oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Rename KADM5_ACL_* -> KADM5_PRIV_* to conform with specification.

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3839 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Johan Danielsson
1997-11-09 01:31:14 +00:00
parent f05df77bb0
commit 3e5cb18d86
4 changed files with 34 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
kadmin/server.c
View File

@@ -72,7 +72,7 @@ kadmind_dispatch(void *kadm_handle, krb5_storage *sp)
} }
krb5_unparse_name_fixed(context->context, princ, name, sizeof(name)); krb5_unparse_name_fixed(context->context, princ, name, sizeof(name));
krb5_warnx(context->context, "%s: %s %s", client, op, name); krb5_warnx(context->context, "%s: %s %s", client, op, name);
ret = _kadm5_acl_check_permission(context, KADM5_ACL_GET); ret = _kadm5_acl_check_permission(context, KADM5_PRIV_GET);
if(ret){ if(ret){
krb5_free_principal(context->context, princ); krb5_free_principal(context->context, princ);
goto fail; goto fail;
@@ -94,7 +94,7 @@ kadmind_dispatch(void *kadm_handle, krb5_storage *sp)
goto fail; goto fail;
krb5_unparse_name_fixed(context->context, princ, name, sizeof(name)); krb5_unparse_name_fixed(context->context, princ, name, sizeof(name));
krb5_warnx(context->context, "%s: %s %s", client, op, name); krb5_warnx(context->context, "%s: %s %s", client, op, name);
ret = _kadm5_acl_check_permission(context, KADM5_ACL_DELETE); ret = _kadm5_acl_check_permission(context, KADM5_PRIV_DELETE);
if(ret){ if(ret){
krb5_free_principal(context->context, princ); krb5_free_principal(context->context, princ);
goto fail; goto fail;
@@ -123,7 +123,7 @@ kadmind_dispatch(void *kadm_handle, krb5_storage *sp)
krb5_unparse_name_fixed(context->context, ent.principal, krb5_unparse_name_fixed(context->context, ent.principal,
name, sizeof(name)); name, sizeof(name));
krb5_warnx(context->context, "%s: %s %s", client, op, name); krb5_warnx(context->context, "%s: %s %s", client, op, name);
ret = _kadm5_acl_check_permission(context, KADM5_ACL_CREATE); ret = _kadm5_acl_check_permission(context, KADM5_PRIV_ADD);
if(ret){ if(ret){
kadm5_free_principal_ent(context->context, &ent); kadm5_free_principal_ent(context->context, &ent);
memset(password, 0, strlen(password)); memset(password, 0, strlen(password));
@@ -152,7 +152,7 @@ kadmind_dispatch(void *kadm_handle, krb5_storage *sp)
krb5_unparse_name_fixed(context->context, ent.principal, krb5_unparse_name_fixed(context->context, ent.principal,
name, sizeof(name)); name, sizeof(name));
krb5_warnx(context->context, "%s: %s %s", client, op, name); krb5_warnx(context->context, "%s: %s %s", client, op, name);
ret = _kadm5_acl_check_permission(context, KADM5_ACL_MODIFY); ret = _kadm5_acl_check_permission(context, KADM5_PRIV_MODIFY);
if(ret){ if(ret){
kadm5_free_principal_ent(context, &ent); kadm5_free_principal_ent(context, &ent);
goto fail; goto fail;
@@ -178,7 +178,7 @@ kadmind_dispatch(void *kadm_handle, krb5_storage *sp)
krb5_warnx(context->context, "%s: %s %s -> %s", krb5_warnx(context->context, "%s: %s %s -> %s",
client, op, name, name2); client, op, name, name2);
ret = _kadm5_acl_check_permission(context, ret = _kadm5_acl_check_permission(context,
KADM5_ACL_CREATE|KADM5_ACL_DELETE); KADM5_PRIV_ADD|KADM5_PRIV_DELETE);
if(ret){ if(ret){
krb5_free_principal(context->context, princ); krb5_free_principal(context->context, princ);
goto fail; goto fail;
@@ -202,7 +202,7 @@ kadmind_dispatch(void *kadm_handle, krb5_storage *sp)
} }
krb5_unparse_name_fixed(context->context, princ, name, sizeof(name)); krb5_unparse_name_fixed(context->context, princ, name, sizeof(name));
krb5_warnx(context->context, "%s: %s %s", client, op, name); krb5_warnx(context->context, "%s: %s %s", client, op, name);
ret = _kadm5_acl_check_permission(context, KADM5_ACL_CHPASS); ret = _kadm5_acl_check_permission(context, KADM5_PRIV_CPW);
if(ret){ if(ret){
krb5_free_principal(context->context, princ); krb5_free_principal(context->context, princ);
goto fail; goto fail;
@@ -222,7 +222,7 @@ kadmind_dispatch(void *kadm_handle, krb5_storage *sp)
goto fail; goto fail;
krb5_unparse_name_fixed(context->context, princ, name, sizeof(name)); krb5_unparse_name_fixed(context->context, princ, name, sizeof(name));
krb5_warnx(context->context, "%s: %s %s", client, op, name); krb5_warnx(context->context, "%s: %s %s", client, op, name);
ret = _kadm5_acl_check_permission(context, KADM5_ACL_CHPASS); ret = _kadm5_acl_check_permission(context, KADM5_PRIV_CPW);
if(ret){ if(ret){
krb5_free_principal(context->context, princ); krb5_free_principal(context->context, princ);
goto fail; goto fail;

26
lib/kadm5/acl.c
View File

@@ -41,13 +41,13 @@
RCSID("$Id$"); RCSID("$Id$");
static struct units acl_units[] = { static struct units acl_units[] = {
{ "all", KADM5_ACL_ALL }, { "all", KADM5_PRIV_ALL },
{ "list", KADM5_ACL_LIST }, { "cpw", KADM5_PRIV_CPW },
{ "delete", KADM5_ACL_DELETE }, { "list", KADM5_PRIV_LIST },
{ "chpass", KADM5_ACL_CHPASS }, { "delete", KADM5_PRIV_DELETE },
{ "modify", KADM5_ACL_MODIFY }, { "modify", KADM5_PRIV_MODIFY },
{ "add", KADM5_ACL_CREATE }, { "add", KADM5_PRIV_ADD },
{ "get", KADM5_ACL_GET }, { "get", KADM5_PRIV_GET },
{ NULL } { NULL }
}; };
@@ -103,17 +103,17 @@ kadm5_ret_t
_kadm5_acl_check_permission(kadm5_server_context *context, unsigned op) _kadm5_acl_check_permission(kadm5_server_context *context, unsigned op)
{ {
unsigned res = ~context->acl_flags & op; unsigned res = ~context->acl_flags & op;
if(res & KADM5_ACL_GET) if(res & KADM5_PRIV_GET)
return KADM5_AUTH_GET; return KADM5_AUTH_GET;
if(res & KADM5_ACL_CREATE) if(res & KADM5_PRIV_ADD)
return KADM5_AUTH_ADD; return KADM5_AUTH_ADD;
if(res & KADM5_ACL_MODIFY) if(res & KADM5_PRIV_MODIFY)
return KADM5_AUTH_MODIFY; return KADM5_AUTH_MODIFY;
if(res & KADM5_ACL_DELETE) if(res & KADM5_PRIV_DELETE)
return KADM5_AUTH_DELETE; return KADM5_AUTH_DELETE;
if(res & KADM5_ACL_CHPASS) if(res & KADM5_PRIV_CPW)
return KADM5_AUTH_CHANGEPW; return KADM5_AUTH_CHANGEPW;
if(res & KADM5_ACL_LIST) if(res & KADM5_PRIV_LIST)
return KADM5_AUTH_LIST; return KADM5_AUTH_LIST;
if(res) if(res)
return KADM5_AUTH_INSUFFICIENT; return KADM5_AUTH_INSUFFICIENT;

14
lib/kadm5/admin.h
View File

@@ -175,13 +175,13 @@ typedef struct _kadm5_policy_ent_t {
#define KADM5_CONFIG_FLAGS (1 << 17) #define KADM5_CONFIG_FLAGS (1 << 17)
#define KADM5_CONFIG_ENCTYPES (1 << 18) #define KADM5_CONFIG_ENCTYPES (1 << 18)
#define KADM5_ACL_GET (1 << 0) #define KADM5_PRIV_GET (1 << 0)
#define KADM5_ACL_CREATE (1 << 1) #define KADM5_PRIV_ADD (1 << 1)
#define KADM5_ACL_MODIFY (1 << 2) #define KADM5_PRIV_MODIFY (1 << 2)
#define KADM5_ACL_CHPASS (1 << 3) #define KADM5_PRIV_DELETE (1 << 3)
#define KADM5_ACL_DELETE (1 << 4) #define KADM5_PRIV_LIST (1 << 4)
#define KADM5_ACL_LIST (1 << 5) #define KADM5_PRIV_CPW (1 << 5)
#define KADM5_ACL_ALL (0x7fffffff) /* XXX ~0 breaks in parse_flags */ #define KADM5_PRIV_ALL (0x7fffffff) /* XXX ~0 breaks in parse_flags */
typedef struct { typedef struct {
int XXX; int XXX;

14
lib/kadm5/server.c
View File

@@ -72,7 +72,7 @@ kadmind_dispatch(void *kadm_handle, krb5_storage *sp)
} }
krb5_unparse_name_fixed(context->context, princ, name, sizeof(name)); krb5_unparse_name_fixed(context->context, princ, name, sizeof(name));
krb5_warnx(context->context, "%s: %s %s", client, op, name); krb5_warnx(context->context, "%s: %s %s", client, op, name);
ret = _kadm5_acl_check_permission(context, KADM5_ACL_GET); ret = _kadm5_acl_check_permission(context, KADM5_PRIV_GET);
if(ret){ if(ret){
krb5_free_principal(context->context, princ); krb5_free_principal(context->context, princ);
goto fail; goto fail;
@@ -94,7 +94,7 @@ kadmind_dispatch(void *kadm_handle, krb5_storage *sp)
goto fail; goto fail;
krb5_unparse_name_fixed(context->context, princ, name, sizeof(name)); krb5_unparse_name_fixed(context->context, princ, name, sizeof(name));
krb5_warnx(context->context, "%s: %s %s", client, op, name); krb5_warnx(context->context, "%s: %s %s", client, op, name);
ret = _kadm5_acl_check_permission(context, KADM5_ACL_DELETE); ret = _kadm5_acl_check_permission(context, KADM5_PRIV_DELETE);
if(ret){ if(ret){
krb5_free_principal(context->context, princ); krb5_free_principal(context->context, princ);
goto fail; goto fail;
@@ -123,7 +123,7 @@ kadmind_dispatch(void *kadm_handle, krb5_storage *sp)
krb5_unparse_name_fixed(context->context, ent.principal, krb5_unparse_name_fixed(context->context, ent.principal,
name, sizeof(name)); name, sizeof(name));
krb5_warnx(context->context, "%s: %s %s", client, op, name); krb5_warnx(context->context, "%s: %s %s", client, op, name);
ret = _kadm5_acl_check_permission(context, KADM5_ACL_CREATE); ret = _kadm5_acl_check_permission(context, KADM5_PRIV_ADD);
if(ret){ if(ret){
kadm5_free_principal_ent(context->context, &ent); kadm5_free_principal_ent(context->context, &ent);
memset(password, 0, strlen(password)); memset(password, 0, strlen(password));
@@ -152,7 +152,7 @@ kadmind_dispatch(void *kadm_handle, krb5_storage *sp)
krb5_unparse_name_fixed(context->context, ent.principal, krb5_unparse_name_fixed(context->context, ent.principal,
name, sizeof(name)); name, sizeof(name));
krb5_warnx(context->context, "%s: %s %s", client, op, name); krb5_warnx(context->context, "%s: %s %s", client, op, name);
ret = _kadm5_acl_check_permission(context, KADM5_ACL_MODIFY); ret = _kadm5_acl_check_permission(context, KADM5_PRIV_MODIFY);
if(ret){ if(ret){
kadm5_free_principal_ent(context, &ent); kadm5_free_principal_ent(context, &ent);
goto fail; goto fail;
@@ -178,7 +178,7 @@ kadmind_dispatch(void *kadm_handle, krb5_storage *sp)
krb5_warnx(context->context, "%s: %s %s -> %s", krb5_warnx(context->context, "%s: %s %s -> %s",
client, op, name, name2); client, op, name, name2);
ret = _kadm5_acl_check_permission(context, ret = _kadm5_acl_check_permission(context,
KADM5_ACL_CREATE|KADM5_ACL_DELETE); KADM5_PRIV_ADD|KADM5_PRIV_DELETE);
if(ret){ if(ret){
krb5_free_principal(context->context, princ); krb5_free_principal(context->context, princ);
goto fail; goto fail;
@@ -202,7 +202,7 @@ kadmind_dispatch(void *kadm_handle, krb5_storage *sp)
} }
krb5_unparse_name_fixed(context->context, princ, name, sizeof(name)); krb5_unparse_name_fixed(context->context, princ, name, sizeof(name));
krb5_warnx(context->context, "%s: %s %s", client, op, name); krb5_warnx(context->context, "%s: %s %s", client, op, name);
ret = _kadm5_acl_check_permission(context, KADM5_ACL_CHPASS); ret = _kadm5_acl_check_permission(context, KADM5_PRIV_CPW);
if(ret){ if(ret){
krb5_free_principal(context->context, princ); krb5_free_principal(context->context, princ);
goto fail; goto fail;
@@ -222,7 +222,7 @@ kadmind_dispatch(void *kadm_handle, krb5_storage *sp)
goto fail; goto fail;
krb5_unparse_name_fixed(context->context, princ, name, sizeof(name)); krb5_unparse_name_fixed(context->context, princ, name, sizeof(name));
krb5_warnx(context->context, "%s: %s %s", client, op, name); krb5_warnx(context->context, "%s: %s %s", client, op, name);
ret = _kadm5_acl_check_permission(context, KADM5_ACL_CHPASS); ret = _kadm5_acl_check_permission(context, KADM5_PRIV_CPW);
if(ret){ if(ret){
krb5_free_principal(context->context, princ); krb5_free_principal(context->context, princ);
goto fail; goto fail;