diff options
Diffstat (limited to 'src/lib/kadm5')
-rw-r--r-- | src/lib/kadm5/admin.h | 1 | ||||
-rw-r--r-- | src/lib/kadm5/clnt/Makefile.in | 14 | ||||
-rw-r--r-- | src/lib/kadm5/clnt/client_principal.c | 20 | ||||
-rw-r--r-- | src/lib/kadm5/clnt/clnt_policy.c | 21 | ||||
-rw-r--r-- | src/lib/kadm5/clnt/clnt_privs.c | 5 | ||||
-rw-r--r-- | src/lib/kadm5/clnt/err_handle.c | 202 | ||||
-rw-r--r-- | src/lib/kadm5/clnt/err_handle.h | 38 | ||||
-rw-r--r-- | src/lib/kadm5/kadm_rpc.h | 7 | ||||
-rw-r--r-- | src/lib/kadm5/kadm_rpc_xdr.c | 84 | ||||
-rw-r--r-- | src/lib/kadm5/logger.c | 6 | ||||
-rw-r--r-- | src/lib/kadm5/srv/server_init.c | 6 | ||||
-rw-r--r-- | src/lib/kadm5/srv/server_misc.c | 3 | ||||
-rw-r--r-- | src/lib/kadm5/srv/svr_policy.c | 8 | ||||
-rw-r--r-- | src/lib/kadm5/srv/svr_principal.c | 34 |
14 files changed, 41 insertions, 408 deletions
diff --git a/src/lib/kadm5/admin.h b/src/lib/kadm5/admin.h index 3ce01c7..f184ea4 100644 --- a/src/lib/kadm5/admin.h +++ b/src/lib/kadm5/admin.h @@ -123,7 +123,6 @@ typedef long kadm5_ret_t; #define KADM5_CONFIG_OLD_AUTH_GSSAPI 0x100000 #define KADM5_CONFIG_NO_AUTH 0x200000 #define KADM5_CONFIG_AUTH_NOFALLBACK 0x400000 - /* * permission bits */ diff --git a/src/lib/kadm5/clnt/Makefile.in b/src/lib/kadm5/clnt/Makefile.in index 136607f..86be9de 100644 --- a/src/lib/kadm5/clnt/Makefile.in +++ b/src/lib/kadm5/clnt/Makefile.in @@ -28,7 +28,6 @@ SRCS = $(srcdir)/clnt_policy.c \ $(srcdir)/client_principal.c \ $(srcdir)/client_init.c \ $(srcdir)/clnt_privs.c \ - $(srcdir)/err_handle.c \ $(srcdir)/clnt_chpass_util.c OBJS = \ @@ -37,7 +36,6 @@ OBJS = \ client_principal.$(OBJEXT) \ client_init.$(OBJEXT) \ clnt_privs.$(OBJEXT) \ - err_handle.$(OBJEXT) \ clnt_chpass_util.$(OBJEXT) STLIBOBJS = \ @@ -46,11 +44,8 @@ STLIBOBJS = \ client_principal.o \ client_init.o \ clnt_privs.o \ - err_handle.o \ clnt_chpass_util.o -err_handle.o : err_handle.h err_handle.c - all-unix:: includes all-unix:: all-liblinks all-windows:: $(OBJS) @@ -95,7 +90,7 @@ clnt_policy.so clnt_policy.po $(OUTPRE)clnt_policy.$(OBJEXT): \ $(BUILDTOP)/include/kadm5/kadm_err.h $(BUILDTOP)/include/kadm5/kadm_rpc.h \ $(BUILDTOP)/include/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-platform.h \ $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \ - client_internal.h clnt_policy.c err_handle.h + client_internal.h clnt_policy.c client_rpc.so client_rpc.po $(OUTPRE)client_rpc.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssrpc/auth.h $(BUILDTOP)/include/gssrpc/auth_gss.h \ @@ -120,7 +115,7 @@ client_principal.so client_principal.po $(OUTPRE)client_principal.$(OBJEXT): \ $(BUILDTOP)/include/kadm5/kadm_err.h $(BUILDTOP)/include/kadm5/kadm_rpc.h \ $(BUILDTOP)/include/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-platform.h \ $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \ - client_internal.h client_principal.c err_handle.h + client_internal.h client_principal.c client_init.so client_init.po $(OUTPRE)client_init.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssapi/gssapi_krb5.h $(BUILDTOP)/include/gssrpc/auth.h \ @@ -151,10 +146,7 @@ clnt_privs.so clnt_privs.po $(OUTPRE)clnt_privs.$(OBJEXT): \ $(BUILDTOP)/include/kadm5/kadm_err.h $(BUILDTOP)/include/kadm5/kadm_rpc.h \ $(BUILDTOP)/include/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-platform.h \ $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \ - client_internal.h clnt_privs.c err_handle.h -err_handle.so err_handle.po $(OUTPRE)err_handle.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5.h \ - $(COM_ERR_DEPS) err_handle.c err_handle.h + client_internal.h clnt_privs.c clnt_chpass_util.so clnt_chpass_util.po $(OUTPRE)clnt_chpass_util.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssrpc/auth.h $(BUILDTOP)/include/gssrpc/auth_gss.h \ diff --git a/src/lib/kadm5/clnt/client_principal.c b/src/lib/kadm5/clnt/client_principal.c index 735d2bf..7b65331 100644 --- a/src/lib/kadm5/clnt/client_principal.c +++ b/src/lib/kadm5/clnt/client_principal.c @@ -16,7 +16,6 @@ static char *rcsid = "$Header$"; #endif #include <errno.h> #include "client_internal.h" -#include "err_handle.h" #ifdef DEBUG #define eret() do { clnt_perror(handle->clnt, "null ret"); return KADM5_RPC_ERROR; } while (0) @@ -256,11 +255,6 @@ kadm5_get_principal(void *server_handle, memcpy(ent, &r->rec, sizeof(r->rec)); } - - if(r->code) - { - krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str ); - } return r->code; } @@ -289,10 +283,6 @@ kadm5_get_principals(void *server_handle, *princs = NULL; } - if(r->code) - { - krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str ); - } return r->code; } @@ -494,11 +484,6 @@ kadm5_randkey_principal_3(void *server_handle, } } - if(r->code) - { - krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str ); - } - return r->code; } @@ -547,11 +532,6 @@ kadm5_randkey_principal(void *server_handle, } } - if(r->code) - { - krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str ); - } - return r->code; } diff --git a/src/lib/kadm5/clnt/clnt_policy.c b/src/lib/kadm5/clnt/clnt_policy.c index b1157d1..6877ec3 100644 --- a/src/lib/kadm5/clnt/clnt_policy.c +++ b/src/lib/kadm5/clnt/clnt_policy.c @@ -15,7 +15,6 @@ static char *rcsid = "$Header$"; #include <stdlib.h> #include <string.h> #include <errno.h> -#include "err_handle.h" kadm5_ret_t kadm5_create_policy(void *server_handle, @@ -37,10 +36,6 @@ kadm5_create_policy(void *server_handle, if(r == NULL) return KADM5_RPC_ERROR; - if(r->code) - { - krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str ); - } return r->code; } @@ -63,10 +58,6 @@ kadm5_delete_policy(void *server_handle, char *name) if(r == NULL) return KADM5_RPC_ERROR; - if(r->code) - { - krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str ); - } return r->code; } @@ -91,10 +82,6 @@ kadm5_modify_policy(void *server_handle, if(r == NULL) return KADM5_RPC_ERROR; - if(r->code) - { - krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str ); - } return r->code; } @@ -133,10 +120,6 @@ kadm5_get_policy(void *server_handle, char *name, kadm5_policy_ent_t ent) memcpy(ent, &r->rec, sizeof(r->rec)); } - if(r->code) - { - krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str ); - } return r->code; } @@ -165,9 +148,5 @@ kadm5_get_policies(void *server_handle, *pols = NULL; } - if(r->code) - { - krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str ); - } return r->code; } diff --git a/src/lib/kadm5/clnt/clnt_privs.c b/src/lib/kadm5/clnt/clnt_privs.c index e594080..204fd90 100644 --- a/src/lib/kadm5/clnt/clnt_privs.c +++ b/src/lib/kadm5/clnt/clnt_privs.c @@ -79,7 +79,6 @@ static char *rcsid = "$Header$"; #include <kadm5/admin.h> #include <kadm5/kadm_rpc.h> #include "client_internal.h" -#include "err_handle.h" kadm5_ret_t kadm5_get_privs(void *server_handle, long *privs) { @@ -92,9 +91,5 @@ kadm5_ret_t kadm5_get_privs(void *server_handle, long *privs) else if (r->code == KADM5_OK) *privs = r->privs; - if(r->code) - { - krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str ); - } return r->code; } diff --git a/src/lib/kadm5/clnt/err_handle.c b/src/lib/kadm5/clnt/err_handle.c deleted file mode 100644 index 9db4611..0000000 --- a/src/lib/kadm5/clnt/err_handle.c +++ /dev/null @@ -1,202 +0,0 @@ -/********************************************************************** -* -* C %name: err_handle.c % -* Instance: idc_sec_1 -* Description: -* %created_by: spradeep % -* %date_created: Thu Apr 7 15:36:27 2005 % -* -**********************************************************************/ -#ifndef lint -static char *_csrc = - "@(#) %filespec: err_handle.c~1 % (%full_filespec: err_handle.c~1:csrc:idc_sec#2 %)"; -#endif - -/* This file should be ideally be in util/et. But, for now thread - safety requirement stops me from putting there. If I do, then all - the applications have to link to pthread. */ - -#include "autoconf.h" -/* XXX This file doesn't build multithreaded at the moment. */ -#undef HAVE_PTHREAD_H - -#ifdef HAVE_PTHREAD_H -#include <pthread.h> -#endif -#include "err_handle.h" -#include <assert.h> -#include <string.h> - -#ifdef NOVELL -krb5_errcode_2_string_func old_error_2_string = NULL; -#endif - -typedef struct -{ - char krb5_err_str[KRB5_MAX_ERR_STR + 1]; - long err_code; - krb5_err_subsystem subsystem; - krb5_context kcontext; -} krb5_err_struct_t; - -#ifdef HAVE_PTHREAD_H -static void -tsd_key_destructor(void *data) -{ - free(data); -} - -static void -init_err_handling(void) -{ - assert(!k5_key_register(K5_KEY_KADM_CLNT_ERR_HANDLER, tsd_key_destructor)); -#ifdef NOVELL - old_error_2_string = error_message; - error_message = krb5_get_err_string; -#endif -} - -static pthread_once_t krb5_key_create = PTHREAD_ONCE_INIT; - -krb5_error_code -krb5_set_err(krb5_context kcontext, krb5_err_subsystem subsystem, - long err_code, char *str) -{ - int ret; - krb5_err_struct_t *err_struct; - pthread_once(&krb5_key_create, init_err_handling); - - err_struct = (krb5_err_struct_t *) k5_getspecific(K5_KEY_KADM_CLNT_ERR_HANDLER); - if (err_struct == NULL) { - err_struct = calloc(sizeof(krb5_err_struct_t), 1); - if (err_struct == NULL) - return ENOMEM; - - if ((ret = k5_setspecific(K5_KEY_KADM_CLNT_ERR_HANDLER, err_struct))) { - free(err_struct); - return ret; - } - } - - err_struct->subsystem = subsystem; - err_struct->err_code = err_code; - err_struct->kcontext = kcontext; - if (err_struct->subsystem == krb5_err_have_str) { - strncpy(err_struct->krb5_err_str, str, - sizeof(err_struct->krb5_err_str)); - err_struct->krb5_err_str[KRB5_MAX_ERR_STR] = '\0'; - } - - return 0; -} - -const char *KRB5_CALLCONV -krb5_get_err_string(long err_code) -{ - krb5_err_struct_t *err_struct; - pthread_once(&krb5_key_create, init_err_handling); - - err_struct = (krb5_err_struct_t *) k5_getspecific(K5_KEY_KADM_CLNT_ERR_HANDLER); - if (err_struct && (err_struct->subsystem == krb5_err_have_str) - && (err_code == err_struct->err_code)) { - /* checking error code is for safety. - In case, the caller ignores a database error and calls - other calls before doing com_err. Though not perfect, - caller should call krb5_clr_error before this. */ - err_struct->subsystem = krb5_err_unknown; - return err_struct->krb5_err_str; - } - - /* Error strings are not generated here. the remaining two cases - are handled by the default error string convertor. */ -#ifdef NOVELL - return old_error_2_string(err_code); -#else - return error_message(err_code); -#endif -} - -void -krb5_clr_error() -{ - krb5_err_struct_t *err_struct; - pthread_once(&krb5_key_create, init_err_handling); - - err_struct = (krb5_err_struct_t *) k5_getspecific(K5_KEY_KADM_CLNT_ERR_HANDLER); - if (err_struct) - err_struct->subsystem = krb5_err_unknown; -} - -#else -krb5_err_struct_t krb5_err = { {0}, 0, 0, 0 }; -krb5_boolean krb5_init_once = TRUE; - -static void -init_err_handling(void) -{ - if (krb5_init_once) { -#ifdef NOVELL - old_error_2_string = error_message; - error_message = krb5_get_err_string; -#endif - krb5_init_once = FALSE; - } -} - -krb5_error_code -krb5_set_err(krb5_context kcontext, krb5_err_subsystem subsystem, - long err_code, char *str) -{ - krb5_err_struct_t *err_struct = &krb5_err; - - init_err_handling(); /* takes care for multiple inits */ - - err_struct->subsystem = subsystem; - err_struct->err_code = err_code; - err_struct->kcontext = kcontext; - if (err_struct->subsystem == krb5_err_have_str) { - strncpy(err_struct->krb5_err_str, str, - sizeof(err_struct->krb5_err_str)); - err_struct->krb5_err_str[KRB5_MAX_ERR_STR] = '\0'; - } - - return 0; -} - -const char *KRB5_CALLCONV -krb5_get_err_string(long err_code) -{ - krb5_err_struct_t *err_struct = &krb5_err; - - init_err_handling(); /* takes care for multiple inits */ - - if ((err_struct->subsystem == krb5_err_have_str) - && (err_code == err_struct->err_code)) { - /* checking error code is for safety. - In case, the caller ignores a database error and calls - other calls before doing com_err. Though not perfect, - caller should call krb5_clr_error before this. */ - err_struct->subsystem = krb5_err_unknown; - return err_struct->krb5_err_str; - } - - /* It is not generated here. the remaining two cases are handled - by the default error string convertor. */ -#ifdef NOVELL - return old_error_2_string(err_code); -#else - return error_message(err_code); -#endif -} - -void -krb5_clr_error() -{ - krb5_err_struct_t *err_struct = &krb5_err; - - init_err_handling(); /* takes care for multiple inits */ - - err_struct->subsystem = krb5_err_unknown; -} - -#endif diff --git a/src/lib/kadm5/clnt/err_handle.h b/src/lib/kadm5/clnt/err_handle.h deleted file mode 100644 index 7dea7b6..0000000 --- a/src/lib/kadm5/clnt/err_handle.h +++ /dev/null @@ -1,38 +0,0 @@ -/********************************************************************** -* -* C Header: err_handle.h -* Instance: idc_sec_1 -* Description: -* %created_by: spradeep % -* %date_created: Thu Apr 7 15:36:49 2005 % -* -**********************************************************************/ -#ifndef _idc_sec_1_err_handle_h_H -#define _idc_sec_1_err_handle_h_H -#include <com_err.h> -#include <krb5.h> - -/* Everything else goes here */ - -#define KRB5_MAX_ERR_STR 1024 -typedef enum krb5_err_subsystem { - krb5_err_unknown = 0, /* no error or unknown system. Has to be probed */ - krb5_err_system, /* error in system call */ - krb5_err_krblib, /* error in kerberos library call, should lookup in the error table */ - krb5_err_have_str, /* error message is available in the string */ - krb5_err_db /* error is a database error, should be handled by calling DB */ -} krb5_err_subsystem; - -typedef krb5_error_code(*krb5_set_err_func_t) (krb5_context, - krb5_err_subsystem, long, - char *); - -krb5_error_code krb5_set_err(krb5_context kcontext, - krb5_err_subsystem subsystem, long err_code, - char *str); - -const char *KRB5_CALLCONV krb5_get_err_string(long err_code); - -void krb5_clr_error(void); - -#endif diff --git a/src/lib/kadm5/kadm_rpc.h b/src/lib/kadm5/kadm_rpc.h index 3d11f09..d793ed8 100644 --- a/src/lib/kadm5/kadm_rpc.h +++ b/src/lib/kadm5/kadm_rpc.h @@ -27,7 +27,6 @@ typedef struct cprinc3_arg cprinc3_arg; struct generic_ret { krb5_ui_4 api_version; kadm5_ret_t code; - char *err_str; }; typedef struct generic_ret generic_ret; @@ -62,7 +61,6 @@ struct gprincs_ret { kadm5_ret_t code; char **princs; int count; - char *err_str; }; typedef struct gprincs_ret gprincs_ret; @@ -130,7 +128,6 @@ struct chrand_ret { krb5_keyblock key; krb5_keyblock *keys; int n_keys; - char *err_str; }; typedef struct chrand_ret chrand_ret; @@ -145,7 +142,6 @@ struct gprinc_ret { krb5_ui_4 api_version; kadm5_ret_t code; kadm5_principal_ent_rec rec; - char *err_str; }; typedef struct gprinc_ret gprinc_ret; @@ -179,7 +175,6 @@ struct gpol_ret { krb5_ui_4 api_version; kadm5_ret_t code; kadm5_policy_ent_rec rec; - char *err_str; }; typedef struct gpol_ret gpol_ret; @@ -194,7 +189,6 @@ struct gpols_ret { kadm5_ret_t code; char **pols; int count; - char *err_str; }; typedef struct gpols_ret gpols_ret; @@ -202,7 +196,6 @@ struct getprivs_ret { krb5_ui_4 api_version; kadm5_ret_t code; long privs; - char *err_str; }; typedef struct getprivs_ret getprivs_ret; diff --git a/src/lib/kadm5/kadm_rpc_xdr.c b/src/lib/kadm5/kadm_rpc_xdr.c index 346a36e..aa2363c 100644 --- a/src/lib/kadm5/kadm_rpc_xdr.c +++ b/src/lib/kadm5/kadm_rpc_xdr.c @@ -545,18 +545,6 @@ xdr_generic_ret(XDR *xdrs, generic_ret *objp) return (FALSE); } - if( xdrs->x_op == XDR_ENCODE ) - { - char *tmp_str = "Unknown error code"; - if(!xdr_string(xdrs, objp->err_str?&objp->err_str:&tmp_str, (unsigned int)-1 )) { - return (FALSE); - } - } else { - if(!xdr_string(xdrs, &objp->err_str, (unsigned int)-1 )) { - return (FALSE); - } - } - return(TRUE); } @@ -640,18 +628,6 @@ xdr_gprincs_ret(XDR *xdrs, gprincs_ret *objp) } } - if( xdrs->x_op == XDR_ENCODE ) - { - char *tmp_str = "Unknown error code"; - if(!xdr_string(xdrs, objp->err_str?&objp->err_str:&tmp_str, (unsigned int)-1 )) { - return (FALSE); - } - } else { - if(!xdr_string(xdrs, &objp->err_str, (unsigned int)-1 )) { - return (FALSE); - } - } - return (TRUE); } @@ -812,18 +788,6 @@ xdr_chrand_ret(XDR *xdrs, chrand_ret *objp) } } - if( xdrs->x_op == XDR_ENCODE ) - { - char *tmp_str = "Unknown error code"; - if(!xdr_string(xdrs, objp->err_str?&objp->err_str:&tmp_str, (unsigned int)-1 )) { - return (FALSE); - } - } else { - if(!xdr_string(xdrs, &objp->err_str, (unsigned int)-1 )) { - return (FALSE); - } - } - return (TRUE); } @@ -865,18 +829,6 @@ xdr_gprinc_ret(XDR *xdrs, gprinc_ret *objp) } } - if( xdrs->x_op == XDR_ENCODE ) - { - char *tmp_str = "Unknown error code"; - if(!xdr_string(xdrs, objp->err_str?&objp->err_str:&tmp_str, (unsigned int)-1 )) { - return (FALSE); - } - } else { - if(!xdr_string(xdrs, &objp->err_str, (unsigned int)-1 )) { - return (FALSE); - } - } - return (TRUE); } @@ -948,18 +900,6 @@ xdr_gpol_ret(XDR *xdrs, gpol_ret *objp) return (FALSE); } - if( xdrs->x_op == XDR_ENCODE ) - { - char *tmp_str = "Unknown error code"; - if(!xdr_string(xdrs, objp->err_str?&objp->err_str:&tmp_str, (unsigned int)-1 )) { - return (FALSE); - } - } else { - if(!xdr_string(xdrs, &objp->err_str, (unsigned int)-1 )) { - return (FALSE); - } - } - return (TRUE); } @@ -995,18 +935,6 @@ xdr_gpols_ret(XDR *xdrs, gpols_ret *objp) } } - if( xdrs->x_op == XDR_ENCODE ) - { - char *tmp_str = "Unknown error code"; - if(!xdr_string(xdrs, objp->err_str?&objp->err_str:&tmp_str, (unsigned int)-1 )) { - return (FALSE); - } - } else { - if(!xdr_string(xdrs, &objp->err_str, (unsigned int)-1 )) { - return (FALSE); - } - } - return (TRUE); } @@ -1019,18 +947,6 @@ bool_t xdr_getprivs_ret(XDR *xdrs, getprivs_ret *objp) ! xdr_long(xdrs, &objp->privs)) return FALSE; - if( xdrs->x_op == XDR_ENCODE ) - { - char *tmp_str = "Unknown error code"; - if(!xdr_string(xdrs, objp->err_str?&objp->err_str:&tmp_str, (unsigned int)-1 )) { - return (FALSE); - } - } else { - if(!xdr_string(xdrs, &objp->err_str, (unsigned int)-1 )) { - return (FALSE); - } - } - return TRUE; } diff --git a/src/lib/kadm5/logger.c b/src/lib/kadm5/logger.c index 69f53a0..f78c7b4 100644 --- a/src/lib/kadm5/logger.c +++ b/src/lib/kadm5/logger.c @@ -171,6 +171,7 @@ static struct log_entry def_log_entry; * klog_com_err_proc() - Handle com_err(3) messages as specified by the * profile. */ +static krb5_context err_context; static void klog_com_err_proc(const char *whoami, long int code, const char *format, va_list ap) { @@ -194,7 +195,8 @@ klog_com_err_proc(const char *whoami, long int code, const char *format, va_list /* If reporting an error message, separate it. */ if (code) { outbuf[sizeof(outbuf) - 1] = '\0'; - strncat(outbuf, error_message(code), sizeof(outbuf) - 1 - strlen(outbuf)); + + strncat(outbuf, krb5_get_error_message (err_context, code), sizeof(outbuf) - 1 - strlen(outbuf)); strncat(outbuf, " - ", sizeof(outbuf) - 1 - strlen(outbuf)); } cp = &outbuf[strlen(outbuf)]; @@ -360,6 +362,8 @@ krb5_klog_init(krb5_context kcontext, char *ename, char *whoami, krb5_boolean do do_openlog = 0; log_facility = 0; + err_context = kcontext; + /* * Look up [logging]-><ename> in the profile. If that doesn't * succeed, then look for [logging]->default. diff --git a/src/lib/kadm5/srv/server_init.c b/src/lib/kadm5/srv/server_init.c index dd1fe66..106d318 100644 --- a/src/lib/kadm5/srv/server_init.c +++ b/src/lib/kadm5/srv/server_init.c @@ -259,7 +259,8 @@ kadm5_ret_t kadm5_init(char *client_name, char *pass, return ret; } - ret = krb5_db_open(handle->context, db_args, KRB5_KDB_OPEN_RW); + ret = krb5_db_open(handle->context, db_args, + KRB5_KDB_OPEN_RW | KRB5_KDB_SRV_TYPE_ADMIN); if (ret) { krb5_free_context(handle->context); free_db_args(handle); @@ -406,7 +407,8 @@ kadm5_ret_t kadm5_flush(void *server_handle) CHECK_HANDLE(server_handle); if ((ret = krb5_db_fini(handle->context)) || - (ret = krb5_db_open(handle->context, handle->db_args, KRB5_KDB_OPEN_RW)) || + (ret = krb5_db_open(handle->context, handle->db_args, + KRB5_KDB_OPEN_RW | KRB5_KDB_SRV_TYPE_ADMIN)) || (ret = adb_policy_close(handle)) || (ret = adb_policy_init(handle))) { (void) kadm5_destroy(server_handle); diff --git a/src/lib/kadm5/srv/server_misc.c b/src/lib/kadm5/srv/server_misc.c index f7bfd58..fa4e62e 100644 --- a/src/lib/kadm5/srv/server_misc.c +++ b/src/lib/kadm5/srv/server_misc.c @@ -25,7 +25,8 @@ adb_policy_init(kadm5_server_handle_t handle) if( krb5_db_inited( handle->context ) ) return KADM5_OK; - return krb5_db_open( handle->context, NULL, KRB5_KDB_OPEN_RW ); + return krb5_db_open( handle->context, NULL, + KRB5_KDB_OPEN_RW | KRB5_KDB_SRV_TYPE_ADMIN ); } kadm5_ret_t diff --git a/src/lib/kadm5/srv/svr_policy.c b/src/lib/kadm5/srv/svr_policy.c index 31333b7..d57d2f1 100644 --- a/src/lib/kadm5/srv/svr_policy.c +++ b/src/lib/kadm5/srv/svr_policy.c @@ -47,7 +47,7 @@ kadm5_create_policy(void *server_handle, { CHECK_HANDLE(server_handle); - krb5_db_clr_error(); + krb5_clear_error_message(((kadm5_server_handle_t)server_handle)->context); if (mask & KADM5_REF_COUNT) return KADM5_BAD_MASK; @@ -157,7 +157,7 @@ kadm5_delete_policy(void *server_handle, kadm5_policy_t name) CHECK_HANDLE(server_handle); - krb5_db_clr_error(); + krb5_clear_error_message(handle->context); if(name == (kadm5_policy_t) NULL) return EINVAL; @@ -185,7 +185,7 @@ kadm5_modify_policy(void *server_handle, { CHECK_HANDLE(server_handle); - krb5_db_clr_error(); + krb5_clear_error_message(((kadm5_server_handle_t)server_handle)->context); if (mask & KADM5_REF_COUNT) return KADM5_BAD_MASK; @@ -266,7 +266,7 @@ kadm5_get_policy(void *server_handle, kadm5_policy_t name, CHECK_HANDLE(server_handle); - krb5_db_clr_error(); + krb5_clear_error_message(handle->context); /* * In version 1, entry is a pointer to a kadm5_policy_ent_t that diff --git a/src/lib/kadm5/srv/svr_principal.c b/src/lib/kadm5/srv/svr_principal.c index 18ab480..36ca2a1 100644 --- a/src/lib/kadm5/srv/svr_principal.c +++ b/src/lib/kadm5/srv/svr_principal.c @@ -199,7 +199,7 @@ kadm5_create_principal_3(void *server_handle, CHECK_HANDLE(server_handle); - krb5_db_clr_error(); + krb5_clear_error_message(handle->context); /* * Argument sanity checking, and opening up the DB @@ -380,6 +380,9 @@ kadm5_create_principal_3(void *server_handle, } } + /* In all cases key and the principal data is set, let the database provider know */ + kdb.mask = mask | KADM5_KEY_DATA | KADM5_PRINCIPAL ; + /* store the new db entry */ ret = kdb_put_entry(handle, &kdb, &adb); @@ -421,7 +424,7 @@ kadm5_delete_principal(void *server_handle, krb5_principal principal) CHECK_HANDLE(server_handle); - krb5_db_clr_error(); + krb5_clear_error_message(handle->context); if (principal == NULL) return EINVAL; @@ -469,7 +472,7 @@ kadm5_modify_principal(void *server_handle, CHECK_HANDLE(server_handle); - krb5_db_clr_error(); + krb5_clear_error_message(handle->context); if((mask & KADM5_PRINCIPAL) || (mask & KADM5_LAST_PWD_CHANGE) || (mask & KADM5_MOD_TIME) || (mask & KADM5_MOD_NAME) || @@ -628,6 +631,9 @@ kadm5_modify_principal(void *server_handle, } } + /* let the mask propagate to the database provider */ + kdb.mask = mask; + ret = kdb_put_entry(handle, &kdb, &adb); if (ret) goto done; @@ -656,7 +662,7 @@ kadm5_rename_principal(void *server_handle, CHECK_HANDLE(server_handle); - krb5_db_clr_error(); + krb5_clear_error_message(handle->context); if (source == NULL || target == NULL) return EINVAL; @@ -711,7 +717,7 @@ kadm5_get_principal(void *server_handle, krb5_principal principal, CHECK_HANDLE(server_handle); - krb5_db_clr_error(); + krb5_clear_error_message(handle->context); /* * In version 1, all the defined fields are always returned. @@ -1289,7 +1295,7 @@ kadm5_chpass_principal_3(void *server_handle, CHECK_HANDLE(server_handle); - krb5_db_clr_error(); + krb5_clear_error_message(handle->context); hist_added = 0; memset(&hist, 0, sizeof(hist)); @@ -1433,6 +1439,9 @@ kadm5_chpass_principal_3(void *server_handle, if (ret) goto done; + /* key data and attributes changed, let the database provider know */ + kdb.mask = KADM5_KEY_DATA | KADM5_ATTRIBUTES /* | KADM5_CPW_FUNCTION */; + if ((ret = kdb_put_entry(handle, &kdb, &adb))) goto done; @@ -1478,13 +1487,13 @@ kadm5_randkey_principal_3(void *server_handle, int ret, last_pwd, have_pol = 0; kadm5_server_handle_t handle = server_handle; - krb5_db_clr_error(); - if (keyblocks) *keyblocks = NULL; CHECK_HANDLE(server_handle); + krb5_clear_error_message(handle->context); + if (principal == NULL) return EINVAL; if (hist_princ && /* this will be NULL when initializing the databse */ @@ -1580,6 +1589,9 @@ kadm5_randkey_principal_3(void *server_handle, } } + /* key data changed, let the database provider know */ + kdb.mask = KADM5_KEY_DATA /* | KADM5_RANDKEY_USED */; + if ((ret = kdb_put_entry(handle, &kdb, &adb))) goto done; @@ -1616,12 +1628,12 @@ kadm5_setv4key_principal(void *server_handle, kadm5_server_handle_t handle = server_handle; krb5_key_data tmp_key_data; - krb5_db_clr_error(); - memset( &tmp_key_data, 0, sizeof(tmp_key_data)); CHECK_HANDLE(server_handle); + krb5_clear_error_message(handle->context); + if (principal == NULL || keyblock == NULL) return EINVAL; if (hist_princ && /* this will be NULL when initializing the databse */ @@ -1797,7 +1809,7 @@ kadm5_setkey_principal_3(void *server_handle, CHECK_HANDLE(server_handle); - krb5_db_clr_error(); + krb5_clear_error_message(handle->context); if (principal == NULL || keyblocks == NULL) return EINVAL; |