oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

pass context to seal/unseal_keys

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@8551 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Johan Danielsson
2000-07-05 13:17:32 +00:00
parent 8e922c962d
commit bb90aecaee
12 changed files with 20 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
kdc/hprop.c
View File

@@ -45,8 +45,7 @@ static int to_stdout;
static int verbose_flag; static int verbose_flag;
static int encrypt_flag; static int encrypt_flag;
static int decrypt_flag; static int decrypt_flag;
static EncryptionKey mkey5; static hdb_master_key mkey5;
static krb5_data msched5;
static char *source_type; static char *source_type;
@@ -102,7 +101,7 @@ open_socket(krb5_context context, const char *hostname, const char *port)
int hdb_entry2value(krb5_context, hdb_entry*, krb5_data*); int hdb_entry2value(krb5_context, hdb_entry*, krb5_data*);
static krb5_error_code krb5_error_code
v5_prop(krb5_context context, HDB *db, hdb_entry *entry, void *appdata) v5_prop(krb5_context context, HDB *db, hdb_entry *entry, void *appdata)
{ {
krb5_error_code ret; krb5_error_code ret;
@@ -110,9 +109,9 @@ v5_prop(krb5_context context, HDB *db, hdb_entry *entry, void *appdata)
krb5_data data; krb5_data data;
if(encrypt_flag) if(encrypt_flag)
_hdb_seal_keys_int(entry, 0, msched5); _hdb_seal_keys_int(context, entry, mkey5);
if(decrypt_flag) if(decrypt_flag)
_hdb_unseal_keys_int(entry, 0, msched5); _hdb_unseal_keys_int(context, entry, mkey5);
ret = hdb_entry2value(context, entry, &data); ret = hdb_entry2value(context, entry, &data);
if(ret) { if(ret) {
@@ -740,10 +739,6 @@ main(int argc, char **argv)
if(ret) { if(ret) {
if(encrypt_flag || decrypt_flag) if(encrypt_flag || decrypt_flag)
krb5_errx(context, 1, "No master key file found"); krb5_errx(context, 1, "No master key file found");
} else {
ret = hdb_process_master_key(context, mkey5, &msched5);
if(ret)
krb5_err(context, 1, ret, "hdb_process_master_key");
} }
#ifdef KRB4 #ifdef KRB4

4
lib/hdb/common.c
View File

@@ -111,7 +111,7 @@ _hdb_fetch(krb5_context context, HDB *db, unsigned flags, hdb_entry *entry)
return code; return code;
hdb_value2entry(context, &value, entry); hdb_value2entry(context, &value, entry);
if (db->master_key_set && (flags & HDB_F_DECRYPT)) if (db->master_key_set && (flags & HDB_F_DECRYPT))
hdb_unseal_keys (db, entry); hdb_unseal_keys (context, db, entry);
krb5_data_free(&value); krb5_data_free(&value);
return 0; return 0;
} }
@@ -123,7 +123,7 @@ _hdb_store(krb5_context context, HDB *db, unsigned flags, hdb_entry *entry)
int code; int code;
hdb_principal2key(context, entry->principal, &key); hdb_principal2key(context, entry->principal, &key);
hdb_seal_keys(db, entry); hdb_seal_keys(context, db, entry);
hdb_entry2value(context, entry, &value); hdb_entry2value(context, entry, &value);
code = db->_put(context, db, flags & HDB_F_REPLACE, key, value); code = db->_put(context, db, flags & HDB_F_REPLACE, key, value);
krb5_data_free(&value); krb5_data_free(&value);

2
lib/hdb/db.c
View File

@@ -103,7 +103,7 @@ DB_seq(krb5_context context, HDB *db,
if (hdb_value2entry(context, &data, entry)) if (hdb_value2entry(context, &data, entry))
return DB_seq(context, db, flags, entry, R_NEXT); return DB_seq(context, db, flags, entry, R_NEXT);
if (db->master_key_set && (flags & HDB_F_DECRYPT)) if (db->master_key_set && (flags & HDB_F_DECRYPT))
hdb_unseal_keys (db, entry); hdb_unseal_keys (context, db, entry);
if (entry->principal == NULL) { if (entry->principal == NULL) {
entry->principal = malloc(sizeof(*entry->principal)); entry->principal = malloc(sizeof(*entry->principal));
hdb_key2principal(context, &key_data, entry->principal); hdb_key2principal(context, &key_data, entry->principal);

2
lib/hdb/db3.c
View File

@@ -108,7 +108,7 @@ DB_seq(krb5_context context, HDB *db,
if (hdb_value2entry(context, &data, entry)) if (hdb_value2entry(context, &data, entry))
return DB_seq(context, db, flags, entry, DB_NEXT); return DB_seq(context, db, flags, entry, DB_NEXT);
if (db->master_key_set && (flags & HDB_F_DECRYPT)) if (db->master_key_set && (flags & HDB_F_DECRYPT))
hdb_unseal_keys (db, entry); hdb_unseal_keys (context, db, entry);
if (entry->principal == NULL) { if (entry->principal == NULL) {
entry->principal = malloc(sizeof(*entry->principal)); entry->principal = malloc(sizeof(*entry->principal));
hdb_key2principal(context, &key_data, entry->principal); hdb_key2principal(context, &key_data, entry->principal);

6
lib/hdb/hdb-ldap.c
View File

@@ -889,7 +889,7 @@ LDAP_seq(krb5_context context, HDB * db, unsigned flags, hdb_entry * entry)
if (ret == 0) { if (ret == 0) {
if (db->master_key_set && (flags & HDB_F_DECRYPT)) if (db->master_key_set && (flags & HDB_F_DECRYPT))
hdb_unseal_keys(db, entry); hdb_unseal_keys(context, db, entry);
} }
return ret; return ret;
@@ -1106,7 +1106,7 @@ LDAP_fetch(krb5_context context, HDB * db, unsigned flags,
ret = LDAP_message2entry(context, db, e, entry); ret = LDAP_message2entry(context, db, e, entry);
if (ret == 0) { if (ret == 0) {
if (db->master_key_set && (flags & HDB_F_DECRYPT)) if (db->master_key_set && (flags & HDB_F_DECRYPT))
hdb_unseal_keys(db, entry); hdb_unseal_keys(context, db, entry);
} }
out: out:
@@ -1134,7 +1134,7 @@ LDAP_store(krb5_context context, HDB * db, unsigned flags,
e = ldap_first_entry((LDAP *) db->db, msg); e = ldap_first_entry((LDAP *) db->db, msg);
} }
hdb_seal_keys(db, entry); hdb_seal_keys(context, db, entry);
/* turn new entry into LDAPMod array */ /* turn new entry into LDAPMod array */
ret = LDAP_entry2mods(context, db, entry, e, &mods); ret = LDAP_entry2mods(context, db, entry, e, &mods);

2
lib/hdb/ndbm.c
View File

@@ -94,7 +94,7 @@ NDBM_seq(krb5_context context, HDB *db,
if(hdb_value2entry(context, &data, entry)) if(hdb_value2entry(context, &data, entry))
return NDBM_seq(context, db, flags, entry, 0); return NDBM_seq(context, db, flags, entry, 0);
if (db->master_key_set && (flags & HDB_F_DECRYPT)) if (db->master_key_set && (flags & HDB_F_DECRYPT))
hdb_unseal_keys (db, entry); hdb_unseal_keys (context, db, entry);
if (entry->principal == NULL) { if (entry->principal == NULL) {
entry->principal = malloc (sizeof(*entry->principal)); entry->principal = malloc (sizeof(*entry->principal));
hdb_key2principal (context, &key_data, entry->principal); hdb_key2principal (context, &key_data, entry->principal);

4
lib/kadm5/chpass_s.c
View File

@@ -62,7 +62,7 @@ kadm5_s_chpass_principal(void *server_handle,
if(ret) if(ret)
goto out2; goto out2;
hdb_seal_keys(context->db, &ent); hdb_seal_keys(context->context, context->db, &ent);
kadm5_log_modify (context, kadm5_log_modify (context,
&ent, &ent,
@@ -105,7 +105,7 @@ kadm5_s_chpass_principal_with_key(void *server_handle,
if(ret) if(ret)
goto out2; goto out2;
hdb_seal_keys(context->db, &ent); hdb_seal_keys(context->context, context->db, &ent);
kadm5_log_modify (context, kadm5_log_modify (context,
&ent, &ent,

4
lib/kadm5/create_s.c
View File

@@ -124,7 +124,7 @@ kadm5_s_create_principal_with_key(void *server_handle,
if(ret) if(ret)
goto out; goto out;
hdb_seal_keys(context->db, &ent); hdb_seal_keys(context->context, context->db, &ent);
kadm5_log_create (context, &ent); kadm5_log_create (context, &ent);
@@ -176,7 +176,7 @@ kadm5_s_create_principal(void *server_handle,
ent.keys.val[3].key.keytype = ETYPE_DES3_CBC_SHA1; ent.keys.val[3].key.keytype = ETYPE_DES3_CBC_SHA1;
ret = _kadm5_set_keys(context, &ent, password); ret = _kadm5_set_keys(context, &ent, password);
hdb_seal_keys(context->db, &ent); hdb_seal_keys(context->context, context->db, &ent);
kadm5_log_create (context, &ent); kadm5_log_create (context, &ent);

2
lib/kadm5/delete_s.c
View File

@@ -57,7 +57,7 @@ kadm5_s_delete_principal(void *server_handle, krb5_principal princ)
goto out; goto out;
} }
hdb_seal_keys(context->db, &ent); hdb_seal_keys(context->context, context->db, &ent);
kadm5_log_delete (context, princ); kadm5_log_delete (context, princ);

2
lib/kadm5/modify_s.c
View File

@@ -63,7 +63,7 @@ modify_principal(void *server_handle,
if(ret) if(ret)
goto out2; goto out2;
hdb_seal_keys(context->db, &ent); hdb_seal_keys(context->context, context->db, &ent);
kadm5_log_modify (context, kadm5_log_modify (context,
&ent, &ent,

2
lib/kadm5/randkey_s.c
View File

@@ -69,7 +69,7 @@ kadm5_s_randkey_principal(void *server_handle,
if(ret) if(ret)
goto out3; goto out3;
hdb_seal_keys(context->db, &ent); hdb_seal_keys(context->context, context->db, &ent);
kadm5_log_modify (context, kadm5_log_modify (context,
&ent, &ent,

2
lib/kadm5/rename_s.c
View File

@@ -82,7 +82,7 @@ kadm5_s_rename_principal(void *server_handle,
ent2.principal = ent.principal; ent2.principal = ent.principal;
ent.principal = target; ent.principal = target;
hdb_seal_keys(context->db, &ent); hdb_seal_keys(context->context, context->db, &ent);
kadm5_log_rename (context, kadm5_log_rename (context,
source, source,