oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Remove kdb_edit.

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@4521 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Johan Danielsson
1998-03-03 19:09:56 +00:00
parent a4f3488699
commit 90bd8e9227
14 changed files with 3 additions and 2000 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
admin/Makefile.am
View File

@@ -4,23 +4,10 @@ AUTOMAKE_OPTIONS = no-dependencies foreign
INCLUDES = -I$(top_builddir)/include $(INCLUDE_readline)
man_MANS = kdb_edit.8 ktutil.8
man_MANS = ktutil.8
sbin_PROGRAMS = kdb_edit ktutil
kdb_edit_SOURCES = \
ank.c \
delete.c \
dump.c \
extkeytab.c \
get.c \
life.c \
init.c \
kdb_edit.c \
load.c \
mod.c \
util.c
sbin_PROGRAMS = ktutil
ktutil_SOURCES = ktutil.c srvconvert.c
LDADD = -L$(top_builddir)/lib/hdb -lhdb -L$(top_builddir)/lib/krb5 -lkrb5 -L$(top_builddir)/lib/des -ldes -L$(top_builddir)/lib/asn1 -lasn1 -L$(top_builddir)/lib/sl -lsl $(LIB_readline) -L$(top_builddir)/lib/roken -lroken
LDADD = -L$(top_builddir)/lib/krb5 -lkrb5 -L$(top_builddir)/lib/des -ldes -L$(top_builddir)/lib/asn1 -lasn1 -L$(top_builddir)/lib/sl -lsl $(LIB_readline) -L$(top_builddir)/lib/roken -lroken

131
admin/admin_locl.h
View File

@@ -1,131 +0,0 @@
/*
* Copyright (c) 1997 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by Kungliga Tekniska
* H<>gskolan and its contributors.
*
* 4. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/*
* $Id$
*/
#ifndef __ADMIN_LOCL_H__
#define __ADMIN_LOCL_H__
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <ctype.h>
#include <errno.h>
#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
#ifdef HAVE_FCNTL_H
#include <fcntl.h>
#endif
#ifdef HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#endif
#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
#endif
#ifdef HAVE_NETINET_IN6_H
#include <netinet/in6.h>
#endif
#ifdef HAVE_NETINET6_IN6_H
#include <netinet6/in6.h>
#endif
#ifdef HAVE_NETDB_H
#include <netdb.h>
#endif
#include <err.h>
#include <roken.h>
#include <krb5.h>
#include <hdb_err.h>
#include <parse_time.h>
#include "hdb.h"
extern krb5_context context;
extern char database[];
extern HDB *db;
#define DECL(X) int X(int, char **)
DECL(get_entry);
DECL(load);
DECL(merge);
DECL(add_new_key);
DECL(add_random_key);
DECL(mod_entry);
DECL(dump);
DECL(init);
DECL(get_entry);
DECL(del_entry);
DECL(ext_keytab);
DECL(help);
DECL(exit_kdb_edit);
DECL(set_db);
DECL(passwd);
DECL(change_random_key);
/* util.c */
void init_des_key(hdb_entry *ent);
void set_keys(hdb_entry *ent, char *password);
char *time2str(time_t t);
char *time2rstr(time_t t);
void event2string(Event *ev, char **str);
void print_hdbflags (FILE *fp, HDBFlags flags);
int parse_hdbflags (const char *s, HDBFlags *flags);
void init_entry (HDB *db, hdb_entry *ent);
void set_created_by (hdb_entry *ent);
void set_modified_by (hdb_entry *ent);
void edit_entry(hdb_entry *ent);
int set_password(hdb_entry *ent);
int set_random_key(hdb_entry *ent);
/* life.c */
time_t getlife(const char *prompt, const char *def);
size_t putlife(time_t t, char *s, size_t len);
#define ALLOC(X) ((X) = malloc(sizeof(*(X))))
#endif /* __ADMIN_LOCL_H__ */

108
admin/ank.c
View File

@@ -1,108 +0,0 @@
/*
* Copyright (c) 1997 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by Kungliga Tekniska
* H<>gskolan and its contributors.
*
* 4. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "admin_locl.h"
RCSID("$Id$");
static void
doit(const char *principal, int (*func)(hdb_entry *))
{
hdb_entry ent;
krb5_error_code ret;
krb5_principal ent_principal;
memset(&ent, 0, sizeof(ent));
ret = db->open(context, db, O_RDWR, 0600);
if (ret) {
krb5_warn(context, ret, "hdb_open");
return;
}
krb5_parse_name(context, principal, &ent_principal);
ent.principal = ent_principal;
ret = db->fetch(context, db, &ent);
switch(ret){
case HDB_ERR_NOENTRY:
break;
case 0:
krb5_warnx(context, "Principal exists");
krb5_free_principal (context, ent_principal);
goto cleanup;
default:
krb5_err(context, 1, ret, "dbget");
}
init_entry (db, &ent);
edit_entry (&ent);
if((*func)(&ent))
goto cleanup;
set_created_by (&ent);
ret = db->store(context, db, 0, &ent);
if(ret)
krb5_err(context, 1, ret, "db->store");
cleanup:
db->close(context, db);
hdb_free_entry(context, &ent);
}
int
add_new_key(int argc, char **argv)
{
if(argc != 2) {
krb5_warnx(context, "Usage: add_new_key principal");
return 0;
}
doit(argv[1], set_password);
return 0;
}
int
add_random_key(int argc, char **argv)
{
if(argc != 2) {
krb5_warnx(context, "Usage: add_random_key principal");
return 0;
}
doit(argv[1], set_random_key);
return 0;
}

75
admin/delete.c
View File

@@ -1,75 +0,0 @@
/*
* Copyright (c) 1997 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by Kungliga Tekniska
* H<>gskolan and its contributors.
*
* 4. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "admin_locl.h"
RCSID("$Id$");
int
del_entry(int argc, char **argv)
{
krb5_error_code ret;
hdb_entry ent;
if(argc != 2){
krb5_warnx(context, "Usage: del_entry principal");
return 0;
}
krb5_parse_name(context, argv[1], &ent.principal);
ret = db->open(context, db, O_RDWR, 0600);
if(ret) {
krb5_warn(context, ret, "hdb_open");
return 0;
}
ret = db->delete(context, db, &ent);
switch(ret){
case 0:
break;
default:
krb5_warn(context, ret, "delete");
break;
}
krb5_free_principal (context, ent.principal);
memset(&ent, 0, sizeof(ent));
db->close(context, db);
return 0;
}

194
admin/dump.c
View File

@@ -1,194 +0,0 @@
/*
* Copyright (c) 1997 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by Kungliga Tekniska
* H<>gskolan and its contributors.
*
* 4. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "admin_locl.h"
RCSID("$Id$");
/*
This is the present contents of a dump line. This might change at
any time. Fields are separated by white space.
principal
keyblock
kvno
keys...
mkvno (unused)
keytype
keyvalue
salt (- means use normal salt)
creation date and principal
modification date and principal
principal valid from date (not used)
principal valid end date (not used)
principal key expires (not used)
max ticket life
max renewable life
flags
*/
static void
append_hex(char *str, krb5_data *data)
{
int i;
char *p = calloc(1, data->length * 2 + 1);
for(i = 0; i < data->length; i++)
sprintf(p + 2 * i, "%02x", ((u_char*)data->data)[i]);
strcat(str, p);
free(p);
}
static int
hdb_entry2string(hdb_entry *ent, char **str)
{
char *p;
char buf[1024] = "";
int i;
krb5_unparse_name(context, ent->principal, &p);
strcat(buf, p);
strcat(buf, " ");
free(p);
asprintf(&p, "%d", ent->kvno);
strcat(buf, p);
free(p);
for(i = 0; i < ent->keys.len; i++){
asprintf(&p, ":%d:%d:",
ent->keys.val[i].mkvno,
ent->keys.val[i].key.keytype);
strcat(buf, p);
free(p);
append_hex(buf, &ent->keys.val[i].key.keyvalue);
strcat(buf, ":");
if(ent->keys.val[i].salt){
asprintf(&p, "%u/", ent->keys.val[i].salt->type);
strcat(buf, p);
free(p);
append_hex(buf, &ent->keys.val[i].salt->salt);
}else
strcat(buf, "-");
}
strcat(buf, " ");
event2string(&ent->created_by, &p);
strcat(buf, p);
strcat(buf, " ");
free(p);
event2string(ent->modified_by, &p);
strcat(buf, p);
strcat(buf, " ");
free(p);
if(ent->valid_start)
strcat(buf, time2str(*ent->valid_start));
else
strcat(buf, "-");
strcat(buf, " ");
if(ent->valid_end)
strcat(buf, time2str(*ent->valid_end));
else
strcat(buf, "-");
strcat(buf, " ");
if(ent->pw_end)
strcat(buf, time2str(*ent->pw_end));
else
strcat(buf, "-");
strcat(buf, " ");
if(ent->max_life){
asprintf(&p, "%d", *ent->max_life);
strcat(buf, p);
free(p);
}else
strcat(buf, "-");
strcat(buf, " ");
if(ent->max_renew){
asprintf(&p, "%d", *ent->max_renew);
strcat(buf, p);
free(p);
}else
strcat(buf, "-");
strcat(buf, " ");
asprintf(&p, "%d", HDBFlags2int(ent->flags));
strcat(buf, p);
free(p);
*str = strdup(buf);
return 0;
}
static krb5_error_code
print_entry(krb5_context context, HDB *db, hdb_entry *entry, void *data)
{
char *p;
hdb_entry2string(entry, &p);
fprintf((FILE*)data, "%s\n", p);
free(p);
return 0;
}
int
dump(int argc, char **argv)
{
krb5_error_code ret;
FILE *f;
if(argc < 2)
f = stdout;
else
f = fopen(argv[1], "w");
ret = db->open(context, db, O_RDONLY, 0600);
if(ret){
krb5_warn(context, ret, "hdb_open");
if(f != stdout)
fclose(f);
return 0;
}
hdb_foreach(context, db, print_entry, f);
if(f != stdout)
fclose(f);
db->close(context, db);
return 0;
}

122
admin/extkeytab.c
View File

@@ -1,122 +0,0 @@
/*
* Copyright (c) 1997 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by Kungliga Tekniska
* H<>gskolan and its contributors.
*
* 4. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "admin_locl.h"
RCSID("$Id$");
int
ext_keytab(int argc, char **argv)
{
hdb_entry ent;
krb5_keytab kid;
krb5_principal principal;
krb5_error_code ret = 0;
int i;
if(argc < 2 || argc > 3){
krb5_warnx(context, "Usage: ext_keytab principal [file]");
return 0;
}
ret = db->open(context, db, O_RDONLY, 0600);
if(ret){
krb5_warn(context, ret, "hdb_open");
return 0;
}
ret = krb5_parse_name (context, argv[1], &principal);
if (ret) {
krb5_warn(context, ret, "krb5_parse_name");
goto cleanup1;
}
ent.principal = principal;
ret = db->fetch(context, db, &ent);
if (ret) {
krb5_warn (context, ret, "db->fetch");
krb5_free_principal (context, ent.principal);
goto cleanup1;
}
{
char ktname[128] = "FILE:";
if(argc == 3)
strcat(ktname, argv[2]);
else
ret = krb5_kt_default_name(context, ktname, sizeof(ktname));
ret = krb5_kt_resolve(context, ktname, &kid);
}
if (ret) {
krb5_warn(context, ret, "krb5_kt_resolve");
goto cleanup1;
}
for(i = 0; i < ent.keys.len; ++i) {
krb5_keytab_entry key_entry;
Key *k;
krb5_copy_principal (context, principal, &key_entry.principal);
key_entry.vno = ent.kvno;
k = &ent.keys.val[i];
key_entry.keyblock.keytype = k->key.keytype;
key_entry.keyblock.keyvalue.length = 0;
krb5_data_copy(&key_entry.keyblock.keyvalue,
k->key.keyvalue.data,
k->key.keyvalue.length);
ret = krb5_kt_add_entry(context,
kid,
&key_entry);
if (ret) {
krb5_free_principal (context, key_entry.principal);
krb5_free_keyblock_contents (context, &key_entry.keyblock);
krb5_warn(context, ret, "krb5_kt_add_entry");
break;
}
}
krb5_kt_close (context, kid);
hdb_free_entry (context, &ent);
cleanup1:
db->close (context, db);
return ret;
}

142
admin/get.c
View File

@@ -1,142 +0,0 @@
/*
* Copyright (c) 1997 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by Kungliga Tekniska
* H<>gskolan and its contributors.
*
* 4. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "admin_locl.h"
RCSID("$Id$");
int
get_entry(int argc, char **argv)
{
krb5_error_code ret;
hdb_entry ent;
int i;
krb5_principal principal;
if(argc != 2) {
krb5_warnx(context, "Usage: get_entry principal");
return 0;
}
ret = db->open(context, db, O_RDONLY, 0600);
if(ret) {
krb5_warn(context, ret, "hdb_open");
return 0;
}
krb5_parse_name(context, argv[1], &principal);
memset (&ent, 0, sizeof(ent));
ent.principal = principal;
ret = db->fetch(context, db, &ent);
switch(ret){
case HDB_ERR_NOENTRY:
krb5_warnx(context, "Entry not found in database\n");
break;
case 0: {
char buf[128];
char *name;
krb5_free_principal(context, principal);
krb5_unparse_name(context, ent.principal, &name);
printf("Principal: %s\n", name);
free(name);
if (ent.max_life)
putlife (*ent.max_life, buf, sizeof(buf));
else
strcpy (buf, "infinite");
printf("Max ticket life: %s\n", buf);
if (ent.max_renew)
putlife (*ent.max_renew, buf, sizeof(buf));
else
strcpy (buf, "infinite");
printf("Max renewable ticket life: %s\n", buf);
if (ent.created_by.principal)
krb5_unparse_name (context, ent.created_by.principal, &name);
else
name = NULL;
printf("Created by %s at %s\n",
name ? name : "<unknown>",
time2rstr(ent.created_by.time));
free (name);
if (ent.modified_by) {
if (ent.modified_by->principal)
krb5_unparse_name (context, ent.modified_by->principal, &name);
else
name = NULL;
printf("Last modified by %s at %s\n",
name ? name : "<unknown>",
time2rstr(ent.modified_by->time));
free (name);
}
if (ent.valid_start) {
printf("Valid from %s\n", time2rstr(*ent.valid_start));
}
if (ent.valid_end) {
printf("Valid till %s\n", time2rstr(*ent.valid_end));
}
if (ent.pw_end) {
printf("Password expires at %s\n", time2rstr(*ent.pw_end));
}
printf("Keys: kvno = %d", ent.kvno);
for(i = 0; i < ent.keys.len; i++){
char *str;
printf(", ");
if(i == 0)
printf("type = ");
krb5_keytype_to_string(context, ent.keys.val[i].key.keytype, &str);
printf("%s", str);
free(str);
}
printf("\nFlags: ");
print_hdbflags (stdout, ent.flags);
printf("\n");
break;
}
default:
krb5_warn(context, ret, "db->fetch");
break;
}
hdb_free_entry (context, &ent);
db->close(context, db);
return 0;
}

164
admin/init.c
View File

@@ -1,164 +0,0 @@
/*
* Copyright (c) 1997 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by Kungliga Tekniska
* H<>gskolan and its contributors.
*
* 4. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "admin_locl.h"
RCSID("$Id$");
int
init(int argc, char **argv)
{
krb5_error_code ret;
int i;
int default_life = 86400;
int default_renew = 5 * 86400;
int max_life = 0;
int max_renew = 0;
hdb_entry ent;
ret = db->open(context, db, O_RDWR | O_CREAT, 0600);
if(ret){
krb5_warn(context, ret, "hdb_open");
return 0;
}
memset(&ent, 0, sizeof(ent));
for(i = 1; i < argc; i++){
krb5_build_principal(context, &ent.principal,
strlen(argv[i]), argv[i],
"krbtgt",
argv[i],
NULL);
ret = db->fetch(context, db, &ent);
switch(ret){
case 0:
krb5_warnx(context, "Entry already exists");
krb5_free_principal(context, ent.principal);
continue;
case HDB_ERR_NOENTRY:
break;
default:
krb5_warn(context, ret, "hdb_fetch");
db->close(context, db);
return 0;
}
max_life = getlife("Realm max ticket life", "infinite");
max_renew = getlife("Realm max renewable ticket life", "infinite");
default_life = getlife("Default ticket life", "1 day");
default_renew = getlife("Default renewable ticket life", "7 days");
/* Create `krbtgt/REALM' */
init_des_key(&ent);
ent.kvno = 1;
if(max_life){
ent.max_life = malloc(sizeof(*ent.max_life));
*ent.max_life = max_life;
}
if(max_renew){
ent.max_renew = malloc(sizeof(*ent.max_renew));
*ent.max_renew = max_renew;
}
ent.created_by.time = time(NULL);
krb5_build_principal(context, &ent.created_by.principal,
strlen(argv[i]), argv[i],
"kadmin",
NULL);
ent.flags.forwardable = 1;
ent.flags.proxiable = 1;
ent.flags.renewable = 1;
ent.flags.postdate = 1;
ent.flags.server = 1;
db->store(context, db, 1, &ent);
hdb_free_entry(context, &ent);
/* Create `default' */
memset(&ent, 0, sizeof(ent));
krb5_build_principal(context, &ent.principal,
strlen(argv[i]), argv[i],
"default",
NULL);
if(default_life){
ent.max_life = malloc(sizeof(*ent.max_life));
*ent.max_life = default_life;
}
if(default_renew){
ent.max_renew = malloc(sizeof(*ent.max_renew));
*ent.max_renew = default_renew;
}
ent.created_by.time = time(NULL);
krb5_build_principal(context, &ent.created_by.principal,
strlen(argv[i]), argv[i],
"kadmin",
NULL);
ent.flags.invalid = 1;
db->store(context, db, 1, &ent);
hdb_free_entry(context, &ent);
/* Create `kadmin/changepw' */
memset(&ent, 0, sizeof(ent));
init_des_key(&ent);
ent.kvno = 1;
krb5_build_principal(context, &ent.principal,
strlen(argv[i]), argv[i],
"kadmin",
"changepw",
NULL);
if(default_life){
ent.max_life = malloc(sizeof(*ent.max_life));
*ent.max_life = default_life;
}
if(default_renew){
ent.max_renew = malloc(sizeof(*ent.max_renew));
*ent.max_renew = default_renew;
}
ent.created_by.time = time(NULL);
krb5_build_principal(context, &ent.created_by.principal,
strlen(argv[i]), argv[i],
"kadmin",
NULL);
ent.flags.initial = 1;
ent.flags.server = 1;
ent.flags.change_pw = 1;
db->store(context, db, 1, &ent);
hdb_free_entry(context, &ent);
}
db->close(context, db);
return 0;
}

55
admin/kdb_edit.8
View File

@@ -1,55 +0,0 @@
.\" $Id$
.\"
.Dd Aug 27, 1997
.Dt KDB_EDIT 8
.Os HEIMDAL
.Sh NAME
.Nm kdb_edit
.Nd
edit a local kerberos database
.Sh SYNOPSIS
.Nm
.Sh DESCRIPTION
.Nm
allows interactive editing of a local kerberos database. When started
it enters a command mode with line editing and history
functions. Commands may be abbreviated as long as they are
unique. These are implemented:
.Bl -tag -width Ds
.It add_new_key Ar principal
.It ank Ar principal
Create a new entry called
.Ar principal
in the database.
.It modify_entry Ar principal
Change the entry
.Ar principal .
.It dump Op Ar file
Write the database into a ascii-format into the file
.Ar file ,
or standard out if no file is specified.
.It load Ar file
Reads the database from a dump in
.Ar file .
.It merge Ar file
Merge in the contents of the dump in
.Ar file .
.It help
.It init Ar realm
Create entries in the database for a new realm
.Ar realm .
.It get_entry Ar principal
Show the entry for
.Ar principal .
.It delete Ar principal
Remove the entry for
.Ar principal
from the database.
.It ext_keytab Ar principal
Extract the key for
.Ar principal
and write it to a keytab.
.It exit
.El
.Sh SEE ALSO
.Xr ktutil 8

184
admin/kdb_edit.c
View File

@@ -1,184 +0,0 @@
/*
* Copyright (c) 1997, 1998 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by Kungliga Tekniska
* H<>gskolan and its contributors.
*
* 4. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "admin_locl.h"
#include <getarg.h>
#include <sl.h>
RCSID("$Id$");
static char *config_file;
static char *keyfile;
static int help_flag;
static int version_flag;
static struct getargs args[] = {
{
"config-file", 'c', arg_string, &config_file,
"location of config file", "file"
},
{
"key-file", 'k', arg_string, &keyfile,
"location of master key file", "file"
},
{ "help", 'h', arg_flag, &help_flag },
{ "version", 'v', arg_flag, &version_flag }
};
static int num_args = sizeof(args) / sizeof(args[0]);
static SL_cmd commands[] = {
{ "add_new_key", add_new_key, "add_new_key principal"},
{ "ank"},
{ "add_random_key", add_random_key, "add_random_key principal"},
{ "ark"},
{ "cpw", passwd, "passwd principal"},
{ "change_password"},
{ "passwd"},
{ "change_random_key", change_random_key, "change_random_key principal"},
{ "crk"},
{ "modify_entry", mod_entry, "modify_entry principal"},
{ "dump", dump, "dump [file]"},
{ "load", load, "load file"},
{ "merge", merge, "merge file"},
{ "help", help, "help"},
{ "?"},
{ "init", init, "init realm..."},
{ "get_entry", get_entry, "get_entry principal"},
{ "delete", del_entry, "delete principal"},
{ "ext_keytab", ext_keytab, "ext_keytab principal"},
{ "exit", exit_kdb_edit, "exit"},
{ "database", set_db, "database [database]"},
{ "db" },
{ NULL}
};
krb5_context context;
char database[256] = HDB_DEFAULT_DB;
HDB *db = NULL;
int
help(int argc, char **argv)
{
sl_help(commands, argc, argv);
return 0;
}
int
exit_kdb_edit (int argc, char **argv)
{
return 1;
}
int
set_db(int argc, char **argv)
{
krb5_error_code ret;
if (db)
db->destroy(context, db);
switch(argc){
case 1:
strcpy(database, HDB_DEFAULT_DB);
break;
case 2:
strcpy(database, argv[1]);
break;
default:
fprintf(stderr, "Usage: database [database]\n");
}
ret = hdb_create(context, &db, database);
if (ret)
krb5_err(context, 1, ret, "opening database %s", database);
ret = hdb_set_master_key(context, db, keyfile);
if (ret)
krb5_err(context, 1, ret, "setting master key");
return 0;
}
static void
usage(int ret)
{
arg_printusage (args, num_args, "");
exit (ret);
}
int
main(int argc, char **argv)
{
krb5_config_section *cf;
int optind = 0;
int e;
set_progname(argv[0]);
krb5_init_context(&context);
while((e = getarg(args, num_args, argc, argv, &optind)))
warnx("error at argument `%s'", argv[optind]);
if (help_flag)
usage (0);
if (version_flag)
krb5_errx(context, 0, "%s", heimdal_version);
argc -= optind;
argv += optind;
if (argc != 0)
usage (1);
if (config_file == NULL)
config_file = HDB_DB_DIR "/kdc.conf";
if(krb5_config_parse_file(config_file, &cf) == 0) {
const char *p = krb5_config_get_string (context,
cf,
"kdc",
"key-file",
NULL);
if (p)
keyfile = strdup(p);
}
set_db(1, NULL);
return sl_loop(commands, "kdb_edit> ") != 0;
}

73
admin/life.c
View File

@@ -1,73 +0,0 @@
/*
* Copyright (c) 1997 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by Kungliga Tekniska
* H<>gskolan and its contributors.
*
* 4. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "admin_locl.h"
#include <parse_time.h>
time_t
getlife(const char *prompt, const char *def)
{
char buf[1024];
time_t t;
while(1){
printf("%s", prompt);
if(def)
printf(" [%s]", def);
printf(": ");
if(fgets(buf, sizeof(buf), stdin) == NULL)
return -1;
buf[strlen(buf) - 1] = 0;
if(def && buf[0] == 0) strcpy(buf, def);
if(strcmp(buf, "infinite") == 0 || strcmp(buf, "unlimited") == 0)
return 0;
t = parse_time (buf, NULL);
if(t != -1)
return t;
printf("Unrecognised time.\n");
}
}
size_t
putlife (time_t t, char *s, size_t len)
{
if (t == 0) {
strncpy (s, "infinite", len);
return strlen(s);
} else
return unparse_time (t, s, len);
}

299
admin/load.c
View File

@@ -1,299 +0,0 @@
/*
* Copyright (c) 1997 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by Kungliga Tekniska
* H<>gskolan and its contributors.
*
* 4. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "admin_locl.h"
RCSID("$Id$");
struct entry{
char *principal;
char *key;
char *max_life;
char *max_renew;
char *created;
char *modified;
char *valid_start;
char *valid_end;
char *pw_end;
char *flags;
};
static char *
skip_next(char *p)
{
while(*p && !isspace(*p))
p++;
*p++ = 0;
while(*p && isspace(*p)) p++;
return p;
}
static time_t*
parse_time_string(time_t *t, char *s)
{
int year, month, date, hour, minute, second;
struct tm tm;
if(strcmp(s, "-") == 0)
return NULL;
if(t == NULL)
t = malloc(sizeof(*t));
sscanf(s, "%04d%02d%02d%02d%02d%02d",
&year, &month, &date, &hour, &minute, &second);
tm.tm_year = year - 1900;
tm.tm_mon = month - 1;
tm.tm_mday = date;
tm.tm_hour = hour;
tm.tm_min = minute;
tm.tm_sec = second;
tm.tm_isdst = 0;
*t = timegm(&tm);
return t;
}
static unsigned*
parse_integer(unsigned *u, char *s)
{
if(strcmp(s, "-") == 0)
return NULL;
if(u == NULL)
u = malloc(sizeof(*u));
sscanf(s, "%u", u);
return u;
}
static void
parse_keys(hdb_entry *ent, char *str)
{
int tmp;
char *p;
int i;
p = strsep(&str, ":");
sscanf(p, "%d", &tmp);
ent->kvno = tmp;
p = strsep(&str, ":");
while(p){
Key *key;
key = realloc(ent->keys.val,
(ent->keys.len + 1) * sizeof(*ent->keys.val));
if(key == NULL)
abort();
ent->keys.val = key;
key = ent->keys.val + ent->keys.len;
ent->keys.len++;
memset(key, 0, sizeof(*key));
sscanf(p, "%d", &tmp);
key->mkvno = tmp;
p = strsep(&str, ":");
sscanf(p, "%d", &tmp);
key->key.keytype = tmp;
p = strsep(&str, ":");
krb5_data_alloc(&key->key.keyvalue, (strlen(p) - 1) / 2 + 1);
for(i = 0; i < strlen(p); i += 2){
sscanf(p + i, "%02x", &tmp);
((u_char*)key->key.keyvalue.data)[i / 2] = tmp;
}
p = strsep(&str, ":");
if(strcmp(p, "-") != 0){
unsigned type;
size_t p_len;
if(sscanf(p, "%u/", &type) != 1){
}
p = strchr(p, '/');
if(p == NULL);
p++;
p_len = strlen(p);
key->salt = malloc(sizeof(*key->salt));
key->salt->type = type;
if (p_len) {
krb5_data_alloc(&key->salt->salt, (p_len - 1) / 2 + 1);
for(i = 0; i < p_len; i += 2){
sscanf(p + i, "%02x", &tmp);
((u_char*)key->salt->salt.data)[i / 2] = tmp;
}
} else
krb5_data_zero (&key->salt->salt);
}
p = strsep(&str, ":");
}
}
static Event*
parse_event(Event *ev, char *str)
{
char *p;
if(strcmp(str, "-") == 0)
return NULL;
if(ev == NULL)
ev = malloc(sizeof(*ev));
memset(ev, 0, sizeof(*ev));
p = strsep(&str, ":");
parse_time_string(&ev->time, p);
p = strsep(&str, ":");
krb5_parse_name(context, p, &ev->principal);
return ev;
}
static HDBFlags
parse_hdbflags2int(char *str)
{
unsigned i;
parse_integer(&i, str);
return int2HDBFlags(i);
}
static void
doit(char *filename, int merge)
{
krb5_error_code ret;
FILE *f;
char s[1024];
char *p;
int line;
int flags = O_RDWR;
struct entry e;
hdb_entry ent;
f = fopen(filename, "r");
if(f == NULL){
krb5_warn(context, errno, "%s: %s", filename);
return;
}
if(!merge)
flags |= O_CREAT | O_TRUNC;
ret = db->open(context, db, flags, 0600);
if(ret){
krb5_warn(context, ret, "hdb_open");
fclose(f);
return;
}
line = 0;
while(fgets(s, sizeof(s), f)){
line++;
e.principal = s;
for(p = s; *p; p++){
if(*p == '\\')
p++;
else if(isspace(*p)) {
*p = 0;
break;
}
}
p = skip_next(p);
e.key = p;
p = skip_next(p);
e.created = p;
p = skip_next(p);
e.modified = p;
p = skip_next(p);
e.valid_start = p;
p = skip_next(p);
e.valid_end = p;
p = skip_next(p);
e.pw_end = p;
p = skip_next(p);
e.max_life = p;
p = skip_next(p);
e.max_renew = p;
p = skip_next(p);
e.flags = p;
p = skip_next(p);
memset(&ent, 0, sizeof(ent));
ret = krb5_parse_name(context, e.principal, &ent.principal);
if(ret){
fprintf(stderr, "%s:%d:%s (%s)\n",
filename,
line,
krb5_get_err_text(context, ret),
e.principal);
continue;
}
parse_keys(&ent, e.key);
parse_event(&ent.created_by, e.created);
ent.modified_by = parse_event(NULL, e.modified);
ent.valid_start = parse_time_string(NULL, e.valid_start);
ent.valid_end = parse_time_string(NULL, e.valid_end);
ent.pw_end = parse_time_string(NULL, e.pw_end);
ent.max_life = parse_integer(NULL, e.max_life);
ent.max_renew = parse_integer(NULL, e.max_renew);
ent.flags = parse_hdbflags2int(e.flags);
db->store(context, db, 1, &ent);
hdb_free_entry (context, &ent);
}
db->close(context, db);
fclose(f);
}
int
load(int argc, char **argv)
{
if(argc < 2){
krb5_warnx(context, "Usage: load filename");
return 0;
}
doit(argv[1], 0);
return 0;
}
int
merge(int argc, char **argv)
{
if(argc < 2){
krb5_warnx(context, "Usage: merge filename");
return 0;
}
doit(argv[1], 1);
return 0;
}

142
admin/mod.c
View File

@@ -1,142 +0,0 @@
/*
* Copyright (c) 1997 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by Kungliga Tekniska
* H<>gskolan and its contributors.
*
* 4. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "admin_locl.h"
RCSID("$Id$");
static void
doit2(HDB *db, hdb_entry *ent, int changepw, int (*func)(hdb_entry *))
{
char buf[1024];
int ret;
krb5_principal hata;
hata = ent->principal;
ret = db->fetch(context, db, ent);
switch(ret){
case HDB_ERR_NOENTRY:
krb5_warnx(context, "Entry not found in database");
return;
case 0:
krb5_free_principal (context, hata);
break;
default:
krb5_err(context, 1, ret, "dbget");
}
if(changepw == 0) {
edit_entry (ent);
for(;;) {
fprintf(stderr, "Change password? (y/n) ");
fgets(buf, sizeof(buf), stdin);
if(buf[0] == 'n' || buf[0] == 'y' || buf[0] == 'N' || buf[0] == 'Y')
break;
fprintf(stderr, "Please answer yes or no.\n");
}
if(buf[0] == 'y' || buf[0] == 'Y')
changepw = 1;
}
if(changepw)
if((*func)(ent))
return;
set_modified_by (ent);
ret = db->store(context, db, 1, ent);
if(ret)
krb5_err(context, 1, ret, "db->store");
}
static void
doit(const char *principal, int changepw, int (*func)(hdb_entry *))
{
hdb_entry ent;
krb5_error_code ret;
memset(&ent, 0, sizeof(ent));
ret = db->open(context, db, O_RDWR, 0600);
if(ret) {
krb5_warn(context, ret, "hdb_open");
return;
}
krb5_parse_name(context, principal, &ent.principal);
doit2(db, &ent, changepw, func);
db->close(context, db);
hdb_free_entry(context, &ent);
}
int
mod_entry(int argc, char **argv)
{
if(argc != 2) {
krb5_warnx(context, "Usage: mod_entry principal");
return 0;
}
doit(argv[1], 0, set_password);
return 0;
}
int
passwd(int argc, char **argv)
{
if(argc != 2) {
krb5_warnx(context, "Usage: passwd principal");
return 0;
}
doit(argv[1], 1, set_password);
return 0;
}
int
change_random_key(int argc, char **argv)
{
if(argc != 2) {
krb5_warnx(context, "Usage: change_random_key principal");
return 0;
}
doit(argv[1], 1, set_random_key);
return 0;
}

295
admin/util.c
View File

@@ -1,295 +0,0 @@
/*
* Copyright (c) 1997 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by Kungliga Tekniska
* H<>gskolan and its contributors.
*
* 4. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "admin_locl.h"
#include <parse_units.h>
static void
add_key(Key *k, krb5_keytype keytype)
{
memset(k, 0, sizeof(*k));
krb5_generate_random_keyblock(context, keytype, &k->key);
}
void
init_des_key(hdb_entry *ent)
{
Key *k;
ent->keys.val = realloc(ent->keys.val,
(ent->keys.len + 2) * sizeof(*ent->keys.val));
k = ent->keys.val + ent->keys.len;
ent->keys.len += 2;
ent->kvno++;
add_key(k++, KEYTYPE_DES);
add_key(k++, KEYTYPE_DES3);
}
void
set_keys(hdb_entry *ent, char *password)
{
krb5_data salt;
int i;
memset(&salt, 0, sizeof(salt));
krb5_get_salt(ent->principal, &salt); /* XXX */
for(i = 0; i < ent->keys.len; i++) {
krb5_string_to_key(password, &salt, ent->keys.val[i].key.keytype,
&ent->keys.val[i].key);
}
krb5_data_free(&salt);
ent->kvno++;
}
char *
time2str(time_t t)
{
static char buf[128];
strftime(buf, sizeof(buf), "%Y%m%d%H%M%S", gmtime(&t));
return buf;
}
char *
time2rstr(time_t t)
{
static char buf[128];
strftime(buf, sizeof(buf), "%Y-%m-%d %H:%M:%S UTC", gmtime(&t));
return buf;
}
void
event2string(Event *ev, char **str)
{
char *p;
char *pr;
if(ev == NULL){
*str = strdup("-");
return;
}
krb5_unparse_name(context, ev->principal, &pr);
asprintf(&p, "%s:%s", time2str(ev->time), pr);
free(pr);
*str = p;
}
void
print_hdbflags (FILE *fp, HDBFlags flags)
{
char buf[1024];
unparse_flags (HDBFlags2int(flags), HDBFlags_units, buf, sizeof(buf));
fprintf (fp, "%s", buf);
}
int
parse_hdbflags (const char *s, HDBFlags *flags)
{
int t;
t = parse_flags (s, HDBFlags_units, HDBFlags2int(*flags));
if (t < 0)
return t;
else {
*flags = int2HDBFlags(t);
return 0;
}
}
void
init_entry (HDB *db, hdb_entry *ent)
{
krb5_realm *realm;
krb5_principal def_principal;
hdb_entry def;
realm = krb5_princ_realm(context, ent->principal);
krb5_build_principal(context, &def_principal,
strlen(*realm),
*realm,
"default",
NULL);
def.principal = def_principal;
if(db->fetch(context, db, &def)) {
krb5_free_principal(context, def_principal);
krb5_make_principal(context, &def_principal, NULL, "default", NULL);
def.principal = def_principal;
if(db->fetch(context, db, &def)){
krb5_warnx(context, "No `default' entry found. "
"(have you initialised the database?)");
memset(&def, 0, sizeof(def));
}else
krb5_warnx(context, "No `default' principal found for %s, "
"using local realms default.", *realm);
}
krb5_free_principal (context, def_principal);
ent->flags.client = 1;
ent->flags.server = 1;
ent->flags.forwardable = 1;
ent->flags.proxiable = 1;
ent->flags.renewable = 1;
ent->flags.postdate = 1;
if(def.max_life){
ent->max_life = malloc(sizeof(*ent->max_life));
*ent->max_life = *def.max_life;
}
if(def.max_renew){
ent->max_renew = malloc(sizeof(*ent->max_renew));
*ent->max_renew = *def.max_renew;
}
hdb_free_entry(context, &def);
}
static void
set_event (hdb_entry *ent, Event *ev)
{
krb5_realm *realm;
ev->time = time(NULL);
realm = krb5_princ_realm(context, ent->principal);
krb5_build_principal(context, &ev->principal,
strlen(*realm),
*realm,
"kadmin",
NULL);
}
void
set_created_by (hdb_entry *ent)
{
set_event (ent, &ent->created_by);
}
void
set_modified_by (hdb_entry *ent)
{
if (ent->modified_by)
free_Event(ent->modified_by);
else
ent->modified_by = malloc(sizeof(*ent->modified_by));
set_event (ent, ent->modified_by);
}
static void
get_life (const char *name, unsigned **v)
{
char buf[128];
time_t t;
if (*v) {
unparse_time (**v, buf, sizeof(buf));
t = getlife (name, buf);
} else {
t = getlife (name, "unlimited");
}
if (t) {
if(*v == NULL)
*v = malloc(sizeof(**v));
**v = t;
} else if(*v) {
free(*v);
*v = NULL;
}
}
static void
get_time (const char *name, time_t **v)
{
/* XXX */
}
static void
get_flags(const char *name, HDBFlags *flags)
{
char buf[1024];
fprintf (stderr, "%s [", name);
print_hdbflags (stderr, *flags);
fprintf (stderr, "]: ");
if(fgets(buf, sizeof(buf), stdin) == NULL)
return;
buf[strlen(buf) - 1] = '\0';
if(*buf != '\0')
parse_hdbflags(buf, flags);
}
void
edit_entry(hdb_entry *ent)
{
get_time ("Valid start", &ent->valid_start);
get_time ("Valid end", &ent->valid_end);
get_time ("Password end", &ent->pw_end);
get_life ("Max ticket life", &ent->max_life);
get_life ("Max renewable life", &ent->max_renew);
get_flags ("Flags", &ent->flags);
}
int
set_password(hdb_entry *ent)
{
char buf[128];
int i;
if(des_read_pw_string(buf, sizeof(buf), "Password:", 1))
return -1;
for (i = 0; i < ent->keys.len; ++i)
free_Key (&ent->keys.val[i]);
free (ent->keys.val);
ent->keys.len = 2;
ent->keys.val = calloc(2, sizeof(*ent->keys.val));
ent->keys.val[0].key.keytype = KEYTYPE_DES;
ent->keys.val[1].key.keytype = KEYTYPE_DES3;
set_keys(ent, buf);
return 0;
}
int
set_random_key(hdb_entry *ent)
{
int i;
for (i = 0; i < ent->keys.len; ++i)
free_Key (&ent->keys.val[i]);
free (ent->keys.val);
ent->keys.len = 0;
ent->keys.val = NULL;
init_des_key(ent);
return 0;
}