From ae310389851ed4ca5fcd73d0c2d4848793e57389 Mon Sep 17 00:00:00 2001 From: Assar Westerlund Date: Thu, 16 Oct 1997 04:14:00 +0000 Subject: [PATCH] adapt to new hdb interface git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3628 ec53bebd-3082-4978-b11e-865c3cabbd6b --- admin/ank.c | 4 ++-- admin/delete.c | 4 ++-- admin/dump.c | 6 ++---- admin/extkeytab.c | 6 ++---- admin/get.c | 6 +++--- admin/init.c | 15 +++++++-------- admin/kdb_edit.c | 24 +++++++++++++----------- admin/load.c | 16 +++++++--------- admin/mod.c | 5 ++--- admin/util.c | 2 -- kadmin/dump.c | 6 ++---- kadmin/init.c | 15 +++++++-------- kadmin/load.c | 16 +++++++--------- kdc/config.c | 1 + kdc/hprop.c | 8 ++++++-- kdc/hpropd.c | 8 ++++++-- kdc/kdc_locl.h | 1 + kdc/main.c | 19 +++++++------------ 18 files changed, 77 insertions(+), 85 deletions(-) diff --git a/admin/ank.c b/admin/ank.c index 499026975..f209ffe71 100644 --- a/admin/ank.c +++ b/admin/ank.c @@ -43,13 +43,13 @@ RCSID("$Id$"); static void doit(const char *principal) { - HDB *db; hdb_entry ent; krb5_error_code ret; krb5_principal ent_principal; memset(&ent, 0, sizeof(ent)); - if((ret = hdb_open(context, &db, database, O_RDWR, 0600))) { + ret = db->open(context, db, O_RDWR, 0600); + if (ret) { krb5_warn(context, ret, "hdb_open"); return; } diff --git a/admin/delete.c b/admin/delete.c index af1c19f37..f50dc678d 100644 --- a/admin/delete.c +++ b/admin/delete.c @@ -43,7 +43,6 @@ RCSID("$Id$"); int del_entry(int argc, char **argv) { - HDB *db; krb5_error_code ret; hdb_entry ent; @@ -54,7 +53,8 @@ del_entry(int argc, char **argv) krb5_parse_name(context, argv[1], &ent.principal); - if((ret = hdb_open(context, &db, database, O_RDWR, 0600))){ + ret = db->open(context, db, O_RDWR, 0600); + if(ret) { krb5_warn(context, ret, "hdb_open"); return 0; } diff --git a/admin/dump.c b/admin/dump.c index a8f45cc44..6a358d8cd 100644 --- a/admin/dump.c +++ b/admin/dump.c @@ -169,8 +169,7 @@ print_entry(krb5_context context, HDB *db, hdb_entry *entry, void *data) int dump(int argc, char **argv) { - HDB *db; - int ret; + krb5_error_code ret; FILE *f; if(argc < 2) @@ -178,8 +177,7 @@ dump(int argc, char **argv) else f = fopen(argv[1], "w"); - - ret = hdb_open(context, &db, database, O_RDONLY, 0600); + ret = db->open(context, db, O_RDONLY, 0600); if(ret){ krb5_warn(context, ret, "hdb_open"); if(f != stdout) diff --git a/admin/extkeytab.c b/admin/extkeytab.c index 96e4a334b..c14b7a3e7 100644 --- a/admin/extkeytab.c +++ b/admin/extkeytab.c @@ -43,7 +43,6 @@ RCSID("$Id$"); int ext_keytab(int argc, char **argv) { - HDB *db; hdb_entry ent; krb5_keytab kid; krb5_principal principal; @@ -55,7 +54,7 @@ ext_keytab(int argc, char **argv) return 0; } - ret = hdb_open(context, &db, database, O_RDONLY, 0600); + ret = db->open(context, db, O_RDONLY, 0600); if(ret){ krb5_warn(context, ret, "hdb_open"); return 0; @@ -95,14 +94,13 @@ ext_keytab(int argc, char **argv) krb5_copy_principal (context, principal, &key_entry.principal); key_entry.vno = ent.kvno; - k = unseal_key(&ent.keys.val[i]); + k = &ent.keys.val[i]; key_entry.keyblock.keytype = k->key.keytype; key_entry.keyblock.keyvalue.length = 0; krb5_data_copy(&key_entry.keyblock.keyvalue, k->key.keyvalue.data, k->key.keyvalue.length); - hdb_free_key (k); ret = krb5_kt_add_entry(context, kid, diff --git a/admin/get.c b/admin/get.c index afb0d8539..00019e30a 100644 --- a/admin/get.c +++ b/admin/get.c @@ -43,8 +43,7 @@ RCSID("$Id$"); int get_entry(int argc, char **argv) { - HDB *db; - int ret; + krb5_error_code ret; hdb_entry ent; int i; krb5_principal principal; @@ -54,7 +53,8 @@ get_entry(int argc, char **argv) return 0; } - if((ret = hdb_open(context, &db, database, O_RDONLY, 0600))) { + ret = db->open(context, db, O_RDONLY, 0600); + if(ret) { krb5_warn(context, ret, "hdb_open"); return 0; } diff --git a/admin/init.c b/admin/init.c index 0297d228e..1f4165200 100644 --- a/admin/init.c +++ b/admin/init.c @@ -43,8 +43,7 @@ RCSID("$Id$"); int init(int argc, char **argv) { - HDB *db; - int err; + krb5_error_code ret; int i; int default_life = 86400; @@ -54,9 +53,9 @@ init(int argc, char **argv) hdb_entry ent; - err = hdb_open(context, &db, database, O_RDWR | O_CREAT, 0600); - if(err){ - krb5_warn(context, err, "hdb_open"); + ret = db->open(context, db, O_RDWR | O_CREAT, 0600); + if(ret){ + krb5_warn(context, ret, "hdb_open"); return 0; } memset(&ent, 0, sizeof(ent)); @@ -66,8 +65,8 @@ init(int argc, char **argv) "krbtgt", argv[i], NULL); - err = db->fetch(context, db, &ent); - switch(err){ + ret = db->fetch(context, db, &ent); + switch(ret){ case 0: krb5_warnx(context, "Entry already exists"); krb5_free_principal(context, ent.principal); @@ -75,7 +74,7 @@ init(int argc, char **argv) case HDB_ERR_NOENTRY: break; default: - krb5_warn(context, err, "hdb_fetch"); + krb5_warn(context, ret, "hdb_fetch"); db->close(context, db); return 0; } diff --git a/admin/kdb_edit.c b/admin/kdb_edit.c index 32da06255..0e9511e00 100644 --- a/admin/kdb_edit.c +++ b/admin/kdb_edit.c @@ -83,6 +83,7 @@ static SL_cmd commands[] = { krb5_context context; char database[256] = HDB_DEFAULT_DB; +HDB *db = NULL; int help(int argc, char **argv) @@ -100,6 +101,11 @@ exit_kdb_edit (int argc, char **argv) int set_db(int argc, char **argv) { + krb5_error_code ret; + + if (db) + db->destroy(context, db); + switch(argc){ case 1: strcpy(database, HDB_DEFAULT_DB); @@ -110,6 +116,12 @@ set_db(int argc, char **argv) default: fprintf(stderr, "Usage: database [database]\n"); } + ret = hdb_create(context, &db, database); + if (ret) + krb5_err(context, 1, ret, "opening database %s", database); + ret = hdb_set_master_key(context, db, keyfile); + if (ret) + krb5_err(context, 1, ret, "setting master key"); return 0; } @@ -127,7 +139,6 @@ main(int argc, char **argv) krb5_config_section *cf; int optind = 0; int e; - EncryptionKey key; set_progname(argv[0]); @@ -157,16 +168,7 @@ main(int argc, char **argv) keyfile = strdup(p); } - ret = hdb_read_master_key(context, keyfile, &key); - if (ret && ret != ENOENT) - krb5_err(context, 1, ret, "Failed to open master key file"); - if(ret == 0){ - set_master_key(key); - memset(key.keyvalue.data, 0, key.keyvalue.length); - free_EncryptionKey(&key); - krb5_warnx (context, "Database is encrypted"); - }else - krb5_warnx (context, "Database is not encrypted"); + set_db(1, NULL); return sl_loop(commands, "kdb_edit> ") != 0; } diff --git a/admin/load.c b/admin/load.c index 450bb8048..0ad86e92a 100644 --- a/admin/load.c +++ b/admin/load.c @@ -184,14 +184,12 @@ parse_hdbflags2int(char *str) static void doit(char *filename, int merge) { + krb5_error_code ret; FILE *f; - HDB *db; char s[1024]; char *p; int line; - int err; int flags = O_RDWR; - struct entry e; hdb_entry ent; @@ -202,9 +200,9 @@ doit(char *filename, int merge) } if(!merge) flags |= O_CREAT | O_TRUNC; - err = hdb_open(context, &db, database, flags, 0600); - if(err){ - krb5_warn(context, err, "hdb_open"); + ret = db->open(context, db, flags, 0600); + if(ret){ + krb5_warn(context, ret, "hdb_open"); fclose(f); return; } @@ -250,12 +248,12 @@ doit(char *filename, int merge) p = skip_next(p); memset(&ent, 0, sizeof(ent)); - err = krb5_parse_name(context, e.principal, &ent.principal); - if(err){ + ret = krb5_parse_name(context, e.principal, &ent.principal); + if(ret){ fprintf(stderr, "%s:%s:%s (%s)\n", filename, line, - krb5_get_err_text(context, err), + krb5_get_err_text(context, ret), e.principal); continue; } diff --git a/admin/mod.c b/admin/mod.c index 8d69cdd0d..034c919d6 100644 --- a/admin/mod.c +++ b/admin/mod.c @@ -84,13 +84,12 @@ doit2(HDB *db, hdb_entry *ent) static void doit(const char *principal) { - HDB *db; hdb_entry ent; krb5_error_code ret; - memset(&ent, 0, sizeof(ent)); - if((ret = hdb_open(context, &db, database, O_RDWR, 0600))){ + ret = db->open(context, db, O_RDWR, 0600); + if(ret) { krb5_warn(context, ret, "hdb_open"); return; } diff --git a/admin/util.c b/admin/util.c index 951d84f11..cc96193ec 100644 --- a/admin/util.c +++ b/admin/util.c @@ -44,7 +44,6 @@ add_key(Key *k, krb5_keytype keytype) { memset(k, 0, sizeof(*k)); krb5_generate_random_keyblock(context, keytype, &k->key); - seal_key(k); } void @@ -73,7 +72,6 @@ set_keys(hdb_entry *ent, char *password) for(i = 0; i < ent->keys.len; i++) { krb5_string_to_key(password, &salt, ent->keys.val[i].key.keytype, &ent->keys.val[i].key); /* XXX */ - seal_key(&ent->keys.val[i]); } krb5_data_free(&salt); ent->kvno++; diff --git a/kadmin/dump.c b/kadmin/dump.c index a8f45cc44..6a358d8cd 100644 --- a/kadmin/dump.c +++ b/kadmin/dump.c @@ -169,8 +169,7 @@ print_entry(krb5_context context, HDB *db, hdb_entry *entry, void *data) int dump(int argc, char **argv) { - HDB *db; - int ret; + krb5_error_code ret; FILE *f; if(argc < 2) @@ -178,8 +177,7 @@ dump(int argc, char **argv) else f = fopen(argv[1], "w"); - - ret = hdb_open(context, &db, database, O_RDONLY, 0600); + ret = db->open(context, db, O_RDONLY, 0600); if(ret){ krb5_warn(context, ret, "hdb_open"); if(f != stdout) diff --git a/kadmin/init.c b/kadmin/init.c index 0297d228e..1f4165200 100644 --- a/kadmin/init.c +++ b/kadmin/init.c @@ -43,8 +43,7 @@ RCSID("$Id$"); int init(int argc, char **argv) { - HDB *db; - int err; + krb5_error_code ret; int i; int default_life = 86400; @@ -54,9 +53,9 @@ init(int argc, char **argv) hdb_entry ent; - err = hdb_open(context, &db, database, O_RDWR | O_CREAT, 0600); - if(err){ - krb5_warn(context, err, "hdb_open"); + ret = db->open(context, db, O_RDWR | O_CREAT, 0600); + if(ret){ + krb5_warn(context, ret, "hdb_open"); return 0; } memset(&ent, 0, sizeof(ent)); @@ -66,8 +65,8 @@ init(int argc, char **argv) "krbtgt", argv[i], NULL); - err = db->fetch(context, db, &ent); - switch(err){ + ret = db->fetch(context, db, &ent); + switch(ret){ case 0: krb5_warnx(context, "Entry already exists"); krb5_free_principal(context, ent.principal); @@ -75,7 +74,7 @@ init(int argc, char **argv) case HDB_ERR_NOENTRY: break; default: - krb5_warn(context, err, "hdb_fetch"); + krb5_warn(context, ret, "hdb_fetch"); db->close(context, db); return 0; } diff --git a/kadmin/load.c b/kadmin/load.c index 450bb8048..0ad86e92a 100644 --- a/kadmin/load.c +++ b/kadmin/load.c @@ -184,14 +184,12 @@ parse_hdbflags2int(char *str) static void doit(char *filename, int merge) { + krb5_error_code ret; FILE *f; - HDB *db; char s[1024]; char *p; int line; - int err; int flags = O_RDWR; - struct entry e; hdb_entry ent; @@ -202,9 +200,9 @@ doit(char *filename, int merge) } if(!merge) flags |= O_CREAT | O_TRUNC; - err = hdb_open(context, &db, database, flags, 0600); - if(err){ - krb5_warn(context, err, "hdb_open"); + ret = db->open(context, db, flags, 0600); + if(ret){ + krb5_warn(context, ret, "hdb_open"); fclose(f); return; } @@ -250,12 +248,12 @@ doit(char *filename, int merge) p = skip_next(p); memset(&ent, 0, sizeof(ent)); - err = krb5_parse_name(context, e.principal, &ent.principal); - if(err){ + ret = krb5_parse_name(context, e.principal, &ent.principal); + if(ret){ fprintf(stderr, "%s:%s:%s (%s)\n", filename, line, - krb5_get_err_text(context, err), + krb5_get_err_text(context, ret), e.principal); continue; } diff --git a/kdc/config.c b/kdc/config.c index e924119a0..11c0221e1 100644 --- a/kdc/config.c +++ b/kdc/config.c @@ -49,6 +49,7 @@ static char *max_request_str; size_t max_request; time_t kdc_warn_pwexpire; char *database; +HDB *db; char *port_str; int enable_http = -1; diff --git a/kdc/hprop.c b/kdc/hprop.c index 0d61aef97..307f892b5 100644 --- a/kdc/hprop.c +++ b/kdc/hprop.c @@ -333,8 +333,12 @@ int main(int argc, char **argv) }else #endif { - ret = hdb_open(context, &db, database, O_RDONLY, 0); - if(ret) krb5_err(context, 1, ret, "hdb_open"); + ret = hdb_create (context, &db, database); + if(ret) + krb5_err(context, 1, ret, "hdb_create: %s", database); + ret = db->open(context, db, O_RDONLY, 0); + if(ret) + krb5_err(context, 1, ret, "db->open"); } if(to_stdout){ diff --git a/kdc/hpropd.c b/kdc/hpropd.c index ad2b6f57d..14324787d 100644 --- a/kdc/hpropd.c +++ b/kdc/hpropd.c @@ -188,8 +188,12 @@ int main(int argc, char **argv) } asprintf(&tmp_db, "%s~", database); - ret = hdb_open(context, &db, tmp_db, O_RDWR | O_CREAT | O_TRUNC, 0600); - if(ret) krb5_err(context, 1, ret, "hdb_open"); + ret = hdb_create(context, &db, tmp_db); + if(ret) + krb5_err(context, 1, ret, "hdb_open(%s)", tmp_db); + ret = db->open(context, db, O_RDWR | O_CREAT | O_TRUNC, 0600); + if(ret) + krb5_err(context, 1, ret, "hdb_open"); nprincs = 0; while(1){ diff --git a/kdc/kdc_locl.h b/kdc/kdc_locl.h index ea5c6e45b..e34ffe7ec 100644 --- a/kdc/kdc_locl.h +++ b/kdc/kdc_locl.h @@ -53,6 +53,7 @@ extern char *keyfile; extern size_t max_request; extern time_t kdc_warn_pwexpire; extern char *database; +extern HDB *db; extern char *port_str; extern int enable_http; diff --git a/kdc/main.c b/kdc/main.c index 95ba08beb..ae01d4781 100644 --- a/kdc/main.c +++ b/kdc/main.c @@ -53,24 +53,19 @@ int main(int argc, char **argv) { krb5_error_code ret; - EncryptionKey key; set_progname(argv[0]); krb5_init_context(&context); configure(argc, argv); - ret = hdb_read_master_key(context, keyfile, &key); - if(ret && ret != ENOENT) - krb5_err(context, 1, ret, "Failed to open master key file"); - if(ret == 0){ - set_master_key(key); - memset(key.keyvalue.data, 0, key.keyvalue.length); - free_EncryptionKey(&key); - kdc_log(5, "Database is encrypted"); - }else - kdc_log(5, "Database is not encrypted"); - + ret = hdb_create(context, &db, database); + if(ret) + krb5_err(context, 1, ret, "hdb_create %s", database); + ret = hdb_set_master_key(context, db, keyfile); + if (ret) + krb5_err(context, 1, ret, "hdb_set_master_key"); + #ifdef HAVE_SIGACTION { struct sigaction sa;