diff options
| author | assar <assar@FreeBSD.org> | 2001-02-13 16:46:19 +0000 |
|---|---|---|
| committer | assar <assar@FreeBSD.org> | 2001-02-13 16:46:19 +0000 |
| commit | 3a971fe69aad52dfd248901ae796e64a96ae3e37 (patch) | |
| tree | ac7b5c62510ffa9f0316643bcb19a3fed3d5bef7 /crypto/heimdal/lib/kadm5/chpass_s.c | |
| parent | 2934fc23653f64b32f4db32233d7eda11ca274f0 (diff) | |
| parent | ebfe6dc471c206300fd82c7c0fd145f683aa52f6 (diff) | |
| download | FreeBSD-src-3a971fe69aad52dfd248901ae796e64a96ae3e37.zip FreeBSD-src-3a971fe69aad52dfd248901ae796e64a96ae3e37.tar.gz | |
This commit was generated by cvs2svn to compensate for changes in r72445,
which included commits to RCS files with non-trunk default branches.
Diffstat (limited to 'crypto/heimdal/lib/kadm5/chpass_s.c')
| -rw-r--r-- | crypto/heimdal/lib/kadm5/chpass_s.c | 87 |
1 files changed, 75 insertions, 12 deletions
diff --git a/crypto/heimdal/lib/kadm5/chpass_s.c b/crypto/heimdal/lib/kadm5/chpass_s.c index e915124..2133469 100644 --- a/crypto/heimdal/lib/kadm5/chpass_s.c +++ b/crypto/heimdal/lib/kadm5/chpass_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,16 +33,21 @@ #include "kadm5_locl.h" -RCSID("$Id: chpass_s.c,v 1.8 1999/12/02 17:05:05 joda Exp $"); +RCSID("$Id: chpass_s.c,v 1.13 2001/01/30 01:24:28 assar Exp $"); -kadm5_ret_t -kadm5_s_chpass_principal(void *server_handle, - krb5_principal princ, - char *password) +static kadm5_ret_t +change(void *server_handle, + krb5_principal princ, + char *password, + int cond) { kadm5_server_context *context = server_handle; hdb_entry ent; kadm5_ret_t ret; + Key *keys; + size_t num_keys; + int cmp = 1; + ent.principal = princ; ret = context->db->open(context->context, context->db, O_RDWR, 0); if(ret) @@ -51,19 +56,42 @@ kadm5_s_chpass_principal(void *server_handle, 0, &ent); if(ret == HDB_ERR_NOENTRY) goto out; + + num_keys = ent.keys.len; + keys = ent.keys.val; + + ent.keys.len = 0; + ent.keys.val = NULL; + ret = _kadm5_set_keys(context, &ent, password); - if(ret) + if(ret) { + _kadm5_free_keys (server_handle, num_keys, keys); + goto out2; + } + if (cond) + cmp = _kadm5_cmp_keys (ent.keys.val, ent.keys.len, + keys, num_keys); + _kadm5_free_keys (server_handle, num_keys, keys); + + if (cmp == 0) goto out2; + ret = _kadm5_set_modifier(context, &ent); if(ret) goto out2; - hdb_seal_keys(context->db, &ent); + ret = _kadm5_bump_pw_expire(context, &ent); + if (ret) + goto out2; + + ret = hdb_seal_keys(context->context, context->db, &ent); + if (ret) + goto out2; kadm5_log_modify (context, &ent, KADM5_PRINCIPAL | KADM5_MOD_NAME | KADM5_MOD_TIME | - KADM5_KEY_DATA | KADM5_KVNO); + KADM5_KEY_DATA | KADM5_KVNO | KADM5_PW_EXPIRATION); ret = context->db->store(context->context, context->db, HDB_F_REPLACE, &ent); @@ -74,6 +102,36 @@ out: return _kadm5_error_code(ret); } + + +/* + * change the password of `princ' to `password' if it's not already that. + */ + +kadm5_ret_t +kadm5_s_chpass_principal_cond(void *server_handle, + krb5_principal princ, + char *password) +{ + return change (server_handle, princ, password, 1); +} + +/* + * change the password of `princ' to `password' + */ + +kadm5_ret_t +kadm5_s_chpass_principal(void *server_handle, + krb5_principal princ, + char *password) +{ + return change (server_handle, princ, password, 0); +} + +/* + * change keys for `princ' to `keys' + */ + kadm5_ret_t kadm5_s_chpass_principal_with_key(void *server_handle, krb5_principal princ, @@ -90,19 +148,24 @@ kadm5_s_chpass_principal_with_key(void *server_handle, ret = context->db->fetch(context->context, context->db, 0, &ent); if(ret == HDB_ERR_NOENTRY) goto out; - ret = _kadm5_set_keys2(&ent, n_key_data, key_data); + ret = _kadm5_set_keys2(context, &ent, n_key_data, key_data); if(ret) goto out2; ret = _kadm5_set_modifier(context, &ent); if(ret) goto out2; + ret = _kadm5_bump_pw_expire(context, &ent); + if (ret) + goto out2; - hdb_seal_keys(context->db, &ent); + ret = hdb_seal_keys(context->context, context->db, &ent); + if (ret) + goto out2; kadm5_log_modify (context, &ent, KADM5_PRINCIPAL | KADM5_MOD_NAME | KADM5_MOD_TIME | - KADM5_KEY_DATA | KADM5_KVNO); + KADM5_KEY_DATA | KADM5_KVNO | KADM5_PW_EXPIRATION); ret = context->db->store(context->context, context->db, HDB_F_REPLACE, &ent); |
