && !strcmp(opt, "hash")) { - flags = KRB5_KDB_CREATE_HASH; - } else { - krb5_set_error_message(kcontext, EINVAL, - "Unsupported argument \"%s\" for db2", - opt ? opt : val); - free(opt); - free(val); - return EINVAL; - } - - free(opt); - free(val); - t_ptr++; + char *opt = NULL, *val = NULL; + + krb5_db2_get_db_opt(*t_ptr, &opt, &val); + if (opt && !strcmp(opt, "dbname")) { + db_name = strdup(val); + if (db_name == NULL) { + free(opt); + free(val); + return ENOMEM; + } + } + else if (!opt && !strcmp(val, "temporary")) { + tempdb = 1; + } else if (!opt && !strcmp(val, "merge_nra")) { + ; + } else if (opt && !strcmp(opt, "hash")) { + flags = KRB5_KDB_CREATE_HASH; + } else { + krb5_set_error_message(kcontext, EINVAL, + "Unsupported argument \"%s\" for db2", + opt ? opt : val); + free(opt); + free(val); + return EINVAL; + } + + free(opt); + free(val); + t_ptr++; } if (db_name) { - status = krb5_db2_db_set_name(kcontext, db_name, tempdb); - if (!status) { - status = EEXIST; - goto clean_n_exit; - } - db_name_set = 1; + status = krb5_db2_db_set_name(kcontext, db_name, tempdb); + if (!status) { + status = EEXIST; + goto clean_n_exit; + } + db_name_set = 1; } if (!db_name_set) { - char *value = NULL; - status = profile_get_string(KRB5_DB_GET_PROFILE(kcontext), - KDB_MODULE_SECTION, conf_section, - /* under given conf section */ - KDB_DB2_DATABASE_NAME, NULL, &value); - - if (value == NULL) { - /* Special case for db2. We might actually be looking at - * old type config file where database is specified as - * part of realm. */ - status = profile_get_string(KRB5_DB_GET_PROFILE(kcontext), - KDB_REALM_SECTION, - KRB5_DB_GET_REALM(kcontext), - /* under given realm */ - KDB_DB2_DATABASE_NAME, - default_db_name, &value); - if (status) { - goto clean_n_exit; - } - } - - db_name = strdup(value); - if (db_name == NULL) { - status = ENOMEM; - profile_release_string(value); - goto clean_n_exit; - } - status = krb5_db2_db_set_name(kcontext, value, tempdb); - profile_release_string(value); - if (!status) { - status = EEXIST; - goto clean_n_exit; - } + char *value = NULL; + status = profile_get_string(KRB5_DB_GET_PROFILE(kcontext), + KDB_MODULE_SECTION, conf_section, + /* under given conf section */ + KDB_DB2_DATABASE_NAME, NULL, &value); + + if (value == NULL) { + /* Special case for db2. We might actually be looking at + * old type config file where database is specified as + * part of realm. */ + status = profile_get_string(KRB5_DB_GET_PROFILE(kcontext), + KDB_REALM_SECTION, + KRB5_DB_GET_REALM(kcontext), + /* under given realm */ + KDB_DB2_DATABASE_NAME, + default_db_name, &value); + if (status) { + goto clean_n_exit; + } + } + + db_name = strdup(value); + if (db_name == NULL) { + status = ENOMEM; + profile_release_string(value); + goto clean_n_exit; + } + status = krb5_db2_db_set_name(kcontext, value, tempdb); + profile_release_string(value); + if (!status) { + status = EEXIST; + goto clean_n_exit; + } } status = krb5_db2_db_create(kcontext, db_name, flags); if (status) - goto clean_n_exit; + goto clean_n_exit; /* db2 has a problem of needing to close and open the database again. This removes that need */ status = krb5_db2_db_fini(kcontext); if (status) - goto clean_n_exit; + goto clean_n_exit; status = krb5_db2_open(kcontext, conf_section, db_args, KRB5_KDB_OPEN_RW); - clean_n_exit: +clean_n_exit: if (db_name) - free(db_name); + free(db_name); return status; } @@ -1482,77 +1483,77 @@ krb5_db2_destroy(krb5_context kcontext, char *conf_section, char **db_args) char *db_name = NULL; while (t_ptr && *t_ptr) { - char *opt = NULL, *val = NULL; - - krb5_db2_get_db_opt(*t_ptr, &opt, &val); - if (opt && !strcmp(opt, "dbname")) { - db_name = strdup(val); - if (db_name == NULL) { - free(opt); - free(val); - return ENOMEM; - } - } - else if (!opt && !strcmp(val, "temporary")) { - tempdb = 1; - } - /* ignore hash argument. Might have been passed from create */ - else if (!opt || strcmp(opt, "hash")) { - free(opt); - free(val); - return EINVAL; - } - - free(opt); - free(val); - t_ptr++; + char *opt = NULL, *val = NULL; + + krb5_db2_get_db_opt(*t_ptr, &opt, &val); + if (opt && !strcmp(opt, "dbname")) { + db_name = strdup(val); + if (db_name == NULL) { + free(opt); + free(val); + return ENOMEM; + } + } + else if (!opt && !strcmp(val, "temporary")) { + tempdb = 1; + } + /* ignore hash argument. Might have been passed from create */ + else if (!opt || strcmp(opt, "hash")) { + free(opt); + free(val); + return EINVAL; + } + + free(opt); + free(val); + t_ptr++; } if (db_name) { - status = krb5_db2_db_set_name(kcontext, db_name, tempdb); - if (status) { - goto clean_n_exit; - } - db_name_set = 1; + status = krb5_db2_db_set_name(kcontext, db_name, tempdb); + if (status) { + goto clean_n_exit; + } + db_name_set = 1; } if (!db_name_set) { - char *value = NULL; - status = profile_get_string(KRB5_DB_GET_PROFILE(kcontext), KDB_MODULE_SECTION, conf_section, KDB_DB2_DATABASE_NAME, /* under given conf section */ - NULL, &value); - - if (value == NULL) { - /* special case for db2. We might actually be looking at old type config file where database is specified as part of realm */ - status = profile_get_string(KRB5_DB_GET_PROFILE(kcontext), KDB_REALM_SECTION, KRB5_DB_GET_REALM(kcontext), KDB_DB2_DATABASE_NAME, /* under given realm */ - default_db_name, &value); - if (status) { - goto clean_n_exit; - } - } - - db_name = strdup(value); - if (db_name == NULL) { - status = ENOMEM; - goto clean_n_exit; - } - status = krb5_db2_db_set_name(kcontext, value, tempdb); - profile_release_string(value); - if (status) { - goto clean_n_exit; - } + char *value = NULL; + status = profile_get_string(KRB5_DB_GET_PROFILE(kcontext), KDB_MODULE_SECTION, conf_section, KDB_DB2_DATABASE_NAME, /* under given conf section */ + NULL, &value); + + if (value == NULL) { + /* special case for db2. We might actually be looking at old type config file where database is specified as part of realm */ + status = profile_get_string(KRB5_DB_GET_PROFILE(kcontext), KDB_REALM_SECTION, KRB5_DB_GET_REALM(kcontext), KDB_DB2_DATABASE_NAME, /* under given realm */ + default_db_name, &value); + if (status) { + goto clean_n_exit; + } + } + + db_name = strdup(value); + if (db_name == NULL) { + status = ENOMEM; + goto clean_n_exit; + } + status = krb5_db2_db_set_name(kcontext, value, tempdb); + profile_release_string(value); + if (status) { + goto clean_n_exit; + } } status = krb5_db2_db_destroy(kcontext, db_name); - clean_n_exit: +clean_n_exit: if (db_name) - free(db_name); + free(db_name); return status; } krb5_error_code krb5_db2_set_master_key_ext(krb5_context kcontext, - char *pwd, krb5_keyblock * key) + char *pwd, krb5_keyblock * key) { return krb5_db2_db_set_mkey(kcontext, key); } @@ -1566,7 +1567,7 @@ krb5_db2_db_set_option(krb5_context kcontext, int option, void *value) kdb5_dal_handle *dal_handle; if (!k5db2_inited(kcontext)) - return KRB5_KDB_DBNOTINITED; + return KRB5_KDB_DBNOTINITED; dal_handle = kcontext->dal_handle; db_ctx = (krb5_db2_context *) dal_handle->db_context; @@ -1574,17 +1575,17 @@ krb5_db2_db_set_option(krb5_context kcontext, int option, void *value) switch (option) { case KRB5_KDB_OPT_SET_DB_NAME: - status = krb5_db2_db_set_name(kcontext, (char *) value, db_ctx->tempdb); - break; + status = krb5_db2_db_set_name(kcontext, (char *) value, db_ctx->tempdb); + break; case KRB5_KDB_OPT_SET_LOCK_MODE: - oldval = krb5_db2_db_set_lockmode(kcontext, *((krb5_boolean *) value)); - *((krb5_boolean *) value) = oldval; - break; + oldval = krb5_db2_db_set_lockmode(kcontext, *((krb5_boolean *) value)); + *((krb5_boolean *) value) = oldval; + break; default: - status = -1; /* TBD */ - break; + status = -1; /* TBD */ + break; } return status; @@ -1617,7 +1618,7 @@ krb5_db2_create_policy(krb5_context kcontext, osa_policy_ent_t policy) krb5_error_code krb5_db2_get_policy(krb5_context kcontext, - char *name, osa_policy_ent_t * policy, int *cnt) + char *name, osa_policy_ent_t * policy, int *cnt) { kdb5_dal_handle *dal_handle; krb5_db2_context *dbc; @@ -1642,8 +1643,8 @@ krb5_db2_put_policy(krb5_context kcontext, osa_policy_ent_t policy) krb5_error_code krb5_db2_iter_policy(krb5_context kcontext, - char *match_entry, - osa_adb_iter_policy_func func, void *data) + char *match_entry, + osa_adb_iter_policy_func func, void *data) { kdb5_dal_handle *dal_handle; krb5_db2_context *dbc; @@ -1687,38 +1688,38 @@ krb5_db2_promote_db(krb5_context kcontext, char *conf_section, char **db_args) krb5_clear_error_message (kcontext); { - kdb5_dal_handle *dal_handle = kcontext->dal_handle; - krb5_db2_context *db_ctx = dal_handle->db_context; - db_name = strdup(db_ctx->db_name); - if (db_name == NULL) { - status = ENOMEM; - goto clean_n_exit; - } + kdb5_dal_handle *dal_handle = kcontext->dal_handle; + krb5_db2_context *db_ctx = dal_handle->db_context; + db_name = strdup(db_ctx->db_name); + if (db_name == NULL) { + status = ENOMEM; + goto clean_n_exit; + } } assert(kcontext->dal_handle != NULL); temp_db_name = gen_dbsuffix(db_name, "~"); if (temp_db_name == NULL) { - status = ENOMEM; - goto clean_n_exit; + status = ENOMEM; + goto clean_n_exit; } for (db_argp = db_args; *db_argp; db_argp++) { - if (!strcmp(*db_argp, "merge_nra")) { - merge_nra++; - break; - } + if (!strcmp(*db_argp, "merge_nra")) { + merge_nra++; + break; + } } status = krb5_db2_db_rename (kcontext, temp_db_name, db_name, merge_nra); if (status) - goto clean_n_exit; + goto clean_n_exit; clean_n_exit: if (db_name) - free(db_name); + free(db_name); if (temp_db_name) - free(temp_db_name); + free(temp_db_name); return status; } @@ -1731,25 +1732,25 @@ clean_n_exit: */ static krb5_error_code krb5_db2_merge_principal(krb5_context kcontext, - krb5_db_entry *src, - krb5_db_entry *dst, - int *changed) + krb5_db_entry *src, + krb5_db_entry *dst, + int *changed) { *changed = 0; if (dst->last_success != src->last_success) { - dst->last_success = src->last_success; - (*changed)++; + dst->last_success = src->last_success; + (*changed)++; } if (dst->last_failed != src->last_failed) { - dst->last_failed = src->last_failed; - (*changed)++; + dst->last_failed = src->last_failed; + (*changed)++; } if (dst->fail_auth_count != src->fail_auth_count) { - dst->fail_auth_count = src->fail_auth_count; - (*changed)++; + dst->fail_auth_count = src->fail_auth_count; + (*changed)++; } return 0; @@ -1782,14 +1783,14 @@ krb5_db2_merge_nra_iterator(krb5_pointer ptr, krb5_db_entry *entry) /* look up the new principal in the old DB */ retval = krb5_db2_db_get_principal(nra->kcontext, - entry->princ, - &s_entry, - &n_entries, - &more); + entry->princ, + &s_entry, + &n_entries, + &more); if (retval != 0 || n_entries == 0) { - /* principal may be newly created, so ignore */ - dal_handle->db_context = dst_db; - return 0; + /* principal may be newly created, so ignore */ + dal_handle->db_context = dst_db; + return 0; } /* merge non-replicated attributes from the old entry in */ @@ -1799,12 +1800,12 @@ krb5_db2_merge_nra_iterator(krb5_pointer ptr, krb5_db_entry *entry) /* if necessary, commit the modified new entry to the new DB */ if (changed) { - retval = krb5_db2_db_put_principal(nra->kcontext, - entry, - &n_entries, - NULL); + retval = krb5_db2_db_put_principal(nra->kcontext, + entry, + &n_entries, + NULL); } else { - retval = 0; + retval = 0; } return retval; @@ -1819,8 +1820,8 @@ krb5_db2_merge_nra_iterator(krb5_pointer ptr, krb5_db_entry *entry) */ static krb5_error_code krb5_db2_begin_nra_merge(krb5_context kcontext, - krb5_db2_context *src_db, - krb5_db2_context *dst_db) + krb5_db2_context *src_db, + krb5_db2_context *dst_db) { krb5_error_code retval; kdb5_dal_handle *dal_handle = kcontext->dal_handle; @@ -1834,17 +1835,17 @@ krb5_db2_begin_nra_merge(krb5_context kcontext, retval = krb5_db2_db_lock(kcontext, KRB5_LOCKMODE_EXCLUSIVE); if (retval) { - dal_handle->db_context = dst_db; - return retval; + dal_handle->db_context = dst_db; + return retval; } retval = krb5_db2_db_iterate_ext(kcontext, - krb5_db2_merge_nra_iterator, - &nra, - 0, - 0); + krb5_db2_merge_nra_iterator, + &nra, + 0, + 0); if (retval != 0) - (void) krb5_db2_db_unlock(kcontext); + (void) krb5_db2_db_unlock(kcontext); dal_handle->db_context = dst_db; @@ -1857,8 +1858,8 @@ krb5_db2_begin_nra_merge(krb5_context kcontext, */ static krb5_error_code krb5_db2_end_nra_merge(krb5_context kcontext, - krb5_db2_context *src_db, - krb5_db2_context *dst_db) + krb5_db2_context *src_db, + krb5_db2_context *dst_db) { krb5_error_code retval; kdb5_dal_handle *dal_handle = kcontext->dal_handle; @@ -1896,7 +1897,7 @@ krb5_db2_db_rename(context, from, to, merge_nra) s_context = dal_handle->db_context; dal_handle->db_context = NULL; if ((retval = k5db2_init_context(context))) - return retval; + return retval; db_ctx = (krb5_db2_context *) dal_handle->db_context; /* @@ -1906,7 +1907,7 @@ krb5_db2_db_rename(context, from, to, merge_nra) */ retval = krb5_db2_db_create(context, to, 0); if (retval != 0 && retval != EEXIST) - goto errout; + goto errout; /* * Set the database to the target, so that other processes sharing @@ -1914,21 +1915,21 @@ krb5_db2_db_rename(context, from, to, merge_nra) */ retval = krb5_db2_db_set_name(context, to, 0); if (retval) - goto errout; + goto errout; retval = krb5_db2_db_init(context); if (retval) - goto errout; + goto errout; db_ctx->db_lf_name = gen_dbsuffix(db_ctx->db_name, KDB2_LOCK_EXT); if (db_ctx->db_lf_name == NULL) { - retval = ENOMEM; - goto errout; + retval = ENOMEM; + goto errout; } db_ctx->db_lf_file = open(db_ctx->db_lf_name, O_RDWR|O_CREAT, 0600); if (db_ctx->db_lf_file < 0) { - retval = errno; - goto errout; + retval = errno; + goto errout; } set_cloexec_fd(db_ctx->db_lf_file); @@ -1936,76 +1937,76 @@ krb5_db2_db_rename(context, from, to, merge_nra) retval = krb5_db2_db_get_age(context, NULL, &db_ctx->db_lf_time); if (retval) - goto errout; + goto errout; fromok = gen_dbsuffix(from, KDB2_LOCK_EXT); if (fromok == NULL) { - retval = ENOMEM; - goto errout; + retval = ENOMEM; + goto errout; } if ((retval = krb5_db2_db_lock(context, KRB5_LOCKMODE_EXCLUSIVE))) - goto errfromok; + goto errfromok; if ((retval = krb5_db2_db_start_update(context))) - goto errfromok; + goto errfromok; if (merge_nra) { - if ((retval = krb5_db2_begin_nra_merge(context, s_context, db_ctx))) - goto errfromok; + if ((retval = krb5_db2_begin_nra_merge(context, s_context, db_ctx))) + goto errfromok; } if (rename(from, to)) { - retval = errno; - goto errfromok; + retval = errno; + goto errfromok; } if (unlink(fromok)) { - retval = errno; - goto errfromok; + retval = errno; + goto errfromok; } if (merge_nra) { - krb5_db2_end_nra_merge(context, s_context, db_ctx); + krb5_db2_end_nra_merge(context, s_context, db_ctx); } retval = krb5_db2_db_end_update(context); if (retval) - goto errfromok; + goto errfromok; { - /* XXX moved so that NRA merge works */ - /* Ugly brute force hack. - - Should be going through nice friendly helper routines for - this, but it's a mess of jumbled so-called interfaces right - now. */ - char policy[2048], new_policy[2048]; - assert (strlen(db_ctx->db_name) < 2000); - snprintf(policy, sizeof(policy), "%s.kadm5", db_ctx->db_name); - snprintf(new_policy, sizeof(new_policy), - "%s~.kadm5", db_ctx->db_name); - if (0 != rename(new_policy, policy)) { - retval = errno; - goto errfromok; - } - strlcat(new_policy, ".lock",sizeof(new_policy)); - (void) unlink(new_policy); + /* XXX moved so that NRA merge works */ + /* Ugly brute force hack. + + Should be going through nice friendly helper routines for + this, but it's a mess of jumbled so-called interfaces right + now. */ + char policy[2048], new_policy[2048]; + assert (strlen(db_ctx->db_name) < 2000); + snprintf(policy, sizeof(policy), "%s.kadm5", db_ctx->db_name); + snprintf(new_policy, sizeof(new_policy), + "%s~.kadm5", db_ctx->db_name); + if (0 != rename(new_policy, policy)) { + retval = errno; + goto errfromok; + } + strlcat(new_policy, ".lock",sizeof(new_policy)); + (void) unlink(new_policy); } errfromok: free_dbsuffix(fromok); errout: if (dal_handle->db_context) { - if (db_ctx->db_lf_file >= 0) { - krb5_db2_db_unlock(context); - close(db_ctx->db_lf_file); - } - k5db2_clear_context((krb5_db2_context *) dal_handle->db_context); - free(dal_handle->db_context); + if (db_ctx->db_lf_file >= 0) { + krb5_db2_db_unlock(context); + close(db_ctx->db_lf_file); + } + k5db2_clear_context((krb5_db2_context *) dal_handle->db_context); + free(dal_handle->db_context); } dal_handle->db_context = s_context; - (void) krb5_db2_db_unlock(context); /* unlock saved context db */ + (void) krb5_db2_db_unlock(context); /* unlock saved context db */ return retval; } diff --git a/src/plugins/kdb/db2/kdb_db2.h b/src/plugins/kdb/db2/kdb_db2.h index 9f3cbc5c9..7e6fea13d 100644 --- a/src/plugins/kdb/db2/kdb_db2.h +++ b/src/plugins/kdb/db2/kdb_db2.h @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/kdb/kdb_db2.h * @@ -34,8 +35,8 @@ typedef struct _krb5_db2_context { krb5_boolean db_inited; /* Context initialized */ char * db_name; /* Name of database */ - DB * db; /* DB handle */ - krb5_boolean hashfirst; /* Try hash database type first */ + DB * db; /* DB handle */ + krb5_boolean hashfirst; /* Try hash database type first */ char * db_lf_name; /* Name of lock file */ int db_lf_file; /* File descriptor of lock file */ time_t db_lf_time; /* Time last updated */ @@ -53,169 +54,102 @@ typedef struct _krb5_db2_context { #define KDB2_LOCK_EXT ".ok" #define KDB2_TEMP_LOCK_EXT "~.ok" -krb5_error_code krb5_db2_db_init - (krb5_context); -krb5_error_code krb5_db2_db_fini - (krb5_context); -krb5_error_code krb5_db2_db_get_age - (krb5_context, - char *, - time_t * ); -krb5_error_code krb5_db2_db_create - (krb5_context, - char *, - krb5_int32); -krb5_error_code krb5_db2_db_destroy - (krb5_context, - char * ); -krb5_error_code krb5_db2_db_rename - (krb5_context, - char *, - char *, - int ); -krb5_error_code krb5_db2_db_get_principal - (krb5_context, - krb5_const_principal, - krb5_db_entry *, - int *, - krb5_boolean * ); -krb5_error_code krb5_db2_db_free_principal - (krb5_context, - krb5_db_entry *, - int ); -krb5_error_code krb5_db2_db_put_principal - (krb5_context, - krb5_db_entry *, - int *, - char **db_args - ); -krb5_error_code krb5_db2_db_iterate_ext - (krb5_context, - krb5_error_code (*) (krb5_pointer, - krb5_db_entry *), - krb5_pointer, int, int ); -krb5_error_code krb5_db2_db_iterate -(krb5_context,char *, - krb5_error_code (*) (krb5_pointer, - krb5_db_entry *), - krb5_pointer ); -krb5_error_code krb5_db2_db_set_nonblocking - (krb5_context, - krb5_boolean, - krb5_boolean * ); -krb5_boolean krb5_db2_db_set_lockmode - (krb5_context, - krb5_boolean ); -krb5_error_code krb5_db2_db_open_database - (krb5_context); -krb5_error_code krb5_db2_db_close_database - (krb5_context); +krb5_error_code krb5_db2_db_init(krb5_context); +krb5_error_code krb5_db2_db_fini(krb5_context); +krb5_error_code krb5_db2_db_get_age(krb5_context, char *, time_t *); +krb5_error_code krb5_db2_db_create(krb5_context, char *, krb5_int32); +krb5_error_code krb5_db2_db_destroy(krb5_context, char *); +krb5_error_code krb5_db2_db_rename(krb5_context, char *, char *, int ); +krb5_error_code krb5_db2_db_get_principal(krb5_context, krb5_const_principal, + krb5_db_entry *, int *, + krb5_boolean *); +krb5_error_code krb5_db2_db_free_principal(krb5_context, krb5_db_entry *, int); +krb5_error_code krb5_db2_db_put_principal(krb5_context, krb5_db_entry *, + int *, char **db_args); +krb5_error_code krb5_db2_db_iterate_ext(krb5_context, + krb5_error_code (*)(krb5_pointer, + krb5_db_entry *), + krb5_pointer, int, int); +krb5_error_code krb5_db2_db_iterate(krb5_context, char *, + krb5_error_code (*)(krb5_pointer, + krb5_db_entry *), + krb5_pointer); +krb5_error_code krb5_db2_db_set_nonblocking(krb5_context, krb5_boolean, + krb5_boolean *); +krb5_boolean krb5_db2_db_set_lockmode(krb5_context, krb5_boolean); +krb5_error_code krb5_db2_db_open_database(krb5_context); +krb5_error_code krb5_db2_db_close_database(krb5_context); krb5_error_code -krb5_db2_set_master_key_ext ( krb5_context kcontext, - char *pwd, - krb5_keyblock *key); +krb5_db2_set_master_key_ext(krb5_context kcontext, char *pwd, + krb5_keyblock *key); krb5_error_code -krb5_db2_db_set_mkey( krb5_context context, - krb5_keyblock *key); +krb5_db2_db_set_mkey(krb5_context context, krb5_keyblock *key); krb5_error_code -krb5_db2_db_get_mkey( krb5_context context, - krb5_keyblock **key); +krb5_db2_db_get_mkey(krb5_context context, krb5_keyblock **key); + krb5_error_code -krb5_db2_db_set_mkey_list( krb5_context context, - krb5_keylist_node *keylist); +krb5_db2_db_set_mkey_list(krb5_context context, krb5_keylist_node *keylist); krb5_error_code -krb5_db2_db_get_mkey_list( krb5_context context, - krb5_keylist_node **keylist); +krb5_db2_db_get_mkey_list(krb5_context context, krb5_keylist_node **keylist); krb5_error_code -krb5_db2_db_put_principal( krb5_context context, - krb5_db_entry *entries, - register int *nentries, - char **db_args); +krb5_db2_db_put_principal(krb5_context context, krb5_db_entry *entries, + register int *nentries, char **db_args); krb5_error_code krb5_db2_db_delete_principal(krb5_context context, - krb5_const_principal searchfor, - int *nentries); + krb5_const_principal searchfor, int *nentries); krb5_error_code krb5_db2_lib_init(void); - krb5_error_code krb5_db2_lib_cleanup(void); +krb5_error_code krb5_db2_db_unlock(krb5_context); krb5_error_code -krb5_db2_db_unlock(krb5_context); +krb5_db2_promote_db(krb5_context kcontext, char *conf_section, char **db_args); krb5_error_code -krb5_db2_promote_db(krb5_context kcontext, - char *conf_section, - char **db_args); +krb5_db2_db_set_option(krb5_context kcontext, int option, void *value ); krb5_error_code -krb5_db2_db_set_option ( krb5_context kcontext, - int option, - void *value ); - -krb5_error_code -krb5_db2_db_lock( krb5_context context, - int in_mode); - +krb5_db2_db_lock(krb5_context context, int in_mode); krb5_error_code -krb5_db2_open( krb5_context kcontext, - char *conf_section, - char **db_args, - int mode ); - -krb5_error_code krb5_db2_create( krb5_context kcontext, - char *conf_section, - char **db_args ); - -krb5_error_code krb5_db2_destroy( krb5_context kcontext, - char *conf_section, - char **db_args ); - -const char * krb5_db2_err2str( krb5_context kcontext, - long err_code ); - -void * -krb5_db2_alloc( krb5_context kcontext, - void *ptr, - size_t size ); - -void -krb5_db2_free( krb5_context kcontext, - void *ptr ); +krb5_db2_open(krb5_context kcontext, char *conf_section, char **db_args, + int mode); +krb5_error_code krb5_db2_create(krb5_context kcontext, char *conf_section, + char **db_args); +krb5_error_code krb5_db2_destroy(krb5_context kcontext, char *conf_section, + char **db_args); +const char *krb5_db2_err2str(krb5_context kcontext, long err_code); +void *krb5_db2_alloc(krb5_context kcontext, void *ptr, size_t size); +void krb5_db2_free(krb5_context kcontext, void *ptr); /* policy management functions */ krb5_error_code krb5_db2_create_policy(krb5_context context, osa_policy_ent_t entry); -krb5_error_code krb5_db2_get_policy ( krb5_context kcontext, - char *name, - osa_policy_ent_t *policy, - int *cnt); +krb5_error_code krb5_db2_get_policy(krb5_context kcontext, + char *name, osa_policy_ent_t *policy, + int *cnt); -krb5_error_code krb5_db2_put_policy ( krb5_context kcontext, - osa_policy_ent_t policy ); +krb5_error_code krb5_db2_put_policy(krb5_context kcontext, + osa_policy_ent_t policy); -krb5_error_code krb5_db2_iter_policy ( krb5_context kcontext, - char *match_entry, - osa_adb_iter_policy_func func, - void *data ); +krb5_error_code krb5_db2_iter_policy(krb5_context kcontext, char *match_entry, + osa_adb_iter_policy_func func, + void *data); -krb5_error_code krb5_db2_delete_policy ( krb5_context kcontext, - char *policy ); +krb5_error_code krb5_db2_delete_policy(krb5_context kcontext, char *policy); -void krb5_db2_free_policy( krb5_context kcontext, - osa_policy_ent_t entry ); +void krb5_db2_free_policy(krb5_context kcontext, osa_policy_ent_t entry); /* Thread-safety wrapper slapped on top of original implementation. */ extern k5_mutex_t *krb5_db2_mutex; diff --git a/src/plugins/kdb/db2/kdb_ext.c b/src/plugins/kdb/db2/kdb_ext.c index 69c5522ac..d000e4230 100644 --- a/src/plugins/kdb/db2/kdb_ext.c +++ b/src/plugins/kdb/db2/kdb_ext.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * plugins/kdb/db2/kdb_ext.c * diff --git a/src/plugins/kdb/db2/kdb_xdr.c b/src/plugins/kdb/db2/kdb_xdr.c index 38dc658fd..81a3cc426 100644 --- a/src/plugins/kdb/db2/kdb_xdr.c +++ b/src/plugins/kdb/db2/kdb_xdr.c @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/kdb/kdb_xdr.c * @@ -32,10 +33,8 @@ #include "kdb_xdr.h" krb5_error_code -krb5_encode_princ_dbkey(context, key, principal) - krb5_context context; - krb5_data *key; - krb5_const_principal principal; +krb5_encode_princ_dbkey(krb5_context context, krb5_data *key, + krb5_const_principal principal) { char *princ_name; krb5_error_code retval; @@ -49,26 +48,22 @@ krb5_encode_princ_dbkey(context, key, principal) } void -krb5_free_princ_dbkey(context, key) - krb5_context context; - krb5_data *key; +krb5_free_princ_dbkey(krb5_context context, krb5_data *key) { (void) krb5_free_data_contents(context, key); } krb5_error_code -krb5_encode_princ_contents(context, content, entry) - krb5_context context; - krb5_data * content; - krb5_db_entry * entry; +krb5_encode_princ_contents(krb5_context context, krb5_data *content, + krb5_db_entry *entry) { - int i, j; - unsigned int unparse_princ_size; - char * unparse_princ; - unsigned char * nextloc; - krb5_tl_data * tl_data; - krb5_error_code retval; - krb5_int16 psize16; + int i, j; + unsigned int unparse_princ_size; + char * unparse_princ; + unsigned char * nextloc; + krb5_tl_data * tl_data; + krb5_error_code retval; + krb5_int16 psize16; /* * Generate one lump of data from the krb5_db_entry. @@ -81,7 +76,7 @@ krb5_encode_princ_contents(context, content, entry) * Need 2 bytes for the length of the base structure * then 36 [ 8 * 4 + 2 * 2] bytes for the base information * [ attributes, max_life, max_renewable_life, expiration, - * pw_expiration, last_success, last_failed, fail_auth_count ] + * pw_expiration, last_success, last_failed, fail_auth_count ] * [ n_key_data, n_tl_data ] * then XX bytes [ e_length ] for the extra data [ e_data ] * then XX bytes [ 2 for length + length for string ] for the principal, @@ -91,7 +86,7 @@ krb5_encode_princ_contents(context, content, entry) content->length = entry->len + entry->e_length; if ((retval = krb5_unparse_name(context, entry->princ, &unparse_princ))) - return(retval); + return(retval); unparse_princ_size = strlen(unparse_princ) + 1; content->length += unparse_princ_size; @@ -100,28 +95,28 @@ krb5_encode_princ_contents(context, content, entry) i = 0; /* tl_data is a linked list */ for (tl_data = entry->tl_data; tl_data; tl_data = tl_data->tl_data_next) { - content->length += tl_data->tl_data_length; - content->length += 4; /* type, length */ - i++; + content->length += tl_data->tl_data_length; + content->length += 4; /* type, length */ + i++; } if (i != entry->n_tl_data) { - retval = KRB5_KDB_TRUNCATED_RECORD; - goto epc_error; + retval = KRB5_KDB_TRUNCATED_RECORD; + goto epc_error; } /* key_data is an array */ for (i = 0; i < entry->n_key_data; i++) { - content->length += 4; /* Version, KVNO */ - for (j = 0; j < entry->key_data[i].key_data_ver; j++) { - content->length += entry->key_data[i].key_data_length[j]; - content->length += 4; /* type + length */ - } + content->length += 4; /* Version, KVNO */ + for (j = 0; j < entry->key_data[i].key_data_ver; j++) { + content->length += entry->key_data[i].key_data_length[j]; + content->length += 4; /* type + length */ + } } if ((content->data = malloc(content->length)) == NULL) { - retval = ENOMEM; - goto epc_error; + retval = ENOMEM; + goto epc_error; } /* @@ -130,103 +125,103 @@ krb5_encode_princ_contents(context, content, entry) */ nextloc = (unsigned char *)content->data; - /* Base Length */ + /* Base Length */ krb5_kdb_encode_int16(entry->len, nextloc); nextloc += 2; - /* Attributes */ + /* Attributes */ krb5_kdb_encode_int32(entry->attributes, nextloc); nextloc += 4; - /* Max Life */ + /* Max Life */ krb5_kdb_encode_int32(entry->max_life, nextloc); nextloc += 4; - /* Max Renewable Life */ + /* Max Renewable Life */ krb5_kdb_encode_int32(entry->max_renewable_life, nextloc); nextloc += 4; - /* When the client expires */ + /* When the client expires */ krb5_kdb_encode_int32(entry->expiration, nextloc); nextloc += 4; - /* When its passwd expires */ + /* When its passwd expires */ krb5_kdb_encode_int32(entry->pw_expiration, nextloc); nextloc += 4; - /* Last successful passwd */ + /* Last successful passwd */ krb5_kdb_encode_int32(entry->last_success, nextloc); nextloc += 4; - /* Last failed passwd attempt */ + /* Last failed passwd attempt */ krb5_kdb_encode_int32(entry->last_failed, nextloc); nextloc += 4; - /* # of failed passwd attempt */ + /* # of failed passwd attempt */ krb5_kdb_encode_int32(entry->fail_auth_count, nextloc); nextloc += 4; - /* # tl_data strutures */ + /* # tl_data strutures */ krb5_kdb_encode_int16(entry->n_tl_data, nextloc); nextloc += 2; - /* # key_data strutures */ + /* # key_data strutures */ krb5_kdb_encode_int16(entry->n_key_data, nextloc); nextloc += 2; - /* Put extended fields here */ + /* Put extended fields here */ if (entry->len != KRB5_KDB_V1_BASE_LENGTH) - abort(); + abort(); - /* Any extra data that this version doesn't understand. */ + /* Any extra data that this version doesn't understand. */ if (entry->e_length) { - memcpy(nextloc, entry->e_data, entry->e_length); - nextloc += entry->e_length; + memcpy(nextloc, entry->e_data, entry->e_length); + nextloc += entry->e_length; } - /* - * Now we get to the principal. - * To squeze a few extra bytes out it is always assumed to come - * after the base type. - */ + /* + * Now we get to the principal. + * To squeze a few extra bytes out it is always assumed to come + * after the base type. + */ psize16 = (krb5_int16) unparse_princ_size; krb5_kdb_encode_int16(psize16, nextloc); nextloc += 2; (void) memcpy(nextloc, unparse_princ, unparse_princ_size); nextloc += unparse_princ_size; - /* tl_data is a linked list, of type, legth, contents */ + /* tl_data is a linked list, of type, legth, contents */ for (tl_data = entry->tl_data; tl_data; tl_data = tl_data->tl_data_next) { - krb5_kdb_encode_int16(tl_data->tl_data_type, nextloc); - nextloc += 2; - krb5_kdb_encode_int16(tl_data->tl_data_length, nextloc); - nextloc += 2; + krb5_kdb_encode_int16(tl_data->tl_data_type, nextloc); + nextloc += 2; + krb5_kdb_encode_int16(tl_data->tl_data_length, nextloc); + nextloc += 2; - memcpy(nextloc, tl_data->tl_data_contents, tl_data->tl_data_length); - nextloc += tl_data->tl_data_length; + memcpy(nextloc, tl_data->tl_data_contents, tl_data->tl_data_length); + nextloc += tl_data->tl_data_length; } - /* key_data is an array */ + /* key_data is an array */ for (i = 0; i < entry->n_key_data; i++) { - krb5_kdb_encode_int16(entry->key_data[i].key_data_ver, nextloc); - nextloc += 2; - krb5_kdb_encode_int16(entry->key_data[i].key_data_kvno, nextloc); - nextloc += 2; - - for (j = 0; j < entry->key_data[i].key_data_ver; j++) { - krb5_int16 type = entry->key_data[i].key_data_type[j]; - krb5_ui_2 length = entry->key_data[i].key_data_length[j]; - - krb5_kdb_encode_int16(type, nextloc); - nextloc += 2; - krb5_kdb_encode_int16(length, nextloc); - nextloc += 2; - - if (length) { - memcpy(nextloc, entry->key_data[i].key_data_contents[j],length); - nextloc += length; - } - } + krb5_kdb_encode_int16(entry->key_data[i].key_data_ver, nextloc); + nextloc += 2; + krb5_kdb_encode_int16(entry->key_data[i].key_data_kvno, nextloc); + nextloc += 2; + + for (j = 0; j < entry->key_data[i].key_data_ver; j++) { + krb5_int16 type = entry->key_data[i].key_data_type[j]; + krb5_ui_2 length = entry->key_data[i].key_data_length[j]; + + krb5_kdb_encode_int16(type, nextloc); + nextloc += 2; + krb5_kdb_encode_int16(length, nextloc); + nextloc += 2; + + if (length) { + memcpy(nextloc, entry->key_data[i].key_data_contents[j],length); + nextloc += length; + } + } } epc_error:; @@ -235,24 +230,20 @@ epc_error:; } void -krb5_free_princ_contents(context, contents) - krb5_context context; - krb5_data *contents; +krb5_free_princ_contents(krb5_context context, krb5_data *contents) { krb5_free_data_contents(context, contents); return; } krb5_error_code -krb5_decode_princ_contents(context, content, entry) - krb5_context context; - krb5_data * content; - krb5_db_entry * entry; +krb5_decode_princ_contents(krb5_context context, krb5_data *content, + krb5_db_entry *entry) { - int sizeleft, i; - unsigned char * nextloc; + int sizeleft, i; + unsigned char * nextloc; krb5_tl_data ** tl_data; - krb5_int16 i16; + krb5_int16 i16; krb5_error_code retval; @@ -272,67 +263,67 @@ krb5_decode_princ_contents(context, content, entry) nextloc = (unsigned char *)content->data; sizeleft = content->length; if ((sizeleft -= KRB5_KDB_V1_BASE_LENGTH) < 0) - return KRB5_KDB_TRUNCATED_RECORD; + return KRB5_KDB_TRUNCATED_RECORD; - /* Base Length */ + /* Base Length */ krb5_kdb_decode_int16(nextloc, entry->len); nextloc += 2; - /* Attributes */ + /* Attributes */ krb5_kdb_decode_int32(nextloc, entry->attributes); nextloc += 4; - /* Max Life */ + /* Max Life */ krb5_kdb_decode_int32(nextloc, entry->max_life); nextloc += 4; - /* Max Renewable Life */ + /* Max Renewable Life */ krb5_kdb_decode_int32(nextloc, entry->max_renewable_life); nextloc += 4; - /* When the client expires */ + /* When the client expires */ krb5_kdb_decode_int32(nextloc, entry->expiration); nextloc += 4; - /* When its passwd expires */ + /* When its passwd expires */ krb5_kdb_decode_int32(nextloc, entry->pw_expiration); nextloc += 4; - /* Last successful passwd */ + /* Last successful passwd */ krb5_kdb_decode_int32(nextloc, entry->last_success); nextloc += 4; - /* Last failed passwd attempt */ + /* Last failed passwd attempt */ krb5_kdb_decode_int32(nextloc, entry->last_failed); nextloc += 4; - /* # of failed passwd attempt */ + /* # of failed passwd attempt */ krb5_kdb_decode_int32(nextloc, entry->fail_auth_count); nextloc += 4; - /* # tl_data strutures */ + /* # tl_data strutures */ krb5_kdb_decode_int16(nextloc, entry->n_tl_data); nextloc += 2; if (entry->n_tl_data < 0) - return KRB5_KDB_TRUNCATED_RECORD; + return KRB5_KDB_TRUNCATED_RECORD; - /* # key_data strutures */ + /* # key_data strutures */ krb5_kdb_decode_int16(nextloc, entry->n_key_data); nextloc += 2; if (entry->n_key_data < 0) - return KRB5_KDB_TRUNCATED_RECORD; + return KRB5_KDB_TRUNCATED_RECORD; - /* Check for extra data */ + /* Check for extra data */ if (entry->len > KRB5_KDB_V1_BASE_LENGTH) { - entry->e_length = entry->len - KRB5_KDB_V1_BASE_LENGTH; - if ((entry->e_data = (krb5_octet *)malloc(entry->e_length))) { - memcpy(entry->e_data, nextloc, entry->e_length); - nextloc += entry->e_length; - } else { - return ENOMEM; - } + entry->e_length = entry->len - KRB5_KDB_V1_BASE_LENGTH; + if ((entry->e_data = (krb5_octet *)malloc(entry->e_length))) { + memcpy(entry->e_data, nextloc, entry->e_length); + nextloc += entry->e_length; + } else { + return ENOMEM; + } } /* @@ -340,8 +331,8 @@ krb5_decode_princ_contents(context, content, entry) * (stored as a string which gets unparsed.) */ if ((sizeleft -= 2) < 0) { - retval = KRB5_KDB_TRUNCATED_RECORD; - goto error_out; + retval = KRB5_KDB_TRUNCATED_RECORD; + goto error_out; } i = 0; @@ -350,99 +341,99 @@ krb5_decode_princ_contents(context, content, entry) nextloc += 2; if ((retval = krb5_parse_name(context, (char *)nextloc, &(entry->princ)))) - goto error_out; + goto error_out; if (((size_t) i != (strlen((char *)nextloc) + 1)) || (sizeleft < i)) { - retval = KRB5_KDB_TRUNCATED_RECORD; - goto error_out; + retval = KRB5_KDB_TRUNCATED_RECORD; + goto error_out; } sizeleft -= i; nextloc += i; - /* tl_data is a linked list */ + /* tl_data is a linked list */ tl_data = &entry->tl_data; for (i = 0; i < entry->n_tl_data; i++) { - if ((sizeleft -= 4) < 0) { - retval = KRB5_KDB_TRUNCATED_RECORD; - goto error_out; - } - if ((*tl_data = (krb5_tl_data *) - malloc(sizeof(krb5_tl_data))) == NULL) { - retval = ENOMEM; - goto error_out; - } - (*tl_data)->tl_data_next = NULL; - (*tl_data)->tl_data_contents = NULL; - krb5_kdb_decode_int16(nextloc, (*tl_data)->tl_data_type); - nextloc += 2; - krb5_kdb_decode_int16(nextloc, (*tl_data)->tl_data_length); - nextloc += 2; - - if ((sizeleft -= (*tl_data)->tl_data_length) < 0) { - retval = KRB5_KDB_TRUNCATED_RECORD; - goto error_out; - } - if (((*tl_data)->tl_data_contents = (krb5_octet *) - malloc((*tl_data)->tl_data_length)) == NULL) { - retval = ENOMEM; - goto error_out; - } - memcpy((*tl_data)->tl_data_contents,nextloc,(*tl_data)->tl_data_length); - nextloc += (*tl_data)->tl_data_length; - tl_data = &((*tl_data)->tl_data_next); + if ((sizeleft -= 4) < 0) { + retval = KRB5_KDB_TRUNCATED_RECORD; + goto error_out; + } + if ((*tl_data = (krb5_tl_data *) + malloc(sizeof(krb5_tl_data))) == NULL) { + retval = ENOMEM; + goto error_out; + } + (*tl_data)->tl_data_next = NULL; + (*tl_data)->tl_data_contents = NULL; + krb5_kdb_decode_int16(nextloc, (*tl_data)->tl_data_type); + nextloc += 2; + krb5_kdb_decode_int16(nextloc, (*tl_data)->tl_data_length); + nextloc += 2; + + if ((sizeleft -= (*tl_data)->tl_data_length) < 0) { + retval = KRB5_KDB_TRUNCATED_RECORD; + goto error_out; + } + if (((*tl_data)->tl_data_contents = (krb5_octet *) + malloc((*tl_data)->tl_data_length)) == NULL) { + retval = ENOMEM; + goto error_out; + } + memcpy((*tl_data)->tl_data_contents,nextloc,(*tl_data)->tl_data_length); + nextloc += (*tl_data)->tl_data_length; + tl_data = &((*tl_data)->tl_data_next); } - /* key_data is an array */ + /* key_data is an array */ if (entry->n_key_data && ((entry->key_data = (krb5_key_data *) - malloc(sizeof(krb5_key_data) * entry->n_key_data)) == NULL)) { + malloc(sizeof(krb5_key_data) * entry->n_key_data)) == NULL)) { retval = ENOMEM; - goto error_out; + goto error_out; } for (i = 0; i < entry->n_key_data; i++) { - krb5_key_data * key_data; + krb5_key_data * key_data; int j; - if ((sizeleft -= 4) < 0) { - retval = KRB5_KDB_TRUNCATED_RECORD; - goto error_out; - } - key_data = entry->key_data + i; - memset(key_data, 0, sizeof(krb5_key_data)); - krb5_kdb_decode_int16(nextloc, key_data->key_data_ver); - nextloc += 2; - krb5_kdb_decode_int16(nextloc, key_data->key_data_kvno); - nextloc += 2; - - /* key_data_ver determins number of elements and how to unparse them. */ - if (key_data->key_data_ver <= KRB5_KDB_V1_KEY_DATA_ARRAY) { - for (j = 0; j < key_data->key_data_ver; j++) { - if ((sizeleft -= 4) < 0) { - retval = KRB5_KDB_TRUNCATED_RECORD; - goto error_out; - } - krb5_kdb_decode_int16(nextloc, key_data->key_data_type[j]); - nextloc += 2; - krb5_kdb_decode_int16(nextloc, key_data->key_data_length[j]); - nextloc += 2; - - if ((sizeleft -= key_data->key_data_length[j]) < 0) { - retval = KRB5_KDB_TRUNCATED_RECORD; - goto error_out; - } - if (key_data->key_data_length[j]) { - if ((key_data->key_data_contents[j] = (krb5_octet *) - malloc(key_data->key_data_length[j])) == NULL) { - retval = ENOMEM; - goto error_out; - } - memcpy(key_data->key_data_contents[j], nextloc, - key_data->key_data_length[j]); - nextloc += key_data->key_data_length[j]; - } - } - } else { - /* This isn't right. I'll fix it later */ - abort(); - } + if ((sizeleft -= 4) < 0) { + retval = KRB5_KDB_TRUNCATED_RECORD; + goto error_out; + } + key_data = entry->key_data + i; + memset(key_data, 0, sizeof(krb5_key_data)); + krb5_kdb_decode_int16(nextloc, key_data->key_data_ver); + nextloc += 2; + krb5_kdb_decode_int16(nextloc, key_data->key_data_kvno); + nextloc += 2; + + /* key_data_ver determins number of elements and how to unparse them. */ + if (key_data->key_data_ver <= KRB5_KDB_V1_KEY_DATA_ARRAY) { + for (j = 0; j < key_data->key_data_ver; j++) { + if ((sizeleft -= 4) < 0) { + retval = KRB5_KDB_TRUNCATED_RECORD; + goto error_out; + } + krb5_kdb_decode_int16(nextloc, key_data->key_data_type[j]); + nextloc += 2; + krb5_kdb_decode_int16(nextloc, key_data->key_data_length[j]); + nextloc += 2; + + if ((sizeleft -= key_data->key_data_length[j]) < 0) { + retval = KRB5_KDB_TRUNCATED_RECORD; + goto error_out; + } + if (key_data->key_data_length[j]) { + if ((key_data->key_data_contents[j] = (krb5_octet *) + malloc(key_data->key_data_length[j])) == NULL) { + retval = ENOMEM; + goto error_out; + } + memcpy(key_data->key_data_contents[j], nextloc, + key_data->key_data_length[j]); + nextloc += key_data->key_data_length[j]; + } + } + } else { + /* This isn't right. I'll fix it later */ + abort(); + } } return 0; @@ -452,41 +443,39 @@ error_out:; } void -krb5_dbe_free_contents(context, entry) - krb5_context context; - krb5_db_entry * entry; +krb5_dbe_free_contents(krb5_context context, krb5_db_entry *entry) { - krb5_tl_data * tl_data_next; - krb5_tl_data * tl_data; + krb5_tl_data * tl_data_next; + krb5_tl_data * tl_data; int i, j; if (entry->e_data) - free(entry->e_data); + free(entry->e_data); if (entry->princ) - krb5_free_principal(context, entry->princ); + krb5_free_principal(context, entry->princ); for (tl_data = entry->tl_data; tl_data; tl_data = tl_data_next) { - tl_data_next = tl_data->tl_data_next; - if (tl_data->tl_data_contents) - free(tl_data->tl_data_contents); - free(tl_data); + tl_data_next = tl_data->tl_data_next; + if (tl_data->tl_data_contents) + free(tl_data->tl_data_contents); + free(tl_data); } if (entry->key_data) { - for (i = 0; i < entry->n_key_data; i++) { - for (j = 0; j < entry->key_data[i].key_data_ver; j++) { - if (entry->key_data[i].key_data_length[j]) { - if (entry->key_data[i].key_data_contents[j]) { - memset(entry->key_data[i].key_data_contents[j], - 0, - (unsigned) entry->key_data[i].key_data_length[j]); - free (entry->key_data[i].key_data_contents[j]); - } - } - entry->key_data[i].key_data_contents[j] = NULL; - entry->key_data[i].key_data_length[j] = 0; - entry->key_data[i].key_data_type[j] = 0; - } - } - free(entry->key_data); + for (i = 0; i < entry->n_key_data; i++) { + for (j = 0; j < entry->key_data[i].key_data_ver; j++) { + if (entry->key_data[i].key_data_length[j]) { + if (entry->key_data[i].key_data_contents[j]) { + memset(entry->key_data[i].key_data_contents[j], + 0, + (unsigned) entry->key_data[i].key_data_length[j]); + free (entry->key_data[i].key_data_contents[j]); + } + } + entry->key_data[i].key_data_contents[j] = NULL; + entry->key_data[i].key_data_length[j] = 0; + entry->key_data[i].key_data_type[j] = 0; + } + } + free(entry->key_data); } memset(entry, 0, sizeof(*entry)); return; diff --git a/src/plugins/kdb/db2/kdb_xdr.h b/src/plugins/kdb/db2/kdb_xdr.h index bd01ead27..e4a202b37 100644 --- a/src/plugins/kdb/db2/kdb_xdr.h +++ b/src/plugins/kdb/db2/kdb_xdr.h @@ -1,34 +1,28 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ #ifndef _KDB2_XDR_H #define _KDB2_XDR_H #include "kdb.h" krb5_error_code -krb5_encode_princ_dbkey( krb5_context context, - krb5_data *key, - krb5_const_principal principal); +krb5_encode_princ_dbkey(krb5_context context, krb5_data *key, + krb5_const_principal principal); krb5_error_code -krb5_decode_princ_contents( krb5_context context, - krb5_data * content, - krb5_db_entry * entry); +krb5_decode_princ_contents(krb5_context context, krb5_data *content, + krb5_db_entry *entry); void -krb5_dbe_free_contents( krb5_context context, - krb5_db_entry * entry); +krb5_dbe_free_contents(krb5_context context, krb5_db_entry *entry); krb5_error_code -krb5_encode_princ_contents( krb5_context context, - krb5_data * content, - krb5_db_entry * entry); - +krb5_encode_princ_contents(krb5_context context, krb5_data *content, + krb5_db_entry *entry); void -krb5_free_princ_dbkey( krb5_context context, - krb5_data *key); +krb5_free_princ_dbkey(krb5_context context, krb5_data *key); void -krb5_free_princ_contents( krb5_context context, - krb5_data *contents); +krb5_free_princ_contents(krb5_context context, krb5_data *contents); #endif diff --git a/src/plugins/kdb/db2/lockout.c b/src/plugins/kdb/db2/lockout.c index e6c4b65e0..498c0dea6 100644 --- a/src/plugins/kdb/db2/lockout.c +++ b/src/plugins/kdb/db2/lockout.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * plugins/kdb/db2/lockout.c * diff --git a/src/plugins/kdb/db2/policy_db.h b/src/plugins/kdb/db2/policy_db.h index 54af70cd6..f2842e956 100644 --- a/src/plugins/kdb/db2/policy_db.h +++ b/src/plugins/kdb/db2/policy_db.h @@ -1,3 +1,4 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Data Types for policy and principal information that * exists in the respective databases. @@ -33,70 +34,70 @@ #include "adb_err.h" #include <com_err.h> -typedef long osa_adb_ret_t; +typedef long osa_adb_ret_t; -#define OSA_ADB_POLICY_DB_MAGIC 0x12345A00 +#define OSA_ADB_POLICY_DB_MAGIC 0x12345A00 -#define OSA_ADB_POLICY_VERSION_MASK 0x12345D00 -#define OSA_ADB_POLICY_VERSION_1 0x12345D01 -#define OSA_ADB_POLICY_VERSION_2 0x12345D02 +#define OSA_ADB_POLICY_VERSION_MASK 0x12345D00 +#define OSA_ADB_POLICY_VERSION_1 0x12345D01 +#define OSA_ADB_POLICY_VERSION_2 0x12345D02 typedef struct _osa_adb_db_lock_ent_t { - FILE *lockfile; - char *filename; - int refcnt, lockmode, lockcnt; - krb5_context context; + FILE *lockfile; + char *filename; + int refcnt, lockmode, lockcnt; + krb5_context context; } osa_adb_lock_ent, *osa_adb_lock_t; typedef struct _osa_adb_db_ent_t { - int magic; - DB *db; - HASHINFO info; - BTREEINFO btinfo; - char *filename; - osa_adb_lock_t lock; - int opencnt; + int magic; + DB *db; + HASHINFO info; + BTREEINFO btinfo; + char *filename; + osa_adb_lock_t lock; + int opencnt; } osa_adb_db_ent, *osa_adb_db_t, *osa_adb_princ_t, *osa_adb_policy_t; /* * Return Code (the rest are in adb_err.h) */ -#define OSA_ADB_OK 0 +#define OSA_ADB_OK 0 /* * Functions */ -krb5_error_code osa_adb_create_db(char *filename, char *lockfile, int magic); -krb5_error_code osa_adb_destroy_db(char *filename, char *lockfile, int magic); -krb5_error_code osa_adb_rename_db(char *filefrom, char *lockfrom, - char *fileto, char *lockto, int magic); -krb5_error_code osa_adb_init_db(osa_adb_db_t *dbp, char *filename, - char *lockfile, int magic); -krb5_error_code osa_adb_fini_db(osa_adb_db_t db, int magic); -krb5_error_code osa_adb_get_lock(osa_adb_db_t db, int mode); -krb5_error_code osa_adb_release_lock(osa_adb_db_t db); +krb5_error_code osa_adb_create_db(char *filename, char *lockfile, int magic); +krb5_error_code osa_adb_destroy_db(char *filename, char *lockfile, int magic); +krb5_error_code osa_adb_rename_db(char *filefrom, char *lockfrom, + char *fileto, char *lockto, int magic); +krb5_error_code osa_adb_init_db(osa_adb_db_t *dbp, char *filename, + char *lockfile, int magic); +krb5_error_code osa_adb_fini_db(osa_adb_db_t db, int magic); +krb5_error_code osa_adb_get_lock(osa_adb_db_t db, int mode); +krb5_error_code osa_adb_release_lock(osa_adb_db_t db); krb5_error_code osa_adb_open_and_lock(osa_adb_princ_t db, int locktype); krb5_error_code osa_adb_close_and_unlock(osa_adb_princ_t db); -krb5_error_code osa_adb_close_policy(osa_adb_policy_t db); -krb5_error_code osa_adb_create_policy(osa_adb_policy_t db, - osa_policy_ent_t entry); -krb5_error_code osa_adb_destroy_policy(osa_adb_policy_t db, - char * name); -krb5_error_code osa_adb_get_policy(osa_adb_policy_t db, - char * name, - osa_policy_ent_t *entry, - int *cnt); -krb5_error_code osa_adb_put_policy(osa_adb_policy_t db, - osa_policy_ent_t entry); -krb5_error_code osa_adb_iter_policy(osa_adb_policy_t db, - osa_adb_iter_policy_func func, - void * data); -void osa_free_policy_ent(osa_policy_ent_t val); - -bool_t xdr_osa_policy_ent_rec(XDR *xdrs, osa_policy_ent_t objp); +krb5_error_code osa_adb_close_policy(osa_adb_policy_t db); +krb5_error_code osa_adb_create_policy(osa_adb_policy_t db, + osa_policy_ent_t entry); +krb5_error_code osa_adb_destroy_policy(osa_adb_policy_t db, + char * name); +krb5_error_code osa_adb_get_policy(osa_adb_policy_t db, + char * name, + osa_policy_ent_t *entry, + int *cnt); +krb5_error_code osa_adb_put_policy(osa_adb_policy_t db, + osa_policy_ent_t entry); +krb5_error_code osa_adb_iter_policy(osa_adb_policy_t db, + osa_adb_iter_policy_func func, + void * data); +void osa_free_policy_ent(osa_policy_ent_t val); + +bool_t xdr_osa_policy_ent_rec(XDR *xdrs, osa_policy_ent_t objp); #endif /* __ADB_H__ */ |