oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

kadmin: Use kadm5_iter_principals() to list princs

Browse Source 
Now that we have a properly working API for listing principals in an
online way, and a server-side implementation of it, use it.

This should work with old and new servers, but it will only be online
and fast when talking to new servers.

(Old servers have a bug though that prevents LIST from working.)
This commit is contained in:
Nicolas Williams
2022-03-18 00:28:23 -05:00
parent b92a02edda
commit 1dbfd4e835
4 changed files with 124 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
kadmin/check.c
View File

@@ -73,7 +73,7 @@ do_check_entry(krb5_principal principal, void *data)
return 1;
memset (&princ, 0, sizeof(princ));
ret = kadm5_get_principal(kadm_handle, principal, &princ,
ret = kadm5_get_principal(data, principal, &princ,
KADM5_PRINCIPAL | KADM5_KEY_DATA);
if(ret) {
krb5_warn(context, ret, "Failed to get principal: %s", name);
@@ -95,7 +95,7 @@ do_check_entry(krb5_principal principal, void *data)
}
free(name);
kadm5_free_principal_ent(kadm_handle, &princ);
kadm5_free_principal_ent(data, &princ);
return 0;
}
@@ -106,6 +106,7 @@ check(void *opt, int argc, char **argv)
kadm5_principal_ent_rec ent;
krb5_error_code ret;
char *realm = NULL, *p, *p2;
void *inner_kadm_handle = NULL;
int found;
if (argc == 0) {
@@ -254,7 +255,15 @@ check(void *opt, int argc, char **argv)
}
}
foreach_principal("*", do_check_entry, "check", NULL);
ret = kadm5_dup_context(kadm_handle, &inner_kadm_handle);
if (ret == 0)
ret = foreach_principal("*", do_check_entry, "check", inner_kadm_handle);
if (inner_kadm_handle)
kadm5_destroy(inner_kadm_handle);
if (ret) {
krb5_warn(context, ret, "Could not iterate principals in realm");
goto fail;
}
free(realm);
return 0;