oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Warning fixes from Christos Zoulas

Browse Source 
- shadowed variables
- signed/unsigned confusion
- const lossage
- incomplete structure initializations
- unused code
This commit is contained in:
Love Hornquist Astrand
2011-04-29 20:25:05 -07:00
parent 66c15e7caf
commit f5f9014c90
156 changed files with 1178 additions and 1078 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
kadmin/ank.c
View File

@@ -39,21 +39,21 @@
*/
static krb5_error_code
get_default (kadm5_server_context *context,
get_default (kadm5_server_context *contextp,
krb5_principal princ,
kadm5_principal_ent_t default_ent)
{
krb5_error_code ret;
krb5_principal def_principal;
krb5_const_realm realm = krb5_principal_get_realm(context->context, princ);
krb5_const_realm realm = krb5_principal_get_realm(contextp->context, princ);
ret = krb5_make_principal (context->context, &def_principal,
ret = krb5_make_principal (contextp->context, &def_principal,
realm, "default", NULL);
if (ret)
return ret;
ret = kadm5_get_principal (context, def_principal, default_ent,
ret = kadm5_get_principal (contextp, def_principal, default_ent,
KADM5_PRINCIPAL_NORMAL_MASK);
krb5_free_principal (context->context, def_principal);
krb5_free_principal (contextp->context, def_principal);
return ret;
}

2
kadmin/check.c
View File

@@ -86,7 +86,7 @@ do_check_entry(krb5_principal principal, void *data)
ret = krb5_enctype_keysize(context,
princ.key_data[i].key_data_type[0],
&keysize);
if (ret == 0 && keysize != princ.key_data[i].key_data_length[0]) {
if (ret == 0 && keysize != (size_t)princ.key_data[i].key_data_length[0]) {
krb5_warnx(context,
"Principal %s enctype %d, wrong length: %lu\n",
name, princ.key_data[i].key_data_type[0],

57
kadmin/kadm_conn.c
View File

@@ -43,12 +43,12 @@ struct kadm_port {
} *kadm_ports;
static void
add_kadm_port(krb5_context context, const char *service, unsigned int port)
add_kadm_port(krb5_context contextp, const char *service, unsigned int port)
{
struct kadm_port *p;
p = malloc(sizeof(*p));
if(p == NULL) {
krb5_warnx(context, "failed to allocate %lu bytes\n",
krb5_warnx(contextp, "failed to allocate %lu bytes\n",
(unsigned long)sizeof(*p));
return;
}
@@ -61,9 +61,9 @@ add_kadm_port(krb5_context context, const char *service, unsigned int port)
}
static void
add_standard_ports (krb5_context context)
add_standard_ports (krb5_context contextp)
{
add_kadm_port(context, "kerberos-adm", 749);
add_kadm_port(contextp, "kerberos-adm", 749);
}
/*
@@ -73,15 +73,15 @@ add_standard_ports (krb5_context context)
*/
void
parse_ports(krb5_context context, const char *str)
parse_ports(krb5_context contextp, const char *str)
{
char p[128];
while(strsep_copy(&str, " \t", p, sizeof(p)) != -1) {
if(strcmp(p, "+") == 0)
add_standard_ports(context);
add_standard_ports(contextp);
else
add_kadm_port(context, p, 0);
add_kadm_port(contextp, p, 0);
}
}
@@ -120,10 +120,11 @@ terminate(int sig)
}
static int
spawn_child(krb5_context context, int *socks,
spawn_child(krb5_context contextp, int *socks,
unsigned int num_socks, int this_sock)
{
int e, i;
int e;
size_t i;
struct sockaddr_storage __ss;
struct sockaddr *sa = (struct sockaddr *)&__ss;
socklen_t sa_size = sizeof(__ss);
@@ -135,20 +136,20 @@ spawn_child(krb5_context context, int *socks,
s = accept(socks[this_sock], sa, &sa_size);
if(rk_IS_BAD_SOCKET(s)) {
krb5_warn(context, rk_SOCK_ERRNO, "accept");
krb5_warn(contextp, rk_SOCK_ERRNO, "accept");
return 1;
}
e = krb5_sockaddr2address(context, sa, &addr);
e = krb5_sockaddr2address(contextp, sa, &addr);
if(e)
krb5_warn(context, e, "krb5_sockaddr2address");
krb5_warn(contextp, e, "krb5_sockaddr2address");
else {
e = krb5_print_address (&addr, buf, sizeof(buf),
&buf_len);
if(e)
krb5_warn(context, e, "krb5_print_address");
krb5_warn(contextp, e, "krb5_print_address");
else
krb5_warnx(context, "connection from %s", buf);
krb5_free_address(context, &addr);
krb5_warnx(contextp, "connection from %s", buf);
krb5_free_address(contextp, &addr);
}
pid = fork();
@@ -167,7 +168,7 @@ spawn_child(krb5_context context, int *socks,
}
static void
wait_for_connection(krb5_context context,
wait_for_connection(krb5_context contextp,
krb5_socket_t *socks, unsigned int num_socks)
{
unsigned int i;
@@ -200,13 +201,13 @@ wait_for_connection(krb5_context context,
e = select(max_fd + 1, &read_set, NULL, NULL, NULL);
if(rk_IS_SOCKET_ERROR(e)) {
if(rk_SOCK_ERRNO != EINTR)
krb5_warn(context, rk_SOCK_ERRNO, "select");
krb5_warn(contextp, rk_SOCK_ERRNO, "select");
} else if(e == 0)
krb5_warnx(context, "select returned 0");
krb5_warnx(contextp, "select returned 0");
else {
for(i = 0; i < num_socks; i++) {
if(FD_ISSET(socks[i], &read_set))
if(spawn_child(context, socks, num_socks, i) == 0)
if(spawn_child(contextp, socks, num_socks, i) == 0)
return;
}
}
@@ -221,7 +222,7 @@ wait_for_connection(krb5_context context,
void
start_server(krb5_context context, const char *port_str)
start_server(krb5_context contextp, const char *port_str)
{
int e;
struct kadm_port *p;
@@ -233,7 +234,7 @@ start_server(krb5_context context, const char *port_str)
if (port_str == NULL)
port_str = "+";
parse_ports(context, port_str);
parse_ports(contextp, port_str);
for(p = kadm_ports; p; p = p->next) {
struct addrinfo hints, *ai, *ap;
@@ -249,7 +250,7 @@ start_server(krb5_context context, const char *port_str)
}
if(e) {
krb5_warn(context, krb5_eai_to_heim_errno(e, errno),
krb5_warn(contextp, krb5_eai_to_heim_errno(e, errno),
"%s", portstr);
continue;
}
@@ -258,7 +259,7 @@ start_server(krb5_context context, const char *port_str)
i++;
tmp = realloc(socks, (num_socks + i) * sizeof(*socks));
if(tmp == NULL) {
krb5_warnx(context, "failed to reallocate %lu bytes",
krb5_warnx(contextp, "failed to reallocate %lu bytes",
(unsigned long)(num_socks + i) * sizeof(*socks));
continue;
}
@@ -266,7 +267,7 @@ start_server(krb5_context context, const char *port_str)
for(ap = ai; ap; ap = ap->ai_next) {
krb5_socket_t s = socket(ap->ai_family, ap->ai_socktype, ap->ai_protocol);
if(rk_IS_BAD_SOCKET(s)) {
krb5_warn(context, rk_SOCK_ERRNO, "socket");
krb5_warn(contextp, rk_SOCK_ERRNO, "socket");
continue;
}
@@ -274,12 +275,12 @@ start_server(krb5_context context, const char *port_str)
socket_set_ipv6only(s, 1);
if (rk_IS_SOCKET_ERROR(bind (s, ap->ai_addr, ap->ai_addrlen))) {
krb5_warn(context, rk_SOCK_ERRNO, "bind");
krb5_warn(contextp, rk_SOCK_ERRNO, "bind");
rk_closesocket(s);
continue;
}
if (rk_IS_SOCKET_ERROR(listen (s, SOMAXCONN))) {
krb5_warn(context, rk_SOCK_ERRNO, "listen");
krb5_warn(contextp, rk_SOCK_ERRNO, "listen");
rk_closesocket(s);
continue;
}
@@ -288,7 +289,7 @@ start_server(krb5_context context, const char *port_str)
freeaddrinfo (ai);
}
if(num_socks == 0)
krb5_errx(context, 1, "no sockets to listen to - exiting");
krb5_errx(contextp, 1, "no sockets to listen to - exiting");
wait_for_connection(context, socks, num_socks);
wait_for_connection(contextp, socks, num_socks);
}

13
kadmin/kadmin.c
View File

@@ -52,9 +52,9 @@ static getarg_strings policy_libraries = { 0, NULL };
static struct getargs args[] = {
{ "principal", 'p', arg_string, &client_name,
"principal to authenticate as" },
"principal to authenticate as", NULL },
{ "keytab", 'K', arg_string, &keytab,
"keytab for authentication principal" },
"keytab for authentication principal", NULL },
{
"config-file", 'c', arg_string, &config_file,
"location of config file", "file"
@@ -75,7 +75,8 @@ static struct getargs args[] = {
"server-port", 's', arg_integer, &server_port,
"port to use", "port number"
},
{ "ad", 0, arg_flag, &ad_flag, "active directory admin mode" },
{ "ad", 0, arg_flag, &ad_flag, "active directory admin mode",
NULL },
#ifdef HAVE_DLOPEN
{ "check-library", 0, arg_string, &check_library,
"library to load password check function from", "library" },
@@ -84,9 +85,9 @@ static struct getargs args[] = {
{ "policy-libraries", 0, arg_strings, &policy_libraries,
"password check function to load", "function" },
#endif
{ "local", 'l', arg_flag, &local_flag, "local admin mode" },
{ "help", 'h', arg_flag, &help_flag },
{ "version", 'v', arg_flag, &version_flag }
{ "local", 'l', arg_flag, &local_flag, "local admin mode", NULL },
{ "help", 'h', arg_flag, &help_flag, NULL, NULL },
{ "version", 'v', arg_flag, &version_flag, NULL, NULL }
};
static int num_args = sizeof(args) / sizeof(args[0]);

9
kadmin/kadmind.c
View File

@@ -37,7 +37,8 @@ static char *check_library = NULL;
static char *check_function = NULL;
static getarg_strings policy_libraries = { 0, NULL };
static char *config_file;
static char *keytab_str = "HDB:";
static char sHDB[] = "HDB:";
static char *keytab_str = sHDB;
static int help_flag;
static int version_flag;
static int debug_flag;
@@ -65,12 +66,12 @@ static struct getargs args[] = {
"password check function to load", "function" },
#endif
{ "debug", 'd', arg_flag, &debug_flag,
"enable debugging"
"enable debugging", NULL
},
{ "ports", 'p', arg_string, &port_str,
"ports to listen to", "port" },
{ "help", 'h', arg_flag, &help_flag },
{ "version", 'v', arg_flag, &version_flag }
{ "help", 'h', arg_flag, &help_flag, NULL, NULL },
{ "version", 'v', arg_flag, &version_flag, NULL, NULL }
};
static int num_args = sizeof(args) / sizeof(args[0]);

2
kadmin/load.c
View File

@@ -153,7 +153,7 @@ parse_keys(hdb_entry *ent, char *str)
krb5_error_code ret;
int tmp;
char *p;
int i;
size_t i;
p = strsep(&str, ":");
if (sscanf(p, "%d", &tmp) != 1)

14
kadmin/mod.c
View File

@@ -55,7 +55,7 @@ add_tl(kadm5_principal_ent_rec *princ, int type, krb5_data *data)
}
static void
add_constrained_delegation(krb5_context context,
add_constrained_delegation(krb5_context contextp,
kadm5_principal_ent_rec *princ,
struct getarg_strings *strings)
{
@@ -81,13 +81,13 @@ add_constrained_delegation(krb5_context context,
ext.data.u.allowed_to_delegate_to.len = strings->num_strings;
for (i = 0; i < strings->num_strings; i++) {
ret = krb5_parse_name(context, strings->strings[i], &p);
ret = krb5_parse_name(contextp, strings->strings[i], &p);
if (ret)
abort();
ret = copy_Principal(p, &ext.data.u.allowed_to_delegate_to.val[i]);
if (ret)
abort();
krb5_free_principal(context, p);
krb5_free_principal(contextp, p);
}
}
@@ -103,7 +103,7 @@ add_constrained_delegation(krb5_context context,
}
static void
add_aliases(krb5_context context, kadm5_principal_ent_rec *princ,
add_aliases(krb5_context contextp, kadm5_principal_ent_rec *princ,
struct getarg_strings *strings)
{
krb5_error_code ret;
@@ -128,9 +128,9 @@ add_aliases(krb5_context context, kadm5_principal_ent_rec *princ,
ext.data.u.aliases.aliases.len = strings->num_strings;
for (i = 0; i < strings->num_strings; i++) {
ret = krb5_parse_name(context, strings->strings[i], &p);
ret = krb5_parse_name(contextp, strings->strings[i], &p);
ret = copy_Principal(p, &ext.data.u.aliases.aliases.val[i]);
krb5_free_principal(context, p);
krb5_free_principal(contextp, p);
}
}
@@ -146,7 +146,7 @@ add_aliases(krb5_context context, kadm5_principal_ent_rec *princ,
}
static void
add_pkinit_acl(krb5_context context, kadm5_principal_ent_rec *princ,
add_pkinit_acl(krb5_context contextp, kadm5_principal_ent_rec *princ,
struct getarg_strings *strings)
{
krb5_error_code ret;

166
kadmin/rpc.c
View File

@@ -161,7 +161,7 @@ parse_name(const unsigned char *p, size_t len,
static void
gss_error(krb5_context context,
gss_error(krb5_context contextp,
gss_OID mech, OM_uint32 type, OM_uint32 error)
{
OM_uint32 new_stat;
@@ -176,7 +176,7 @@ gss_error(krb5_context context,
mech,
&msg_ctx,
&status_string);
krb5_warnx(context, "%.*s",
krb5_warnx(contextp, "%.*s",
(int)status_string.length,
(char *)status_string.value);
gss_release_buffer (&new_stat, &status_string);
@@ -184,11 +184,11 @@ gss_error(krb5_context context,
}
static void
gss_print_errors (krb5_context context,
gss_print_errors (krb5_context contextp,
OM_uint32 maj_stat, OM_uint32 min_stat)
{
gss_error(context, GSS_C_NO_OID, GSS_C_GSS_CODE, maj_stat);
gss_error(context, GSS_C_NO_OID, GSS_C_MECH_CODE, min_stat);
gss_error(contextp, GSS_C_NO_OID, GSS_C_GSS_CODE, maj_stat);
gss_error(contextp, GSS_C_NO_OID, GSS_C_MECH_CODE, min_stat);
}
static int
@@ -204,10 +204,10 @@ read_data(krb5_storage *sp, krb5_storage *msg, size_t len)
tlen = sizeof(buf);
slen = krb5_storage_read(sp, buf, tlen);
INSIST(slen == tlen);
INSIST((size_t)slen == tlen);
slen = krb5_storage_write(msg, buf, tlen);
INSIST(slen == tlen);
INSIST((size_t)slen == tlen);
len -= tlen;
}
@@ -252,7 +252,7 @@ store_data_xdr(krb5_storage *sp, krb5_data data)
static const char zero[4] = { 0, 0, 0, 0 };
ret = krb5_storage_write(sp, zero, res);
if(ret != res)
if((size_t)ret != res)
return (ret < 0)? errno : krb5_storage_get_eof_code(sp);
}
return 0;
@@ -273,7 +273,7 @@ ret_data_xdr(krb5_storage *sp, krb5_data *data)
res = 4 - (data->length % 4);
if (res != 4) {
ret = krb5_storage_read(sp, buf, res);
if(ret != res)
if((size_t)ret != res)
return (ret < 0)? errno : krb5_storage_get_eof_code(sp);
}
}
@@ -362,19 +362,19 @@ ret_string_xdr(krb5_storage *sp, char **str)
}
static int
store_principal_xdr(krb5_context context,
store_principal_xdr(krb5_context contextp,
krb5_storage *sp,
krb5_principal p)
{
char *str;
CHECK(krb5_unparse_name(context, p, &str));
CHECK(krb5_unparse_name(contextp, p, &str));
CHECK(store_string_xdr(sp, str));
free(str);
return 0;
}
static int
ret_principal_xdr(krb5_context context,
ret_principal_xdr(krb5_context contextp,
krb5_storage *sp,
krb5_principal *p)
{
@@ -382,27 +382,27 @@ ret_principal_xdr(krb5_context context,
*p = NULL;
CHECK(ret_string_xdr(sp, &str));
if (str) {
CHECK(krb5_parse_name(context, str, p));
CHECK(krb5_parse_name(contextp, str, p));
free(str);
}
return 0;
}
static int
store_principal_ent(krb5_context context,
store_principal_ent(krb5_context contextp,
krb5_storage *sp,
kadm5_principal_ent_rec *ent)
{
size_t i;
int i;
CHECK(store_principal_xdr(context, sp, ent->principal));
CHECK(store_principal_xdr(contextp, sp, ent->principal));
CHECK(krb5_store_uint32(sp, ent->princ_expire_time));
CHECK(krb5_store_uint32(sp, ent->pw_expiration));
CHECK(krb5_store_uint32(sp, ent->last_pwd_change));
CHECK(krb5_store_uint32(sp, ent->max_life));
CHECK(krb5_store_int32(sp, ent->mod_name == NULL));
if (ent->mod_name)
CHECK(store_principal_xdr(context, sp, ent->mod_name));
CHECK(store_principal_xdr(contextp, sp, ent->mod_name));
CHECK(krb5_store_uint32(sp, ent->mod_date));
CHECK(krb5_store_uint32(sp, ent->attributes));
CHECK(krb5_store_uint32(sp, ent->kvno));
@@ -443,7 +443,7 @@ store_principal_ent(krb5_context context,
}
static int
ret_principal_ent(krb5_context context,
ret_principal_ent(krb5_context contextp,
krb5_storage *sp,
kadm5_principal_ent_rec *ent)
{
@@ -452,7 +452,7 @@ ret_principal_ent(krb5_context context,
memset(ent, 0, sizeof(*ent));
CHECK(ret_principal_xdr(context, sp, &ent->principal));
CHECK(ret_principal_xdr(contextp, sp, &ent->principal));
CHECK(krb5_ret_uint32(sp, &flag));
ent->princ_expire_time = flag;
CHECK(krb5_ret_uint32(sp, &flag));
@@ -463,7 +463,7 @@ ret_principal_ent(krb5_context context,
ent->max_life = flag;
CHECK(krb5_ret_uint32(sp, &flag));
if (flag == 0)
ret_principal_xdr(context, sp, &ent->mod_name);
ret_principal_xdr(contextp, sp, &ent->mod_name);
CHECK(krb5_ret_uint32(sp, &flag));
ent->mod_date = flag;
CHECK(krb5_ret_uint32(sp, &flag));
@@ -508,13 +508,13 @@ ret_principal_ent(krb5_context context,
count++;
}
INSIST(ent->n_tl_data == count);
INSIST((size_t)ent->n_tl_data == count);
} else {
INSIST(ent->n_tl_data == 0);
}
CHECK(krb5_ret_uint32(sp, &num));
INSIST(num == ent->n_key_data);
INSIST(num == (uint32_t)ent->n_key_data);
ent->key_data = calloc(num, sizeof(ent->key_data[0]));
INSIST(ent->key_data != NULL);
@@ -538,7 +538,7 @@ ret_principal_ent(krb5_context context,
*/
static void
proc_create_principal(kadm5_server_context *context,
proc_create_principal(kadm5_server_context *contextp,
krb5_storage *in,
krb5_storage *out)
{
@@ -551,30 +551,30 @@ proc_create_principal(kadm5_server_context *context,
CHECK(krb5_ret_uint32(in, &version));
INSIST(version == VERSION2);
CHECK(ret_principal_ent(context->context, in, &ent));
CHECK(ret_principal_ent(contextp->context, in, &ent));
CHECK(krb5_ret_uint32(in, &mask));
CHECK(ret_string_xdr(in, &password));
INSIST(ent.principal);
ret = _kadm5_acl_check_permission(context, KADM5_PRIV_ADD, ent.principal);
ret = _kadm5_acl_check_permission(contextp, KADM5_PRIV_ADD, ent.principal);
if (ret)
goto fail;
ret = kadm5_create_principal(context, &ent, mask, password);
ret = kadm5_create_principal(contextp, &ent, mask, password);
fail:
krb5_warn(context->context, ret, "create principal");
krb5_warn(contextp->context, ret, "create principal");
CHECK(krb5_store_uint32(out, VERSION2)); /* api version */
CHECK(krb5_store_uint32(out, ret)); /* code */
free(password);
kadm5_free_principal_ent(context, &ent);
kadm5_free_principal_ent(contextp, &ent);
}
static void
proc_delete_principal(kadm5_server_context *context,
proc_delete_principal(kadm5_server_context *contextp,
krb5_storage *in,
krb5_storage *out)
{
@@ -584,24 +584,24 @@ proc_delete_principal(kadm5_server_context *context,
CHECK(krb5_ret_uint32(in, &version));
INSIST(version == VERSION2);
CHECK(ret_principal_xdr(context->context, in, &princ));
CHECK(ret_principal_xdr(contextp->context, in, &princ));
ret = _kadm5_acl_check_permission(context, KADM5_PRIV_DELETE, princ);
ret = _kadm5_acl_check_permission(contextp, KADM5_PRIV_DELETE, princ);
if (ret)
goto fail;
ret = kadm5_delete_principal(context, princ);
ret = kadm5_delete_principal(contextp, princ);
fail:
krb5_warn(context->context, ret, "delete principal");
krb5_warn(contextp->context, ret, "delete principal");
CHECK(krb5_store_uint32(out, VERSION2)); /* api version */
CHECK(krb5_store_uint32(out, ret)); /* code */
krb5_free_principal(context->context, princ);
krb5_free_principal(contextp->context, princ);
}
static void
proc_get_principal(kadm5_server_context *context,
proc_get_principal(kadm5_server_context *contextp,
krb5_storage *in,
krb5_storage *out)
{
@@ -614,29 +614,29 @@ proc_get_principal(kadm5_server_context *context,
CHECK(krb5_ret_uint32(in, &version));
INSIST(version == VERSION2);
CHECK(ret_principal_xdr(context->context, in, &princ));
CHECK(ret_principal_xdr(contextp->context, in, &princ));
CHECK(krb5_ret_uint32(in, &mask));
ret = _kadm5_acl_check_permission(context, KADM5_PRIV_GET, princ);
ret = _kadm5_acl_check_permission(contextp, KADM5_PRIV_GET, princ);
if(ret)
goto fail;
ret = kadm5_get_principal(context, princ, &ent, mask);
ret = kadm5_get_principal(contextp, princ, &ent, mask);
fail:
krb5_warn(context->context, ret, "get principal principal");
krb5_warn(contextp->context, ret, "get principal principal");
CHECK(krb5_store_uint32(out, VERSION2)); /* api version */
CHECK(krb5_store_uint32(out, ret)); /* code */
if (ret == 0) {
CHECK(store_principal_ent(context->context, out, &ent));
CHECK(store_principal_ent(contextp->context, out, &ent));
}
krb5_free_principal(context->context, princ);
kadm5_free_principal_ent(context, &ent);
krb5_free_principal(contextp->context, princ);
kadm5_free_principal_ent(contextp, &ent);
}
static void
proc_chrand_principal_v2(kadm5_server_context *context,
proc_chrand_principal_v2(kadm5_server_context *contextp,
krb5_storage *in,
krb5_storage *out)
{
@@ -648,36 +648,36 @@ proc_chrand_principal_v2(kadm5_server_context *context,
CHECK(krb5_ret_uint32(in, &version));
INSIST(version == VERSION2);
CHECK(ret_principal_xdr(context->context, in, &princ));
CHECK(ret_principal_xdr(contextp->context, in, &princ));
ret = _kadm5_acl_check_permission(context, KADM5_PRIV_CPW, princ);
ret = _kadm5_acl_check_permission(contextp, KADM5_PRIV_CPW, princ);
if(ret)
goto fail;
ret = kadm5_randkey_principal(context, princ,
ret = kadm5_randkey_principal(contextp, princ,
&new_keys, &n_keys);
fail:
krb5_warn(context->context, ret, "rand key principal");
krb5_warn(contextp->context, ret, "rand key principal");
CHECK(krb5_store_uint32(out, VERSION2)); /* api version */
CHECK(krb5_store_uint32(out, ret));
if (ret == 0) {
size_t i;
int i;
CHECK(krb5_store_int32(out, n_keys));
for(i = 0; i < n_keys; i++){
CHECK(krb5_store_uint32(out, new_keys[i].keytype));
CHECK(store_data_xdr(out, new_keys[i].keyvalue));
krb5_free_keyblock_contents(context->context, &new_keys[i]);
krb5_free_keyblock_contents(contextp->context, &new_keys[i]);
}
free(new_keys);
}
krb5_free_principal(context->context, princ);
krb5_free_principal(contextp->context, princ);
}
static void
proc_init(kadm5_server_context *context,
proc_init(kadm5_server_context *contextp,
krb5_storage *in,
krb5_storage *out)
{
@@ -687,7 +687,7 @@ proc_init(kadm5_server_context *context,
}
struct krb5_proc {
char *name;
const char *name;
void (*func)(kadm5_server_context *, krb5_storage *, krb5_storage *);
} procs[] = {
{ "NULL", NULL },
@@ -723,7 +723,7 @@ copyheader(krb5_storage *sp, krb5_data *data)
off = krb5_storage_seek(sp, 0, SEEK_CUR);
CHECK(krb5_data_alloc(data, off));
INSIST(off == data->length);
INSIST((size_t)off == data->length);
krb5_storage_seek(sp, 0, SEEK_SET);
sret = krb5_storage_read(sp, data->data, data->length);
INSIST(sret == off);
@@ -741,7 +741,7 @@ struct gctx {
};
static int
process_stream(krb5_context context,
process_stream(krb5_context contextp,
unsigned char *buf, size_t ilen,
krb5_storage *sp)
{
@@ -792,7 +792,7 @@ process_stream(krb5_context context,
if (ilen < 4) {
memcpy(tmp, buf, ilen);
slen = krb5_storage_read(sp, tmp + ilen, sizeof(tmp) - ilen);
INSIST(slen == sizeof(tmp) - ilen);
INSIST((size_t)slen == sizeof(tmp) - ilen);
ilen = sizeof(tmp);
buf = tmp;
@@ -809,12 +809,12 @@ process_stream(krb5_context context,
if (ilen) {
if (len < ilen) {
slen = krb5_storage_write(msg, buf, len);
INSIST(slen == len);
INSIST((size_t)slen == len);
ilen -= len;
len = 0;
} else {
slen = krb5_storage_write(msg, buf, ilen);
INSIST(slen == ilen);
INSIST((size_t)slen == ilen);
len -= ilen;
}
}
@@ -824,14 +824,14 @@ process_stream(krb5_context context,
if (!last_fragment) {
ret = collect_framents(sp, msg);
if (ret == HEIM_ERR_EOF)
krb5_errx(context, 0, "client disconnected");
krb5_errx(contextp, 0, "client disconnected");
INSIST(ret == 0);
}
} else {
ret = collect_framents(sp, msg);
if (ret == HEIM_ERR_EOF)
krb5_errx(context, 0, "client disconnected");
krb5_errx(contextp, 0, "client disconnected");
INSIST(ret == 0);
}
krb5_storage_seek(msg, 0, SEEK_SET);
@@ -873,7 +873,7 @@ process_stream(krb5_context context,
krb5_data data;
int conf_state;
uint32_t seq;
krb5_storage *sp;
krb5_storage *sp1;
INSIST(gcred.service == rpg_privacy);
@@ -892,10 +892,10 @@ process_stream(krb5_context context,
INSIST(maj_stat == GSS_S_COMPLETE);
INSIST(conf_state != 0);
sp = krb5_storage_from_mem(gout.value, gout.length);
INSIST(sp != NULL);
sp1 = krb5_storage_from_mem(gout.value, gout.length);
INSIST(sp1 != NULL);
CHECK(krb5_ret_uint32(sp, &seq));
CHECK(krb5_ret_uint32(sp1, &seq));
INSIST (seq == gcred.seq_num);
/*
@@ -905,19 +905,19 @@ process_stream(krb5_context context,
gctx.seq_num = seq;
/*
* If context is setup, priv data have the seq_num stored
* If contextp is setup, priv data have the seq_num stored
* first in the block, so add it here before users data is
* added.
*/
CHECK(krb5_store_uint32(dreply, gctx.seq_num));
if (chdr.proc >= sizeof(procs)/sizeof(procs[0])) {
krb5_warnx(context, "proc number out of array");
krb5_warnx(contextp, "proc number out of array");
} else if (procs[chdr.proc].func == NULL) {
krb5_warnx(context, "proc '%s' never implemented",
krb5_warnx(contextp, "proc '%s' never implemented",
procs[chdr.proc].name);
} else {
krb5_warnx(context, "proc %s", procs[chdr.proc].name);
krb5_warnx(contextp, "proc %s", procs[chdr.proc].name);
INSIST(server_handle != NULL);
(*procs[chdr.proc].func)(server_handle, sp, dreply);
}
@@ -957,29 +957,29 @@ process_stream(krb5_context context,
NULL,
NULL);
if (GSS_ERROR(maj_stat)) {
gss_print_errors(context, maj_stat, min_stat);
krb5_errx(context, 1, "gss error, exit");
gss_print_errors(contextp, maj_stat, min_stat);
krb5_errx(contextp, 1, "gss error, exit");
}
if ((maj_stat & GSS_S_CONTINUE_NEEDED) == 0) {
kadm5_config_params realm_params;
gss_buffer_desc buf;
gss_buffer_desc bufp;
char *client;
gctx.done = 1;
memset(&realm_params, 0, sizeof(realm_params));
maj_stat = gss_export_name(&min_stat, src_name, &buf);
maj_stat = gss_export_name(&min_stat, src_name, &bufp);
INSIST(maj_stat == GSS_S_COMPLETE);
CHECK(parse_name(buf.value, buf.length,
CHECK(parse_name(bufp.value, bufp.length,
GSS_KRB5_MECHANISM, &client));
gss_release_buffer(&min_stat, &buf);
gss_release_buffer(&min_stat, &bufp);
krb5_warnx(context, "%s connected", client);
krb5_warnx(contextp, "%s connected", client);
ret = kadm5_s_init_with_password_ctx(context,
ret = kadm5_s_init_with_password_ctx(contextp,
client,
NULL,
KADM5_ADMIN_SERVICE,
@@ -1002,9 +1002,9 @@ process_stream(krb5_context context,
break;
}
case RPG_DESTROY:
krb5_errx(context, 1, "client destroyed gss context");
krb5_errx(contextp, 1, "client destroyed gss contextp");
default:
krb5_errx(context, 1, "client sent unknown gsscode %d",
krb5_errx(contextp, 1, "client sent unknown gsscode %d",
(int)gcred.proc);
}
@@ -1026,7 +1026,7 @@ process_stream(krb5_context context,
CHECK(krb5_store_uint32(reply, 0)); /* SUCCESS */
CHECK(krb5_storage_to_data(dreply, &data));
INSIST(krb5_storage_write(reply, data.data, data.length) == data.length);
INSIST((size_t)krb5_storage_write(reply, data.data, data.length) == data.length);
krb5_data_free(&data);
} else {
@@ -1054,7 +1054,7 @@ process_stream(krb5_context context,
ssize_t sret;
gctx.inprogress = 0;
sret = krb5_storage_write(reply, data.data, data.length);
INSIST(sret == data.length);
INSIST((size_t)sret == data.length);
krb5_data_free(&data);
} else {
int conf_state;
@@ -1082,7 +1082,7 @@ process_stream(krb5_context context,
CHECK(krb5_storage_to_data(reply, &data));
CHECK(krb5_store_uint32(sp, data.length | LAST_FRAGMENT));
sret = krb5_storage_write(sp, data.data, data.length);
INSIST(sret == data.length);
INSIST((size_t)sret == data.length);
krb5_data_free(&data);
}
@@ -1091,16 +1091,16 @@ process_stream(krb5_context context,
int
handle_mit(krb5_context context, void *buf, size_t len, krb5_socket_t sock)
handle_mit(krb5_context contextp, void *buf, size_t len, krb5_socket_t sock)
{
krb5_storage *sp;
dcontext = context;
dcontext = contextp;
sp = krb5_storage_from_fd(sock);
INSIST(sp != NULL);
process_stream(context, buf, len, sp);
process_stream(contextp, buf, len, sp);
return 0;
}

235
kadmin/server.c
View File

@@ -35,14 +35,14 @@
#include <krb5-private.h>
static kadm5_ret_t
kadmind_dispatch(void *kadm_handle, krb5_boolean initial,
kadmind_dispatch(void *kadm_handlep, krb5_boolean initial,
krb5_data *in, krb5_data *out)
{
kadm5_ret_t ret;
int32_t cmd, mask, tmp;
kadm5_server_context *context = kadm_handle;
kadm5_server_context *contextp = kadm_handlep;
char client[128], name[128], name2[128];
char *op = "";
const char *op = "";
krb5_principal princ, princ2;
kadm5_principal_ent_rec ent;
char *password, *expression;
@@ -52,12 +52,12 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial,
int n_princs;
krb5_storage *sp;
krb5_unparse_name_fixed(context->context, context->caller,
krb5_unparse_name_fixed(contextp->context, contextp->caller,
client, sizeof(client));
sp = krb5_storage_from_data(in);
if (sp == NULL)
krb5_errx(context->context, 1, "out of memory");
krb5_errx(contextp->context, 1, "out of memory");
krb5_ret_int32(sp, &cmd);
switch(cmd){
@@ -68,26 +68,26 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial,
goto fail;
ret = krb5_ret_int32(sp, &mask);
if(ret){
krb5_free_principal(context->context, princ);
krb5_free_principal(contextp->context, princ);
goto fail;
}
mask |= KADM5_PRINCIPAL;
krb5_unparse_name_fixed(context->context, princ, name, sizeof(name));
krb5_warnx(context->context, "%s: %s %s", client, op, name);
ret = _kadm5_acl_check_permission(context, KADM5_PRIV_GET, princ);
krb5_unparse_name_fixed(contextp->context, princ, name, sizeof(name));
krb5_warnx(contextp->context, "%s: %s %s", client, op, name);
ret = _kadm5_acl_check_permission(contextp, KADM5_PRIV_GET, princ);
if(ret){
krb5_free_principal(context->context, princ);
krb5_free_principal(contextp->context, princ);
goto fail;
}
ret = kadm5_get_principal(kadm_handle, princ, &ent, mask);
ret = kadm5_get_principal(kadm_handlep, princ, &ent, mask);
krb5_storage_free(sp);
sp = krb5_storage_emem();
krb5_store_int32(sp, ret);
if(ret == 0){
kadm5_store_principal_ent(sp, &ent);
kadm5_free_principal_ent(kadm_handle, &ent);
kadm5_free_principal_ent(kadm_handlep, &ent);
}
krb5_free_principal(context->context, princ);
krb5_free_principal(contextp->context, princ);
break;
}
case kadm_delete:{
@@ -95,15 +95,15 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial,
ret = krb5_ret_principal(sp, &princ);
if(ret)
goto fail;
krb5_unparse_name_fixed(context->context, princ, name, sizeof(name));
krb5_warnx(context->context, "%s: %s %s", client, op, name);
ret = _kadm5_acl_check_permission(context, KADM5_PRIV_DELETE, princ);
krb5_unparse_name_fixed(contextp->context, princ, name, sizeof(name));
krb5_warnx(contextp->context, "%s: %s %s", client, op, name);
ret = _kadm5_acl_check_permission(contextp, KADM5_PRIV_DELETE, princ);
if(ret){
krb5_free_principal(context->context, princ);
krb5_free_principal(contextp->context, princ);
goto fail;
}
ret = kadm5_delete_principal(kadm_handle, princ);
krb5_free_principal(context->context, princ);
ret = kadm5_delete_principal(kadm_handlep, princ);
krb5_free_principal(contextp->context, princ);
krb5_storage_free(sp);
sp = krb5_storage_emem();
krb5_store_int32(sp, ret);
@@ -116,28 +116,28 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial,
goto fail;
ret = krb5_ret_int32(sp, &mask);
if(ret){
kadm5_free_principal_ent(context->context, &ent);
kadm5_free_principal_ent(contextp->context, &ent);
goto fail;
}
ret = krb5_ret_string(sp, &password);
if(ret){
kadm5_free_principal_ent(context->context, &ent);
kadm5_free_principal_ent(contextp->context, &ent);
goto fail;
}
krb5_unparse_name_fixed(context->context, ent.principal,
krb5_unparse_name_fixed(contextp->context, ent.principal,
name, sizeof(name));
krb5_warnx(context->context, "%s: %s %s", client, op, name);
ret = _kadm5_acl_check_permission(context, KADM5_PRIV_ADD,
krb5_warnx(contextp->context, "%s: %s %s", client, op, name);
ret = _kadm5_acl_check_permission(contextp, KADM5_PRIV_ADD,
ent.principal);
if(ret){
kadm5_free_principal_ent(context->context, &ent);
kadm5_free_principal_ent(contextp->context, &ent);
memset(password, 0, strlen(password));
free(password);
goto fail;
}
ret = kadm5_create_principal(kadm_handle, &ent,
ret = kadm5_create_principal(kadm_handlep, &ent,
mask, password);
kadm5_free_principal_ent(kadm_handle, &ent);
kadm5_free_principal_ent(kadm_handlep, &ent);
memset(password, 0, strlen(password));
free(password);
krb5_storage_free(sp);
@@ -152,20 +152,20 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial,
goto fail;
ret = krb5_ret_int32(sp, &mask);
if(ret){
kadm5_free_principal_ent(context, &ent);
kadm5_free_principal_ent(contextp, &ent);
goto fail;
}
krb5_unparse_name_fixed(context->context, ent.principal,
krb5_unparse_name_fixed(contextp->context, ent.principal,
name, sizeof(name));
krb5_warnx(context->context, "%s: %s %s", client, op, name);
ret = _kadm5_acl_check_permission(context, KADM5_PRIV_MODIFY,
krb5_warnx(contextp->context, "%s: %s %s", client, op, name);
ret = _kadm5_acl_check_permission(contextp, KADM5_PRIV_MODIFY,
ent.principal);
if(ret){
kadm5_free_principal_ent(context, &ent);
kadm5_free_principal_ent(contextp, &ent);
goto fail;
}
ret = kadm5_modify_principal(kadm_handle, &ent, mask);
kadm5_free_principal_ent(kadm_handle, &ent);
ret = kadm5_modify_principal(kadm_handlep, &ent, mask);
kadm5_free_principal_ent(kadm_handlep, &ent);
krb5_storage_free(sp);
sp = krb5_storage_emem();
krb5_store_int32(sp, ret);
@@ -178,27 +178,27 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial,
goto fail;
ret = krb5_ret_principal(sp, &princ2);
if(ret){
krb5_free_principal(context->context, princ);
krb5_free_principal(contextp->context, princ);
goto fail;
}
krb5_unparse_name_fixed(context->context, princ, name, sizeof(name));
krb5_unparse_name_fixed(context->context, princ2, name2, sizeof(name2));
krb5_warnx(context->context, "%s: %s %s -> %s",
krb5_unparse_name_fixed(contextp->context, princ, name, sizeof(name));
krb5_unparse_name_fixed(contextp->context, princ2, name2, sizeof(name2));
krb5_warnx(contextp->context, "%s: %s %s -> %s",
client, op, name, name2);
ret = _kadm5_acl_check_permission(context,
ret = _kadm5_acl_check_permission(contextp,
KADM5_PRIV_ADD,
princ2)
|| _kadm5_acl_check_permission(context,
|| _kadm5_acl_check_permission(contextp,
KADM5_PRIV_DELETE,
princ);
if(ret){
krb5_free_principal(context->context, princ);
krb5_free_principal(context->context, princ2);
krb5_free_principal(contextp->context, princ);
krb5_free_principal(contextp->context, princ2);
goto fail;
}
ret = kadm5_rename_principal(kadm_handle, princ, princ2);
krb5_free_principal(context->context, princ);
krb5_free_principal(context->context, princ2);
ret = kadm5_rename_principal(kadm_handlep, princ, princ2);
krb5_free_principal(contextp->context, princ);
krb5_free_principal(contextp->context, princ2);
krb5_storage_free(sp);
sp = krb5_storage_emem();
krb5_store_int32(sp, ret);
@@ -211,11 +211,11 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial,
goto fail;
ret = krb5_ret_string(sp, &password);
if(ret){
krb5_free_principal(context->context, princ);
krb5_free_principal(contextp->context, princ);
goto fail;
}
krb5_unparse_name_fixed(context->context, princ, name, sizeof(name));
krb5_warnx(context->context, "%s: %s %s", client, op, name);
krb5_unparse_name_fixed(contextp->context, princ, name, sizeof(name));
krb5_warnx(contextp->context, "%s: %s %s", client, op, name);
/*
* The change is allowed if at least one of:
@@ -227,7 +227,7 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial,
*/
if (initial
&& krb5_principal_compare (context->context, context->caller,
&& krb5_principal_compare (contextp->context, contextp->caller,
princ))
{
krb5_data pwd_data;
@@ -236,23 +236,23 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial,
pwd_data.data = password;
pwd_data.length = strlen(password);
pwd_reason = kadm5_check_password_quality (context->context,
pwd_reason = kadm5_check_password_quality (contextp->context,
princ, &pwd_data);
if (pwd_reason != NULL)
ret = KADM5_PASS_Q_DICT;
else
ret = 0;
} else
ret = _kadm5_acl_check_permission(context, KADM5_PRIV_CPW, princ);
ret = _kadm5_acl_check_permission(contextp, KADM5_PRIV_CPW, princ);
if(ret) {
krb5_free_principal(context->context, princ);
krb5_free_principal(contextp->context, princ);
memset(password, 0, strlen(password));
free(password);
goto fail;
}
ret = kadm5_chpass_principal(kadm_handle, princ, password);
krb5_free_principal(context->context, princ);
ret = kadm5_chpass_principal(kadm_handlep, princ, password);
krb5_free_principal(contextp->context, princ);
memset(password, 0, strlen(password));
free(password);
krb5_storage_free(sp);
@@ -271,21 +271,21 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial,
goto fail;
ret = krb5_ret_int32(sp, &n_key_data);
if (ret) {
krb5_free_principal(context->context, princ);
krb5_free_principal(contextp->context, princ);
goto fail;
}
/* n_key_data will be squeezed into an int16_t below. */
if (n_key_data < 0 || n_key_data >= 1 << 16 ||
n_key_data > UINT_MAX/sizeof(*key_data)) {
(size_t)n_key_data > UINT_MAX/sizeof(*key_data)) {
ret = ERANGE;
krb5_free_principal(context->context, princ);
krb5_free_principal(contextp->context, princ);
goto fail;
}
key_data = malloc (n_key_data * sizeof(*key_data));
if (key_data == NULL && n_key_data != 0) {
ret = ENOMEM;
krb5_free_principal(context->context, princ);
krb5_free_principal(contextp->context, princ);
goto fail;
}
@@ -294,38 +294,38 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial,
if (ret) {
int16_t dummy = i;
kadm5_free_key_data (context, &dummy, key_data);
kadm5_free_key_data (contextp, &dummy, key_data);
free (key_data);
krb5_free_principal(context->context, princ);
krb5_free_principal(contextp->context, princ);
goto fail;
}
}
krb5_unparse_name_fixed(context->context, princ, name, sizeof(name));
krb5_warnx(context->context, "%s: %s %s", client, op, name);
krb5_unparse_name_fixed(contextp->context, princ, name, sizeof(name));
krb5_warnx(contextp->context, "%s: %s %s", client, op, name);
/*
* The change is only allowed if the user is on the CPW ACL,
* this it to force password quality check on the user.
*/
ret = _kadm5_acl_check_permission(context, KADM5_PRIV_CPW, princ);
ret = _kadm5_acl_check_permission(contextp, KADM5_PRIV_CPW, princ);
if(ret) {
int16_t dummy = n_key_data;
kadm5_free_key_data (context, &dummy, key_data);
kadm5_free_key_data (contextp, &dummy, key_data);
free (key_data);
krb5_free_principal(context->context, princ);
krb5_free_principal(contextp->context, princ);
goto fail;
}
ret = kadm5_chpass_principal_with_key(kadm_handle, princ,
ret = kadm5_chpass_principal_with_key(kadm_handlep, princ,
n_key_data, key_data);
{
int16_t dummy = n_key_data;
kadm5_free_key_data (context, &dummy, key_data);
kadm5_free_key_data (contextp, &dummy, key_data);
}
free (key_data);
krb5_free_principal(context->context, princ);
krb5_free_principal(contextp->context, princ);
krb5_storage_free(sp);
sp = krb5_storage_emem();
krb5_store_int32(sp, ret);
@@ -336,8 +336,8 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial,
ret = krb5_ret_principal(sp, &princ);
if(ret)
goto fail;
krb5_unparse_name_fixed(context->context, princ, name, sizeof(name));
krb5_warnx(context->context, "%s: %s %s", client, op, name);
krb5_unparse_name_fixed(contextp->context, princ, name, sizeof(name));
krb5_warnx(contextp->context, "%s: %s %s", client, op, name);
/*
* The change is allowed if at least one of:
* a) it's for the principal him/herself and this was an initial ticket
@@ -345,19 +345,19 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial,
*/
if (initial
&& krb5_principal_compare (context->context, context->caller,
&& krb5_principal_compare (contextp->context, contextp->caller,
princ))
ret = 0;
else
ret = _kadm5_acl_check_permission(context, KADM5_PRIV_CPW, princ);
ret = _kadm5_acl_check_permission(contextp, KADM5_PRIV_CPW, princ);
if(ret) {
krb5_free_principal(context->context, princ);
krb5_free_principal(contextp->context, princ);
goto fail;
}
ret = kadm5_randkey_principal(kadm_handle, princ,
ret = kadm5_randkey_principal(kadm_handlep, princ,
&new_keys, &n_keys);
krb5_free_principal(context->context, princ);
krb5_free_principal(contextp->context, princ);
krb5_storage_free(sp);
sp = krb5_storage_emem();
krb5_store_int32(sp, ret);
@@ -366,7 +366,7 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial,
krb5_store_int32(sp, n_keys);
for(i = 0; i < n_keys; i++){
krb5_store_keyblock(sp, new_keys[i]);
krb5_free_keyblock_contents(context->context, &new_keys[i]);
krb5_free_keyblock_contents(contextp->context, &new_keys[i]);
}
free(new_keys);
}
@@ -374,7 +374,7 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial,
}
case kadm_get_privs:{
uint32_t privs;
ret = kadm5_get_privs(kadm_handle, &privs);
ret = kadm5_get_privs(kadm_handlep, &privs);
krb5_storage_free(sp);
sp = krb5_storage_emem();
krb5_store_int32(sp, ret);
@@ -393,14 +393,14 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial,
goto fail;
}else
expression = NULL;
krb5_warnx(context->context, "%s: %s %s", client, op,
krb5_warnx(contextp->context, "%s: %s %s", client, op,
expression ? expression : "*");
ret = _kadm5_acl_check_permission(context, KADM5_PRIV_LIST, NULL);
ret = _kadm5_acl_check_permission(contextp, KADM5_PRIV_LIST, NULL);
if(ret){
free(expression);
goto fail;
}
ret = kadm5_get_principals(kadm_handle, expression, &princs, &n_princs);
ret = kadm5_get_principals(kadm_handlep, expression, &princs, &n_princs);
free(expression);
krb5_storage_free(sp);
sp = krb5_storage_emem();
@@ -410,12 +410,12 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial,
krb5_store_int32(sp, n_princs);
for(i = 0; i < n_princs; i++)
krb5_store_string(sp, princs[i]);
kadm5_free_name_list(kadm_handle, princs, &n_princs);
kadm5_free_name_list(kadm_handlep, princs, &n_princs);
}
break;
}
default:
krb5_warnx(context->context, "%s: UNKNOWN OP %d", client, cmd);
krb5_warnx(contextp->context, "%s: UNKNOWN OP %d", client, cmd);
krb5_storage_free(sp);
sp = krb5_storage_emem();
krb5_store_int32(sp, KADM5_FAILURE);
@@ -425,7 +425,7 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial,
krb5_storage_free(sp);
return 0;
fail:
krb5_warn(context->context, ret, "%s", op);
krb5_warn(contextp->context, ret, "%s", op);
krb5_storage_seek(sp, 0, SEEK_SET);
krb5_store_int32(sp, ret);
krb5_storage_to_data(sp, out);
@@ -434,10 +434,10 @@ fail:
}
static void
v5_loop (krb5_context context,
v5_loop (krb5_context contextp,
krb5_auth_context ac,
krb5_boolean initial,
void *kadm_handle,
void *kadm_handlep,
krb5_socket_t fd)
{
krb5_error_code ret;
@@ -447,17 +447,17 @@ v5_loop (krb5_context context,
doing_useful_work = 0;
if(term_flag)
exit(0);
ret = krb5_read_priv_message(context, ac, &fd, &in);
ret = krb5_read_priv_message(contextp, ac, &fd, &in);
if(ret == HEIM_ERR_EOF)
exit(0);
if(ret)
krb5_err(context, 1, ret, "krb5_read_priv_message");
krb5_err(contextp, 1, ret, "krb5_read_priv_message");
doing_useful_work = 1;
kadmind_dispatch(kadm_handle, initial, &in, &out);
kadmind_dispatch(kadm_handlep, initial, &in, &out);
krb5_data_free(&in);
ret = krb5_write_priv_message(context, ac, &fd, &out);
ret = krb5_write_priv_message(contextp, ac, &fd, &out);
if(ret)
krb5_err(context, 1, ret, "krb5_write_priv_message");
krb5_err(contextp, 1, ret, "krb5_write_priv_message");
}
}
@@ -467,12 +467,13 @@ match_appl_version(const void *data, const char *appl_version)
unsigned minor;
if(sscanf(appl_version, "KADM0.%u", &minor) != 1)
return 0;
*(unsigned*)data = minor;
/*XXX*/
*(unsigned*)(intptr_t)data = minor;
return 1;
}
static void
handle_v5(krb5_context context,
handle_v5(krb5_context contextp,
krb5_keytab keytab,
krb5_socket_t fd)
{
@@ -480,29 +481,29 @@ handle_v5(krb5_context context,
krb5_ticket *ticket;
char *server_name;
char *client;
void *kadm_handle;
void *kadm_handlep;
krb5_boolean initial;
krb5_auth_context ac = NULL;
unsigned kadm_version;
kadm5_config_params realm_params;
ret = krb5_recvauth_match_version(context, &ac, &fd,
ret = krb5_recvauth_match_version(contextp, &ac, &fd,
match_appl_version, &kadm_version,
NULL, KRB5_RECVAUTH_IGNORE_VERSION,
keytab, &ticket);
if(ret == KRB5_KT_NOTFOUND)
krb5_errx(context, 1, "krb5_recvauth: key not found");
krb5_errx(contextp, 1, "krb5_recvauth: key not found");
if(ret)
krb5_err(context, 1, ret, "krb5_recvauth");
krb5_err(contextp, 1, ret, "krb5_recvauth");
ret = krb5_unparse_name (context, ticket->server, &server_name);
ret = krb5_unparse_name (contextp, ticket->server, &server_name);
if (ret)
krb5_err (context, 1, ret, "krb5_unparse_name");
krb5_err (contextp, 1, ret, "krb5_unparse_name");
if (strncmp (server_name, KADM5_ADMIN_SERVICE,
strlen(KADM5_ADMIN_SERVICE)) != 0)
krb5_errx (context, 1, "ticket for strange principal (%s)",
krb5_errx (contextp, 1, "ticket for strange principal (%s)",
server_name);
free (server_name);
@@ -511,31 +512,31 @@ handle_v5(krb5_context context,
if(kadm_version == 1) {
krb5_data params;
ret = krb5_read_priv_message(context, ac, &fd, &params);
ret = krb5_read_priv_message(contextp, ac, &fd, &params);
if(ret)
krb5_err(context, 1, ret, "krb5_read_priv_message");
_kadm5_unmarshal_params(context, &params, &realm_params);
krb5_err(contextp, 1, ret, "krb5_read_priv_message");
_kadm5_unmarshal_params(contextp, &params, &realm_params);
}
initial = ticket->ticket.flags.initial;
ret = krb5_unparse_name(context, ticket->client, &client);
ret = krb5_unparse_name(contextp, ticket->client, &client);
if (ret)
krb5_err (context, 1, ret, "krb5_unparse_name");
krb5_free_ticket (context, ticket);
ret = kadm5_s_init_with_password_ctx(context,
krb5_err (contextp, 1, ret, "krb5_unparse_name");
krb5_free_ticket (contextp, ticket);
ret = kadm5_s_init_with_password_ctx(contextp,
client,
NULL,
KADM5_ADMIN_SERVICE,
&realm_params,
0, 0,
&kadm_handle);
&kadm_handlep);
if(ret)
krb5_err (context, 1, ret, "kadm5_init_with_password_ctx");
v5_loop (context, ac, initial, kadm_handle, fd);
krb5_err (contextp, 1, ret, "kadm5_init_with_password_ctx");
v5_loop (contextp, ac, initial, kadm_handlep, fd);
}
krb5_error_code
kadmind_loop(krb5_context context,
kadmind_loop(krb5_context contextp,
krb5_keytab keytab,
krb5_socket_t sock)
{
@@ -543,30 +544,30 @@ kadmind_loop(krb5_context context,
ssize_t n;
unsigned long len;
n = krb5_net_read(context, &sock, buf, 4);
n = krb5_net_read(contextp, &sock, buf, 4);
if(n == 0)
exit(0);
if(n < 0)
krb5_err(context, 1, errno, "read");
krb5_err(contextp, 1, errno, "read");
_krb5_get_int(buf, &len, 4);
if (len == sizeof(KRB5_SENDAUTH_VERSION)) {
n = krb5_net_read(context, &sock, buf + 4, len);
n = krb5_net_read(contextp, &sock, buf + 4, len);
if (n < 0)
krb5_err (context, 1, errno, "reading sendauth version");
krb5_err (contextp, 1, errno, "reading sendauth version");
if (n == 0)
krb5_errx (context, 1, "EOF reading sendauth version");
krb5_errx (contextp, 1, "EOF reading sendauth version");
if(memcmp(buf + 4, KRB5_SENDAUTH_VERSION, len) == 0) {
handle_v5(context, keytab, sock);
handle_v5(contextp, keytab, sock);
return 0;
}
len += 4;
} else
len = 4;
handle_mit(context, buf, len, sock);
handle_mit(contextp, buf, len, sock);
return 0;
}