add HDBGET: that only supports get, iteration doesnt really make sense for the HDB keytab except when dumping

This commit is contained in:
Love Hornquist Astrand
2013-10-15 12:40:39 +02:00
parent d1eb0da071
commit 1d84562886
16 changed files with 56 additions and 20 deletions

View File

@@ -37,7 +37,7 @@ static char *check_library = NULL;
static char *check_function = NULL;
static getarg_strings policy_libraries = { 0, NULL };
static char *config_file;
static char sHDB[] = "HDB:";
static char sHDB[] = "HDBGET:";
static char *keytab_str = sHDB;
static int help_flag;
static int version_flag;
@@ -142,7 +142,7 @@ main(int argc, char **argv)
if (ret)
krb5_err(context, 1, ret, "krb5_set_warn_dest");
ret = krb5_kt_register(context, &hdb_kt_ops);
ret = krb5_kt_register(context, &hdb_get_kt_ops);
if(ret)
krb5_err(context, 1, ret, "krb5_kt_register");

View File

@@ -238,7 +238,7 @@ _kdc_do_digest(krb5_context context,
kdc_log(context, config, 0, "Digest request from %s", from);
ret = krb5_kt_resolve(context, "HDB:", &id);
ret = krb5_kt_resolve(context, "HDBGET:", &id);
if (ret) {
kdc_log(context, config, 0, "Can't open database for digest");
goto out;

View File

@@ -161,7 +161,7 @@ get_creds(krb5_context context, krb5_ccache *cache)
krb5_preauthtype preauth = KRB5_PADATA_ENC_TIMESTAMP;
krb5_creds creds;
ret = krb5_kt_register(context, &hdb_kt_ops);
ret = krb5_kt_register(context, &hdb_get_kt_ops);
if(ret) krb5_err(context, 1, ret, "krb5_kt_register");
ret = krb5_kt_resolve(context, ktname, &keytab);

View File

@@ -46,7 +46,7 @@ struct prop_data{
#define HPROP_VERSION "hprop-0.0"
#define HPROP_NAME "hprop"
#define HPROP_KEYTAB "HDB:"
#define HPROP_KEYTAB "HDBGET:"
#define HPROP_PORT 754
#ifndef NEVERDATE

View File

@@ -154,7 +154,7 @@ main(int argc, char **argv)
krb5_log(context, fac, 0, "Connection from %s", addr_name);
ret = krb5_kt_register(context, &hdb_kt_ops);
ret = krb5_kt_register(context, &hdb_get_kt_ops);
if (ret)
krb5_err(context, 1, ret, "krb5_kt_register");

View File

@@ -467,7 +467,7 @@ main(int argc, char **argv)
else if (ret)
errx (1, "krb5_init_context failed: %d", ret);
ret = krb5_kt_register(kdc_context, &hdb_kt_ops);
ret = krb5_kt_register(kdc_context, &hdb_get_kt_ops);
if (ret)
errx (1, "krb5_kt_register(HDB) failed: %d", ret);

View File

@@ -304,7 +304,7 @@ _kdc_do_kx509(krb5_context context,
kdc_log(context, config, 0, "Kx509 request from %s", from);
ret = krb5_kt_resolve(context, "HDB:", &id);
ret = krb5_kt_resolve(context, "HDBGET:", &id);
if (ret) {
kdc_log(context, config, 0, "Can't open database for digest");
goto out;

View File

@@ -122,7 +122,7 @@ main(int argc, char **argv)
else if (ret)
errx (1, "krb5_init_context failed: %d", ret);
ret = krb5_kt_register(context, &hdb_kt_ops);
ret = krb5_kt_register(context, &hdb_get_kt_ops);
if (ret)
errx (1, "krb5_kt_register(HDB) failed: %d", ret);

View File

@@ -747,7 +747,7 @@ sigterm(int sig)
static const char *check_library = NULL;
static const char *check_function = NULL;
static getarg_strings policy_libraries = { 0, NULL };
static char sHDB[] = "HDB:";
static char sHDB[] = "HDBGET:";
static char *keytab_str = sHDB;
static char *realm_str;
static int version_flag;
@@ -831,7 +831,7 @@ main (int argc, char **argv)
} else
port = krb5_getportbyname (context, "kpasswd", "udp", KPASSWD_PORT);
ret = krb5_kt_register(context, &hdb_kt_ops);
ret = krb5_kt_register(context, &hdb_get_kt_ops);
if(ret)
krb5_err(context, 1, ret, "krb5_kt_register");

View File

@@ -149,12 +149,19 @@ main(int argc, char **argv)
/* head vs tail */
if (len >= 100000) {
int bit, i;
unsigned bytes[256];
unsigned bits[8];
size_t bit, i;
double res;
int bits[8] = { 0, 0, 0, 0, 0, 0, 0, 0 };
memset(bits, 0, sizeof(bit));
memset(bytes, 0, sizeof(bytes));
for (i = 0; i < len; i++) {
unsigned char c = ((unsigned char *)buffer)[i];
bytes[c]++;
for (bit = 0; bit < 8 && c; bit++) {
if (c & 1)
bits[bit]++;
@@ -164,13 +171,23 @@ main(int argc, char **argv)
for (bit = 0; bit < 8; bit++) {
res = ((double)abs(len - bits[bit] * 2)) / (double)len;
res = 1.0 - (((double)(bits[bit]) / (double)len) * 2);
if (res > 0.005)
errx(1, "head%d vs tail%d > 0.5%%%% %lf == %d vs %d",
bit, bit, res, len, bits[bit]);
errx(1, "head%u vs tail%u > 0.5%% %lf == %d of %d",
(unsigned)bit, (unsigned)bit, res, len, bits[bit]);
printf("head vs tails bit%d: %lf\n", bit, res);
printf("head vs tails bit%u: %lf\n", (unsigned)bit, res);
}
for (i = 0; i < 256; i++) {
res = 1.0 - (((double)(bytes[i]) / (double)len) * 256);
if (res > 0.005)
errx(1, "byte %u > 0.5%%%% %lf",
(unsigned)i, res);
printf("byte %u: %lf\n", (unsigned)i, res);
}
}
free(buffer);

View File

@@ -287,6 +287,7 @@ struct hdb_print_entry_arg {
typedef krb5_error_code (*hdb_foreach_func_t)(krb5_context, HDB*,
hdb_entry_ex*, void*);
extern krb5_kt_ops hdb_kt_ops;
extern krb5_kt_ops hdb_get_kt_ops;
extern const int hdb_interface_version;

View File

@@ -424,3 +424,19 @@ krb5_kt_ops hdb_kt_ops = {
NULL,
0
};
krb5_kt_ops hdb_get_kt_ops = {
"HDBGET",
hdb_resolve,
hdb_get_name,
hdb_close,
NULL,
hdb_get_entry,
NULL,
NULL,
NULL,
NULL,
NULL,
NULL,
0
};

View File

@@ -73,6 +73,7 @@ EXPORTS
initialize_hdb_error_table_r
hdb_kt_ops
hdb_get_kt_ops
; MIT KDB related entries
_hdb_mdb_value2entry

View File

@@ -80,6 +80,7 @@ HEIMDAL_HDB_1.0 {
_hdb_mit_dump2mitdb_entry;
hdb_kt_ops;
hdb_get_kt_ops;
# some random bits needed for libkadm
add_HDB_Ext_KeySet;

View File

@@ -921,7 +921,7 @@ write_stats(krb5_context context, slave *slaves, uint32_t current_version)
}
static char sHDB[] = "HDB:";
static char sHDB[] = "HDBGET:";
static char *realm;
static int version_flag;
static int help_flag;
@@ -1020,7 +1020,7 @@ main(int argc, char **argv)
krb5_openlog (context, "ipropd-master", &log_facility);
krb5_set_warn_dest(context, log_facility);
ret = krb5_kt_register(context, &hdb_kt_ops);
ret = krb5_kt_register(context, &hdb_get_kt_ops);
if(ret)
krb5_err(context, 1, ret, "krb5_kt_register");

View File

@@ -631,7 +631,7 @@ main(int argc, char **argv)
slave_status(context, status_file, "bootstrapping");
ret = krb5_kt_register(context, &hdb_kt_ops);
ret = krb5_kt_register(context, &hdb_get_kt_ops);
if(ret)
krb5_err(context, 1, ret, "krb5_kt_register");