oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Add support to read dump from stdin.

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3362 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Johan Danielsson
1997-09-03 18:17:50 +00:00
parent 45991ffbcc
commit a1cc81345b
1 changed files with 54 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

95
kdc/hpropd.c
View File

@@ -82,12 +82,14 @@ int open_socket(krb5_context context)
static int help_flag; static int help_flag;
static int version_flag; static int version_flag;
static char *database = HDB_DEFAULT_DB; static char *database = HDB_DEFAULT_DB;
static int from_stdin;
struct getargs args[] = { struct getargs args[] = {
#if 0 #if 0
{ "slave", 's', arg_strings, &slaves, "slave server", "host" }, { "slave", 's', arg_strings, &slaves, "slave server", "host" },
#endif #endif
{ "database", 'd', arg_string, &database, "database", "file" }, { "database", 'd', arg_string, &database, "database", "file" },
{ "stdin", 'n', arg_flag, &from_stdin , "read from stdin" },
{ "version", 0, arg_flag, &version_flag, NULL, NULL }, { "version", 0, arg_flag, &version_flag, NULL, NULL },
{ "help", 'h', arg_flag, &help_flag, NULL, NULL} { "help", 'h', arg_flag, &help_flag, NULL, NULL}
}; };
@@ -135,45 +137,49 @@ int main(int argc, char **argv)
if(version_flag) if(version_flag)
krb5_errx(context, 0, "%s (%s)\n", __progname, heimdal_version); krb5_errx(context, 0, "%s (%s)\n", __progname, heimdal_version);
fd = open_socket(context); if(from_stdin)
if(fd < 0) fd = STDIN_FILENO;
krb5_errx(context, 1, "Failed to obtain socket - exiting"); else{
fd = open_socket(context);
{ if(fd < 0)
int sin_len; krb5_errx(context, 1, "Failed to obtain socket - exiting");
struct sockaddr_in sin;
sin_len = sizeof(sin); {
if(getpeername(fd, (struct sockaddr*)&sin, &sin_len)) int sin_len;
krb5_err(context, 1, errno, "getpeername"); struct sockaddr_in sin;
krb5_log(context, fac, 0, "Connection from %s", inet_ntoa(sin.sin_addr)); sin_len = sizeof(sin);
} if(getpeername(fd, (struct sockaddr*)&sin, &sin_len))
krb5_err(context, 1, errno, "getpeername");
krb5_log(context, fac, 0, "Connection from %s", inet_ntoa(sin.sin_addr));
}
gethostname(hostname, sizeof(hostname)); gethostname(hostname, sizeof(hostname));
ret = krb5_sname_to_principal(context, hostname, HPROP_NAME, KRB5_NT_SRV_HST, &server); ret = krb5_sname_to_principal(context, hostname, HPROP_NAME, KRB5_NT_SRV_HST, &server);
if(ret) krb5_err(context, 1, ret, "krb5_sname_to_principal"); if(ret) krb5_err(context, 1, ret, "krb5_sname_to_principal");
ret = krb5_kt_default(context, &keytab);
if(ret) krb5_err(context, 1, ret, "krb5_kt_default");
ret = krb5_recvauth(context, &ac, &fd, HPROP_VERSION, server, 0, keytab, NULL);
if(ret) krb5_err(context, 1, ret, "krb5_recvauth");
ret = krb5_auth_getauthenticator(context, ac, &authent);
if(ret) krb5_err(context, 1, ret, "krb5_auth_getauthenticator");
ret = krb5_make_principal(context, &c1, NULL, "kadmin", "hprop", NULL);
if(ret) krb5_err(context, 1, ret, "krb5_make_principal");
principalname2krb5_principal(&c2, authent->cname, authent->crealm);
if(!krb5_principal_compare(context, c1, c2)){
char *s;
krb5_unparse_name(context, c2, &s);
krb5_errx(context, 1, "Unauthorized connection from %s", s);
}
krb5_free_principal(context, c1);
krb5_free_principal(context, c2);
ret = krb5_kt_default(context, &keytab); ret = krb5_kt_close(context, keytab);
if(ret) krb5_err(context, 1, ret, "krb5_kt_default"); if(ret) krb5_err(context, 1, ret, "krb5_kt_close");
ret = krb5_recvauth(context, &ac, &fd, HPROP_VERSION, server, 0, keytab, NULL);
if(ret) krb5_err(context, 1, ret, "krb5_recvauth");
ret = krb5_auth_getauthenticator(context, ac, &authent);
if(ret) krb5_err(context, 1, ret, "krb5_auth_getauthenticator");
ret = krb5_make_principal(context, &c1, NULL, "kadmin", "hprop", NULL);
if(ret) krb5_err(context, 1, ret, "krb5_make_principal");
principalname2krb5_principal(&c2, authent->cname, authent->crealm);
if(!krb5_principal_compare(context, c1, c2)){
char *s;
krb5_unparse_name(context, c2, &s);
krb5_errx(context, 1, "Unauthorized connection from %s", s);
} }
krb5_free_principal(context, c1);
krb5_free_principal(context, c2);
ret = krb5_kt_close(context, keytab);
if(ret) krb5_err(context, 1, ret, "krb5_kt_close");
asprintf(&tmp_db, "%s~", database); asprintf(&tmp_db, "%s~", database);
ret = hdb_open(context, &db, tmp_db, O_RDWR | O_CREAT | O_TRUNC, 0600); ret = hdb_open(context, &db, tmp_db, O_RDWR | O_CREAT | O_TRUNC, 0600);
@@ -184,13 +190,20 @@ int main(int argc, char **argv)
krb5_data data; krb5_data data;
hdb_entry entry; hdb_entry entry;
ret = recv_priv(context, ac, fd, &data); if(from_stdin){
if(ret) krb5_err(context, 1, ret, "recv_priv"); ret = recv_clear(context, fd, &data);
if(ret) krb5_err(context, 1, ret, "recv_clear");
}else{
ret = recv_priv(context, ac, fd, &data);
if(ret) krb5_err(context, 1, ret, "recv_priv");
}
if(data.length == 0){ if(data.length == 0){
data.data = NULL; if(!from_stdin){
data.length = 0; data.data = NULL;
send_priv(context, ac, &data, fd); data.length = 0;
send_priv(context, ac, &data, fd);
}
ret = db->rename(context, db, database); ret = db->rename(context, db, database);
if(ret) krb5_err(context, 1, ret, "db_rename"); if(ret) krb5_err(context, 1, ret, "db_rename");
ret = db->close(context, db); ret = db->close(context, db);