From bb90aecaee868eeb5f0dafc2ce1b074418beb171 Mon Sep 17 00:00:00 2001 From: Johan Danielsson Date: Wed, 5 Jul 2000 13:17:32 +0000 Subject: [PATCH] pass context to seal/unseal_keys git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@8551 ec53bebd-3082-4978-b11e-865c3cabbd6b --- kdc/hprop.c | 13 ++++--------- lib/hdb/common.c | 4 ++-- lib/hdb/db.c | 2 +- lib/hdb/db3.c | 2 +- lib/hdb/hdb-ldap.c | 6 +++--- lib/hdb/ndbm.c | 2 +- lib/kadm5/chpass_s.c | 4 ++-- lib/kadm5/create_s.c | 4 ++-- lib/kadm5/delete_s.c | 2 +- lib/kadm5/modify_s.c | 2 +- lib/kadm5/randkey_s.c | 2 +- lib/kadm5/rename_s.c | 2 +- 12 files changed, 20 insertions(+), 25 deletions(-) diff --git a/kdc/hprop.c b/kdc/hprop.c index b06b124dc..0e7dedc75 100644 --- a/kdc/hprop.c +++ b/kdc/hprop.c @@ -45,8 +45,7 @@ static int to_stdout; static int verbose_flag; static int encrypt_flag; static int decrypt_flag; -static EncryptionKey mkey5; -static krb5_data msched5; +static hdb_master_key mkey5; static char *source_type; @@ -102,7 +101,7 @@ open_socket(krb5_context context, const char *hostname, const char *port) int hdb_entry2value(krb5_context, hdb_entry*, krb5_data*); -static krb5_error_code +krb5_error_code v5_prop(krb5_context context, HDB *db, hdb_entry *entry, void *appdata) { krb5_error_code ret; @@ -110,9 +109,9 @@ v5_prop(krb5_context context, HDB *db, hdb_entry *entry, void *appdata) krb5_data data; if(encrypt_flag) - _hdb_seal_keys_int(entry, 0, msched5); + _hdb_seal_keys_int(context, entry, mkey5); if(decrypt_flag) - _hdb_unseal_keys_int(entry, 0, msched5); + _hdb_unseal_keys_int(context, entry, mkey5); ret = hdb_entry2value(context, entry, &data); if(ret) { @@ -740,10 +739,6 @@ main(int argc, char **argv) if(ret) { if(encrypt_flag || decrypt_flag) krb5_errx(context, 1, "No master key file found"); - } else { - ret = hdb_process_master_key(context, mkey5, &msched5); - if(ret) - krb5_err(context, 1, ret, "hdb_process_master_key"); } #ifdef KRB4 diff --git a/lib/hdb/common.c b/lib/hdb/common.c index a06a96e51..0e3466db7 100644 --- a/lib/hdb/common.c +++ b/lib/hdb/common.c @@ -111,7 +111,7 @@ _hdb_fetch(krb5_context context, HDB *db, unsigned flags, hdb_entry *entry) return code; hdb_value2entry(context, &value, entry); if (db->master_key_set && (flags & HDB_F_DECRYPT)) - hdb_unseal_keys (db, entry); + hdb_unseal_keys (context, db, entry); krb5_data_free(&value); return 0; } @@ -123,7 +123,7 @@ _hdb_store(krb5_context context, HDB *db, unsigned flags, hdb_entry *entry) int code; hdb_principal2key(context, entry->principal, &key); - hdb_seal_keys(db, entry); + hdb_seal_keys(context, db, entry); hdb_entry2value(context, entry, &value); code = db->_put(context, db, flags & HDB_F_REPLACE, key, value); krb5_data_free(&value); diff --git a/lib/hdb/db.c b/lib/hdb/db.c index e4bf68743..35fae8448 100644 --- a/lib/hdb/db.c +++ b/lib/hdb/db.c @@ -103,7 +103,7 @@ DB_seq(krb5_context context, HDB *db, if (hdb_value2entry(context, &data, entry)) return DB_seq(context, db, flags, entry, R_NEXT); if (db->master_key_set && (flags & HDB_F_DECRYPT)) - hdb_unseal_keys (db, entry); + hdb_unseal_keys (context, db, entry); if (entry->principal == NULL) { entry->principal = malloc(sizeof(*entry->principal)); hdb_key2principal(context, &key_data, entry->principal); diff --git a/lib/hdb/db3.c b/lib/hdb/db3.c index b7cec4ee6..a5921744a 100644 --- a/lib/hdb/db3.c +++ b/lib/hdb/db3.c @@ -108,7 +108,7 @@ DB_seq(krb5_context context, HDB *db, if (hdb_value2entry(context, &data, entry)) return DB_seq(context, db, flags, entry, DB_NEXT); if (db->master_key_set && (flags & HDB_F_DECRYPT)) - hdb_unseal_keys (db, entry); + hdb_unseal_keys (context, db, entry); if (entry->principal == NULL) { entry->principal = malloc(sizeof(*entry->principal)); hdb_key2principal(context, &key_data, entry->principal); diff --git a/lib/hdb/hdb-ldap.c b/lib/hdb/hdb-ldap.c index 527a137d1..f981368eb 100644 --- a/lib/hdb/hdb-ldap.c +++ b/lib/hdb/hdb-ldap.c @@ -889,7 +889,7 @@ LDAP_seq(krb5_context context, HDB * db, unsigned flags, hdb_entry * entry) if (ret == 0) { if (db->master_key_set && (flags & HDB_F_DECRYPT)) - hdb_unseal_keys(db, entry); + hdb_unseal_keys(context, db, entry); } return ret; @@ -1106,7 +1106,7 @@ LDAP_fetch(krb5_context context, HDB * db, unsigned flags, ret = LDAP_message2entry(context, db, e, entry); if (ret == 0) { if (db->master_key_set && (flags & HDB_F_DECRYPT)) - hdb_unseal_keys(db, entry); + hdb_unseal_keys(context, db, entry); } out: @@ -1134,7 +1134,7 @@ LDAP_store(krb5_context context, HDB * db, unsigned flags, e = ldap_first_entry((LDAP *) db->db, msg); } - hdb_seal_keys(db, entry); + hdb_seal_keys(context, db, entry); /* turn new entry into LDAPMod array */ ret = LDAP_entry2mods(context, db, entry, e, &mods); diff --git a/lib/hdb/ndbm.c b/lib/hdb/ndbm.c index 0731ba013..e9c2d0435 100644 --- a/lib/hdb/ndbm.c +++ b/lib/hdb/ndbm.c @@ -94,7 +94,7 @@ NDBM_seq(krb5_context context, HDB *db, if(hdb_value2entry(context, &data, entry)) return NDBM_seq(context, db, flags, entry, 0); if (db->master_key_set && (flags & HDB_F_DECRYPT)) - hdb_unseal_keys (db, entry); + hdb_unseal_keys (context, db, entry); if (entry->principal == NULL) { entry->principal = malloc (sizeof(*entry->principal)); hdb_key2principal (context, &key_data, entry->principal); diff --git a/lib/kadm5/chpass_s.c b/lib/kadm5/chpass_s.c index beb795205..18020e0b4 100644 --- a/lib/kadm5/chpass_s.c +++ b/lib/kadm5/chpass_s.c @@ -62,7 +62,7 @@ kadm5_s_chpass_principal(void *server_handle, if(ret) goto out2; - hdb_seal_keys(context->db, &ent); + hdb_seal_keys(context->context, context->db, &ent); kadm5_log_modify (context, &ent, @@ -105,7 +105,7 @@ kadm5_s_chpass_principal_with_key(void *server_handle, if(ret) goto out2; - hdb_seal_keys(context->db, &ent); + hdb_seal_keys(context->context, context->db, &ent); kadm5_log_modify (context, &ent, diff --git a/lib/kadm5/create_s.c b/lib/kadm5/create_s.c index 1c6bab972..267dd1194 100644 --- a/lib/kadm5/create_s.c +++ b/lib/kadm5/create_s.c @@ -124,7 +124,7 @@ kadm5_s_create_principal_with_key(void *server_handle, if(ret) goto out; - hdb_seal_keys(context->db, &ent); + hdb_seal_keys(context->context, context->db, &ent); kadm5_log_create (context, &ent); @@ -176,7 +176,7 @@ kadm5_s_create_principal(void *server_handle, ent.keys.val[3].key.keytype = ETYPE_DES3_CBC_SHA1; ret = _kadm5_set_keys(context, &ent, password); - hdb_seal_keys(context->db, &ent); + hdb_seal_keys(context->context, context->db, &ent); kadm5_log_create (context, &ent); diff --git a/lib/kadm5/delete_s.c b/lib/kadm5/delete_s.c index e572478cd..64690b0a9 100644 --- a/lib/kadm5/delete_s.c +++ b/lib/kadm5/delete_s.c @@ -57,7 +57,7 @@ kadm5_s_delete_principal(void *server_handle, krb5_principal princ) goto out; } - hdb_seal_keys(context->db, &ent); + hdb_seal_keys(context->context, context->db, &ent); kadm5_log_delete (context, princ); diff --git a/lib/kadm5/modify_s.c b/lib/kadm5/modify_s.c index e98dc86c4..6ae8df48f 100644 --- a/lib/kadm5/modify_s.c +++ b/lib/kadm5/modify_s.c @@ -63,7 +63,7 @@ modify_principal(void *server_handle, if(ret) goto out2; - hdb_seal_keys(context->db, &ent); + hdb_seal_keys(context->context, context->db, &ent); kadm5_log_modify (context, &ent, diff --git a/lib/kadm5/randkey_s.c b/lib/kadm5/randkey_s.c index 1486ff5e9..3b4fddc2f 100644 --- a/lib/kadm5/randkey_s.c +++ b/lib/kadm5/randkey_s.c @@ -69,7 +69,7 @@ kadm5_s_randkey_principal(void *server_handle, if(ret) goto out3; - hdb_seal_keys(context->db, &ent); + hdb_seal_keys(context->context, context->db, &ent); kadm5_log_modify (context, &ent, diff --git a/lib/kadm5/rename_s.c b/lib/kadm5/rename_s.c index 94fd33d7e..49626a642 100644 --- a/lib/kadm5/rename_s.c +++ b/lib/kadm5/rename_s.c @@ -82,7 +82,7 @@ kadm5_s_rename_principal(void *server_handle, ent2.principal = ent.principal; ent.principal = target; - hdb_seal_keys(context->db, &ent); + hdb_seal_keys(context->context, context->db, &ent); kadm5_log_rename (context, source,