diff --git a/admin/Makefile.am b/admin/Makefile.am index e16ec39d2..74c6327b5 100644 --- a/admin/Makefile.am +++ b/admin/Makefile.am @@ -4,23 +4,10 @@ AUTOMAKE_OPTIONS = no-dependencies foreign INCLUDES = -I$(top_builddir)/include $(INCLUDE_readline) -man_MANS = kdb_edit.8 ktutil.8 +man_MANS = ktutil.8 -sbin_PROGRAMS = kdb_edit ktutil - -kdb_edit_SOURCES = \ - ank.c \ - delete.c \ - dump.c \ - extkeytab.c \ - get.c \ - life.c \ - init.c \ - kdb_edit.c \ - load.c \ - mod.c \ - util.c +sbin_PROGRAMS = ktutil ktutil_SOURCES = ktutil.c srvconvert.c -LDADD = -L$(top_builddir)/lib/hdb -lhdb -L$(top_builddir)/lib/krb5 -lkrb5 -L$(top_builddir)/lib/des -ldes -L$(top_builddir)/lib/asn1 -lasn1 -L$(top_builddir)/lib/sl -lsl $(LIB_readline) -L$(top_builddir)/lib/roken -lroken +LDADD = -L$(top_builddir)/lib/krb5 -lkrb5 -L$(top_builddir)/lib/des -ldes -L$(top_builddir)/lib/asn1 -lasn1 -L$(top_builddir)/lib/sl -lsl $(LIB_readline) -L$(top_builddir)/lib/roken -lroken diff --git a/admin/admin_locl.h b/admin/admin_locl.h deleted file mode 100644 index 7089708ca..000000000 --- a/admin/admin_locl.h +++ /dev/null @@ -1,131 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Kungliga Tekniska - * Högskolan and its contributors. - * - * 4. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * $Id$ - */ - -#ifndef __ADMIN_LOCL_H__ -#define __ADMIN_LOCL_H__ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include -#include -#include -#include -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_FCNTL_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN6_H -#include -#endif -#ifdef HAVE_NETINET6_IN6_H -#include -#endif - -#ifdef HAVE_NETDB_H -#include -#endif -#include -#include -#include -#include -#include - -#include "hdb.h" - -extern krb5_context context; -extern char database[]; -extern HDB *db; - -#define DECL(X) int X(int, char **) - -DECL(get_entry); -DECL(load); -DECL(merge); -DECL(add_new_key); -DECL(add_random_key); -DECL(mod_entry); -DECL(dump); -DECL(init); -DECL(get_entry); -DECL(del_entry); -DECL(ext_keytab); -DECL(help); -DECL(exit_kdb_edit); -DECL(set_db); -DECL(passwd); -DECL(change_random_key); - -/* util.c */ - -void init_des_key(hdb_entry *ent); -void set_keys(hdb_entry *ent, char *password); -char *time2str(time_t t); -char *time2rstr(time_t t); -void event2string(Event *ev, char **str); -void print_hdbflags (FILE *fp, HDBFlags flags); -int parse_hdbflags (const char *s, HDBFlags *flags); - -void init_entry (HDB *db, hdb_entry *ent); -void set_created_by (hdb_entry *ent); -void set_modified_by (hdb_entry *ent); -void edit_entry(hdb_entry *ent); -int set_password(hdb_entry *ent); -int set_random_key(hdb_entry *ent); - -/* life.c */ - -time_t getlife(const char *prompt, const char *def); -size_t putlife(time_t t, char *s, size_t len); - -#define ALLOC(X) ((X) = malloc(sizeof(*(X)))) - -#endif /* __ADMIN_LOCL_H__ */ diff --git a/admin/ank.c b/admin/ank.c deleted file mode 100644 index 7dc586d74..000000000 --- a/admin/ank.c +++ /dev/null @@ -1,108 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Kungliga Tekniska - * Högskolan and its contributors. - * - * 4. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "admin_locl.h" - -RCSID("$Id$"); - -static void -doit(const char *principal, int (*func)(hdb_entry *)) -{ - hdb_entry ent; - krb5_error_code ret; - krb5_principal ent_principal; - - memset(&ent, 0, sizeof(ent)); - ret = db->open(context, db, O_RDWR, 0600); - if (ret) { - krb5_warn(context, ret, "hdb_open"); - return; - } - krb5_parse_name(context, principal, &ent_principal); - ent.principal = ent_principal; - - ret = db->fetch(context, db, &ent); - - switch(ret){ - case HDB_ERR_NOENTRY: - break; - case 0: - krb5_warnx(context, "Principal exists"); - krb5_free_principal (context, ent_principal); - goto cleanup; - default: - krb5_err(context, 1, ret, "dbget"); - } - init_entry (db, &ent); - edit_entry (&ent); - if((*func)(&ent)) - goto cleanup; - set_created_by (&ent); - - ret = db->store(context, db, 0, &ent); - if(ret) - krb5_err(context, 1, ret, "db->store"); - -cleanup: - db->close(context, db); - hdb_free_entry(context, &ent); -} - -int -add_new_key(int argc, char **argv) -{ - if(argc != 2) { - krb5_warnx(context, "Usage: add_new_key principal"); - return 0; - } - - doit(argv[1], set_password); - return 0; -} - -int -add_random_key(int argc, char **argv) -{ - if(argc != 2) { - krb5_warnx(context, "Usage: add_random_key principal"); - return 0; - } - - doit(argv[1], set_random_key); - return 0; -} diff --git a/admin/delete.c b/admin/delete.c deleted file mode 100644 index f50dc678d..000000000 --- a/admin/delete.c +++ /dev/null @@ -1,75 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Kungliga Tekniska - * Högskolan and its contributors. - * - * 4. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "admin_locl.h" - -RCSID("$Id$"); - -int -del_entry(int argc, char **argv) -{ - krb5_error_code ret; - hdb_entry ent; - - if(argc != 2){ - krb5_warnx(context, "Usage: del_entry principal"); - return 0; - } - - krb5_parse_name(context, argv[1], &ent.principal); - - ret = db->open(context, db, O_RDWR, 0600); - if(ret) { - krb5_warn(context, ret, "hdb_open"); - return 0; - } - - ret = db->delete(context, db, &ent); - - switch(ret){ - case 0: - break; - default: - krb5_warn(context, ret, "delete"); - break; - } - krb5_free_principal (context, ent.principal); - memset(&ent, 0, sizeof(ent)); - db->close(context, db); - return 0; -} diff --git a/admin/dump.c b/admin/dump.c deleted file mode 100644 index 3e99811d4..000000000 --- a/admin/dump.c +++ /dev/null @@ -1,194 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Kungliga Tekniska - * Högskolan and its contributors. - * - * 4. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "admin_locl.h" - -RCSID("$Id$"); - -/* - This is the present contents of a dump line. This might change at - any time. Fields are separated by white space. - - principal - keyblock - kvno - keys... - mkvno (unused) - keytype - keyvalue - salt (- means use normal salt) - creation date and principal - modification date and principal - principal valid from date (not used) - principal valid end date (not used) - principal key expires (not used) - max ticket life - max renewable life - flags - */ - -static void -append_hex(char *str, krb5_data *data) -{ - int i; - char *p = calloc(1, data->length * 2 + 1); - for(i = 0; i < data->length; i++) - sprintf(p + 2 * i, "%02x", ((u_char*)data->data)[i]); - strcat(str, p); - free(p); -} - -static int -hdb_entry2string(hdb_entry *ent, char **str) -{ - char *p; - char buf[1024] = ""; - int i; - krb5_unparse_name(context, ent->principal, &p); - strcat(buf, p); - strcat(buf, " "); - free(p); - asprintf(&p, "%d", ent->kvno); - strcat(buf, p); - free(p); - for(i = 0; i < ent->keys.len; i++){ - asprintf(&p, ":%d:%d:", - ent->keys.val[i].mkvno, - ent->keys.val[i].key.keytype); - strcat(buf, p); - free(p); - append_hex(buf, &ent->keys.val[i].key.keyvalue); - strcat(buf, ":"); - if(ent->keys.val[i].salt){ - asprintf(&p, "%u/", ent->keys.val[i].salt->type); - strcat(buf, p); - free(p); - append_hex(buf, &ent->keys.val[i].salt->salt); - }else - strcat(buf, "-"); - } - strcat(buf, " "); - event2string(&ent->created_by, &p); - strcat(buf, p); - strcat(buf, " "); - free(p); - event2string(ent->modified_by, &p); - strcat(buf, p); - strcat(buf, " "); - free(p); - - if(ent->valid_start) - strcat(buf, time2str(*ent->valid_start)); - else - strcat(buf, "-"); - - strcat(buf, " "); - if(ent->valid_end) - strcat(buf, time2str(*ent->valid_end)); - else - strcat(buf, "-"); - - strcat(buf, " "); - if(ent->pw_end) - strcat(buf, time2str(*ent->pw_end)); - else - strcat(buf, "-"); - - strcat(buf, " "); - if(ent->max_life){ - asprintf(&p, "%d", *ent->max_life); - strcat(buf, p); - free(p); - }else - strcat(buf, "-"); - - strcat(buf, " "); - if(ent->max_renew){ - asprintf(&p, "%d", *ent->max_renew); - strcat(buf, p); - free(p); - }else - strcat(buf, "-"); - - strcat(buf, " "); - asprintf(&p, "%d", HDBFlags2int(ent->flags)); - strcat(buf, p); - free(p); - - *str = strdup(buf); - - return 0; -} - -static krb5_error_code -print_entry(krb5_context context, HDB *db, hdb_entry *entry, void *data) -{ - char *p; - hdb_entry2string(entry, &p); - fprintf((FILE*)data, "%s\n", p); - free(p); - return 0; -} - - -int -dump(int argc, char **argv) -{ - krb5_error_code ret; - FILE *f; - - if(argc < 2) - f = stdout; - else - f = fopen(argv[1], "w"); - - ret = db->open(context, db, O_RDONLY, 0600); - if(ret){ - krb5_warn(context, ret, "hdb_open"); - if(f != stdout) - fclose(f); - return 0; - } - - hdb_foreach(context, db, print_entry, f); - - if(f != stdout) - fclose(f); - db->close(context, db); - return 0; -} diff --git a/admin/extkeytab.c b/admin/extkeytab.c deleted file mode 100644 index bb2cd7c29..000000000 --- a/admin/extkeytab.c +++ /dev/null @@ -1,122 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Kungliga Tekniska - * Högskolan and its contributors. - * - * 4. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "admin_locl.h" - -RCSID("$Id$"); - -int -ext_keytab(int argc, char **argv) -{ - hdb_entry ent; - krb5_keytab kid; - krb5_principal principal; - krb5_error_code ret = 0; - int i; - - if(argc < 2 || argc > 3){ - krb5_warnx(context, "Usage: ext_keytab principal [file]"); - return 0; - } - - ret = db->open(context, db, O_RDONLY, 0600); - if(ret){ - krb5_warn(context, ret, "hdb_open"); - return 0; - } - - ret = krb5_parse_name (context, argv[1], &principal); - if (ret) { - krb5_warn(context, ret, "krb5_parse_name"); - goto cleanup1; - } - ent.principal = principal; - - ret = db->fetch(context, db, &ent); - if (ret) { - krb5_warn (context, ret, "db->fetch"); - krb5_free_principal (context, ent.principal); - goto cleanup1; - } - - { - char ktname[128] = "FILE:"; - if(argc == 3) - strcat(ktname, argv[2]); - else - ret = krb5_kt_default_name(context, ktname, sizeof(ktname)); - ret = krb5_kt_resolve(context, ktname, &kid); - } - - if (ret) { - krb5_warn(context, ret, "krb5_kt_resolve"); - goto cleanup1; - } - - for(i = 0; i < ent.keys.len; ++i) { - krb5_keytab_entry key_entry; - Key *k; - - krb5_copy_principal (context, principal, &key_entry.principal); - key_entry.vno = ent.kvno; - k = &ent.keys.val[i]; - - key_entry.keyblock.keytype = k->key.keytype; - key_entry.keyblock.keyvalue.length = 0; - krb5_data_copy(&key_entry.keyblock.keyvalue, - k->key.keyvalue.data, - k->key.keyvalue.length); - - ret = krb5_kt_add_entry(context, - kid, - &key_entry); - - if (ret) { - krb5_free_principal (context, key_entry.principal); - krb5_free_keyblock_contents (context, &key_entry.keyblock); - krb5_warn(context, ret, "krb5_kt_add_entry"); - break; - } - } - - krb5_kt_close (context, kid); - hdb_free_entry (context, &ent); -cleanup1: - db->close (context, db); - return ret; -} diff --git a/admin/get.c b/admin/get.c deleted file mode 100644 index 5bab603dd..000000000 --- a/admin/get.c +++ /dev/null @@ -1,142 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Kungliga Tekniska - * Högskolan and its contributors. - * - * 4. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "admin_locl.h" - -RCSID("$Id$"); - -int -get_entry(int argc, char **argv) -{ - krb5_error_code ret; - hdb_entry ent; - int i; - krb5_principal principal; - - if(argc != 2) { - krb5_warnx(context, "Usage: get_entry principal"); - return 0; - } - - ret = db->open(context, db, O_RDONLY, 0600); - if(ret) { - krb5_warn(context, ret, "hdb_open"); - return 0; - } - - krb5_parse_name(context, argv[1], &principal); - - memset (&ent, 0, sizeof(ent)); - - ent.principal = principal; - - ret = db->fetch(context, db, &ent); - - switch(ret){ - case HDB_ERR_NOENTRY: - krb5_warnx(context, "Entry not found in database\n"); - break; - case 0: { - char buf[128]; - char *name; - - krb5_free_principal(context, principal); - - krb5_unparse_name(context, ent.principal, &name); - printf("Principal: %s\n", name); - free(name); - if (ent.max_life) - putlife (*ent.max_life, buf, sizeof(buf)); - else - strcpy (buf, "infinite"); - printf("Max ticket life: %s\n", buf); - if (ent.max_renew) - putlife (*ent.max_renew, buf, sizeof(buf)); - else - strcpy (buf, "infinite"); - printf("Max renewable ticket life: %s\n", buf); - if (ent.created_by.principal) - krb5_unparse_name (context, ent.created_by.principal, &name); - else - name = NULL; - printf("Created by %s at %s\n", - name ? name : "", - time2rstr(ent.created_by.time)); - free (name); - if (ent.modified_by) { - if (ent.modified_by->principal) - krb5_unparse_name (context, ent.modified_by->principal, &name); - else - name = NULL; - printf("Last modified by %s at %s\n", - name ? name : "", - time2rstr(ent.modified_by->time)); - free (name); - } - if (ent.valid_start) { - printf("Valid from %s\n", time2rstr(*ent.valid_start)); - } - if (ent.valid_end) { - printf("Valid till %s\n", time2rstr(*ent.valid_end)); - } - if (ent.pw_end) { - printf("Password expires at %s\n", time2rstr(*ent.pw_end)); - } - printf("Keys: kvno = %d", ent.kvno); - for(i = 0; i < ent.keys.len; i++){ - char *str; - printf(", "); - if(i == 0) - printf("type = "); - krb5_keytype_to_string(context, ent.keys.val[i].key.keytype, &str); - printf("%s", str); - free(str); - } - printf("\nFlags: "); - print_hdbflags (stdout, ent.flags); - printf("\n"); - break; - } - default: - krb5_warn(context, ret, "db->fetch"); - break; - } - hdb_free_entry (context, &ent); - db->close(context, db); - return 0; -} diff --git a/admin/init.c b/admin/init.c deleted file mode 100644 index 1f4165200..000000000 --- a/admin/init.c +++ /dev/null @@ -1,164 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Kungliga Tekniska - * Högskolan and its contributors. - * - * 4. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "admin_locl.h" - -RCSID("$Id$"); - -int -init(int argc, char **argv) -{ - krb5_error_code ret; - int i; - - int default_life = 86400; - int default_renew = 5 * 86400; - int max_life = 0; - int max_renew = 0; - - hdb_entry ent; - - ret = db->open(context, db, O_RDWR | O_CREAT, 0600); - if(ret){ - krb5_warn(context, ret, "hdb_open"); - return 0; - } - memset(&ent, 0, sizeof(ent)); - for(i = 1; i < argc; i++){ - krb5_build_principal(context, &ent.principal, - strlen(argv[i]), argv[i], - "krbtgt", - argv[i], - NULL); - ret = db->fetch(context, db, &ent); - switch(ret){ - case 0: - krb5_warnx(context, "Entry already exists"); - krb5_free_principal(context, ent.principal); - continue; - case HDB_ERR_NOENTRY: - break; - default: - krb5_warn(context, ret, "hdb_fetch"); - db->close(context, db); - return 0; - } - - max_life = getlife("Realm max ticket life", "infinite"); - max_renew = getlife("Realm max renewable ticket life", "infinite"); - default_life = getlife("Default ticket life", "1 day"); - default_renew = getlife("Default renewable ticket life", "7 days"); - - /* Create `krbtgt/REALM' */ - init_des_key(&ent); - ent.kvno = 1; - if(max_life){ - ent.max_life = malloc(sizeof(*ent.max_life)); - *ent.max_life = max_life; - } - if(max_renew){ - ent.max_renew = malloc(sizeof(*ent.max_renew)); - *ent.max_renew = max_renew; - } - ent.created_by.time = time(NULL); - krb5_build_principal(context, &ent.created_by.principal, - strlen(argv[i]), argv[i], - "kadmin", - NULL); - ent.flags.forwardable = 1; - ent.flags.proxiable = 1; - ent.flags.renewable = 1; - ent.flags.postdate = 1; - ent.flags.server = 1; - db->store(context, db, 1, &ent); - hdb_free_entry(context, &ent); - - /* Create `default' */ - memset(&ent, 0, sizeof(ent)); - krb5_build_principal(context, &ent.principal, - strlen(argv[i]), argv[i], - "default", - NULL); - if(default_life){ - ent.max_life = malloc(sizeof(*ent.max_life)); - *ent.max_life = default_life; - } - if(default_renew){ - ent.max_renew = malloc(sizeof(*ent.max_renew)); - *ent.max_renew = default_renew; - } - ent.created_by.time = time(NULL); - krb5_build_principal(context, &ent.created_by.principal, - strlen(argv[i]), argv[i], - "kadmin", - NULL); - ent.flags.invalid = 1; - db->store(context, db, 1, &ent); - hdb_free_entry(context, &ent); - - /* Create `kadmin/changepw' */ - memset(&ent, 0, sizeof(ent)); - init_des_key(&ent); - ent.kvno = 1; - krb5_build_principal(context, &ent.principal, - strlen(argv[i]), argv[i], - "kadmin", - "changepw", - NULL); - if(default_life){ - ent.max_life = malloc(sizeof(*ent.max_life)); - *ent.max_life = default_life; - } - if(default_renew){ - ent.max_renew = malloc(sizeof(*ent.max_renew)); - *ent.max_renew = default_renew; - } - ent.created_by.time = time(NULL); - krb5_build_principal(context, &ent.created_by.principal, - strlen(argv[i]), argv[i], - "kadmin", - NULL); - ent.flags.initial = 1; - ent.flags.server = 1; - ent.flags.change_pw = 1; - db->store(context, db, 1, &ent); - hdb_free_entry(context, &ent); - } - db->close(context, db); - return 0; -} diff --git a/admin/kdb_edit.8 b/admin/kdb_edit.8 deleted file mode 100644 index 5189c11b0..000000000 --- a/admin/kdb_edit.8 +++ /dev/null @@ -1,55 +0,0 @@ -.\" $Id$ -.\" -.Dd Aug 27, 1997 -.Dt KDB_EDIT 8 -.Os HEIMDAL -.Sh NAME -.Nm kdb_edit -.Nd -edit a local kerberos database -.Sh SYNOPSIS -.Nm -.Sh DESCRIPTION -.Nm -allows interactive editing of a local kerberos database. When started -it enters a command mode with line editing and history -functions. Commands may be abbreviated as long as they are -unique. These are implemented: -.Bl -tag -width Ds -.It add_new_key Ar principal -.It ank Ar principal -Create a new entry called -.Ar principal -in the database. -.It modify_entry Ar principal -Change the entry -.Ar principal . -.It dump Op Ar file -Write the database into a ascii-format into the file -.Ar file , -or standard out if no file is specified. -.It load Ar file -Reads the database from a dump in -.Ar file . -.It merge Ar file -Merge in the contents of the dump in -.Ar file . -.It help -.It init Ar realm -Create entries in the database for a new realm -.Ar realm . -.It get_entry Ar principal -Show the entry for -.Ar principal . -.It delete Ar principal -Remove the entry for -.Ar principal -from the database. -.It ext_keytab Ar principal -Extract the key for -.Ar principal -and write it to a keytab. -.It exit -.El -.Sh SEE ALSO -.Xr ktutil 8 diff --git a/admin/kdb_edit.c b/admin/kdb_edit.c deleted file mode 100644 index fe68104d1..000000000 --- a/admin/kdb_edit.c +++ /dev/null @@ -1,184 +0,0 @@ -/* - * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Kungliga Tekniska - * Högskolan and its contributors. - * - * 4. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "admin_locl.h" -#include -#include - -RCSID("$Id$"); - -static char *config_file; -static char *keyfile; -static int help_flag; -static int version_flag; - -static struct getargs args[] = { - { - "config-file", 'c', arg_string, &config_file, - "location of config file", "file" - }, - { - "key-file", 'k', arg_string, &keyfile, - "location of master key file", "file" - }, - { "help", 'h', arg_flag, &help_flag }, - { "version", 'v', arg_flag, &version_flag } -}; - -static int num_args = sizeof(args) / sizeof(args[0]); - -static SL_cmd commands[] = { - { "add_new_key", add_new_key, "add_new_key principal"}, - { "ank"}, - { "add_random_key", add_random_key, "add_random_key principal"}, - { "ark"}, - { "cpw", passwd, "passwd principal"}, - { "change_password"}, - { "passwd"}, - { "change_random_key", change_random_key, "change_random_key principal"}, - { "crk"}, - { "modify_entry", mod_entry, "modify_entry principal"}, - { "dump", dump, "dump [file]"}, - { "load", load, "load file"}, - { "merge", merge, "merge file"}, - { "help", help, "help"}, - { "?"}, - { "init", init, "init realm..."}, - { "get_entry", get_entry, "get_entry principal"}, - { "delete", del_entry, "delete principal"}, - { "ext_keytab", ext_keytab, "ext_keytab principal"}, - { "exit", exit_kdb_edit, "exit"}, - { "database", set_db, "database [database]"}, - { "db" }, - { NULL} -}; - -krb5_context context; -char database[256] = HDB_DEFAULT_DB; -HDB *db = NULL; - -int -help(int argc, char **argv) -{ - sl_help(commands, argc, argv); - return 0; -} - -int -exit_kdb_edit (int argc, char **argv) -{ - return 1; -} - -int -set_db(int argc, char **argv) -{ - krb5_error_code ret; - - if (db) - db->destroy(context, db); - - switch(argc){ - case 1: - strcpy(database, HDB_DEFAULT_DB); - break; - case 2: - strcpy(database, argv[1]); - break; - default: - fprintf(stderr, "Usage: database [database]\n"); - } - ret = hdb_create(context, &db, database); - if (ret) - krb5_err(context, 1, ret, "opening database %s", database); - ret = hdb_set_master_key(context, db, keyfile); - if (ret) - krb5_err(context, 1, ret, "setting master key"); - return 0; -} - -static void -usage(int ret) -{ - arg_printusage (args, num_args, ""); - exit (ret); -} - -int -main(int argc, char **argv) -{ - krb5_config_section *cf; - int optind = 0; - int e; - - set_progname(argv[0]); - - krb5_init_context(&context); - - while((e = getarg(args, num_args, argc, argv, &optind))) - warnx("error at argument `%s'", argv[optind]); - - if (help_flag) - usage (0); - - if (version_flag) - krb5_errx(context, 0, "%s", heimdal_version); - - argc -= optind; - argv += optind; - - if (argc != 0) - usage (1); - - if (config_file == NULL) - config_file = HDB_DB_DIR "/kdc.conf"; - - if(krb5_config_parse_file(config_file, &cf) == 0) { - const char *p = krb5_config_get_string (context, - cf, - "kdc", - "key-file", - NULL); - if (p) - keyfile = strdup(p); - } - - set_db(1, NULL); - - return sl_loop(commands, "kdb_edit> ") != 0; -} diff --git a/admin/life.c b/admin/life.c deleted file mode 100644 index daa6397c0..000000000 --- a/admin/life.c +++ /dev/null @@ -1,73 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Kungliga Tekniska - * Högskolan and its contributors. - * - * 4. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "admin_locl.h" -#include - -time_t -getlife(const char *prompt, const char *def) -{ - char buf[1024]; - time_t t; - while(1){ - printf("%s", prompt); - if(def) - printf(" [%s]", def); - printf(": "); - if(fgets(buf, sizeof(buf), stdin) == NULL) - return -1; - buf[strlen(buf) - 1] = 0; - if(def && buf[0] == 0) strcpy(buf, def); - if(strcmp(buf, "infinite") == 0 || strcmp(buf, "unlimited") == 0) - return 0; - t = parse_time (buf, NULL); - if(t != -1) - return t; - printf("Unrecognised time.\n"); - } -} - -size_t -putlife (time_t t, char *s, size_t len) -{ - if (t == 0) { - strncpy (s, "infinite", len); - return strlen(s); - } else - return unparse_time (t, s, len); -} diff --git a/admin/load.c b/admin/load.c deleted file mode 100644 index 72e3cb3c5..000000000 --- a/admin/load.c +++ /dev/null @@ -1,299 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Kungliga Tekniska - * Högskolan and its contributors. - * - * 4. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "admin_locl.h" - -RCSID("$Id$"); - -struct entry{ - char *principal; - char *key; - char *max_life; - char *max_renew; - char *created; - char *modified; - char *valid_start; - char *valid_end; - char *pw_end; - char *flags; -}; - -static char * -skip_next(char *p) -{ - while(*p && !isspace(*p)) - p++; - *p++ = 0; - while(*p && isspace(*p)) p++; - return p; -} - -static time_t* -parse_time_string(time_t *t, char *s) -{ - int year, month, date, hour, minute, second; - struct tm tm; - if(strcmp(s, "-") == 0) - return NULL; - if(t == NULL) - t = malloc(sizeof(*t)); - sscanf(s, "%04d%02d%02d%02d%02d%02d", - &year, &month, &date, &hour, &minute, &second); - tm.tm_year = year - 1900; - tm.tm_mon = month - 1; - tm.tm_mday = date; - tm.tm_hour = hour; - tm.tm_min = minute; - tm.tm_sec = second; - tm.tm_isdst = 0; - *t = timegm(&tm); - return t; -} - -static unsigned* -parse_integer(unsigned *u, char *s) -{ - if(strcmp(s, "-") == 0) - return NULL; - if(u == NULL) - u = malloc(sizeof(*u)); - sscanf(s, "%u", u); - return u; -} - -static void -parse_keys(hdb_entry *ent, char *str) -{ - int tmp; - char *p; - int i; - - p = strsep(&str, ":"); - sscanf(p, "%d", &tmp); - ent->kvno = tmp; - p = strsep(&str, ":"); - while(p){ - Key *key; - key = realloc(ent->keys.val, - (ent->keys.len + 1) * sizeof(*ent->keys.val)); - if(key == NULL) - abort(); - ent->keys.val = key; - key = ent->keys.val + ent->keys.len; - ent->keys.len++; - memset(key, 0, sizeof(*key)); - sscanf(p, "%d", &tmp); - key->mkvno = tmp; - p = strsep(&str, ":"); - sscanf(p, "%d", &tmp); - key->key.keytype = tmp; - p = strsep(&str, ":"); - krb5_data_alloc(&key->key.keyvalue, (strlen(p) - 1) / 2 + 1); - for(i = 0; i < strlen(p); i += 2){ - sscanf(p + i, "%02x", &tmp); - ((u_char*)key->key.keyvalue.data)[i / 2] = tmp; - } - p = strsep(&str, ":"); - if(strcmp(p, "-") != 0){ - unsigned type; - size_t p_len; - if(sscanf(p, "%u/", &type) != 1){ - - } - p = strchr(p, '/'); - if(p == NULL); - p++; - p_len = strlen(p); - - key->salt = malloc(sizeof(*key->salt)); - key->salt->type = type; - - if (p_len) { - krb5_data_alloc(&key->salt->salt, (p_len - 1) / 2 + 1); - for(i = 0; i < p_len; i += 2){ - sscanf(p + i, "%02x", &tmp); - ((u_char*)key->salt->salt.data)[i / 2] = tmp; - } - } else - krb5_data_zero (&key->salt->salt); - } - p = strsep(&str, ":"); - } -} - -static Event* -parse_event(Event *ev, char *str) -{ - char *p; - if(strcmp(str, "-") == 0) - return NULL; - if(ev == NULL) - ev = malloc(sizeof(*ev)); - memset(ev, 0, sizeof(*ev)); - p = strsep(&str, ":"); - parse_time_string(&ev->time, p); - p = strsep(&str, ":"); - krb5_parse_name(context, p, &ev->principal); - return ev; -} - -static HDBFlags -parse_hdbflags2int(char *str) -{ - unsigned i; - parse_integer(&i, str); - - return int2HDBFlags(i); -} - -static void -doit(char *filename, int merge) -{ - krb5_error_code ret; - FILE *f; - char s[1024]; - char *p; - int line; - int flags = O_RDWR; - struct entry e; - hdb_entry ent; - - f = fopen(filename, "r"); - if(f == NULL){ - krb5_warn(context, errno, "%s: %s", filename); - return; - } - if(!merge) - flags |= O_CREAT | O_TRUNC; - ret = db->open(context, db, flags, 0600); - if(ret){ - krb5_warn(context, ret, "hdb_open"); - fclose(f); - return; - } - line = 0; - while(fgets(s, sizeof(s), f)){ - line++; - e.principal = s; - for(p = s; *p; p++){ - if(*p == '\\') - p++; - else if(isspace(*p)) { - *p = 0; - break; - } - } - p = skip_next(p); - - e.key = p; - p = skip_next(p); - - e.created = p; - p = skip_next(p); - - e.modified = p; - p = skip_next(p); - - e.valid_start = p; - p = skip_next(p); - - e.valid_end = p; - p = skip_next(p); - - e.pw_end = p; - p = skip_next(p); - - e.max_life = p; - p = skip_next(p); - - e.max_renew = p; - p = skip_next(p); - - e.flags = p; - p = skip_next(p); - - memset(&ent, 0, sizeof(ent)); - ret = krb5_parse_name(context, e.principal, &ent.principal); - if(ret){ - fprintf(stderr, "%s:%d:%s (%s)\n", - filename, - line, - krb5_get_err_text(context, ret), - e.principal); - continue; - } - - parse_keys(&ent, e.key); - - parse_event(&ent.created_by, e.created); - ent.modified_by = parse_event(NULL, e.modified); - ent.valid_start = parse_time_string(NULL, e.valid_start); - ent.valid_end = parse_time_string(NULL, e.valid_end); - ent.pw_end = parse_time_string(NULL, e.pw_end); - ent.max_life = parse_integer(NULL, e.max_life); - ent.max_renew = parse_integer(NULL, e.max_renew); - - ent.flags = parse_hdbflags2int(e.flags); - db->store(context, db, 1, &ent); - hdb_free_entry (context, &ent); - } - db->close(context, db); - fclose(f); -} - -int -load(int argc, char **argv) -{ - if(argc < 2){ - krb5_warnx(context, "Usage: load filename"); - return 0; - } - doit(argv[1], 0); - return 0; -} - -int -merge(int argc, char **argv) -{ - if(argc < 2){ - krb5_warnx(context, "Usage: merge filename"); - return 0; - } - doit(argv[1], 1); - return 0; -} diff --git a/admin/mod.c b/admin/mod.c deleted file mode 100644 index 8c3760604..000000000 --- a/admin/mod.c +++ /dev/null @@ -1,142 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Kungliga Tekniska - * Högskolan and its contributors. - * - * 4. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "admin_locl.h" - -RCSID("$Id$"); - -static void -doit2(HDB *db, hdb_entry *ent, int changepw, int (*func)(hdb_entry *)) -{ - char buf[1024]; - int ret; - krb5_principal hata; - - hata = ent->principal; - - ret = db->fetch(context, db, ent); - - switch(ret){ - case HDB_ERR_NOENTRY: - krb5_warnx(context, "Entry not found in database"); - return; - case 0: - krb5_free_principal (context, hata); - break; - default: - krb5_err(context, 1, ret, "dbget"); - } - - if(changepw == 0) { - edit_entry (ent); - for(;;) { - fprintf(stderr, "Change password? (y/n) "); - fgets(buf, sizeof(buf), stdin); - if(buf[0] == 'n' || buf[0] == 'y' || buf[0] == 'N' || buf[0] == 'Y') - break; - fprintf(stderr, "Please answer yes or no.\n"); - } - if(buf[0] == 'y' || buf[0] == 'Y') - changepw = 1; - } - - if(changepw) - if((*func)(ent)) - return; - - set_modified_by (ent); - - ret = db->store(context, db, 1, ent); - if(ret) - krb5_err(context, 1, ret, "db->store"); -} - -static void -doit(const char *principal, int changepw, int (*func)(hdb_entry *)) -{ - hdb_entry ent; - krb5_error_code ret; - - memset(&ent, 0, sizeof(ent)); - ret = db->open(context, db, O_RDWR, 0600); - if(ret) { - krb5_warn(context, ret, "hdb_open"); - return; - } - krb5_parse_name(context, principal, &ent.principal); - - doit2(db, &ent, changepw, func); - db->close(context, db); - hdb_free_entry(context, &ent); -} - -int -mod_entry(int argc, char **argv) -{ - if(argc != 2) { - krb5_warnx(context, "Usage: mod_entry principal"); - return 0; - } - - doit(argv[1], 0, set_password); - return 0; -} - -int -passwd(int argc, char **argv) -{ - if(argc != 2) { - krb5_warnx(context, "Usage: passwd principal"); - return 0; - } - - doit(argv[1], 1, set_password); - return 0; -} - -int -change_random_key(int argc, char **argv) -{ - if(argc != 2) { - krb5_warnx(context, "Usage: change_random_key principal"); - return 0; - } - - doit(argv[1], 1, set_random_key); - return 0; -} diff --git a/admin/util.c b/admin/util.c deleted file mode 100644 index 9f3468291..000000000 --- a/admin/util.c +++ /dev/null @@ -1,295 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Kungliga Tekniska - * Högskolan and its contributors. - * - * 4. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "admin_locl.h" -#include - -static void -add_key(Key *k, krb5_keytype keytype) -{ - memset(k, 0, sizeof(*k)); - krb5_generate_random_keyblock(context, keytype, &k->key); -} - -void -init_des_key(hdb_entry *ent) -{ - Key *k; - - ent->keys.val = realloc(ent->keys.val, - (ent->keys.len + 2) * sizeof(*ent->keys.val)); - k = ent->keys.val + ent->keys.len; - ent->keys.len += 2; - ent->kvno++; - - add_key(k++, KEYTYPE_DES); - add_key(k++, KEYTYPE_DES3); -} - -void -set_keys(hdb_entry *ent, char *password) -{ - krb5_data salt; - int i; - - memset(&salt, 0, sizeof(salt)); - krb5_get_salt(ent->principal, &salt); /* XXX */ - for(i = 0; i < ent->keys.len; i++) { - krb5_string_to_key(password, &salt, ent->keys.val[i].key.keytype, - &ent->keys.val[i].key); - } - krb5_data_free(&salt); - ent->kvno++; -} - -char * -time2str(time_t t) -{ - static char buf[128]; - strftime(buf, sizeof(buf), "%Y%m%d%H%M%S", gmtime(&t)); - return buf; -} - -char * -time2rstr(time_t t) -{ - static char buf[128]; - strftime(buf, sizeof(buf), "%Y-%m-%d %H:%M:%S UTC", gmtime(&t)); - return buf; -} - -void -event2string(Event *ev, char **str) -{ - char *p; - char *pr; - if(ev == NULL){ - *str = strdup("-"); - return; - } - krb5_unparse_name(context, ev->principal, &pr); - asprintf(&p, "%s:%s", time2str(ev->time), pr); - free(pr); - *str = p; -} - -void -print_hdbflags (FILE *fp, HDBFlags flags) -{ - char buf[1024]; - - unparse_flags (HDBFlags2int(flags), HDBFlags_units, buf, sizeof(buf)); - fprintf (fp, "%s", buf); -} - -int -parse_hdbflags (const char *s, HDBFlags *flags) -{ - int t; - - t = parse_flags (s, HDBFlags_units, HDBFlags2int(*flags)); - if (t < 0) - return t; - else { - *flags = int2HDBFlags(t); - return 0; - } -} - -void -init_entry (HDB *db, hdb_entry *ent) -{ - krb5_realm *realm; - krb5_principal def_principal; - hdb_entry def; - - realm = krb5_princ_realm(context, ent->principal); - krb5_build_principal(context, &def_principal, - strlen(*realm), - *realm, - "default", - NULL); - def.principal = def_principal; - if(db->fetch(context, db, &def)) { - krb5_free_principal(context, def_principal); - krb5_make_principal(context, &def_principal, NULL, "default", NULL); - def.principal = def_principal; - if(db->fetch(context, db, &def)){ - krb5_warnx(context, "No `default' entry found. " - "(have you initialised the database?)"); - memset(&def, 0, sizeof(def)); - }else - krb5_warnx(context, "No `default' principal found for %s, " - "using local realms default.", *realm); - } - krb5_free_principal (context, def_principal); - ent->flags.client = 1; - ent->flags.server = 1; - ent->flags.forwardable = 1; - ent->flags.proxiable = 1; - ent->flags.renewable = 1; - ent->flags.postdate = 1; - if(def.max_life){ - ent->max_life = malloc(sizeof(*ent->max_life)); - *ent->max_life = *def.max_life; - } - if(def.max_renew){ - ent->max_renew = malloc(sizeof(*ent->max_renew)); - *ent->max_renew = *def.max_renew; - } - hdb_free_entry(context, &def); -} - -static void -set_event (hdb_entry *ent, Event *ev) -{ - krb5_realm *realm; - - ev->time = time(NULL); - realm = krb5_princ_realm(context, ent->principal); - - krb5_build_principal(context, &ev->principal, - strlen(*realm), - *realm, - "kadmin", - NULL); -} - -void -set_created_by (hdb_entry *ent) -{ - set_event (ent, &ent->created_by); -} - -void -set_modified_by (hdb_entry *ent) -{ - if (ent->modified_by) - free_Event(ent->modified_by); - else - ent->modified_by = malloc(sizeof(*ent->modified_by)); - set_event (ent, ent->modified_by); -} - -static void -get_life (const char *name, unsigned **v) -{ - char buf[128]; - time_t t; - - if (*v) { - unparse_time (**v, buf, sizeof(buf)); - t = getlife (name, buf); - } else { - t = getlife (name, "unlimited"); - } - if (t) { - if(*v == NULL) - *v = malloc(sizeof(**v)); - **v = t; - } else if(*v) { - free(*v); - *v = NULL; - } -} - -static void -get_time (const char *name, time_t **v) -{ - /* XXX */ -} - -static void -get_flags(const char *name, HDBFlags *flags) -{ - char buf[1024]; - - fprintf (stderr, "%s [", name); - print_hdbflags (stderr, *flags); - fprintf (stderr, "]: "); - if(fgets(buf, sizeof(buf), stdin) == NULL) - return; - buf[strlen(buf) - 1] = '\0'; - if(*buf != '\0') - parse_hdbflags(buf, flags); -} - -void -edit_entry(hdb_entry *ent) -{ - get_time ("Valid start", &ent->valid_start); - get_time ("Valid end", &ent->valid_end); - get_time ("Password end", &ent->pw_end); - get_life ("Max ticket life", &ent->max_life); - get_life ("Max renewable life", &ent->max_renew); - get_flags ("Flags", &ent->flags); -} - -int -set_password(hdb_entry *ent) -{ - char buf[128]; - int i; - - if(des_read_pw_string(buf, sizeof(buf), "Password:", 1)) - return -1; - for (i = 0; i < ent->keys.len; ++i) - free_Key (&ent->keys.val[i]); - free (ent->keys.val); - ent->keys.len = 2; - ent->keys.val = calloc(2, sizeof(*ent->keys.val)); - ent->keys.val[0].key.keytype = KEYTYPE_DES; - ent->keys.val[1].key.keytype = KEYTYPE_DES3; - set_keys(ent, buf); - return 0; -} - -int -set_random_key(hdb_entry *ent) -{ - int i; - - for (i = 0; i < ent->keys.len; ++i) - free_Key (&ent->keys.val[i]); - free (ent->keys.val); - - ent->keys.len = 0; - ent->keys.val = NULL; - init_des_key(ent); - return 0; -}