oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

make ank use the values of the default principal for prompting

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@6352 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Assar Westerlund
1999-06-23 12:37:05 +00:00
parent 4befc59da8
commit 2faa266a21
1 changed files with 130 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files

169
kadmin/ank.c
View File

@@ -40,62 +40,75 @@
RCSID("$Id$"); RCSID("$Id$");
static struct getargs args[] = { /*
{ "random-key", 'r', arg_flag, NULL, "set random key" }, * fetch the default principal corresponding to `princ'
{ "password", 'p', arg_string, NULL, "princial's password" }, */
{ "max-ticket-life", 0, arg_string, NULL, "max ticket lifetime" },
{ "max-renewable-life", 0, arg_string, NULL,
"max renewable lifetime" },
{ "attributes", 0, arg_string, NULL, "attributes" }
};
static int num_args = sizeof(args) / sizeof(args[0]); static krb5_error_code
get_default (kadm5_server_context *context,
static void krb5_principal princ,
usage(void) kadm5_principal_ent_t default_ent)
{ {
arg_printusage (args, num_args, "ank", "principal"); krb5_error_code ret;
krb5_principal def_principal;
krb5_realm *realm = krb5_princ_realm(context->context, princ);
ret = krb5_make_principal (context->context, &def_principal,
*realm, "default", NULL);
if (ret)
return ret;
ret = kadm5_get_principal (context, def_principal, default_ent,
KADM5_PRINCIPAL_NORMAL_MASK);
krb5_free_principal (context->context, def_principal);
return ret;
} }
int /*
add_new_key(int argc, char **argv) * Add the principal `name' to the database.
* Prompt for all data not given by the input parameters.
*/
static krb5_error_code
add_one_principal (const char *name,
int random_key,
char *password,
const char *max_ticket_life,
const char *max_renewable_life,
const char *attributes)
{ {
kadm5_principal_ent_rec princ;
char pwbuf[1024];
char *password = NULL;
int rkey = 0;
int optind = 0;
int mask = 0;
krb5_error_code ret; krb5_error_code ret;
kadm5_principal_ent_rec princ;
kadm5_principal_ent_rec *default_ent, defrec;
krb5_principal princ_ent = NULL; krb5_principal princ_ent = NULL;
char *max_ticket_life = NULL; int mask = 0;
char *max_renewable_life = NULL; int default_mask = 0;
char *attributes = NULL; char pwbuf[1024];
args[0].value = &rkey;
args[1].value = &password;
args[2].value = &max_ticket_life;
args[3].value = &max_renewable_life;
args[4].value = &attributes;
if(getarg(args, num_args, argc, argv, &optind))
goto usage;
if(optind == argc)
goto usage;
memset(&princ, 0, sizeof(princ)); memset(&princ, 0, sizeof(princ));
ret = krb5_parse_name(context, argv[optind], &princ_ent); ret = krb5_parse_name(context, name, &princ_ent);
if (ret) { if (ret) {
krb5_warn(context, ret, "krb5_parse_name"); krb5_warn(context, ret, "krb5_parse_name");
goto out; return ret;
} }
princ.principal = princ_ent; princ.principal = princ_ent;
mask |= KADM5_PRINCIPAL; mask |= KADM5_PRINCIPAL;
if (set_entry(context, &princ, &mask,
max_ticket_life, max_renewable_life, attributes)) { ret = set_entry(context, &princ, &mask,
max_ticket_life, max_renewable_life, attributes);
if (ret)
goto out; goto out;
default_ent = &defrec;
ret = get_default (kadm_handle, princ_ent, default_ent);
if (ret) {
default_ent = NULL;
default_mask = 0;
} else {
default_mask = KADM5_ATTRIBUTES | KADM5_MAX_LIFE | KADM5_MAX_RLIFE;
} }
edit_entry(&princ, &mask);
if(rkey){ edit_entry(&princ, &mask, default_ent, default_mask);
if(random_key) {
princ.attributes |= KRB5_KDB_DISALLOW_ALL_TIX; princ.attributes |= KRB5_KDB_DISALLOW_ALL_TIX;
mask |= KADM5_ATTRIBUTES; mask |= KADM5_ATTRIBUTES;
password = "hemlig"; password = "hemlig";
@@ -117,7 +130,7 @@ add_new_key(int argc, char **argv)
ret = kadm5_create_principal(kadm_handle, &princ, mask, password); ret = kadm5_create_principal(kadm_handle, &princ, mask, password);
if(ret) if(ret)
krb5_warn(context, ret, "kadm5_create_principal"); krb5_warn(context, ret, "kadm5_create_principal");
if(rkey){ if(random_key) {
krb5_keyblock *new_keys; krb5_keyblock *new_keys;
int n_keys, i; int n_keys, i;
ret = kadm5_randkey_principal(kadm_handle, princ_ent, ret = kadm5_randkey_principal(kadm_handle, princ_ent,
@@ -140,10 +153,74 @@ add_new_key(int argc, char **argv)
out: out:
if (princ_ent) if (princ_ent)
krb5_free_principal (context, princ_ent); krb5_free_principal (context, princ_ent);
if(!rkey && password) if(default_ent)
kadm5_free_principal_ent (context, default_ent);
if (!random_key && password)
memset (password, 0, strlen(password)); memset (password, 0, strlen(password));
return 0; return ret;
usage: }
usage();
goto out; /*
* the ank command
*/
static struct getargs args[] = {
{ "random-key", 'r', arg_flag, NULL, "set random key" },
{ "password", 'p', arg_string, NULL, "princial's password" },
{ "max-ticket-life", 0, arg_string, NULL, "max ticket lifetime" },
{ "max-renewable-life", 0, arg_string, NULL,
"max renewable lifetime" },
{ "attributes", 0, arg_string, NULL, "attributes" }
};
static int num_args = sizeof(args) / sizeof(args[0]);
static void
usage(void)
{
arg_printusage (args, num_args, "ank", "principal");
}
/*
* Parse arguments and add all the principals.
*/
int
add_new_key(int argc, char **argv)
{
char *password = NULL;
int rkey = 0;
int optind = 0;
krb5_error_code ret;
char *max_ticket_life = NULL;
char *max_renewable_life = NULL;
char *attributes = NULL;
int i;
args[0].value = &rkey;
args[1].value = &password;
args[2].value = &max_ticket_life;
args[3].value = &max_renewable_life;
args[4].value = &attributes;
if(getarg(args, num_args, argc, argv, &optind)) {
usage ();
return 0;
}
if(optind == argc) {
usage ();
return 0;
}
for (i = optind; i < argc; ++i) {
ret = add_one_principal (argv[i], rkey, password,
max_ticket_life,
max_renewable_life,
attributes);
if (ret) {
krb5_warn (context, ret, "adding %s", argv[i]);
break;
}
}
return 0;
} }