diff options
Diffstat (limited to 'crypto/heimdal/lib/kadm5/create_s.c')
-rw-r--r-- | crypto/heimdal/lib/kadm5/create_s.c | 89 |
1 files changed, 42 insertions, 47 deletions
diff --git a/crypto/heimdal/lib/kadm5/create_s.c b/crypto/heimdal/lib/kadm5/create_s.c index 287211b..9465310 100644 --- a/crypto/heimdal/lib/kadm5/create_s.c +++ b/crypto/heimdal/lib/kadm5/create_s.c @@ -33,7 +33,7 @@ #include "kadm5_locl.h" -RCSID("$Id: create_s.c,v 1.19 2001/01/30 01:24:28 assar Exp $"); +RCSID("$Id: create_s.c 20607 2007-05-08 07:11:11Z lha $"); static kadm5_ret_t get_default(kadm5_server_context *context, krb5_principal princ, @@ -56,14 +56,14 @@ get_default(kadm5_server_context *context, krb5_principal princ, static kadm5_ret_t create_principal(kadm5_server_context *context, kadm5_principal_ent_t princ, - u_int32_t mask, - hdb_entry *ent, - u_int32_t required_mask, - u_int32_t forbidden_mask) + uint32_t mask, + hdb_entry_ex *ent, + uint32_t required_mask, + uint32_t forbidden_mask) { kadm5_ret_t ret; kadm5_principal_ent_rec defrec, *defent; - u_int32_t def_mask; + uint32_t def_mask; if((mask & required_mask) != required_mask) return KADM5_BAD_MASK; @@ -74,7 +74,7 @@ create_principal(kadm5_server_context *context, return KADM5_UNK_POLICY; memset(ent, 0, sizeof(*ent)); ret = krb5_copy_principal(context->context, princ->principal, - &ent->principal); + &ent->entry.principal); if(ret) return ret; @@ -94,9 +94,9 @@ create_principal(kadm5_server_context *context, if(defent) kadm5_free_principal_ent(context, defent); - ent->created_by.time = time(NULL); + ent->entry.created_by.time = time(NULL); ret = krb5_copy_principal(context->context, context->caller, - &ent->created_by.principal); + &ent->entry.created_by.principal); return ret; } @@ -104,10 +104,10 @@ create_principal(kadm5_server_context *context, kadm5_ret_t kadm5_s_create_principal_with_key(void *server_handle, kadm5_principal_ent_t princ, - u_int32_t mask) + uint32_t mask) { kadm5_ret_t ret; - hdb_entry ent; + hdb_entry_ex ent; kadm5_server_context *context = server_handle; ret = create_principal(context, princ, mask, &ent, @@ -120,21 +120,22 @@ kadm5_s_create_principal_with_key(void *server_handle, if(ret) goto out; - ret = _kadm5_set_keys2(context, &ent, princ->n_key_data, princ->key_data); - if(ret) - goto out; - - ret = hdb_seal_keys(context->context, context->db, &ent); + if ((mask & KADM5_KVNO) == 0) + ent.entry.kvno = 1; + + ret = hdb_seal_keys(context->context, context->db, &ent.entry); if (ret) goto out; - kadm5_log_create (context, &ent); - - ret = context->db->open(context->context, context->db, O_RDWR, 0); + ret = context->db->hdb_open(context->context, context->db, O_RDWR, 0); if(ret) goto out; - ret = context->db->store(context->context, context->db, 0, &ent); - context->db->close(context->context, context->db); + ret = context->db->hdb_store(context->context, context->db, 0, &ent); + context->db->hdb_close(context->context, context->db); + if (ret) + goto out; + kadm5_log_create (context, &ent.entry); + out: hdb_free_entry(context->context, &ent); return _kadm5_error_code(ret); @@ -144,11 +145,11 @@ out: kadm5_ret_t kadm5_s_create_principal(void *server_handle, kadm5_principal_ent_t princ, - u_int32_t mask, - char *password) + uint32_t mask, + const char *password) { kadm5_ret_t ret; - hdb_entry ent; + hdb_entry_ex ent; kadm5_server_context *context = server_handle; ret = create_principal(context, princ, mask, &ent, @@ -161,37 +162,31 @@ kadm5_s_create_principal(void *server_handle, if(ret) goto out; - /* XXX this should be fixed */ - ent.keys.len = 4; - ent.keys.val = calloc(ent.keys.len, sizeof(*ent.keys.val)); - ent.keys.val[0].key.keytype = ETYPE_DES_CBC_CRC; - /* flag as version 4 compatible salt; ignored by _kadm5_set_keys - if we don't want to be compatible */ - ent.keys.val[0].salt = calloc(1, sizeof(*ent.keys.val[0].salt)); - ent.keys.val[0].salt->type = hdb_pw_salt; - ent.keys.val[1].key.keytype = ETYPE_DES_CBC_MD4; - ent.keys.val[1].salt = calloc(1, sizeof(*ent.keys.val[1].salt)); - ent.keys.val[1].salt->type = hdb_pw_salt; - ent.keys.val[2].key.keytype = ETYPE_DES_CBC_MD5; - ent.keys.val[2].salt = calloc(1, sizeof(*ent.keys.val[2].salt)); - ent.keys.val[2].salt->type = hdb_pw_salt; - ent.keys.val[3].key.keytype = ETYPE_DES3_CBC_SHA1; - ret = _kadm5_set_keys(context, &ent, password); + if ((mask & KADM5_KVNO) == 0) + ent.entry.kvno = 1; + + ent.entry.keys.len = 0; + ent.entry.keys.val = NULL; + + ret = _kadm5_set_keys(context, &ent.entry, password); if (ret) goto out; - ret = hdb_seal_keys(context->context, context->db, &ent); + ret = hdb_seal_keys(context->context, context->db, &ent.entry); if (ret) goto out; - kadm5_log_create (context, &ent); - - ret = context->db->open(context->context, context->db, O_RDWR, 0); + ret = context->db->hdb_open(context->context, context->db, O_RDWR, 0); if(ret) goto out; - ret = context->db->store(context->context, context->db, 0, &ent); - context->db->close(context->context, context->db); -out: + ret = context->db->hdb_store(context->context, context->db, 0, &ent); + context->db->hdb_close(context->context, context->db); + if (ret) + goto out; + + kadm5_log_create (context, &ent.entry); + + out: hdb_free_entry(context->context, &ent); return _kadm5_error_code(ret); } |