search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Update kdump(1) to print more human readable information.
[dragonfly.git] / crypto / heimdal-0.6.3 / admin / change.c
blobf790da3436fc97ff3795fd63d433b5a744c65f3c
1 /*
2 * Copyright (c) 1997 - 2001, 2003 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34 #include "ktutil_locl.h"
35
36 RCSID("$Id: change.c,v 1.5 2003/04/01 15:04:49 lha Exp $");
37
38 static void
39 change_entry (krb5_context context, krb5_keytab keytab,
40 krb5_principal principal, krb5_kvno kvno,
41 const char *realm, const char *admin_server, int server_port)
42 {
43 krb5_error_code ret;
44 kadm5_config_params conf;
45 void *kadm_handle;
46 char *client_name;
47 krb5_keyblock *keys;
48 int num_keys;
49 int i;
50
51 ret = krb5_unparse_name (context, principal, &client_name);
52 if (ret) {
53 krb5_warn (context, ret, "krb5_unparse_name");
54 return;
55 }
56
57 memset (&conf, 0, sizeof(conf));
58
59 if(realm)
60 conf.realm = (char *)realm;
61 else
62 conf.realm = *krb5_princ_realm (context, principal);
63 conf.mask |= KADM5_CONFIG_REALM;
64
65 if (admin_server) {
66 conf.admin_server = (char *)admin_server;
67 conf.mask |= KADM5_CONFIG_ADMIN_SERVER;
68 }
69
70 if (server_port) {
71 conf.kadmind_port = htons(server_port);
72 conf.mask |= KADM5_CONFIG_KADMIND_PORT;
73 }
74
75 ret = kadm5_init_with_skey_ctx (context,
76 client_name,
77 keytab_string,
78 KADM5_ADMIN_SERVICE,
79 &conf, 0, 0,
80 &kadm_handle);
81 free (client_name);
82 if (ret) {
83 krb5_warn (context, ret, "kadm5_c_init_with_skey_ctx");
84 return;
85 }
86 ret = kadm5_randkey_principal (kadm_handle, principal, &keys, &num_keys);
87 kadm5_destroy (kadm_handle);
88 if (ret) {
89 krb5_warn(context, ret, "kadm5_randkey_principal");
90 return;
91 }
92 for (i = 0; i < num_keys; ++i) {
93 krb5_keytab_entry new_entry;
94
95 new_entry.principal = principal;
96 new_entry.timestamp = time (NULL);
97 new_entry.vno = kvno + 1;
98 new_entry.keyblock = keys[i];
99
100 ret = krb5_kt_add_entry (context, keytab, &new_entry);
101 if (ret)
102 krb5_warn (context, ret, "krb5_kt_add_entry");
103 krb5_free_keyblock_contents (context, &keys[i]);
104 }
105 }
106
107 /*
108 * loop over all the entries in the keytab (or those given) and change
109 * their keys, writing the new keys
110 */
111
112 struct change_set {
113 krb5_principal principal;
114 krb5_kvno kvno;
115 };
116
117 int
118 kt_change (int argc, char **argv)
119 {
120 krb5_error_code ret;
121 krb5_keytab keytab;
122 krb5_kt_cursor cursor;
123 krb5_keytab_entry entry;
124 char *realm = NULL;
125 char *admin_server = NULL;
126 int server_port = 0;
127 int help_flag = 0;
128 int optind = 0;
129 int i, j, max;
130 struct change_set *changeset;
131
132 struct getargs args[] = {
133 { "realm", 'r', arg_string, NULL,
134 "realm to use", "realm"
135 },
136 { "admin-server", 'a', arg_string, NULL,
137 "server to contact", "host"
138 },
139 { "server-port", 's', arg_integer, NULL,
140 "port to contact", "port number"
141 },
142 { "help", 'h', arg_flag, NULL }
143 };
144
145 args[0].value = &realm;
146 args[1].value = &admin_server;
147 args[2].value = &server_port;
148 args[3].value = &help_flag;
149
150 if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optind)
151 || help_flag) {
152 arg_printusage(args, sizeof(args) / sizeof(args[0]),
153 "ktutil change", "principal...");
154 return 1;
155 }
156
157 if((keytab = ktutil_open_keytab()) == NULL)
158 return 1;
159
160 j = 0;
161 max = 0;
162 changeset = NULL;
163
164 ret = krb5_kt_start_seq_get(context, keytab, &cursor);
165 if(ret){
166 krb5_warn(context, ret, "krb5_kt_start_seq_get %s", keytab_string);
167 goto out;
168 }
169
170 while((ret = krb5_kt_next_entry(context, keytab, &entry, &cursor)) == 0) {
171 int add = 0;
172
173 for (i = 0; i < j; ++i) {
174 if (krb5_principal_compare (context, changeset[i].principal,
175 entry.principal)) {
176 if (changeset[i].kvno < entry.vno)
177 changeset[i].kvno = entry.vno;
178 break;
179 }
180 }
181 if (i < j)
182 continue;
183
184 if (optind == argc) {
185 add = 1;
186 } else {
187 for (i = optind; i < argc; ++i) {
188 krb5_principal princ;
189
190 ret = krb5_parse_name (context, argv[i], &princ);
191 if (ret) {
192 krb5_warn (context, ret, "krb5_parse_name %s", argv[i]);
193 continue;
194 }
195 if (krb5_principal_compare (context, princ, entry.principal))
196 add = 1;
197
198 krb5_free_principal (context, princ);
199 }
200 }
201
202 if (add) {
203 if (j >= max) {
204 void *tmp;
205
206 max = max(max * 2, 1);
207 tmp = realloc (changeset, max * sizeof(*changeset));
208 if (tmp == NULL) {
209 krb5_kt_free_entry (context, &entry);
210 krb5_warnx (context, "realloc: out of memory");
211 ret = ENOMEM;
212 break;
213 }
214 changeset = tmp;
215 }
216 ret = krb5_copy_principal (context, entry.principal,
217 &changeset[j].principal);
218 if (ret) {
219 krb5_warn (context, ret, "krb5_copy_principal");
220 krb5_kt_free_entry (context, &entry);
221 break;
222 }
223 changeset[j].kvno = entry.vno;
224 ++j;
225 }
226 krb5_kt_free_entry (context, &entry);
227 }
228
229 if (ret == KRB5_KT_END) {
230 for (i = 0; i < j; i++) {
231 if (verbose_flag) {
232 char *client_name;
233
234 ret = krb5_unparse_name (context, changeset[i].principal,
235 &client_name);
236 if (ret) {
237 krb5_warn (context, ret, "krb5_unparse_name");
238 } else {
239 printf("Changing %s kvno %d\n",
240 client_name, changeset[i].kvno);
241 free(client_name);
242 }
243 }
244 change_entry (context, keytab,
245 changeset[i].principal, changeset[i].kvno,
246 realm, admin_server, server_port);
247 }
248 }
249 for (i = 0; i < j; i++)
250 krb5_free_principal (context, changeset[i].principal);
251 free (changeset);
252
253 ret = krb5_kt_end_seq_get(context, keytab, &cursor);
254 out:
255 krb5_kt_close(context, keytab);
256 return 0;
257 }
DragonFly BSD