Complete --keepold support and fix crasher in kadmin cpw -r --keepold.

2011-07-19 00:21:30 -05:00
parent 2510d2d8fc
commit 0d90e0c4d0
10 changed files with 66 additions and 20 deletions
--- a/lib/kadm5/chpass_s.c
+++ b/lib/kadm5/chpass_s.c
@@ -182,6 +182,7 @@ kadm5_s_chpass_principal(void *server_handle,
 kadm5_ret_t
 kadm5_s_chpass_principal_with_key(void *server_handle,
 				  krb5_principal princ,
+				  int keepold,
 				  int n_key_data,
 				  krb5_key_data *key_data)
 {
@@ -197,9 +198,11 @@ kadm5_s_chpass_principal_with_key(void *server_handle,
 				      HDB_F_GET_ANY|HDB_F_ADMIN_DATA, &ent);
    if(ret == HDB_ERR_NOENTRY)
 	goto out;
-    ret = hdb_add_current_keys_to_history(context->context, &ent.entry);
-    if (ret)
-        goto out2;
+    if (keepold) {
+	ret = hdb_add_current_keys_to_history(context->context, &ent.entry);
+	if (ret)
+	    goto out2;
+    }
    ret = _kadm5_set_keys2(context, &ent.entry, n_key_data, key_data);
    if(ret)
 	goto out2;
@@ -211,9 +214,19 @@ kadm5_s_chpass_principal_with_key(void *server_handle,
    if (ret)
 	goto out2;

-    ret = hdb_seal_keys(context->context, context->db, &ent.entry);
-    if (ret)
-	goto out2;
+    if (keepold) {
+	ret = hdb_seal_keys(context->context, context->db, &ent.entry);
+	if (ret)
+	    goto out2;
+    } else {
+	HDB_extension ext;
+
+	ext.data.element = choice_HDB_extension_data_hist_keys;
+	ext.data.u.hist_keys.len = 0;
+	ext.data.u.hist_keys.val = NULL;
+	hdb_replace_extension(context->context, &ent.entry, &ext);
+    }
+

    ret = context->db->hdb_store(context->context, context->db,
 				 HDB_F_REPLACE, &ent);