add HDBGET: that only supports get, iteration doesnt really make sense for the HDB keytab except when dumping
This commit is contained in:
Love Hornquist Astrand
@@ -37,7 +37,7 @@ static char *check_library = NULL;
|
||||
static char *check_function = NULL;
|
||||
static getarg_strings policy_libraries = { 0, NULL };
|
||||
static char *config_file;
|
||||
static char sHDB[] = "HDB:";
|
||||
static char sHDB[] = "HDBGET:";
|
||||
static char *keytab_str = sHDB;
|
||||
static int help_flag;
|
||||
static int version_flag;
|
||||
@@ -142,7 +142,7 @@ main(int argc, char **argv)
|
||||
if (ret)
|
||||
krb5_err(context, 1, ret, "krb5_set_warn_dest");
|
||||
|
||||
ret = krb5_kt_register(context, &hdb_kt_ops);
|
||||
ret = krb5_kt_register(context, &hdb_get_kt_ops);
|
||||
if(ret)
|
||||
krb5_err(context, 1, ret, "krb5_kt_register");
|
||||
|
||||
|
||||
@@ -238,7 +238,7 @@ _kdc_do_digest(krb5_context context,
|
||||
|
||||
kdc_log(context, config, 0, "Digest request from %s", from);
|
||||
|
||||
ret = krb5_kt_resolve(context, "HDB:", &id);
|
||||
ret = krb5_kt_resolve(context, "HDBGET:", &id);
|
||||
if (ret) {
|
||||
kdc_log(context, config, 0, "Can't open database for digest");
|
||||
goto out;
|
||||
|
||||
@@ -161,7 +161,7 @@ get_creds(krb5_context context, krb5_ccache *cache)
|
||||
krb5_preauthtype preauth = KRB5_PADATA_ENC_TIMESTAMP;
|
||||
krb5_creds creds;
|
||||
|
||||
ret = krb5_kt_register(context, &hdb_kt_ops);
|
||||
ret = krb5_kt_register(context, &hdb_get_kt_ops);
|
||||
if(ret) krb5_err(context, 1, ret, "krb5_kt_register");
|
||||
|
||||
ret = krb5_kt_resolve(context, ktname, &keytab);
|
||||
|
||||
@@ -46,7 +46,7 @@ struct prop_data{
|
||||
|
||||
#define HPROP_VERSION "hprop-0.0"
|
||||
#define HPROP_NAME "hprop"
|
||||
#define HPROP_KEYTAB "HDB:"
|
||||
#define HPROP_KEYTAB "HDBGET:"
|
||||
#define HPROP_PORT 754
|
||||
|
||||
#ifndef NEVERDATE
|
||||
|
||||
@@ -154,7 +154,7 @@ main(int argc, char **argv)
|
||||
|
||||
krb5_log(context, fac, 0, "Connection from %s", addr_name);
|
||||
|
||||
ret = krb5_kt_register(context, &hdb_kt_ops);
|
||||
ret = krb5_kt_register(context, &hdb_get_kt_ops);
|
||||
if (ret)
|
||||
krb5_err(context, 1, ret, "krb5_kt_register");
|
||||
|
||||
|
||||
@@ -467,7 +467,7 @@ main(int argc, char **argv)
|
||||
else if (ret)
|
||||
errx (1, "krb5_init_context failed: %d", ret);
|
||||
|
||||
ret = krb5_kt_register(kdc_context, &hdb_kt_ops);
|
||||
ret = krb5_kt_register(kdc_context, &hdb_get_kt_ops);
|
||||
if (ret)
|
||||
errx (1, "krb5_kt_register(HDB) failed: %d", ret);
|
||||
|
||||
|
||||
@@ -304,7 +304,7 @@ _kdc_do_kx509(krb5_context context,
|
||||
|
||||
kdc_log(context, config, 0, "Kx509 request from %s", from);
|
||||
|
||||
ret = krb5_kt_resolve(context, "HDB:", &id);
|
||||
ret = krb5_kt_resolve(context, "HDBGET:", &id);
|
||||
if (ret) {
|
||||
kdc_log(context, config, 0, "Can't open database for digest");
|
||||
goto out;
|
||||
|
||||
@@ -122,7 +122,7 @@ main(int argc, char **argv)
|
||||
else if (ret)
|
||||
errx (1, "krb5_init_context failed: %d", ret);
|
||||
|
||||
ret = krb5_kt_register(context, &hdb_kt_ops);
|
||||
ret = krb5_kt_register(context, &hdb_get_kt_ops);
|
||||
if (ret)
|
||||
errx (1, "krb5_kt_register(HDB) failed: %d", ret);
|
||||
|
||||
|
||||
@@ -747,7 +747,7 @@ sigterm(int sig)
|
||||
static const char *check_library = NULL;
|
||||
static const char *check_function = NULL;
|
||||
static getarg_strings policy_libraries = { 0, NULL };
|
||||
static char sHDB[] = "HDB:";
|
||||
static char sHDB[] = "HDBGET:";
|
||||
static char *keytab_str = sHDB;
|
||||
static char *realm_str;
|
||||
static int version_flag;
|
||||
@@ -831,7 +831,7 @@ main (int argc, char **argv)
|
||||
} else
|
||||
port = krb5_getportbyname (context, "kpasswd", "udp", KPASSWD_PORT);
|
||||
|
||||
ret = krb5_kt_register(context, &hdb_kt_ops);
|
||||
ret = krb5_kt_register(context, &hdb_get_kt_ops);
|
||||
if(ret)
|
||||
krb5_err(context, 1, ret, "krb5_kt_register");
|
||||
|
||||
|
||||
@@ -149,12 +149,19 @@ main(int argc, char **argv)
|
||||
|
||||
/* head vs tail */
|
||||
if (len >= 100000) {
|
||||
int bit, i;
|
||||
unsigned bytes[256];
|
||||
unsigned bits[8];
|
||||
size_t bit, i;
|
||||
double res;
|
||||
int bits[8] = { 0, 0, 0, 0, 0, 0, 0, 0 };
|
||||
|
||||
memset(bits, 0, sizeof(bit));
|
||||
memset(bytes, 0, sizeof(bytes));
|
||||
|
||||
for (i = 0; i < len; i++) {
|
||||
unsigned char c = ((unsigned char *)buffer)[i];
|
||||
|
||||
bytes[c]++;
|
||||
|
||||
for (bit = 0; bit < 8 && c; bit++) {
|
||||
if (c & 1)
|
||||
bits[bit]++;
|
||||
@@ -164,13 +171,23 @@ main(int argc, char **argv)
|
||||
|
||||
for (bit = 0; bit < 8; bit++) {
|
||||
|
||||
res = ((double)abs(len - bits[bit] * 2)) / (double)len;
|
||||
res = 1.0 - (((double)(bits[bit]) / (double)len) * 2);
|
||||
if (res > 0.005)
|
||||
errx(1, "head%d vs tail%d > 0.5%%%% %lf == %d vs %d",
|
||||
bit, bit, res, len, bits[bit]);
|
||||
errx(1, "head%u vs tail%u > 0.5%% %lf == %d of %d",
|
||||
(unsigned)bit, (unsigned)bit, res, len, bits[bit]);
|
||||
|
||||
printf("head vs tails bit%d: %lf\n", bit, res);
|
||||
printf("head vs tails bit%u: %lf\n", (unsigned)bit, res);
|
||||
}
|
||||
|
||||
for (i = 0; i < 256; i++) {
|
||||
res = 1.0 - (((double)(bytes[i]) / (double)len) * 256);
|
||||
if (res > 0.005)
|
||||
errx(1, "byte %u > 0.5%%%% %lf",
|
||||
(unsigned)i, res);
|
||||
printf("byte %u: %lf\n", (unsigned)i, res);
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
free(buffer);
|
||||
|
||||
@@ -287,6 +287,7 @@ struct hdb_print_entry_arg {
|
||||
typedef krb5_error_code (*hdb_foreach_func_t)(krb5_context, HDB*,
|
||||
hdb_entry_ex*, void*);
|
||||
extern krb5_kt_ops hdb_kt_ops;
|
||||
extern krb5_kt_ops hdb_get_kt_ops;
|
||||
|
||||
extern const int hdb_interface_version;
|
||||
|
||||
|
||||
@@ -424,3 +424,19 @@ krb5_kt_ops hdb_kt_ops = {
|
||||
NULL,
|
||||
0
|
||||
};
|
||||
|
||||
krb5_kt_ops hdb_get_kt_ops = {
|
||||
"HDBGET",
|
||||
hdb_resolve,
|
||||
hdb_get_name,
|
||||
hdb_close,
|
||||
NULL,
|
||||
hdb_get_entry,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
0
|
||||
};
|
||||
|
||||
@@ -73,6 +73,7 @@ EXPORTS
|
||||
initialize_hdb_error_table_r
|
||||
|
||||
hdb_kt_ops
|
||||
hdb_get_kt_ops
|
||||
|
||||
; MIT KDB related entries
|
||||
_hdb_mdb_value2entry
|
||||
|
||||
@@ -80,6 +80,7 @@ HEIMDAL_HDB_1.0 {
|
||||
_hdb_mit_dump2mitdb_entry;
|
||||
|
||||
hdb_kt_ops;
|
||||
hdb_get_kt_ops;
|
||||
|
||||
# some random bits needed for libkadm
|
||||
add_HDB_Ext_KeySet;
|
||||
|
||||
@@ -921,7 +921,7 @@ write_stats(krb5_context context, slave *slaves, uint32_t current_version)
|
||||
}
|
||||
|
||||
|
||||
static char sHDB[] = "HDB:";
|
||||
static char sHDB[] = "HDBGET:";
|
||||
static char *realm;
|
||||
static int version_flag;
|
||||
static int help_flag;
|
||||
@@ -1020,7 +1020,7 @@ main(int argc, char **argv)
|
||||
krb5_openlog (context, "ipropd-master", &log_facility);
|
||||
krb5_set_warn_dest(context, log_facility);
|
||||
|
||||
ret = krb5_kt_register(context, &hdb_kt_ops);
|
||||
ret = krb5_kt_register(context, &hdb_get_kt_ops);
|
||||
if(ret)
|
||||
krb5_err(context, 1, ret, "krb5_kt_register");
|
||||
|
||||
|
||||
@@ -631,7 +631,7 @@ main(int argc, char **argv)
|
||||
|
||||
slave_status(context, status_file, "bootstrapping");
|
||||
|
||||
ret = krb5_kt_register(context, &hdb_kt_ops);
|
||||
ret = krb5_kt_register(context, &hdb_get_kt_ops);
|
||||
if(ret)
|
||||
krb5_err(context, 1, ret, "krb5_kt_register");
|
||||
|
||||
|
||||
Reference in New Issue
Block a user