search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
sqlite: Use 0600
[heimdal.git] / kadmin / util.c
blob7a999d35816b30259e4279d9cc5601accc06d8a0
1 /*
2 * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34 #include "kadmin_locl.h"
35 #include <parse_units.h>
36
37 /*
38 * util.c - functions for parsing, unparsing, and editing different
39 * types of data used in kadmin.
40 */
41
42 static int
43 get_response(const char *prompt, const char *def, char *buf, size_t len);
44
45 /*
46 * attributes
47 */
48
49 struct units kdb_attrs[] = {
50 { "disallow-client", KRB5_KDB_DISALLOW_CLIENT },
51 { "virtual", KRB5_KDB_VIRTUAL },
52 { "virtual-keys", KRB5_KDB_VIRTUAL_KEYS },
53 { "materialize", KRB5_KDB_MATERIALIZE },
54 { "allow-digest", KRB5_KDB_ALLOW_DIGEST },
55 { "allow-kerberos4", KRB5_KDB_ALLOW_KERBEROS4 },
56 { "trusted-for-delegation", KRB5_KDB_TRUSTED_FOR_DELEGATION },
57 { "ok-as-delegate", KRB5_KDB_OK_AS_DELEGATE },
58 { "new-princ", KRB5_KDB_NEW_PRINC },
59 { "support-desmd5", KRB5_KDB_SUPPORT_DESMD5 },
60 { "pwchange-service", KRB5_KDB_PWCHANGE_SERVICE },
61 { "disallow-svr", KRB5_KDB_DISALLOW_SVR },
62 { "requires-pw-change", KRB5_KDB_REQUIRES_PWCHANGE },
63 { "requires-hw-auth", KRB5_KDB_REQUIRES_HW_AUTH },
64 { "requires-pre-auth", KRB5_KDB_REQUIRES_PRE_AUTH },
65 { "disallow-all-tix", KRB5_KDB_DISALLOW_ALL_TIX },
66 { "disallow-dup-skey", KRB5_KDB_DISALLOW_DUP_SKEY },
67 { "disallow-proxiable", KRB5_KDB_DISALLOW_PROXIABLE },
68 { "disallow-renewable", KRB5_KDB_DISALLOW_RENEWABLE },
69 { "disallow-tgt-based", KRB5_KDB_DISALLOW_TGT_BASED },
70 { "disallow-forwardable", KRB5_KDB_DISALLOW_FORWARDABLE },
71 { "disallow-postdated", KRB5_KDB_DISALLOW_POSTDATED },
72 { NULL, 0 }
73 };
74
75 /*
76 * convert the attributes in `attributes' into a printable string
77 * in `str, len'
78 */
79
80 void
81 attributes2str(krb5_flags attributes, char *str, size_t len)
82 {
83 unparse_flags (attributes, kdb_attrs, str, len);
84 }
85
86 /*
87 * convert the string in `str' into attributes in `flags'
88 * return 0 if parsed ok, else -1.
89 */
90
91 int
92 str2attributes(const char *str, krb5_flags *flags)
93 {
94 int res;
95
96 res = parse_flags (str, kdb_attrs, *flags);
97 if (res < 0)
98 return res;
99 else {
100 *flags = res;
101 return 0;
102 }
103 }
104
105 /*
106 * try to parse the string `resp' into attributes in `attr', also
107 * setting the `bit' in `mask' if attributes are given and valid.
108 */
109
110 int
111 parse_attributes (const char *resp, krb5_flags *attr, int *mask, int bit)
112 {
113 krb5_flags tmp = *attr;
114
115 if (str2attributes(resp, &tmp) == 0) {
116 *attr = tmp;
117 if (mask)
118 *mask |= bit;
119 return 0;
120 } else if(*resp == '?') {
121 print_flags_table (kdb_attrs, stderr);
122 } else {
123 fprintf (stderr, "Unable to parse \"%s\"\n", resp);
124 }
125 return -1;
126 }
127
128 /*
129 * allow the user to edit the attributes in `attr', prompting with `prompt'
130 */
131
132 int
133 edit_attributes (const char *prompt, krb5_flags *attr, int *mask, int bit)
134 {
135 char buf[1024], resp[1024];
136
137 if (mask && (*mask & bit))
138 return 0;
139
140 attributes2str(*attr, buf, sizeof(buf));
141 for (;;) {
142 if(get_response("Attributes", buf, resp, sizeof(resp)) != 0)
143 return 1;
144 if (resp[0] == '\0')
145 break;
146 if (parse_attributes (resp, attr, mask, bit) == 0)
147 break;
148 }
149 return 0;
150 }
151
152 /*
153 * try to parse the string `resp' into policy in `attr', also
154 * setting the `bit' in `mask' if attributes are given and valid.
155 */
156
157 #define VALID_POLICY_NAME_CHARS \
158 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_"
159
160 int
161 parse_policy (const char *resp, char **policy, int *mask, int bit)
162 {
163 if (strspn(resp, VALID_POLICY_NAME_CHARS) == strlen(resp) &&
164 *resp != '\0') {
165
166 *policy = strdup(resp);
167 if (*policy == NULL) {
168 fprintf (stderr, "Out of memory");
169 return -1;
170 }
171 if (mask)
172 *mask |= bit;
173 return 0;
174 } else if(*resp == '?') {
175 print_flags_table (kdb_attrs, stderr);
176 } else {
177 fprintf (stderr, "Unable to parse \"%s\"\n", resp);
178 }
179 return -1;
180 }
181
182 /*
183 * allow the user to edit the attributes in `attr', prompting with `prompt'
184 */
185
186 int
187 edit_policy (const char *prompt, char **policy, int *mask, int bit)
188 {
189 char buf[1024], resp[1024];
190
191 if (mask && (*mask & bit))
192 return 0;
193
194 buf[0] = '\0';
195 strlcpy(buf, "default", sizeof (buf));
196 for (;;) {
197 if(get_response("Policy", buf, resp, sizeof(resp)) != 0)
198 return 1;
199 if (resp[0] == '\0')
200 break;
201 if (parse_policy (resp, policy, mask, bit) == 0)
202 break;
203 }
204 return 0;
205 }
206
207 /*
208 * time_t
209 * the special value 0 means ``never''
210 */
211
212 /*
213 * Convert the time `t' to a string representation in `str' (of max
214 * size `len'). If include_time also include time, otherwise just
215 * date.
216 */
217
218 void
219 time_t2str(time_t t, char *str, size_t len, int include_time)
220 {
221 if(t) {
222 if(include_time)
223 strftime(str, len, "%Y-%m-%d %H:%M:%S UTC", gmtime(&t));
224 else
225 strftime(str, len, "%Y-%m-%d", gmtime(&t));
226 } else
227 snprintf(str, len, "never");
228 }
229
230 /*
231 * Convert the time representation in `str' to a time in `time'.
232 * Return 0 if succesful, else -1.
233 */
234
235 int
236 str2time_t (const char *str, time_t *t)
237 {
238 const char *p;
239 struct tm tm, tm2;
240
241 memset (&tm, 0, sizeof (tm));
242 memset (&tm2, 0, sizeof (tm2));
243
244 while(isspace((unsigned char)*str))
245 str++;
246
247 if (str[0] == '+') {
248 str++;
249 *t = parse_time(str, "month");
250 if (*t < 0)
251 return -1;
252 *t += time(NULL);
253 return 0;
254 }
255 if (str[0] == '-') {
256 str++;
257 *t = parse_time(str, "month");
258 if (*t < 0)
259 return -1;
260 *t = time(NULL) - *t;
261 return 0;
262 }
263
264 if(strcasecmp(str, "never") == 0) {
265 *t = 0;
266 return 0;
267 }
268
269 if(strcasecmp(str, "now") == 0) {
270 *t = time(NULL);
271 return 0;
272 }
273
274 p = strptime (str, "%Y-%m-%d", &tm);
275
276 if (p == NULL)
277 return -1;
278
279 while(isspace((unsigned char)*p))
280 p++;
281
282 /* XXX this is really a bit optimistic, we should really complain
283 if there was a problem parsing the time */
284 if(p[0] != '\0' && strptime (p, "%H:%M:%S", &tm2) != NULL) {
285 tm.tm_hour = tm2.tm_hour;
286 tm.tm_min = tm2.tm_min;
287 tm.tm_sec = tm2.tm_sec;
288 } else {
289 /* Do it on the end of the day */
290 tm.tm_hour = 23;
291 tm.tm_min = 59;
292 tm.tm_sec = 59;
293 }
294
295 *t = tm2time (tm, 0);
296 return 0;
297 }
298
299 /*
300 * try to parse the time in `resp' storing it in `value'
301 */
302
303 int
304 parse_timet (const char *resp, krb5_timestamp *value, int *mask, int bit)
305 {
306 time_t tmp;
307
308 if (str2time_t(resp, &tmp) == 0) {
309 *value = tmp;
310 if(mask)
311 *mask |= bit;
312 return 0;
313 }
314 if(*resp != '?')
315 fprintf (stderr, "Unable to parse time \"%s\"\n", resp);
316 fprintf (stderr, "Print date on format YYYY-mm-dd [hh:mm:ss]\n");
317 return -1;
318 }
319
320 /*
321 * allow the user to edit the time in `value'
322 */
323
324 int
325 edit_timet (const char *prompt, krb5_timestamp *value, int *mask, int bit)
326 {
327 char buf[1024], resp[1024];
328
329 if (mask && (*mask & bit))
330 return 0;
331
332 time_t2str (*value, buf, sizeof (buf), 0);
333
334 for (;;) {
335 if(get_response(prompt, buf, resp, sizeof(resp)) != 0)
336 return 1;
337 if (parse_timet (resp, value, mask, bit) == 0)
338 break;
339 }
340 return 0;
341 }
342
343 /*
344 * deltat
345 * the special value 0 means ``unlimited''
346 */
347
348 /*
349 * convert the delta_t value in `t' into a printable form in `str, len'
350 */
351
352 void
353 deltat2str(unsigned t, char *str, size_t len)
354 {
355 if(t == 0 || t == INT_MAX)
356 snprintf(str, len, "unlimited");
357 else
358 unparse_time(t, str, len);
359 }
360
361 /*
362 * parse the delta value in `str', storing result in `*delta'
363 * return 0 if ok, else -1
364 */
365
366 int
367 str2deltat(const char *str, krb5_deltat *delta)
368 {
369 int res;
370
371 if(strcasecmp(str, "unlimited") == 0) {
372 *delta = 0;
373 return 0;
374 }
375 res = parse_time(str, "day");
376 if (res < 0)
377 return res;
378 else {
379 *delta = res;
380 return 0;
381 }
382 }
383
384 /*
385 * try to parse the string in `resp' into a deltad in `value'
386 * `mask' will get the bit `bit' set if a value was given.
387 */
388
389 int
390 parse_deltat (const char *resp, krb5_deltat *value, int *mask, int bit)
391 {
392 krb5_deltat tmp;
393
394 if (str2deltat(resp, &tmp) == 0) {
395 *value = tmp;
396 if (mask)
397 *mask |= bit;
398 return 0;
399 } else if(*resp == '?') {
400 print_time_table (stderr);
401 } else {
402 fprintf (stderr, "Unable to parse time \"%s\"\n", resp);
403 }
404 return -1;
405 }
406
407 /*
408 * allow the user to edit the deltat in `value'
409 */
410
411 int
412 edit_deltat (const char *prompt, krb5_deltat *value, int *mask, int bit)
413 {
414 char buf[1024], resp[1024];
415
416 if (mask && (*mask & bit))
417 return 0;
418
419 deltat2str(*value, buf, sizeof(buf));
420 for (;;) {
421 if(get_response(prompt, buf, resp, sizeof(resp)) != 0)
422 return 1;
423 if (parse_deltat (resp, value, mask, bit) == 0)
424 break;
425 }
426 return 0;
427 }
428
429 /*
430 * allow the user to edit `ent'
431 */
432
433 void
434 set_defaults(kadm5_principal_ent_t ent, int *mask,
435 kadm5_principal_ent_t default_ent, int default_mask)
436 {
437 if (default_ent
438 && (default_mask & KADM5_MAX_LIFE)
439 && !(*mask & KADM5_MAX_LIFE))
440 ent->max_life = default_ent->max_life;
441
442 if (default_ent
443 && (default_mask & KADM5_MAX_RLIFE)
444 && !(*mask & KADM5_MAX_RLIFE))
445 ent->max_renewable_life = default_ent->max_renewable_life;
446
447 if (default_ent
448 && (default_mask & KADM5_PRINC_EXPIRE_TIME)
449 && !(*mask & KADM5_PRINC_EXPIRE_TIME))
450 ent->princ_expire_time = default_ent->princ_expire_time;
451
452 if (default_ent
453 && (default_mask & KADM5_PW_EXPIRATION)
454 && !(*mask & KADM5_PW_EXPIRATION))
455 ent->pw_expiration = default_ent->pw_expiration;
456
457 if (default_ent
458 && (default_mask & KADM5_ATTRIBUTES)
459 && !(*mask & KADM5_ATTRIBUTES))
460 ent->attributes = default_ent->attributes & ~KRB5_KDB_DISALLOW_ALL_TIX;
461
462 if (default_ent
463 && (default_mask & KADM5_POLICY)
464 && !(*mask & KADM5_POLICY)) {
465 ent->policy = strdup(default_ent->policy);
466 if (ent->policy == NULL)
467 abort();
468 }
469 }
470
471 int
472 edit_entry(kadm5_principal_ent_t ent, int *mask,
473 kadm5_principal_ent_t default_ent, int default_mask)
474 {
475
476 set_defaults(ent, mask, default_ent, default_mask);
477
478 if(edit_deltat ("Max ticket life", &ent->max_life, mask,
479 KADM5_MAX_LIFE) != 0)
480 return 1;
481
482 if(edit_deltat ("Max renewable life", &ent->max_renewable_life, mask,
483 KADM5_MAX_RLIFE) != 0)
484 return 1;
485
486 if(edit_timet ("Principal expiration time", &ent->princ_expire_time, mask,
487 KADM5_PRINC_EXPIRE_TIME) != 0)
488 return 1;
489
490 if(edit_timet ("Password expiration time", &ent->pw_expiration, mask,
491 KADM5_PW_EXPIRATION) != 0)
492 return 1;
493
494 if(edit_attributes ("Attributes", &ent->attributes, mask,
495 KADM5_ATTRIBUTES) != 0)
496 return 1;
497
498 if(edit_policy ("Policy", &ent->policy, mask,
499 KADM5_POLICY) != 0)
500 return 1;
501
502 return 0;
503 }
504
505 /*
506 * Parse the arguments, set the fields in `ent' and the `mask' for the
507 * entries having been set.
508 * Return 1 on failure and 0 on success.
509 */
510
511 int
512 set_entry(krb5_context contextp,
513 kadm5_principal_ent_t ent,
514 int *mask,
515 const char *max_ticket_life,
516 const char *max_renewable_life,
517 const char *expiration,
518 const char *pw_expiration,
519 const char *attributes,
520 const char *policy)
521 {
522 if (max_ticket_life != NULL) {
523 if (parse_deltat (max_ticket_life, &ent->max_life,
524 mask, KADM5_MAX_LIFE)) {
525 krb5_warnx (contextp, "unable to parse `%s'", max_ticket_life);
526 return 1;
527 }
528 }
529 if (max_renewable_life != NULL) {
530 if (parse_deltat (max_renewable_life, &ent->max_renewable_life,
531 mask, KADM5_MAX_RLIFE)) {
532 krb5_warnx (contextp, "unable to parse `%s'", max_renewable_life);
533 return 1;
534 }
535 }
536
537 if (expiration) {
538 if (parse_timet (expiration, &ent->princ_expire_time,
539 mask, KADM5_PRINC_EXPIRE_TIME)) {
540 krb5_warnx (contextp, "unable to parse `%s'", expiration);
541 return 1;
542 }
543 }
544 if (pw_expiration) {
545 if (parse_timet (pw_expiration, &ent->pw_expiration,
546 mask, KADM5_PW_EXPIRATION)) {
547 krb5_warnx (contextp, "unable to parse `%s'", pw_expiration);
548 return 1;
549 }
550 }
551 if (attributes != NULL) {
552 if (parse_attributes (attributes, &ent->attributes,
553 mask, KADM5_ATTRIBUTES)) {
554 krb5_warnx (contextp, "unable to parse `%s'", attributes);
555 return 1;
556 }
557 }
558 if (policy != NULL) {
559 if (parse_policy (policy, &ent->policy,
560 mask, KADM5_POLICY)) {
561 krb5_warnx (contextp, "unable to parse `%s'", attributes);
562 return 1;
563 }
564 }
565 return 0;
566 }
567
568 /*
569 * Does `string' contain any globing characters?
570 */
571
572 static int
573 is_expression(const char *string)
574 {
575 const char *p;
576 int quote = 0;
577
578 for(p = string; *p; p++) {
579 if(quote) {
580 quote = 0;
581 continue;
582 }
583 if(*p == '\\')
584 quote++;
585 else if(strchr("[]*?", *p) != NULL)
586 return 1;
587 }
588 return 0;
589 }
590
591 /*
592 * Loop over all principals matching exp. If any of calls to `func'
593 * failes, the first error is returned when all principals are
594 * processed.
595 */
596 int
597 foreach_principal(const char *exp_str,
598 int (*func)(krb5_principal, void*),
599 const char *funcname,
600 void *data)
601 {
602 char **princs = NULL;
603 int num_princs = 0;
604 int i;
605 krb5_error_code saved_ret = 0, ret = 0;
606 krb5_principal princ_ent;
607 int is_expr;
608
609 /* if this isn't an expression, there is no point in wading
610 through the whole database looking for matches */
611 is_expr = is_expression(exp_str);
612 if(is_expr)
613 ret = kadm5_get_principals(kadm_handle, exp_str, &princs, &num_princs);
614 if(!is_expr || ret == KADM5_AUTH_LIST) {
615 /* we might be able to perform the requested opreration even
616 if we're not allowed to list principals */
617 num_princs = 1;
618 princs = malloc(sizeof(*princs));
619 if(princs == NULL)
620 return ENOMEM;
621 princs[0] = strdup(exp_str);
622 if(princs[0] == NULL){
623 free(princs);
624 return ENOMEM;
625 }
626 } else if(ret) {
627 krb5_warn(context, ret, "kadm5_get_principals");
628 return ret;
629 }
630 for(i = 0; i < num_princs; i++) {
631 ret = krb5_parse_name(context, princs[i], &princ_ent);
632 if(ret){
633 krb5_warn(context, ret, "krb5_parse_name(%s)", princs[i]);
634 continue;
635 }
636 ret = (*func)(princ_ent, data);
637 if(ret) {
638 krb5_warn(context, ret, "%s %s", funcname, princs[i]);
639 krb5_clear_error_message(context);
640 if (saved_ret == 0)
641 saved_ret = ret;
642 }
643 krb5_free_principal(context, princ_ent);
644 }
645 if (ret == 0 && saved_ret != 0)
646 ret = saved_ret;
647 kadm5_free_name_list(kadm_handle, princs, &num_princs);
648 return ret;
649 }
650
651 /*
652 * prompt with `prompt' and default value `def', and store the reply
653 * in `buf, len'
654 */
655
656 #include <setjmp.h>
657
658 static jmp_buf jmpbuf;
659
660 static void
661 interrupt(int sig)
662 {
663 longjmp(jmpbuf, 1);
664 }
665
666 static int
667 get_response(const char *prompt, const char *def, char *buf, size_t len)
668 {
669 char *p;
670 void (*osig)(int);
671
672 osig = signal(SIGINT, interrupt);
673 if(setjmp(jmpbuf)) {
674 signal(SIGINT, osig);
675 fprintf(stderr, "\n");
676 return 1;
677 }
678
679 fprintf(stderr, "%s [%s]:", prompt, def);
680 if(fgets(buf, len, stdin) == NULL) {
681 int save_errno = errno;
682 if(ferror(stdin))
683 krb5_err(context, 1, save_errno, "<stdin>");
684 signal(SIGINT, osig);
685 return 1;
686 }
687 p = strchr(buf, '\n');
688 if(p)
689 *p = '\0';
690 if(strcmp(buf, "") == 0)
691 strlcpy(buf, def, len);
692 signal(SIGINT, osig);
693 return 0;
694 }
695
696 /*
697 * return [0, 16) or -1
698 */
699
700 static int
701 hex2n (char c)
702 {
703 static char hexdigits[] = "0123456789abcdef";
704 const char *p;
705
706 p = strchr (hexdigits, tolower((unsigned char)c));
707 if (p == NULL)
708 return -1;
709 else
710 return p - hexdigits;
711 }
712
713 /*
714 * convert a key in a readable format into a keyblock.
715 * return 0 iff succesful, otherwise `err' should point to an error message
716 */
717
718 int
719 parse_des_key (const char *key_string, krb5_key_data *key_data,
720 const char **error)
721 {
722 const char *p = key_string;
723 unsigned char bits[8];
724 int i;
725
726 if (strlen (key_string) != 16) {
727 *error = "bad length, should be 16 for DES key";
728 return 1;
729 }
730 for (i = 0; i < 8; ++i) {
731 int d1, d2;
732
733 d1 = hex2n(p[2 * i]);
734 d2 = hex2n(p[2 * i + 1]);
735 if (d1 < 0 || d2 < 0) {
736 *error = "non-hex character";
737 return 1;
738 }
739 bits[i] = (d1 << 4) | d2;
740 }
741 for (i = 0; i < 3; ++i) {
742 key_data[i].key_data_ver = 2;
743 key_data[i].key_data_kvno = 0;
744 /* key */
745 key_data[i].key_data_type[0] = ETYPE_DES_CBC_CRC;
746 key_data[i].key_data_length[0] = 8;
747 key_data[i].key_data_contents[0] = malloc(8);
748 if (key_data[i].key_data_contents[0] == NULL) {
749 *error = "malloc";
750 return ENOMEM;
751 }
752 memcpy (key_data[i].key_data_contents[0], bits, 8);
753 /* salt */
754 key_data[i].key_data_type[1] = KRB5_PW_SALT;
755 key_data[i].key_data_length[1] = 0;
756 key_data[i].key_data_contents[1] = NULL;
757 }
758 key_data[0].key_data_type[0] = ETYPE_DES_CBC_MD5;
759 key_data[1].key_data_type[0] = ETYPE_DES_CBC_MD4;
760 return 0;
761 }
Heimdal