diff options
author | nectar <nectar@FreeBSD.org> | 2003-10-09 19:36:20 +0000 |
---|---|---|
committer | nectar <nectar@FreeBSD.org> | 2003-10-09 19:36:20 +0000 |
commit | 4b1830fcc62c1379c7e5b60b06a78c6b92be27a1 (patch) | |
tree | 88853123284bc96433c6157005c60a6400a667fe /crypto/heimdal/admin | |
parent | 39a0f4325675fc5ed2a293a8141341ec81645685 (diff) | |
parent | 5c90662d441c12cd30c694eb1172d6fea2f8f282 (diff) | |
download | FreeBSD-src-4b1830fcc62c1379c7e5b60b06a78c6b92be27a1.zip FreeBSD-src-4b1830fcc62c1379c7e5b60b06a78c6b92be27a1.tar.gz |
This commit was generated by cvs2svn to compensate for changes in r120945,
which included commits to RCS files with non-trunk default branches.
Diffstat (limited to 'crypto/heimdal/admin')
-rw-r--r-- | crypto/heimdal/admin/Makefile.in | 23 | ||||
-rw-r--r-- | crypto/heimdal/admin/change.c | 101 | ||||
-rw-r--r-- | crypto/heimdal/admin/copy.c | 3 | ||||
-rw-r--r-- | crypto/heimdal/admin/get.c | 16 | ||||
-rw-r--r-- | crypto/heimdal/admin/ktutil.8 | 48 |
5 files changed, 129 insertions, 62 deletions
diff --git a/crypto/heimdal/admin/Makefile.in b/crypto/heimdal/admin/Makefile.in index 87497ab..1a245ad 100644 --- a/crypto/heimdal/admin/Makefile.in +++ b/crypto/heimdal/admin/Makefile.in @@ -18,7 +18,7 @@ # $Id: Makefile.am.common,v 1.5 2002/05/19 18:35:37 joda Exp $ -# $Id: Makefile.am.common,v 1.36 2002/08/19 16:10:25 joda Exp $ +# $Id: Makefile.am.common,v 1.37.2.1 2003/05/08 17:08:09 joda Exp $ SHELL = @SHELL@ srcdir = @srcdir@ @@ -114,6 +114,7 @@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ +MAINT = @MAINT@ NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ NROFF = @NROFF@ @@ -192,7 +193,7 @@ LIB_readline = @LIB_readline@ NROFF_MAN = groff -mandoc -Tascii -@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) +LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) @KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la @@ -268,10 +269,10 @@ all: all-am .SUFFIXES: .SUFFIXES: .et .h .x .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj -$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(top_srcdir)/configure.in $(ACLOCAL_M4) +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(top_srcdir)/configure.in $(ACLOCAL_M4) cd $(top_srcdir) && \ $(AUTOMAKE) --foreign admin/Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status +Makefile: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.in $(top_builddir)/config.status cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe) sbinPROGRAMS_INSTALL = $(INSTALL_PROGRAM) install-sbinPROGRAMS: $(sbin_PROGRAMS) @@ -481,7 +482,9 @@ info: info-am info-am: -install-data-am: install-data-local install-man +install-data-am: install-man + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-data-hook install-exec-am: install-sbinPROGRAMS @$(NORMAL_INSTALL) @@ -510,10 +513,10 @@ uninstall-man: uninstall-man8 clean-generic clean-libtool clean-sbinPROGRAMS distclean \ distclean-compile distclean-generic distclean-libtool \ distclean-tags distdir dvi dvi-am info info-am install \ - install-am install-data install-data-am install-data-local \ - install-exec install-exec-am install-info install-info-am \ - install-man install-man8 install-sbinPROGRAMS install-strip \ - installcheck installcheck-am installdirs maintainer-clean \ + install-am install-data install-data-am install-exec \ + install-exec-am install-info install-info-am install-man \ + install-man8 install-sbinPROGRAMS install-strip installcheck \ + installcheck-am installdirs maintainer-clean \ maintainer-clean-generic mostlyclean mostlyclean-compile \ mostlyclean-generic mostlyclean-libtool tags uninstall \ uninstall-am uninstall-info-am uninstall-man uninstall-man8 \ @@ -643,7 +646,7 @@ dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans install-cat-mans: $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) -install-data-local: install-cat-mans +install-data-hook: install-cat-mans .et.h: $(COMPILE_ET) $< diff --git a/crypto/heimdal/admin/change.c b/crypto/heimdal/admin/change.c index 15c15de..f790da3 100644 --- a/crypto/heimdal/admin/change.c +++ b/crypto/heimdal/admin/change.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2001, 2003 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,11 +33,11 @@ #include "ktutil_locl.h" -RCSID("$Id: change.c,v 1.4 2001/07/23 09:46:40 joda Exp $"); +RCSID("$Id: change.c,v 1.5 2003/04/01 15:04:49 lha Exp $"); static void change_entry (krb5_context context, krb5_keytab keytab, - krb5_keytab_entry *entry, + krb5_principal principal, krb5_kvno kvno, const char *realm, const char *admin_server, int server_port) { krb5_error_code ret; @@ -48,7 +48,7 @@ change_entry (krb5_context context, krb5_keytab keytab, int num_keys; int i; - ret = krb5_unparse_name (context, entry->principal, &client_name); + ret = krb5_unparse_name (context, principal, &client_name); if (ret) { krb5_warn (context, ret, "krb5_unparse_name"); return; @@ -59,7 +59,7 @@ change_entry (krb5_context context, krb5_keytab keytab, if(realm) conf.realm = (char *)realm; else - conf.realm = *krb5_princ_realm (context, entry->principal); + conf.realm = *krb5_princ_realm (context, principal); conf.mask |= KADM5_CONFIG_REALM; if (admin_server) { @@ -83,8 +83,7 @@ change_entry (krb5_context context, krb5_keytab keytab, krb5_warn (context, ret, "kadm5_c_init_with_skey_ctx"); return; } - ret = kadm5_randkey_principal (kadm_handle, entry->principal, - &keys, &num_keys); + ret = kadm5_randkey_principal (kadm_handle, principal, &keys, &num_keys); kadm5_destroy (kadm_handle); if (ret) { krb5_warn(context, ret, "kadm5_randkey_principal"); @@ -93,9 +92,9 @@ change_entry (krb5_context context, krb5_keytab keytab, for (i = 0; i < num_keys; ++i) { krb5_keytab_entry new_entry; - new_entry = *entry; + new_entry.principal = principal; new_entry.timestamp = time (NULL); - ++new_entry.vno; + new_entry.vno = kvno + 1; new_entry.keyblock = keys[i]; ret = krb5_kt_add_entry (context, keytab, &new_entry); @@ -110,6 +109,11 @@ change_entry (krb5_context context, krb5_keytab keytab, * their keys, writing the new keys */ +struct change_set { + krb5_principal principal; + krb5_kvno kvno; +}; + int kt_change (int argc, char **argv) { @@ -122,8 +126,8 @@ kt_change (int argc, char **argv) int server_port = 0; int help_flag = 0; int optind = 0; - int j, max; - krb5_principal *princs; + int i, j, max; + struct change_set *changeset; struct getargs args[] = { { "realm", 'r', arg_string, NULL, @@ -154,12 +158,8 @@ kt_change (int argc, char **argv) return 1; j = 0; - max = 10; - princs = malloc (max * sizeof(*princs)); - if (princs == NULL) { - krb5_warnx (context, "malloc: out of memory"); - goto out; - } + max = 0; + changeset = NULL; ret = krb5_kt_start_seq_get(context, keytab, &cursor); if(ret){ @@ -168,20 +168,21 @@ kt_change (int argc, char **argv) } while((ret = krb5_kt_next_entry(context, keytab, &entry, &cursor)) == 0) { - int i; - int done = 0; + int add = 0; - for (i = 0; i < j; ++i) - if (krb5_principal_compare (context, princs[i], - entry.principal)) + for (i = 0; i < j; ++i) { + if (krb5_principal_compare (context, changeset[i].principal, + entry.principal)) { + if (changeset[i].kvno < entry.vno) + changeset[i].kvno = entry.vno; break; + } + } if (i < j) continue; if (optind == argc) { - change_entry (context, keytab, &entry, realm, admin_server, - server_port); - done = 1; + add = 1; } else { for (i = optind; i < argc; ++i) { krb5_principal princ; @@ -191,40 +192,64 @@ kt_change (int argc, char **argv) krb5_warn (context, ret, "krb5_parse_name %s", argv[i]); continue; } - if (krb5_principal_compare (context, princ, entry.principal)) { - change_entry (context, keytab, &entry, - realm, admin_server, server_port); - done = 1; - } + if (krb5_principal_compare (context, princ, entry.principal)) + add = 1; + krb5_free_principal (context, princ); } } - if (done) { + + if (add) { if (j >= max) { void *tmp; - max *= 2; - tmp = realloc (princs, max * sizeof(*princs)); + max = max(max * 2, 1); + tmp = realloc (changeset, max * sizeof(*changeset)); if (tmp == NULL) { krb5_kt_free_entry (context, &entry); krb5_warnx (context, "realloc: out of memory"); + ret = ENOMEM; break; } - princs = tmp; + changeset = tmp; } - ret = krb5_copy_principal (context, entry.principal, &princs[j]); + ret = krb5_copy_principal (context, entry.principal, + &changeset[j].principal); if (ret) { krb5_warn (context, ret, "krb5_copy_principal"); krb5_kt_free_entry (context, &entry); break; } + changeset[j].kvno = entry.vno; ++j; } krb5_kt_free_entry (context, &entry); } - while (j-- > 0) - krb5_free_principal (context, princs[j]); - free (princs); + + if (ret == KRB5_KT_END) { + for (i = 0; i < j; i++) { + if (verbose_flag) { + char *client_name; + + ret = krb5_unparse_name (context, changeset[i].principal, + &client_name); + if (ret) { + krb5_warn (context, ret, "krb5_unparse_name"); + } else { + printf("Changing %s kvno %d\n", + client_name, changeset[i].kvno); + free(client_name); + } + } + change_entry (context, keytab, + changeset[i].principal, changeset[i].kvno, + realm, admin_server, server_port); + } + } + for (i = 0; i < j; i++) + krb5_free_principal (context, changeset[i].principal); + free (changeset); + ret = krb5_kt_end_seq_get(context, keytab, &cursor); out: krb5_kt_close(context, keytab); diff --git a/crypto/heimdal/admin/copy.c b/crypto/heimdal/admin/copy.c index 3bb45d4..18b9d6e 100644 --- a/crypto/heimdal/admin/copy.c +++ b/crypto/heimdal/admin/copy.c @@ -33,7 +33,7 @@ #include "ktutil_locl.h" -RCSID("$Id: copy.c,v 1.8 2002/08/12 15:09:12 joda Exp $"); +RCSID("$Id: copy.c,v 1.9 2003/01/16 18:59:03 lha Exp $"); static krb5_boolean @@ -144,7 +144,6 @@ kt_copy (int argc, char **argv) int i = 0; args[i++].value = &help_flag; - args[i++].value = &verbose_flag; if(getarg(args, num_args, argc, argv, &optind)) { arg_printusage(args, num_args, "ktutil copy", diff --git a/crypto/heimdal/admin/get.c b/crypto/heimdal/admin/get.c index c411326..a9dfeec 100644 --- a/crypto/heimdal/admin/get.c +++ b/crypto/heimdal/admin/get.c @@ -33,7 +33,7 @@ #include "ktutil_locl.h" -RCSID("$Id: get.c,v 1.21 2001/10/29 12:53:52 nectar Exp $"); +RCSID("$Id: get.c,v 1.22 2003/01/16 19:03:23 lha Exp $"); static void* open_kadmin_connection(char *principal, @@ -89,7 +89,6 @@ kt_get(int argc, char **argv) int server_port = 0; int help_flag = 0; int optind = 0; - int i, j; struct getarg_strings etype_strs = {0, NULL}; krb5_enctype *etypes = NULL; size_t netypes = 0; @@ -111,13 +110,14 @@ kt_get(int argc, char **argv) }, { "help", 'h', arg_flag, NULL } }; + int i = 0, j; - args[0].value = &principal; - args[1].value = &etype_strs; - args[2].value = &realm; - args[3].value = &admin_server; - args[4].value = &server_port; - args[5].value = &help_flag; + args[i++].value = &principal; + args[i++].value = &etype_strs; + args[i++].value = &realm; + args[i++].value = &admin_server; + args[i++].value = &server_port; + args[i++].value = &help_flag; if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optind) || help_flag) { diff --git a/crypto/heimdal/admin/ktutil.8 b/crypto/heimdal/admin/ktutil.8 index ecaa61c..f75a953 100644 --- a/crypto/heimdal/admin/ktutil.8 +++ b/crypto/heimdal/admin/ktutil.8 @@ -1,4 +1,35 @@ -.\" $Id: ktutil.8,v 1.15 2002/08/20 17:07:00 joda Exp $ +.\" Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan +.\" (Royal Institute of Technology, Stockholm, Sweden). +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id: ktutil.8,v 1.19 2003/04/08 20:55:10 lha Exp $ .\" .Dd December 16, 2000 .Dt KTUTIL 8 @@ -20,6 +51,15 @@ .Sh DESCRIPTION .Nm is a program for managing keytabs. +Supported options: +.Bl -tag -width Ds +.It Xo +.Fl v , +.Fl -verbose +.Xc +Verbose output. +.El +.Pp .Ar command can be one of the following: .Bl -tag -width srvconvert @@ -28,7 +68,7 @@ can be one of the following: .Op Fl -principal= Ns Ar principal .Op Fl V Ar kvno .Op Fl -kvno= Ns Ar kvno -.Op Fl e Ar encype +.Op Fl e Ar enctype .Op Fl -enctype= Ns Ar enctype .Op Fl w Ar password .Op Fl -password= Ns Ar password @@ -52,7 +92,7 @@ command, which talks to the kadmin server. .Op Fl -server-port= Ns Ar port .Xc Update one or several keys to new versions. By default, use the admin -server for the realm of an keytab entry. Otherwise it will use the +server for the realm of a keytab entry. Otherwise it will use the values specified by the options. .Pp If no principals are given, all the ones in the keytab are updated. @@ -101,7 +141,7 @@ List the keys stored in the keytab. .Xc Removes the specified key or keys. Not specifying a .Ar kvno -removes keys with any version number. Not specifying a +removes keys with any version number. Not specifying an .Ar enctype removes keys of any type. .It rename Xo |