diff options
author | Ken Raeburn <raeburn@mit.edu> | 2006-04-13 18:58:56 +0000 |
---|---|---|
committer | Ken Raeburn <raeburn@mit.edu> | 2006-04-13 18:58:56 +0000 |
commit | 2c796aa6052de38e67dc7bfd37f3cc519693599e (patch) | |
tree | 33559902487b90945292b49db42b458e918650d6 /src/lib | |
parent | 90241ce506e287110902affd4f01730d10586c02 (diff) | |
download | krb5-2c796aa6052de38e67dc7bfd37f3cc519693599e.zip krb5-2c796aa6052de38e67dc7bfd37f3cc519693599e.tar.gz krb5-2c796aa6052de38e67dc7bfd37f3cc519693599e.tar.bz2 |
Partial merge from Novell LDAP integration branch, not including the
actual LDAP bits:
* include/kdb.h (krb5_db_entry_new): Add MASK field indicating what's
changed.
(KRB5_KDB_SRV_TYPE_*): New macros indicating which type of service is
accessing the database.
* lib/kadm5/srv/svr_principal.c: Set mask field.
* lib/kadm5/srv/server_misc.c, server_init.c: Pass service type to
krb5_db_open.
* kadmin/dbutil/kdb5_stash.c (kdb5_stash): Pass service type to
krb5_db_open.
* kadmin/dbutil/kdb5_util.c (open_db_and_mkey): Pass service type to
krb5_db_open.
* kdc/main.c (init_realm): Pass service type to krb5_db_open.
* lib/kadm5/srv/svr_principal.c: Set mask field.
* kadmin/dbutil/dump.c (load_db): Pass service type to krb5_db_open.
* lib/kdb/kdb5.h (KRB5_KDB_SRV_TYPE_*): New macros.
* lib/kdb/err_handle.{c,h}: Deleted.
* lib/kadm5/clnt/err_handle.{c,h}: Deleted.
(krb5_db_clr_error): Declaration deleted.
* lib/kdb/Makefile.in, lib/kadm5/clnt/Makefile.in: Don't build them.
* lib/kdb/kdb5.c, lib/kadm5/clnt, lib/kadm5/srv: Use new error-message API.
* kdc/do_tgs_req.c (process_tgs_req): Use new error-message API.
* kdc/kdc_preauth.c (check_padata)
* kdc/do_as_req.c (process_as_req):
* kdc/main.c (init_realm):
* kadmin/server/ovsec_kadmd.c (main, do_schpw):
* schpw.c (process_chpw_request):
* kadmin/server/server_stubs.c:
* kadmin/cli/kadmin.c (extended_com_err_fn): New function.
(kadmin_startup): Tell com_err library to use it, for kadmin.local.
* lib/kdb/libkdb5.exports: Don't export krb5_db_clr_error.
* lib/kdb/Makefile.in: (SRCS, STLIBOBJS): Don't build err_handle.c.
* lib/kdb/kdb5.c (kdb_load_library): Don't pass argument to init_library.
(krb5_db_clr_error): Function deleted.
* lib/kdb/kdb5.h (struct _kdb_vftabl): Remove argument from init_library field.
* lib/kadm5/logger.c (krb5_klog_init): Save the krb5_context pointer.
(klog_com_err_proc): Use it, and call new error-message API.
* lib/kadm5/srv/svr_principal.c: Use new error-message API.
* kadmin/dbutil/kdb5_util.c (extended_com_err_fn): New function.
(main): Tell com_err library to use it.
* plugins/kdb/db2: Use new error-message APIs and updated DAL
interface.
* lib/kadm5/kadm_rpc.h: Delete err_str fields.
* lib/kadm5/kadm_rpc_xdr.c: Don't process them.
* kadmin/server/server_stubs.c: Don't use ret.err_str field.
* include/k5-thread.h (k5_key_t): Deleted unused values.
* lib/kdb/kdb5.h (KDB_MODULE_SECTION): Change db_modules to dbmodules.
(KDB_MODULE_DEF_SECTION): New macro.
* tests/Makefile.in (krb5.conf): Rename db_modules to dbmodules.
* tests/dejagnu/config/default.exp (setup_krb5_conf): Likewise.
* kadmin/testing/proto/krb5.conf.proto: Likewise.
* lib/kdb/libkdb5.exports: Do export krb5_def_store_mkey.
* lib/kadm5/admin.h (KADM5_CPW_FUNCTION, KADM5_RANDKEY_USED): New macros.
(struct _kadm5_config_params): New field kpasswd_server.
* lib/krb5/error_tables/kdb5_err.et (KRB5_KDB_SERVER_INTERNAL_ERR):
New error code.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17899 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib')
-rw-r--r-- | src/lib/kadm5/admin.h | 1 | ||||
-rw-r--r-- | src/lib/kadm5/clnt/Makefile.in | 14 | ||||
-rw-r--r-- | src/lib/kadm5/clnt/client_principal.c | 20 | ||||
-rw-r--r-- | src/lib/kadm5/clnt/clnt_policy.c | 21 | ||||
-rw-r--r-- | src/lib/kadm5/clnt/clnt_privs.c | 5 | ||||
-rw-r--r-- | src/lib/kadm5/clnt/err_handle.c | 202 | ||||
-rw-r--r-- | src/lib/kadm5/clnt/err_handle.h | 38 | ||||
-rw-r--r-- | src/lib/kadm5/kadm_rpc.h | 7 | ||||
-rw-r--r-- | src/lib/kadm5/kadm_rpc_xdr.c | 84 | ||||
-rw-r--r-- | src/lib/kadm5/logger.c | 6 | ||||
-rw-r--r-- | src/lib/kadm5/srv/server_init.c | 6 | ||||
-rw-r--r-- | src/lib/kadm5/srv/server_misc.c | 3 | ||||
-rw-r--r-- | src/lib/kadm5/srv/svr_policy.c | 8 | ||||
-rw-r--r-- | src/lib/kadm5/srv/svr_principal.c | 34 | ||||
-rw-r--r-- | src/lib/kdb/Makefile.in | 14 | ||||
-rw-r--r-- | src/lib/kdb/err_handle.c | 210 | ||||
-rw-r--r-- | src/lib/kdb/err_handle.h | 37 | ||||
-rw-r--r-- | src/lib/kdb/kdb5.c | 37 | ||||
-rw-r--r-- | src/lib/kdb/kdb5.h | 22 | ||||
-rw-r--r-- | src/lib/kdb/libkdb5.exports | 2 | ||||
-rw-r--r-- | src/lib/krb5/error_tables/kdb5_err.et | 1 |
21 files changed, 77 insertions, 695 deletions
diff --git a/src/lib/kadm5/admin.h b/src/lib/kadm5/admin.h index 3ce01c7..f184ea4 100644 --- a/src/lib/kadm5/admin.h +++ b/src/lib/kadm5/admin.h @@ -123,7 +123,6 @@ typedef long kadm5_ret_t; #define KADM5_CONFIG_OLD_AUTH_GSSAPI 0x100000 #define KADM5_CONFIG_NO_AUTH 0x200000 #define KADM5_CONFIG_AUTH_NOFALLBACK 0x400000 - /* * permission bits */ diff --git a/src/lib/kadm5/clnt/Makefile.in b/src/lib/kadm5/clnt/Makefile.in index 136607f..86be9de 100644 --- a/src/lib/kadm5/clnt/Makefile.in +++ b/src/lib/kadm5/clnt/Makefile.in @@ -28,7 +28,6 @@ SRCS = $(srcdir)/clnt_policy.c \ $(srcdir)/client_principal.c \ $(srcdir)/client_init.c \ $(srcdir)/clnt_privs.c \ - $(srcdir)/err_handle.c \ $(srcdir)/clnt_chpass_util.c OBJS = \ @@ -37,7 +36,6 @@ OBJS = \ client_principal.$(OBJEXT) \ client_init.$(OBJEXT) \ clnt_privs.$(OBJEXT) \ - err_handle.$(OBJEXT) \ clnt_chpass_util.$(OBJEXT) STLIBOBJS = \ @@ -46,11 +44,8 @@ STLIBOBJS = \ client_principal.o \ client_init.o \ clnt_privs.o \ - err_handle.o \ clnt_chpass_util.o -err_handle.o : err_handle.h err_handle.c - all-unix:: includes all-unix:: all-liblinks all-windows:: $(OBJS) @@ -95,7 +90,7 @@ clnt_policy.so clnt_policy.po $(OUTPRE)clnt_policy.$(OBJEXT): \ $(BUILDTOP)/include/kadm5/kadm_err.h $(BUILDTOP)/include/kadm5/kadm_rpc.h \ $(BUILDTOP)/include/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-platform.h \ $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \ - client_internal.h clnt_policy.c err_handle.h + client_internal.h clnt_policy.c client_rpc.so client_rpc.po $(OUTPRE)client_rpc.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssrpc/auth.h $(BUILDTOP)/include/gssrpc/auth_gss.h \ @@ -120,7 +115,7 @@ client_principal.so client_principal.po $(OUTPRE)client_principal.$(OBJEXT): \ $(BUILDTOP)/include/kadm5/kadm_err.h $(BUILDTOP)/include/kadm5/kadm_rpc.h \ $(BUILDTOP)/include/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-platform.h \ $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \ - client_internal.h client_principal.c err_handle.h + client_internal.h client_principal.c client_init.so client_init.po $(OUTPRE)client_init.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_krb5.h $(BUILDTOP)/include/gssrpc/auth.h \ @@ -151,10 +146,7 @@ clnt_privs.so clnt_privs.po $(OUTPRE)clnt_privs.$(OBJEXT): \ $(BUILDTOP)/include/kadm5/kadm_err.h $(BUILDTOP)/include/kadm5/kadm_rpc.h \ $(BUILDTOP)/include/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-platform.h \ $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \ - client_internal.h clnt_privs.c err_handle.h -err_handle.so err_handle.po $(OUTPRE)err_handle.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5.h \ - $(COM_ERR_DEPS) err_handle.c err_handle.h + client_internal.h clnt_privs.c clnt_chpass_util.so clnt_chpass_util.po $(OUTPRE)clnt_chpass_util.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssrpc/auth.h $(BUILDTOP)/include/gssrpc/auth_gss.h \ diff --git a/src/lib/kadm5/clnt/client_principal.c b/src/lib/kadm5/clnt/client_principal.c index 735d2bf..7b65331 100644 --- a/src/lib/kadm5/clnt/client_principal.c +++ b/src/lib/kadm5/clnt/client_principal.c @@ -16,7 +16,6 @@ static char *rcsid = "$Header$"; #endif #include <errno.h> #include "client_internal.h" -#include "err_handle.h" #ifdef DEBUG #define eret() do { clnt_perror(handle->clnt, "null ret"); return KADM5_RPC_ERROR; } while (0) @@ -256,11 +255,6 @@ kadm5_get_principal(void *server_handle, memcpy(ent, &r->rec, sizeof(r->rec)); } - - if(r->code) - { - krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str ); - } return r->code; } @@ -289,10 +283,6 @@ kadm5_get_principals(void *server_handle, *princs = NULL; } - if(r->code) - { - krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str ); - } return r->code; } @@ -494,11 +484,6 @@ kadm5_randkey_principal_3(void *server_handle, } } - if(r->code) - { - krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str ); - } - return r->code; } @@ -547,11 +532,6 @@ kadm5_randkey_principal(void *server_handle, } } - if(r->code) - { - krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str ); - } - return r->code; } diff --git a/src/lib/kadm5/clnt/clnt_policy.c b/src/lib/kadm5/clnt/clnt_policy.c index b1157d1..6877ec3 100644 --- a/src/lib/kadm5/clnt/clnt_policy.c +++ b/src/lib/kadm5/clnt/clnt_policy.c @@ -15,7 +15,6 @@ static char *rcsid = "$Header$"; #include <stdlib.h> #include <string.h> #include <errno.h> -#include "err_handle.h" kadm5_ret_t kadm5_create_policy(void *server_handle, @@ -37,10 +36,6 @@ kadm5_create_policy(void *server_handle, if(r == NULL) return KADM5_RPC_ERROR; - if(r->code) - { - krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str ); - } return r->code; } @@ -63,10 +58,6 @@ kadm5_delete_policy(void *server_handle, char *name) if(r == NULL) return KADM5_RPC_ERROR; - if(r->code) - { - krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str ); - } return r->code; } @@ -91,10 +82,6 @@ kadm5_modify_policy(void *server_handle, if(r == NULL) return KADM5_RPC_ERROR; - if(r->code) - { - krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str ); - } return r->code; } @@ -133,10 +120,6 @@ kadm5_get_policy(void *server_handle, char *name, kadm5_policy_ent_t ent) memcpy(ent, &r->rec, sizeof(r->rec)); } - if(r->code) - { - krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str ); - } return r->code; } @@ -165,9 +148,5 @@ kadm5_get_policies(void *server_handle, *pols = NULL; } - if(r->code) - { - krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str ); - } return r->code; } diff --git a/src/lib/kadm5/clnt/clnt_privs.c b/src/lib/kadm5/clnt/clnt_privs.c index e594080..204fd90 100644 --- a/src/lib/kadm5/clnt/clnt_privs.c +++ b/src/lib/kadm5/clnt/clnt_privs.c @@ -79,7 +79,6 @@ static char *rcsid = "$Header$"; #include <kadm5/admin.h> #include <kadm5/kadm_rpc.h> #include "client_internal.h" -#include "err_handle.h" kadm5_ret_t kadm5_get_privs(void *server_handle, long *privs) { @@ -92,9 +91,5 @@ kadm5_ret_t kadm5_get_privs(void *server_handle, long *privs) else if (r->code == KADM5_OK) *privs = r->privs; - if(r->code) - { - krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str ); - } return r->code; } diff --git a/src/lib/kadm5/clnt/err_handle.c b/src/lib/kadm5/clnt/err_handle.c deleted file mode 100644 index 9db4611..0000000 --- a/src/lib/kadm5/clnt/err_handle.c +++ /dev/null @@ -1,202 +0,0 @@ -/********************************************************************** -* -* C %name: err_handle.c % -* Instance: idc_sec_1 -* Description: -* %created_by: spradeep % -* %date_created: Thu Apr 7 15:36:27 2005 % -* -**********************************************************************/ -#ifndef lint -static char *_csrc = - "@(#) %filespec: err_handle.c~1 % (%full_filespec: err_handle.c~1:csrc:idc_sec#2 %)"; -#endif - -/* This file should be ideally be in util/et. But, for now thread - safety requirement stops me from putting there. If I do, then all - the applications have to link to pthread. */ - -#include "autoconf.h" -/* XXX This file doesn't build multithreaded at the moment. */ -#undef HAVE_PTHREAD_H - -#ifdef HAVE_PTHREAD_H -#include <pthread.h> -#endif -#include "err_handle.h" -#include <assert.h> -#include <string.h> - -#ifdef NOVELL -krb5_errcode_2_string_func old_error_2_string = NULL; -#endif - -typedef struct -{ - char krb5_err_str[KRB5_MAX_ERR_STR + 1]; - long err_code; - krb5_err_subsystem subsystem; - krb5_context kcontext; -} krb5_err_struct_t; - -#ifdef HAVE_PTHREAD_H -static void -tsd_key_destructor(void *data) -{ - free(data); -} - -static void -init_err_handling(void) -{ - assert(!k5_key_register(K5_KEY_KADM_CLNT_ERR_HANDLER, tsd_key_destructor)); -#ifdef NOVELL - old_error_2_string = error_message; - error_message = krb5_get_err_string; -#endif -} - -static pthread_once_t krb5_key_create = PTHREAD_ONCE_INIT; - -krb5_error_code -krb5_set_err(krb5_context kcontext, krb5_err_subsystem subsystem, - long err_code, char *str) -{ - int ret; - krb5_err_struct_t *err_struct; - pthread_once(&krb5_key_create, init_err_handling); - - err_struct = (krb5_err_struct_t *) k5_getspecific(K5_KEY_KADM_CLNT_ERR_HANDLER); - if (err_struct == NULL) { - err_struct = calloc(sizeof(krb5_err_struct_t), 1); - if (err_struct == NULL) - return ENOMEM; - - if ((ret = k5_setspecific(K5_KEY_KADM_CLNT_ERR_HANDLER, err_struct))) { - free(err_struct); - return ret; - } - } - - err_struct->subsystem = subsystem; - err_struct->err_code = err_code; - err_struct->kcontext = kcontext; - if (err_struct->subsystem == krb5_err_have_str) { - strncpy(err_struct->krb5_err_str, str, - sizeof(err_struct->krb5_err_str)); - err_struct->krb5_err_str[KRB5_MAX_ERR_STR] = '\0'; - } - - return 0; -} - -const char *KRB5_CALLCONV -krb5_get_err_string(long err_code) -{ - krb5_err_struct_t *err_struct; - pthread_once(&krb5_key_create, init_err_handling); - - err_struct = (krb5_err_struct_t *) k5_getspecific(K5_KEY_KADM_CLNT_ERR_HANDLER); - if (err_struct && (err_struct->subsystem == krb5_err_have_str) - && (err_code == err_struct->err_code)) { - /* checking error code is for safety. - In case, the caller ignores a database error and calls - other calls before doing com_err. Though not perfect, - caller should call krb5_clr_error before this. */ - err_struct->subsystem = krb5_err_unknown; - return err_struct->krb5_err_str; - } - - /* Error strings are not generated here. the remaining two cases - are handled by the default error string convertor. */ -#ifdef NOVELL - return old_error_2_string(err_code); -#else - return error_message(err_code); -#endif -} - -void -krb5_clr_error() -{ - krb5_err_struct_t *err_struct; - pthread_once(&krb5_key_create, init_err_handling); - - err_struct = (krb5_err_struct_t *) k5_getspecific(K5_KEY_KADM_CLNT_ERR_HANDLER); - if (err_struct) - err_struct->subsystem = krb5_err_unknown; -} - -#else -krb5_err_struct_t krb5_err = { {0}, 0, 0, 0 }; -krb5_boolean krb5_init_once = TRUE; - -static void -init_err_handling(void) -{ - if (krb5_init_once) { -#ifdef NOVELL - old_error_2_string = error_message; - error_message = krb5_get_err_string; -#endif - krb5_init_once = FALSE; - } -} - -krb5_error_code -krb5_set_err(krb5_context kcontext, krb5_err_subsystem subsystem, - long err_code, char *str) -{ - krb5_err_struct_t *err_struct = &krb5_err; - - init_err_handling(); /* takes care for multiple inits */ - - err_struct->subsystem = subsystem; - err_struct->err_code = err_code; - err_struct->kcontext = kcontext; - if (err_struct->subsystem == krb5_err_have_str) { - strncpy(err_struct->krb5_err_str, str, - sizeof(err_struct->krb5_err_str)); - err_struct->krb5_err_str[KRB5_MAX_ERR_STR] = '\0'; - } - - return 0; -} - -const char *KRB5_CALLCONV -krb5_get_err_string(long err_code) -{ - krb5_err_struct_t *err_struct = &krb5_err; - - init_err_handling(); /* takes care for multiple inits */ - - if ((err_struct->subsystem == krb5_err_have_str) - && (err_code == err_struct->err_code)) { - /* checking error code is for safety. - In case, the caller ignores a database error and calls - other calls before doing com_err. Though not perfect, - caller should call krb5_clr_error before this. */ - err_struct->subsystem = krb5_err_unknown; - return err_struct->krb5_err_str; - } - - /* It is not generated here. the remaining two cases are handled - by the default error string convertor. */ -#ifdef NOVELL - return old_error_2_string(err_code); -#else - return error_message(err_code); -#endif -} - -void -krb5_clr_error() -{ - krb5_err_struct_t *err_struct = &krb5_err; - - init_err_handling(); /* takes care for multiple inits */ - - err_struct->subsystem = krb5_err_unknown; -} - -#endif diff --git a/src/lib/kadm5/clnt/err_handle.h b/src/lib/kadm5/clnt/err_handle.h deleted file mode 100644 index 7dea7b6..0000000 --- a/src/lib/kadm5/clnt/err_handle.h +++ /dev/null @@ -1,38 +0,0 @@ -/********************************************************************** -* -* C Header: err_handle.h -* Instance: idc_sec_1 -* Description: -* %created_by: spradeep % -* %date_created: Thu Apr 7 15:36:49 2005 % -* -**********************************************************************/ -#ifndef _idc_sec_1_err_handle_h_H -#define _idc_sec_1_err_handle_h_H -#include <com_err.h> -#include <krb5.h> - -/* Everything else goes here */ - -#define KRB5_MAX_ERR_STR 1024 -typedef enum krb5_err_subsystem { - krb5_err_unknown = 0, /* no error or unknown system. Has to be probed */ - krb5_err_system, /* error in system call */ - krb5_err_krblib, /* error in kerberos library call, should lookup in the error table */ - krb5_err_have_str, /* error message is available in the string */ - krb5_err_db /* error is a database error, should be handled by calling DB */ -} krb5_err_subsystem; - -typedef krb5_error_code(*krb5_set_err_func_t) (krb5_context, - krb5_err_subsystem, long, - char *); - -krb5_error_code krb5_set_err(krb5_context kcontext, - krb5_err_subsystem subsystem, long err_code, - char *str); - -const char *KRB5_CALLCONV krb5_get_err_string(long err_code); - -void krb5_clr_error(void); - -#endif diff --git a/src/lib/kadm5/kadm_rpc.h b/src/lib/kadm5/kadm_rpc.h index 3d11f09..d793ed8 100644 --- a/src/lib/kadm5/kadm_rpc.h +++ b/src/lib/kadm5/kadm_rpc.h @@ -27,7 +27,6 @@ typedef struct cprinc3_arg cprinc3_arg; struct generic_ret { krb5_ui_4 api_version; kadm5_ret_t code; - char *err_str; }; typedef struct generic_ret generic_ret; @@ -62,7 +61,6 @@ struct gprincs_ret { kadm5_ret_t code; char **princs; int count; - char *err_str; }; typedef struct gprincs_ret gprincs_ret; @@ -130,7 +128,6 @@ struct chrand_ret { krb5_keyblock key; krb5_keyblock *keys; int n_keys; - char *err_str; }; typedef struct chrand_ret chrand_ret; @@ -145,7 +142,6 @@ struct gprinc_ret { krb5_ui_4 api_version; kadm5_ret_t code; kadm5_principal_ent_rec rec; - char *err_str; }; typedef struct gprinc_ret gprinc_ret; @@ -179,7 +175,6 @@ struct gpol_ret { krb5_ui_4 api_version; kadm5_ret_t code; kadm5_policy_ent_rec rec; - char *err_str; }; typedef struct gpol_ret gpol_ret; @@ -194,7 +189,6 @@ struct gpols_ret { kadm5_ret_t code; char **pols; int count; - char *err_str; }; typedef struct gpols_ret gpols_ret; @@ -202,7 +196,6 @@ struct getprivs_ret { krb5_ui_4 api_version; kadm5_ret_t code; long privs; - char *err_str; }; typedef struct getprivs_ret getprivs_ret; diff --git a/src/lib/kadm5/kadm_rpc_xdr.c b/src/lib/kadm5/kadm_rpc_xdr.c index 346a36e..aa2363c 100644 --- a/src/lib/kadm5/kadm_rpc_xdr.c +++ b/src/lib/kadm5/kadm_rpc_xdr.c @@ -545,18 +545,6 @@ xdr_generic_ret(XDR *xdrs, generic_ret *objp) return (FALSE); } - if( xdrs->x_op == XDR_ENCODE ) - { - char *tmp_str = "Unknown error code"; - if(!xdr_string(xdrs, objp->err_str?&objp->err_str:&tmp_str, (unsigned int)-1 )) { - return (FALSE); - } - } else { - if(!xdr_string(xdrs, &objp->err_str, (unsigned int)-1 )) { - return (FALSE); - } - } - return(TRUE); } @@ -640,18 +628,6 @@ xdr_gprincs_ret(XDR *xdrs, gprincs_ret *objp) } } - if( xdrs->x_op == XDR_ENCODE ) - { - char *tmp_str = "Unknown error code"; - if(!xdr_string(xdrs, objp->err_str?&objp->err_str:&tmp_str, (unsigned int)-1 )) { - return (FALSE); - } - } else { - if(!xdr_string(xdrs, &objp->err_str, (unsigned int)-1 )) { - return (FALSE); - } - } - return (TRUE); } @@ -812,18 +788,6 @@ xdr_chrand_ret(XDR *xdrs, chrand_ret *objp) } } - if( xdrs->x_op == XDR_ENCODE ) - { - char *tmp_str = "Unknown error code"; - if(!xdr_string(xdrs, objp->err_str?&objp->err_str:&tmp_str, (unsigned int)-1 )) { - return (FALSE); - } - } else { - if(!xdr_string(xdrs, &objp->err_str, (unsigned int)-1 )) { - return (FALSE); - } - } - return (TRUE); } @@ -865,18 +829,6 @@ xdr_gprinc_ret(XDR *xdrs, gprinc_ret *objp) } } - if( xdrs->x_op == XDR_ENCODE ) - { - char *tmp_str = "Unknown error code"; - if(!xdr_string(xdrs, objp->err_str?&objp->err_str:&tmp_str, (unsigned int)-1 )) { - return (FALSE); - } - } else { - if(!xdr_string(xdrs, &objp->err_str, (unsigned int)-1 )) { - return (FALSE); - } - } - return (TRUE); } @@ -948,18 +900,6 @@ xdr_gpol_ret(XDR *xdrs, gpol_ret *objp) return (FALSE); } - if( xdrs->x_op == XDR_ENCODE ) - { - char *tmp_str = "Unknown error code"; - if(!xdr_string(xdrs, objp->err_str?&objp->err_str:&tmp_str, (unsigned int)-1 )) { - return (FALSE); - } - } else { - if(!xdr_string(xdrs, &objp->err_str, (unsigned int)-1 )) { - return (FALSE); - } - } - return (TRUE); } @@ -995,18 +935,6 @@ xdr_gpols_ret(XDR *xdrs, gpols_ret *objp) } } - if( xdrs->x_op == XDR_ENCODE ) - { - char *tmp_str = "Unknown error code"; - if(!xdr_string(xdrs, objp->err_str?&objp->err_str:&tmp_str, (unsigned int)-1 )) { - return (FALSE); - } - } else { - if(!xdr_string(xdrs, &objp->err_str, (unsigned int)-1 )) { - return (FALSE); - } - } - return (TRUE); } @@ -1019,18 +947,6 @@ bool_t xdr_getprivs_ret(XDR *xdrs, getprivs_ret *objp) ! xdr_long(xdrs, &objp->privs)) return FALSE; - if( xdrs->x_op == XDR_ENCODE ) - { - char *tmp_str = "Unknown error code"; - if(!xdr_string(xdrs, objp->err_str?&objp->err_str:&tmp_str, (unsigned int)-1 )) { - return (FALSE); - } - } else { - if(!xdr_string(xdrs, &objp->err_str, (unsigned int)-1 )) { - return (FALSE); - } - } - return TRUE; } diff --git a/src/lib/kadm5/logger.c b/src/lib/kadm5/logger.c index 69f53a0..f78c7b4 100644 --- a/src/lib/kadm5/logger.c +++ b/src/lib/kadm5/logger.c @@ -171,6 +171,7 @@ static struct log_entry def_log_entry; * klog_com_err_proc() - Handle com_err(3) messages as specified by the * profile. */ +static krb5_context err_context; static void klog_com_err_proc(const char *whoami, long int code, const char *format, va_list ap) { @@ -194,7 +195,8 @@ klog_com_err_proc(const char *whoami, long int code, const char *format, va_list /* If reporting an error message, separate it. */ if (code) { outbuf[sizeof(outbuf) - 1] = '\0'; - strncat(outbuf, error_message(code), sizeof(outbuf) - 1 - strlen(outbuf)); + + strncat(outbuf, krb5_get_error_message (err_context, code), sizeof(outbuf) - 1 - strlen(outbuf)); strncat(outbuf, " - ", sizeof(outbuf) - 1 - strlen(outbuf)); } cp = &outbuf[strlen(outbuf)]; @@ -360,6 +362,8 @@ krb5_klog_init(krb5_context kcontext, char *ename, char *whoami, krb5_boolean do do_openlog = 0; log_facility = 0; + err_context = kcontext; + /* * Look up [logging]-><ename> in the profile. If that doesn't * succeed, then look for [logging]->default. diff --git a/src/lib/kadm5/srv/server_init.c b/src/lib/kadm5/srv/server_init.c index dd1fe66..106d318 100644 --- a/src/lib/kadm5/srv/server_init.c +++ b/src/lib/kadm5/srv/server_init.c @@ -259,7 +259,8 @@ kadm5_ret_t kadm5_init(char *client_name, char *pass, return ret; } - ret = krb5_db_open(handle->context, db_args, KRB5_KDB_OPEN_RW); + ret = krb5_db_open(handle->context, db_args, + KRB5_KDB_OPEN_RW | KRB5_KDB_SRV_TYPE_ADMIN); if (ret) { krb5_free_context(handle->context); free_db_args(handle); @@ -406,7 +407,8 @@ kadm5_ret_t kadm5_flush(void *server_handle) CHECK_HANDLE(server_handle); if ((ret = krb5_db_fini(handle->context)) || - (ret = krb5_db_open(handle->context, handle->db_args, KRB5_KDB_OPEN_RW)) || + (ret = krb5_db_open(handle->context, handle->db_args, + KRB5_KDB_OPEN_RW | KRB5_KDB_SRV_TYPE_ADMIN)) || (ret = adb_policy_close(handle)) || (ret = adb_policy_init(handle))) { (void) kadm5_destroy(server_handle); diff --git a/src/lib/kadm5/srv/server_misc.c b/src/lib/kadm5/srv/server_misc.c index f7bfd58..fa4e62e 100644 --- a/src/lib/kadm5/srv/server_misc.c +++ b/src/lib/kadm5/srv/server_misc.c @@ -25,7 +25,8 @@ adb_policy_init(kadm5_server_handle_t handle) if( krb5_db_inited( handle->context ) ) return KADM5_OK; - return krb5_db_open( handle->context, NULL, KRB5_KDB_OPEN_RW ); + return krb5_db_open( handle->context, NULL, + KRB5_KDB_OPEN_RW | KRB5_KDB_SRV_TYPE_ADMIN ); } kadm5_ret_t diff --git a/src/lib/kadm5/srv/svr_policy.c b/src/lib/kadm5/srv/svr_policy.c index 31333b7..d57d2f1 100644 --- a/src/lib/kadm5/srv/svr_policy.c +++ b/src/lib/kadm5/srv/svr_policy.c @@ -47,7 +47,7 @@ kadm5_create_policy(void *server_handle, { CHECK_HANDLE(server_handle); - krb5_db_clr_error(); + krb5_clear_error_message(((kadm5_server_handle_t)server_handle)->context); if (mask & KADM5_REF_COUNT) return KADM5_BAD_MASK; @@ -157,7 +157,7 @@ kadm5_delete_policy(void *server_handle, kadm5_policy_t name) CHECK_HANDLE(server_handle); - krb5_db_clr_error(); + krb5_clear_error_message(handle->context); if(name == (kadm5_policy_t) NULL) return EINVAL; @@ -185,7 +185,7 @@ kadm5_modify_policy(void *server_handle, { CHECK_HANDLE(server_handle); - krb5_db_clr_error(); + krb5_clear_error_message(((kadm5_server_handle_t)server_handle)->context); if (mask & KADM5_REF_COUNT) return KADM5_BAD_MASK; @@ -266,7 +266,7 @@ kadm5_get_policy(void *server_handle, kadm5_policy_t name, CHECK_HANDLE(server_handle); - krb5_db_clr_error(); + krb5_clear_error_message(handle->context); /* * In version 1, entry is a pointer to a kadm5_policy_ent_t that diff --git a/src/lib/kadm5/srv/svr_principal.c b/src/lib/kadm5/srv/svr_principal.c index 18ab480..36ca2a1 100644 --- a/src/lib/kadm5/srv/svr_principal.c +++ b/src/lib/kadm5/srv/svr_principal.c @@ -199,7 +199,7 @@ kadm5_create_principal_3(void *server_handle, CHECK_HANDLE(server_handle); - krb5_db_clr_error(); + krb5_clear_error_message(handle->context); /* * Argument sanity checking, and opening up the DB @@ -380,6 +380,9 @@ kadm5_create_principal_3(void *server_handle, } } + /* In all cases key and the principal data is set, let the database provider know */ + kdb.mask = mask | KADM5_KEY_DATA | KADM5_PRINCIPAL ; + /* store the new db entry */ ret = kdb_put_entry(handle, &kdb, &adb); @@ -421,7 +424,7 @@ kadm5_delete_principal(void *server_handle, krb5_principal principal) CHECK_HANDLE(server_handle); - krb5_db_clr_error(); + krb5_clear_error_message(handle->context); if (principal == NULL) return EINVAL; @@ -469,7 +472,7 @@ kadm5_modify_principal(void *server_handle, CHECK_HANDLE(server_handle); - krb5_db_clr_error(); + krb5_clear_error_message(handle->context); if((mask & KADM5_PRINCIPAL) || (mask & KADM5_LAST_PWD_CHANGE) || (mask & KADM5_MOD_TIME) || (mask & KADM5_MOD_NAME) || @@ -628,6 +631,9 @@ kadm5_modify_principal(void *server_handle, } } + /* let the mask propagate to the database provider */ + kdb.mask = mask; + ret = kdb_put_entry(handle, &kdb, &adb); if (ret) goto done; @@ -656,7 +662,7 @@ kadm5_rename_principal(void *server_handle, CHECK_HANDLE(server_handle); - krb5_db_clr_error(); + krb5_clear_error_message(handle->context); if (source == NULL || target == NULL) return EINVAL; @@ -711,7 +717,7 @@ kadm5_get_principal(void *server_handle, krb5_principal principal, CHECK_HANDLE(server_handle); - krb5_db_clr_error(); + krb5_clear_error_message(handle->context); /* * In version 1, all the defined fields are always returned. @@ -1289,7 +1295,7 @@ kadm5_chpass_principal_3(void *server_handle, CHECK_HANDLE(server_handle); - krb5_db_clr_error(); + krb5_clear_error_message(handle->context); hist_added = 0; memset(&hist, 0, sizeof(hist)); @@ -1433,6 +1439,9 @@ kadm5_chpass_principal_3(void *server_handle, if (ret) goto done; + /* key data and attributes changed, let the database provider know */ + kdb.mask = KADM5_KEY_DATA | KADM5_ATTRIBUTES /* | KADM5_CPW_FUNCTION */; + if ((ret = kdb_put_entry(handle, &kdb, &adb))) goto done; @@ -1478,13 +1487,13 @@ kadm5_randkey_principal_3(void *server_handle, int ret, last_pwd, have_pol = 0; kadm5_server_handle_t handle = server_handle; - krb5_db_clr_error(); - if (keyblocks) *keyblocks = NULL; CHECK_HANDLE(server_handle); + krb5_clear_error_message(handle->context); + if (principal == NULL) return EINVAL; if (hist_princ && /* this will be NULL when initializing the databse */ @@ -1580,6 +1589,9 @@ kadm5_randkey_principal_3(void *server_handle, } } + /* key data changed, let the database provider know */ + kdb.mask = KADM5_KEY_DATA /* | KADM5_RANDKEY_USED */; + if ((ret = kdb_put_entry(handle, &kdb, &adb))) goto done; @@ -1616,12 +1628,12 @@ kadm5_setv4key_principal(void *server_handle, kadm5_server_handle_t handle = server_handle; krb5_key_data tmp_key_data; - krb5_db_clr_error(); - memset( &tmp_key_data, 0, sizeof(tmp_key_data)); CHECK_HANDLE(server_handle); + krb5_clear_error_message(handle->context); + if (principal == NULL || keyblock == NULL) return EINVAL; if (hist_princ && /* this will be NULL when initializing the databse */ @@ -1797,7 +1809,7 @@ kadm5_setkey_principal_3(void *server_handle, CHECK_HANDLE(server_handle); - krb5_db_clr_error(); + krb5_clear_error_message(handle->context); if (principal == NULL || keyblocks == NULL) return EINVAL; diff --git a/src/lib/kdb/Makefile.in b/src/lib/kdb/Makefile.in index 78c2970..5efd65b 100644 --- a/src/lib/kdb/Makefile.in +++ b/src/lib/kdb/Makefile.in @@ -25,8 +25,6 @@ SHLIB_EXPLIBS=-lkrb5 -lcom_err -lk5crypto $(SUPPORT_LIB) $(DL_LIB) $(LIBS) SHLIB_DIRS=-L$(TOPLIBD) SHLIB_RDIRS=$(KRB5_LIBDIR) -all:: - adb_err.$(OBJEXT): adb_err.c adb_err.c adb_err.h: $(srcdir)/adb_err.et @@ -37,7 +35,6 @@ SRCS= \ $(srcdir)/kdb_default.c \ $(srcdir)/kdb_cpw.c \ adb_err.c \ - $(srcdir)/err_handle.c \ $(srcdir)/keytab.c STOBJLISTS=OBJS.ST @@ -48,7 +45,6 @@ STLIBOBJS= \ kdb_default.o \ kdb_cpw.o \ adb_err.o \ - err_handle.o \ keytab.o all-unix:: all-liblinks @@ -70,7 +66,7 @@ kdb5.so kdb5.po $(OUTPRE)kdb5.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - adb_err.h err_handle.h kdb5.c kdb5.h + adb_err.h kdb5.c kdb5.h encrypt_key.so encrypt_key.po $(OUTPRE)encrypt_key.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ @@ -105,14 +101,6 @@ kdb_cpw.so kdb_cpw.po $(OUTPRE)kdb_cpw.$(OBJEXT): $(BUILDTOP)/include/autoconf.h kdb_cpw.c adb_err.so adb_err.po $(OUTPRE)adb_err.$(OBJEXT): $(COM_ERR_DEPS) \ adb_err.c -err_handle.so err_handle.po $(OUTPRE)err_handle.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-locate.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - err_handle.c err_handle.h keytab.so keytab.po $(OUTPRE)keytab.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5.h $(BUILDTOP)/include/osconf.h \ $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-err.h \ diff --git a/src/lib/kdb/err_handle.c b/src/lib/kdb/err_handle.c deleted file mode 100644 index 50b8a2a..0000000 --- a/src/lib/kdb/err_handle.c +++ /dev/null @@ -1,210 +0,0 @@ -/********************************************************************** -* -* C %name: err_handle.c % -* Instance: idc_sec_1 -* Description: -* %created_by: spradeep % -* %date_created: Thu Apr 7 14:05:00 2005 % -* -**********************************************************************/ -#ifndef lint -static char *_csrc = - "@(#) %filespec: err_handle.c~1 % (%full_filespec: err_handle.c~1:csrc:idc_sec#1 %)"; -#endif - -/* This file should be ideally be in util/et. But, for now thread - safety requirement stops me from putting there. if I do, then all - the applications have to link to pthread. */ - -#include "autoconf.h" -#if defined(ENABLE_THREADS) && defined(HAVE_PTHREAD_H) -#include <pthread.h> -#endif -#include "err_handle.h" -#include <assert.h> - -#ifdef NOVELL -krb5_errcode_2_string_func old_error_2_string = NULL; -#endif - -typedef struct -{ - char krb5_err_str[KRB5_MAX_ERR_STR + 1]; - long err_code; - krb5_err_subsystem subsystem; - krb5_context kcontext; -} krb5_err_struct_t; - -#if defined(ENABLE_THREADS) && defined(HAVE_PTHREAD_H) -static void -tsd_key_destructor(void *data) -{ - free(data); -} - -static void -init_err_handling(void) -{ - assert(!k5_key_register(K5_KEY_KDB_ERR_HANDLER, tsd_key_destructor)); -#ifdef NOVELL - old_error_2_string = error_message; - error_message = krb5_get_err_string; -#endif -} - -static pthread_once_t krb5_key_create = PTHREAD_ONCE_INIT; - -krb5_error_code -krb5_set_err(krb5_context kcontext, krb5_err_subsystem subsystem, - long err_code, char *str) -{ - int ret; - krb5_err_struct_t *err_struct; - pthread_once(&krb5_key_create, init_err_handling); - - err_struct = (krb5_err_struct_t *) k5_getspecific(K5_KEY_KDB_ERR_HANDLER); - if (err_struct == NULL) { - err_struct = calloc(sizeof(krb5_err_struct_t), 1); - if (err_struct == NULL) - return ENOMEM; - - if ((ret = k5_setspecific(K5_KEY_KDB_ERR_HANDLER, err_struct))) { - free(err_struct); - return ret; - } - } - - err_struct->subsystem = subsystem; - err_struct->err_code = err_code; - err_struct->kcontext = kcontext; - if (err_struct->subsystem == krb5_err_have_str) { - strncpy(err_struct->krb5_err_str, str, - sizeof(err_struct->krb5_err_str)); - err_struct->krb5_err_str[KRB5_MAX_ERR_STR] = '\0'; - } - - return 0; -} - -const char *KRB5_CALLCONV -krb5_get_err_string(long err_code) -{ - krb5_err_struct_t *err_struct; - pthread_once(&krb5_key_create, init_err_handling); - - err_struct = (krb5_err_struct_t *) k5_getspecific(K5_KEY_KDB_ERR_HANDLER); - if (err_struct && (err_struct->subsystem == krb5_err_have_str) - && (err_code == err_struct->err_code)) { - /* Checking error code is for safety. - In case, the caller ignores a database error and calls - other calls before doing com_err. Though not perfect, - caller should call krb5_clr_error before this. */ - err_struct->subsystem = krb5_err_unknown; - return err_struct->krb5_err_str; - } - - if (err_struct && (err_struct->subsystem == krb5_err_db) - && (err_code == err_struct->err_code)) { - err_struct->subsystem = krb5_err_unknown; - return krb5_db_errcode2string(err_struct->kcontext, err_code); - } - - /* Error strings are not generated here. the remaining two cases - are handled by the default error string convertor. */ -#ifdef NOVELL - return old_error_2_string(err_code); -#else - return error_message(err_code); -#endif -} - -void -krb5_clr_error() -{ - krb5_err_struct_t *err_struct; - pthread_once(&krb5_key_create, init_err_handling); - - err_struct = (krb5_err_struct_t *) k5_getspecific(K5_KEY_KDB_ERR_HANDLER); - if (err_struct) - err_struct->subsystem = krb5_err_unknown; -} - -#else -krb5_err_struct_t krb5_err = { {0}, 0, 0, 0 }; -krb5_boolean krb5_init_once = TRUE; - -static void -init_err_handling(void) -{ - if (krb5_init_once) { -#ifdef NOVELL - old_error_2_string = error_message; - error_message = krb5_get_err_string; -#endif - krb5_init_once = FALSE; - } -} - -krb5_error_code -krb5_set_err(krb5_context kcontext, krb5_err_subsystem subsystem, - long err_code, char *str) -{ - krb5_err_struct_t *err_struct = &krb5_err; - - init_err_handling(); /* takes care for multiple inits */ - - err_struct->subsystem = subsystem; - err_struct->err_code = err_code; - err_struct->kcontext = kcontext; - if (err_struct->subsystem == krb5_err_have_str) { - strncpy(err_struct->krb5_err_str, str, - sizeof(err_struct->krb5_err_str)); - err_struct->krb5_err_str[KRB5_MAX_ERR_STR] = '\0'; - } - - return 0; -} - -const char *KRB5_CALLCONV -krb5_get_err_string(long err_code) -{ - krb5_err_struct_t *err_struct = &krb5_err; - - init_err_handling(); /* takes care for multiple inits */ - - if ((err_struct->subsystem == krb5_err_have_str) - && (err_code == err_struct->err_code)) { - /* checking error code is for safety. - In case, the caller ignores a database error and calls - other calls before doing com_err. Though not perfect, - caller should call krb5_clr_error before this. */ - err_struct->subsystem = krb5_err_unknown; - return err_struct->krb5_err_str; - } - - if ((err_struct->subsystem == krb5_err_db) - && (err_code == err_struct->err_code)) { - err_struct->subsystem = krb5_err_unknown; - return krb5_db_errcode2string(err_struct->kcontext, err_code); - } - - /* It is not generated here. the remaining two cases are handled - by the default error string convertor. */ -#ifdef NOVELL - return old_error_2_string(err_code); -#else - return error_message(err_code); -#endif -} - -void -krb5_clr_error() -{ - krb5_err_struct_t *err_struct = &krb5_err; - - init_err_handling(); /* takes care for multiple inits */ - - err_struct->subsystem = krb5_err_unknown; -} - -#endif diff --git a/src/lib/kdb/err_handle.h b/src/lib/kdb/err_handle.h deleted file mode 100644 index ba1e320..0000000 --- a/src/lib/kdb/err_handle.h +++ /dev/null @@ -1,37 +0,0 @@ -/********************************************************************** -* -* C Header: err_handle.h -* Instance: idc_sec_1 -* Description: -* %created_by: spradeep % -* %date_created: Thu Apr 7 14:05:33 2005 % -* -**********************************************************************/ -#ifndef _idc_sec_1_err_handle_h_H -#define _idc_sec_1_err_handle_h_H -#include <k5-int.h> - -/* Everything else goes here */ - -#define KRB5_MAX_ERR_STR 1024 -typedef enum krb5_err_subsystem { - krb5_err_unknown = 0, /* no error or unknown system. Has to be probed */ - krb5_err_system, /* error in system call */ - krb5_err_krblib, /* error in kerberos library call, should lookup in the error table */ - krb5_err_have_str, /* error message is available in the string */ - krb5_err_db /* error is a database error, should be handled by calling DB */ -} krb5_err_subsystem; - -typedef krb5_error_code(*krb5_set_err_func_t) (krb5_context, - krb5_err_subsystem, long, - char *); - -krb5_error_code krb5_set_err(krb5_context kcontext, - krb5_err_subsystem subsystem, long err_code, - char *str); - -const char *KRB5_CALLCONV krb5_get_err_string(long err_code); - -void krb5_clr_error(void); - -#endif diff --git a/src/lib/kdb/kdb5.c b/src/lib/kdb/kdb5.c index ad5cb05..ce66474 100644 --- a/src/lib/kdb/kdb5.c +++ b/src/lib/kdb/kdb5.c @@ -273,7 +273,7 @@ kdb_load_library(krb5_context kcontext, char *lib_name, db_library * lib) kdb_setup_opt_functions(*lib); - if ((status = (*lib)->vftabl.init_library(krb5_set_err))) { + if ((status = (*lib)->vftabl.init_library())) { /* ERROR. library not initialized cleanly */ sprintf(buf, "%s library initialization failed, error code %ld\n", lib_name, status); @@ -365,14 +365,17 @@ kdb_load_library(krb5_context kcontext, char *lib_name, db_library * lib) kdb_setup_opt_functions(*lib); - if ((status = (*lib)->vftabl.init_library(krb5_set_err))) { + if ((status = (*lib)->vftabl.init_library())) { /* ERROR. library not initialized cleanly */ goto clean_n_exit; } } else { + err_str = dlerror(); + if(err_str == NULL) + err_str = ""; status = KRB5_KDB_DBTYPE_INIT; - krb5_set_err(kcontext, krb5_err_have_str, status, dlerror()); + krb5_set_error_message (kcontext, status, "%s", err_str); goto clean_n_exit; } break; @@ -385,8 +388,8 @@ kdb_load_library(krb5_context kcontext, char *lib_name, db_library * lib) if (!(*lib)->dl_handle) { /* library not found in the given list. Error str is already set */ - status = KRB5_KDB_DBTYPE_NOTFOUND; - krb5_set_err(kcontext, krb5_err_have_str, status, err_str); + status = KRB5_KDB_DBTYPE_NOTFOUND; + krb5_set_error_message (kcontext, status, "%s", err_str); goto clean_n_exit; } @@ -568,27 +571,19 @@ kdb_free_lib_handle(krb5_context kcontext) /* * External functions... DAL API */ -void -krb5_db_clr_error() -{ - krb5_clr_error(); -} - krb5_error_code krb5_db_open(krb5_context kcontext, char **db_args, int mode) { krb5_error_code status = 0; char *section = NULL; kdb5_dal_handle *dal_handle; - char buf[KRB5_MAX_ERR_STR]; section = kdb_get_conf_section(kcontext); if (section == NULL) { - sprintf(buf, + status = KRB5_KDB_SERVER_INTERNAL_ERR; + krb5_set_error_message (kcontext, status, "unable to determine configuration section for realm %s\n", kcontext->default_realm ? kcontext->default_realm : "[UNSET]"); - status = -1; - krb5_set_err(kcontext, krb5_err_have_str, status, buf); goto clean_n_exit; } @@ -658,15 +653,13 @@ krb5_db_create(krb5_context kcontext, char **db_args) krb5_error_code status = 0; char *section = NULL; kdb5_dal_handle *dal_handle; - char buf[KRB5_MAX_ERR_STR]; section = kdb_get_conf_section(kcontext); if (section == NULL) { - sprintf(buf, + status = KRB5_KDB_SERVER_INTERNAL_ERR; + krb5_set_error_message (kcontext, status, "unable to determine configuration section for realm %s\n", kcontext->default_realm); - status = -1; - krb5_set_err(kcontext, krb5_err_have_str, status, buf); goto clean_n_exit; } @@ -731,15 +724,13 @@ krb5_db_destroy(krb5_context kcontext, char **db_args) krb5_error_code status = 0; char *section = NULL; kdb5_dal_handle *dal_handle; - char buf[KRB5_MAX_ERR_STR]; section = kdb_get_conf_section(kcontext); if (section == NULL) { - sprintf(buf, + status = KRB5_KDB_SERVER_INTERNAL_ERR; + krb5_set_error_message (kcontext, status, "unable to determine configuration section for realm %s\n", kcontext->default_realm); - status = -1; - krb5_set_err(kcontext, krb5_err_have_str, status, buf); goto clean_n_exit; } diff --git a/src/lib/kdb/kdb5.h b/src/lib/kdb/kdb5.h index cc4992b..3e4701a 100644 --- a/src/lib/kdb/kdb5.h +++ b/src/lib/kdb/kdb5.h @@ -10,12 +10,12 @@ #include <utime.h> #include <k5-int.h> #include "kdb.h" -#include "err_handle.h" #define KDB_MAX_DB_NAME 128 #define KDB_REALM_SECTION "realms" #define KDB_MODULE_POINTER "database_module" -#define KDB_MODULE_SECTION "db_modules" +#define KDB_MODULE_DEF_SECTION "dbdefaults" +#define KDB_MODULE_SECTION "dbmodules" #define KDB_LIB_POINTER "db_library" #define KDB_DATABASE_CONF_FILE DEFAULT_SECURE_PROFILE_PATH #define KDB_DATABASE_ENV_PROF KDC_PROFILE_ENV @@ -23,6 +23,22 @@ #define KRB5_KDB_OPEN_RW 0 #define KRB5_KDB_OPEN_RO 1 +#ifndef KRB5_KDB_SRV_TYPE_KDC +#define KRB5_KDB_SRV_TYPE_KDC 0x0100 +#endif + +#ifndef KRB5_KDB_SRV_TYPE_ADMIN +#define KRB5_KDB_SRV_TYPE_ADMIN 0x0200 +#endif + +#ifndef KRB5_KDB_SRV_TYPE_PASSWD +#define KRB5_KDB_SRV_TYPE_PASSWD 0x0300 +#endif + +#ifndef KRB5_KDB_SRV_TYPE_OTHER +#define KRB5_KDB_SRV_TYPE_OTHER 0x0400 +#endif + #define KRB5_KDB_OPT_SET_DB_NAME 0 #define KRB5_KDB_OPT_SET_LOCK_MODE 1 @@ -50,7 +66,7 @@ typedef struct _kdb_vftabl{ short int maj_ver; short int min_ver; - krb5_error_code (*init_library)(krb5_set_err_func_t); + krb5_error_code (*init_library)(); krb5_error_code (*fini_library)(); krb5_error_code (*init_module) ( krb5_context kcontext, char * conf_section, diff --git a/src/lib/kdb/libkdb5.exports b/src/lib/kdb/libkdb5.exports index c4d2c88..fe2fae6 100644 --- a/src/lib/kdb/libkdb5.exports +++ b/src/lib/kdb/libkdb5.exports @@ -1,6 +1,5 @@ krb5_db_open krb5_db_inited -krb5_db_clr_error krb5_db_alloc krb5_db_free krb5_db_create @@ -48,3 +47,4 @@ krb5_db_put_policy krb5_db_iter_policy krb5_db_delete_policy krb5_db_free_policy +krb5_def_store_mkey diff --git a/src/lib/krb5/error_tables/kdb5_err.et b/src/lib/krb5/error_tables/kdb5_err.et index 7c146e6..79a7c96 100644 --- a/src/lib/krb5/error_tables/kdb5_err.et +++ b/src/lib/krb5/error_tables/kdb5_err.et @@ -71,5 +71,6 @@ ec KRB5_KDB_NO_MATCHING_KEY, "No matching key in entry" ec KRB5_KDB_DBTYPE_NOTFOUND, "Unable to find requested database type" ec KRB5_KDB_DBTYPE_NOSUP, "Database type not supported" ec KRB5_KDB_DBTYPE_INIT, "Database library failed to initialize" +ec KRB5_KDB_SERVER_INTERNAL_ERR, "Server error" end |