aboutsummaryrefslogtreecommitdiff
path: root/src/lib/kadm5
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/kadm5')
-rw-r--r--src/lib/kadm5/admin.h1
-rw-r--r--src/lib/kadm5/clnt/Makefile.in14
-rw-r--r--src/lib/kadm5/clnt/client_principal.c20
-rw-r--r--src/lib/kadm5/clnt/clnt_policy.c21
-rw-r--r--src/lib/kadm5/clnt/clnt_privs.c5
-rw-r--r--src/lib/kadm5/clnt/err_handle.c202
-rw-r--r--src/lib/kadm5/clnt/err_handle.h38
-rw-r--r--src/lib/kadm5/kadm_rpc.h7
-rw-r--r--src/lib/kadm5/kadm_rpc_xdr.c84
-rw-r--r--src/lib/kadm5/logger.c6
-rw-r--r--src/lib/kadm5/srv/server_init.c6
-rw-r--r--src/lib/kadm5/srv/server_misc.c3
-rw-r--r--src/lib/kadm5/srv/svr_policy.c8
-rw-r--r--src/lib/kadm5/srv/svr_principal.c34
14 files changed, 41 insertions, 408 deletions
diff --git a/src/lib/kadm5/admin.h b/src/lib/kadm5/admin.h
index 3ce01c7..f184ea4 100644
--- a/src/lib/kadm5/admin.h
+++ b/src/lib/kadm5/admin.h
@@ -123,7 +123,6 @@ typedef long kadm5_ret_t;
#define KADM5_CONFIG_OLD_AUTH_GSSAPI 0x100000
#define KADM5_CONFIG_NO_AUTH 0x200000
#define KADM5_CONFIG_AUTH_NOFALLBACK 0x400000
-
/*
* permission bits
*/
diff --git a/src/lib/kadm5/clnt/Makefile.in b/src/lib/kadm5/clnt/Makefile.in
index 136607f..86be9de 100644
--- a/src/lib/kadm5/clnt/Makefile.in
+++ b/src/lib/kadm5/clnt/Makefile.in
@@ -28,7 +28,6 @@ SRCS = $(srcdir)/clnt_policy.c \
$(srcdir)/client_principal.c \
$(srcdir)/client_init.c \
$(srcdir)/clnt_privs.c \
- $(srcdir)/err_handle.c \
$(srcdir)/clnt_chpass_util.c
OBJS = \
@@ -37,7 +36,6 @@ OBJS = \
client_principal.$(OBJEXT) \
client_init.$(OBJEXT) \
clnt_privs.$(OBJEXT) \
- err_handle.$(OBJEXT) \
clnt_chpass_util.$(OBJEXT)
STLIBOBJS = \
@@ -46,11 +44,8 @@ STLIBOBJS = \
client_principal.o \
client_init.o \
clnt_privs.o \
- err_handle.o \
clnt_chpass_util.o
-err_handle.o : err_handle.h err_handle.c
-
all-unix:: includes
all-unix:: all-liblinks
all-windows:: $(OBJS)
@@ -95,7 +90,7 @@ clnt_policy.so clnt_policy.po $(OUTPRE)clnt_policy.$(OBJEXT): \
$(BUILDTOP)/include/kadm5/kadm_err.h $(BUILDTOP)/include/kadm5/kadm_rpc.h \
$(BUILDTOP)/include/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
- client_internal.h clnt_policy.c err_handle.h
+ client_internal.h clnt_policy.c
client_rpc.so client_rpc.po $(OUTPRE)client_rpc.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssrpc/auth.h $(BUILDTOP)/include/gssrpc/auth_gss.h \
@@ -120,7 +115,7 @@ client_principal.so client_principal.po $(OUTPRE)client_principal.$(OBJEXT): \
$(BUILDTOP)/include/kadm5/kadm_err.h $(BUILDTOP)/include/kadm5/kadm_rpc.h \
$(BUILDTOP)/include/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
- client_internal.h client_principal.c err_handle.h
+ client_internal.h client_principal.c
client_init.so client_init.po $(OUTPRE)client_init.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_krb5.h $(BUILDTOP)/include/gssrpc/auth.h \
@@ -151,10 +146,7 @@ clnt_privs.so clnt_privs.po $(OUTPRE)clnt_privs.$(OBJEXT): \
$(BUILDTOP)/include/kadm5/kadm_err.h $(BUILDTOP)/include/kadm5/kadm_rpc.h \
$(BUILDTOP)/include/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-platform.h \
$(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \
- client_internal.h clnt_privs.c err_handle.h
-err_handle.so err_handle.po $(OUTPRE)err_handle.$(OBJEXT): \
- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5.h \
- $(COM_ERR_DEPS) err_handle.c err_handle.h
+ client_internal.h clnt_privs.c
clnt_chpass_util.so clnt_chpass_util.po $(OUTPRE)clnt_chpass_util.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssrpc/auth.h $(BUILDTOP)/include/gssrpc/auth_gss.h \
diff --git a/src/lib/kadm5/clnt/client_principal.c b/src/lib/kadm5/clnt/client_principal.c
index 735d2bf..7b65331 100644
--- a/src/lib/kadm5/clnt/client_principal.c
+++ b/src/lib/kadm5/clnt/client_principal.c
@@ -16,7 +16,6 @@ static char *rcsid = "$Header$";
#endif
#include <errno.h>
#include "client_internal.h"
-#include "err_handle.h"
#ifdef DEBUG
#define eret() do { clnt_perror(handle->clnt, "null ret"); return KADM5_RPC_ERROR; } while (0)
@@ -256,11 +255,6 @@ kadm5_get_principal(void *server_handle,
memcpy(ent, &r->rec, sizeof(r->rec));
}
-
- if(r->code)
- {
- krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str );
- }
return r->code;
}
@@ -289,10 +283,6 @@ kadm5_get_principals(void *server_handle,
*princs = NULL;
}
- if(r->code)
- {
- krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str );
- }
return r->code;
}
@@ -494,11 +484,6 @@ kadm5_randkey_principal_3(void *server_handle,
}
}
- if(r->code)
- {
- krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str );
- }
-
return r->code;
}
@@ -547,11 +532,6 @@ kadm5_randkey_principal(void *server_handle,
}
}
- if(r->code)
- {
- krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str );
- }
-
return r->code;
}
diff --git a/src/lib/kadm5/clnt/clnt_policy.c b/src/lib/kadm5/clnt/clnt_policy.c
index b1157d1..6877ec3 100644
--- a/src/lib/kadm5/clnt/clnt_policy.c
+++ b/src/lib/kadm5/clnt/clnt_policy.c
@@ -15,7 +15,6 @@ static char *rcsid = "$Header$";
#include <stdlib.h>
#include <string.h>
#include <errno.h>
-#include "err_handle.h"
kadm5_ret_t
kadm5_create_policy(void *server_handle,
@@ -37,10 +36,6 @@ kadm5_create_policy(void *server_handle,
if(r == NULL)
return KADM5_RPC_ERROR;
- if(r->code)
- {
- krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str );
- }
return r->code;
}
@@ -63,10 +58,6 @@ kadm5_delete_policy(void *server_handle, char *name)
if(r == NULL)
return KADM5_RPC_ERROR;
- if(r->code)
- {
- krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str );
- }
return r->code;
}
@@ -91,10 +82,6 @@ kadm5_modify_policy(void *server_handle,
if(r == NULL)
return KADM5_RPC_ERROR;
- if(r->code)
- {
- krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str );
- }
return r->code;
}
@@ -133,10 +120,6 @@ kadm5_get_policy(void *server_handle, char *name, kadm5_policy_ent_t ent)
memcpy(ent, &r->rec, sizeof(r->rec));
}
- if(r->code)
- {
- krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str );
- }
return r->code;
}
@@ -165,9 +148,5 @@ kadm5_get_policies(void *server_handle,
*pols = NULL;
}
- if(r->code)
- {
- krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str );
- }
return r->code;
}
diff --git a/src/lib/kadm5/clnt/clnt_privs.c b/src/lib/kadm5/clnt/clnt_privs.c
index e594080..204fd90 100644
--- a/src/lib/kadm5/clnt/clnt_privs.c
+++ b/src/lib/kadm5/clnt/clnt_privs.c
@@ -79,7 +79,6 @@ static char *rcsid = "$Header$";
#include <kadm5/admin.h>
#include <kadm5/kadm_rpc.h>
#include "client_internal.h"
-#include "err_handle.h"
kadm5_ret_t kadm5_get_privs(void *server_handle, long *privs)
{
@@ -92,9 +91,5 @@ kadm5_ret_t kadm5_get_privs(void *server_handle, long *privs)
else if (r->code == KADM5_OK)
*privs = r->privs;
- if(r->code)
- {
- krb5_set_err( handle->context, krb5_err_have_str, r->code, r->err_str );
- }
return r->code;
}
diff --git a/src/lib/kadm5/clnt/err_handle.c b/src/lib/kadm5/clnt/err_handle.c
deleted file mode 100644
index 9db4611..0000000
--- a/src/lib/kadm5/clnt/err_handle.c
+++ /dev/null
@@ -1,202 +0,0 @@
-/**********************************************************************
-*
-* C %name: err_handle.c %
-* Instance: idc_sec_1
-* Description:
-* %created_by: spradeep %
-* %date_created: Thu Apr 7 15:36:27 2005 %
-*
-**********************************************************************/
-#ifndef lint
-static char *_csrc =
- "@(#) %filespec: err_handle.c~1 % (%full_filespec: err_handle.c~1:csrc:idc_sec#2 %)";
-#endif
-
-/* This file should be ideally be in util/et. But, for now thread
- safety requirement stops me from putting there. If I do, then all
- the applications have to link to pthread. */
-
-#include "autoconf.h"
-/* XXX This file doesn't build multithreaded at the moment. */
-#undef HAVE_PTHREAD_H
-
-#ifdef HAVE_PTHREAD_H
-#include <pthread.h>
-#endif
-#include "err_handle.h"
-#include <assert.h>
-#include <string.h>
-
-#ifdef NOVELL
-krb5_errcode_2_string_func old_error_2_string = NULL;
-#endif
-
-typedef struct
-{
- char krb5_err_str[KRB5_MAX_ERR_STR + 1];
- long err_code;
- krb5_err_subsystem subsystem;
- krb5_context kcontext;
-} krb5_err_struct_t;
-
-#ifdef HAVE_PTHREAD_H
-static void
-tsd_key_destructor(void *data)
-{
- free(data);
-}
-
-static void
-init_err_handling(void)
-{
- assert(!k5_key_register(K5_KEY_KADM_CLNT_ERR_HANDLER, tsd_key_destructor));
-#ifdef NOVELL
- old_error_2_string = error_message;
- error_message = krb5_get_err_string;
-#endif
-}
-
-static pthread_once_t krb5_key_create = PTHREAD_ONCE_INIT;
-
-krb5_error_code
-krb5_set_err(krb5_context kcontext, krb5_err_subsystem subsystem,
- long err_code, char *str)
-{
- int ret;
- krb5_err_struct_t *err_struct;
- pthread_once(&krb5_key_create, init_err_handling);
-
- err_struct = (krb5_err_struct_t *) k5_getspecific(K5_KEY_KADM_CLNT_ERR_HANDLER);
- if (err_struct == NULL) {
- err_struct = calloc(sizeof(krb5_err_struct_t), 1);
- if (err_struct == NULL)
- return ENOMEM;
-
- if ((ret = k5_setspecific(K5_KEY_KADM_CLNT_ERR_HANDLER, err_struct))) {
- free(err_struct);
- return ret;
- }
- }
-
- err_struct->subsystem = subsystem;
- err_struct->err_code = err_code;
- err_struct->kcontext = kcontext;
- if (err_struct->subsystem == krb5_err_have_str) {
- strncpy(err_struct->krb5_err_str, str,
- sizeof(err_struct->krb5_err_str));
- err_struct->krb5_err_str[KRB5_MAX_ERR_STR] = '\0';
- }
-
- return 0;
-}
-
-const char *KRB5_CALLCONV
-krb5_get_err_string(long err_code)
-{
- krb5_err_struct_t *err_struct;
- pthread_once(&krb5_key_create, init_err_handling);
-
- err_struct = (krb5_err_struct_t *) k5_getspecific(K5_KEY_KADM_CLNT_ERR_HANDLER);
- if (err_struct && (err_struct->subsystem == krb5_err_have_str)
- && (err_code == err_struct->err_code)) {
- /* checking error code is for safety.
- In case, the caller ignores a database error and calls
- other calls before doing com_err. Though not perfect,
- caller should call krb5_clr_error before this. */
- err_struct->subsystem = krb5_err_unknown;
- return err_struct->krb5_err_str;
- }
-
- /* Error strings are not generated here. the remaining two cases
- are handled by the default error string convertor. */
-#ifdef NOVELL
- return old_error_2_string(err_code);
-#else
- return error_message(err_code);
-#endif
-}
-
-void
-krb5_clr_error()
-{
- krb5_err_struct_t *err_struct;
- pthread_once(&krb5_key_create, init_err_handling);
-
- err_struct = (krb5_err_struct_t *) k5_getspecific(K5_KEY_KADM_CLNT_ERR_HANDLER);
- if (err_struct)
- err_struct->subsystem = krb5_err_unknown;
-}
-
-#else
-krb5_err_struct_t krb5_err = { {0}, 0, 0, 0 };
-krb5_boolean krb5_init_once = TRUE;
-
-static void
-init_err_handling(void)
-{
- if (krb5_init_once) {
-#ifdef NOVELL
- old_error_2_string = error_message;
- error_message = krb5_get_err_string;
-#endif
- krb5_init_once = FALSE;
- }
-}
-
-krb5_error_code
-krb5_set_err(krb5_context kcontext, krb5_err_subsystem subsystem,
- long err_code, char *str)
-{
- krb5_err_struct_t *err_struct = &krb5_err;
-
- init_err_handling(); /* takes care for multiple inits */
-
- err_struct->subsystem = subsystem;
- err_struct->err_code = err_code;
- err_struct->kcontext = kcontext;
- if (err_struct->subsystem == krb5_err_have_str) {
- strncpy(err_struct->krb5_err_str, str,
- sizeof(err_struct->krb5_err_str));
- err_struct->krb5_err_str[KRB5_MAX_ERR_STR] = '\0';
- }
-
- return 0;
-}
-
-const char *KRB5_CALLCONV
-krb5_get_err_string(long err_code)
-{
- krb5_err_struct_t *err_struct = &krb5_err;
-
- init_err_handling(); /* takes care for multiple inits */
-
- if ((err_struct->subsystem == krb5_err_have_str)
- && (err_code == err_struct->err_code)) {
- /* checking error code is for safety.
- In case, the caller ignores a database error and calls
- other calls before doing com_err. Though not perfect,
- caller should call krb5_clr_error before this. */
- err_struct->subsystem = krb5_err_unknown;
- return err_struct->krb5_err_str;
- }
-
- /* It is not generated here. the remaining two cases are handled
- by the default error string convertor. */
-#ifdef NOVELL
- return old_error_2_string(err_code);
-#else
- return error_message(err_code);
-#endif
-}
-
-void
-krb5_clr_error()
-{
- krb5_err_struct_t *err_struct = &krb5_err;
-
- init_err_handling(); /* takes care for multiple inits */
-
- err_struct->subsystem = krb5_err_unknown;
-}
-
-#endif
diff --git a/src/lib/kadm5/clnt/err_handle.h b/src/lib/kadm5/clnt/err_handle.h
deleted file mode 100644
index 7dea7b6..0000000
--- a/src/lib/kadm5/clnt/err_handle.h
+++ /dev/null
@@ -1,38 +0,0 @@
-/**********************************************************************
-*
-* C Header: err_handle.h
-* Instance: idc_sec_1
-* Description:
-* %created_by: spradeep %
-* %date_created: Thu Apr 7 15:36:49 2005 %
-*
-**********************************************************************/
-#ifndef _idc_sec_1_err_handle_h_H
-#define _idc_sec_1_err_handle_h_H
-#include <com_err.h>
-#include <krb5.h>
-
-/* Everything else goes here */
-
-#define KRB5_MAX_ERR_STR 1024
-typedef enum krb5_err_subsystem {
- krb5_err_unknown = 0, /* no error or unknown system. Has to be probed */
- krb5_err_system, /* error in system call */
- krb5_err_krblib, /* error in kerberos library call, should lookup in the error table */
- krb5_err_have_str, /* error message is available in the string */
- krb5_err_db /* error is a database error, should be handled by calling DB */
-} krb5_err_subsystem;
-
-typedef krb5_error_code(*krb5_set_err_func_t) (krb5_context,
- krb5_err_subsystem, long,
- char *);
-
-krb5_error_code krb5_set_err(krb5_context kcontext,
- krb5_err_subsystem subsystem, long err_code,
- char *str);
-
-const char *KRB5_CALLCONV krb5_get_err_string(long err_code);
-
-void krb5_clr_error(void);
-
-#endif
diff --git a/src/lib/kadm5/kadm_rpc.h b/src/lib/kadm5/kadm_rpc.h
index 3d11f09..d793ed8 100644
--- a/src/lib/kadm5/kadm_rpc.h
+++ b/src/lib/kadm5/kadm_rpc.h
@@ -27,7 +27,6 @@ typedef struct cprinc3_arg cprinc3_arg;
struct generic_ret {
krb5_ui_4 api_version;
kadm5_ret_t code;
- char *err_str;
};
typedef struct generic_ret generic_ret;
@@ -62,7 +61,6 @@ struct gprincs_ret {
kadm5_ret_t code;
char **princs;
int count;
- char *err_str;
};
typedef struct gprincs_ret gprincs_ret;
@@ -130,7 +128,6 @@ struct chrand_ret {
krb5_keyblock key;
krb5_keyblock *keys;
int n_keys;
- char *err_str;
};
typedef struct chrand_ret chrand_ret;
@@ -145,7 +142,6 @@ struct gprinc_ret {
krb5_ui_4 api_version;
kadm5_ret_t code;
kadm5_principal_ent_rec rec;
- char *err_str;
};
typedef struct gprinc_ret gprinc_ret;
@@ -179,7 +175,6 @@ struct gpol_ret {
krb5_ui_4 api_version;
kadm5_ret_t code;
kadm5_policy_ent_rec rec;
- char *err_str;
};
typedef struct gpol_ret gpol_ret;
@@ -194,7 +189,6 @@ struct gpols_ret {
kadm5_ret_t code;
char **pols;
int count;
- char *err_str;
};
typedef struct gpols_ret gpols_ret;
@@ -202,7 +196,6 @@ struct getprivs_ret {
krb5_ui_4 api_version;
kadm5_ret_t code;
long privs;
- char *err_str;
};
typedef struct getprivs_ret getprivs_ret;
diff --git a/src/lib/kadm5/kadm_rpc_xdr.c b/src/lib/kadm5/kadm_rpc_xdr.c
index 346a36e..aa2363c 100644
--- a/src/lib/kadm5/kadm_rpc_xdr.c
+++ b/src/lib/kadm5/kadm_rpc_xdr.c
@@ -545,18 +545,6 @@ xdr_generic_ret(XDR *xdrs, generic_ret *objp)
return (FALSE);
}
- if( xdrs->x_op == XDR_ENCODE )
- {
- char *tmp_str = "Unknown error code";
- if(!xdr_string(xdrs, objp->err_str?&objp->err_str:&tmp_str, (unsigned int)-1 )) {
- return (FALSE);
- }
- } else {
- if(!xdr_string(xdrs, &objp->err_str, (unsigned int)-1 )) {
- return (FALSE);
- }
- }
-
return(TRUE);
}
@@ -640,18 +628,6 @@ xdr_gprincs_ret(XDR *xdrs, gprincs_ret *objp)
}
}
- if( xdrs->x_op == XDR_ENCODE )
- {
- char *tmp_str = "Unknown error code";
- if(!xdr_string(xdrs, objp->err_str?&objp->err_str:&tmp_str, (unsigned int)-1 )) {
- return (FALSE);
- }
- } else {
- if(!xdr_string(xdrs, &objp->err_str, (unsigned int)-1 )) {
- return (FALSE);
- }
- }
-
return (TRUE);
}
@@ -812,18 +788,6 @@ xdr_chrand_ret(XDR *xdrs, chrand_ret *objp)
}
}
- if( xdrs->x_op == XDR_ENCODE )
- {
- char *tmp_str = "Unknown error code";
- if(!xdr_string(xdrs, objp->err_str?&objp->err_str:&tmp_str, (unsigned int)-1 )) {
- return (FALSE);
- }
- } else {
- if(!xdr_string(xdrs, &objp->err_str, (unsigned int)-1 )) {
- return (FALSE);
- }
- }
-
return (TRUE);
}
@@ -865,18 +829,6 @@ xdr_gprinc_ret(XDR *xdrs, gprinc_ret *objp)
}
}
- if( xdrs->x_op == XDR_ENCODE )
- {
- char *tmp_str = "Unknown error code";
- if(!xdr_string(xdrs, objp->err_str?&objp->err_str:&tmp_str, (unsigned int)-1 )) {
- return (FALSE);
- }
- } else {
- if(!xdr_string(xdrs, &objp->err_str, (unsigned int)-1 )) {
- return (FALSE);
- }
- }
-
return (TRUE);
}
@@ -948,18 +900,6 @@ xdr_gpol_ret(XDR *xdrs, gpol_ret *objp)
return (FALSE);
}
- if( xdrs->x_op == XDR_ENCODE )
- {
- char *tmp_str = "Unknown error code";
- if(!xdr_string(xdrs, objp->err_str?&objp->err_str:&tmp_str, (unsigned int)-1 )) {
- return (FALSE);
- }
- } else {
- if(!xdr_string(xdrs, &objp->err_str, (unsigned int)-1 )) {
- return (FALSE);
- }
- }
-
return (TRUE);
}
@@ -995,18 +935,6 @@ xdr_gpols_ret(XDR *xdrs, gpols_ret *objp)
}
}
- if( xdrs->x_op == XDR_ENCODE )
- {
- char *tmp_str = "Unknown error code";
- if(!xdr_string(xdrs, objp->err_str?&objp->err_str:&tmp_str, (unsigned int)-1 )) {
- return (FALSE);
- }
- } else {
- if(!xdr_string(xdrs, &objp->err_str, (unsigned int)-1 )) {
- return (FALSE);
- }
- }
-
return (TRUE);
}
@@ -1019,18 +947,6 @@ bool_t xdr_getprivs_ret(XDR *xdrs, getprivs_ret *objp)
! xdr_long(xdrs, &objp->privs))
return FALSE;
- if( xdrs->x_op == XDR_ENCODE )
- {
- char *tmp_str = "Unknown error code";
- if(!xdr_string(xdrs, objp->err_str?&objp->err_str:&tmp_str, (unsigned int)-1 )) {
- return (FALSE);
- }
- } else {
- if(!xdr_string(xdrs, &objp->err_str, (unsigned int)-1 )) {
- return (FALSE);
- }
- }
-
return TRUE;
}
diff --git a/src/lib/kadm5/logger.c b/src/lib/kadm5/logger.c
index 69f53a0..f78c7b4 100644
--- a/src/lib/kadm5/logger.c
+++ b/src/lib/kadm5/logger.c
@@ -171,6 +171,7 @@ static struct log_entry def_log_entry;
* klog_com_err_proc() - Handle com_err(3) messages as specified by the
* profile.
*/
+static krb5_context err_context;
static void
klog_com_err_proc(const char *whoami, long int code, const char *format, va_list ap)
{
@@ -194,7 +195,8 @@ klog_com_err_proc(const char *whoami, long int code, const char *format, va_list
/* If reporting an error message, separate it. */
if (code) {
outbuf[sizeof(outbuf) - 1] = '\0';
- strncat(outbuf, error_message(code), sizeof(outbuf) - 1 - strlen(outbuf));
+
+ strncat(outbuf, krb5_get_error_message (err_context, code), sizeof(outbuf) - 1 - strlen(outbuf));
strncat(outbuf, " - ", sizeof(outbuf) - 1 - strlen(outbuf));
}
cp = &outbuf[strlen(outbuf)];
@@ -360,6 +362,8 @@ krb5_klog_init(krb5_context kcontext, char *ename, char *whoami, krb5_boolean do
do_openlog = 0;
log_facility = 0;
+ err_context = kcontext;
+
/*
* Look up [logging]-><ename> in the profile. If that doesn't
* succeed, then look for [logging]->default.
diff --git a/src/lib/kadm5/srv/server_init.c b/src/lib/kadm5/srv/server_init.c
index dd1fe66..106d318 100644
--- a/src/lib/kadm5/srv/server_init.c
+++ b/src/lib/kadm5/srv/server_init.c
@@ -259,7 +259,8 @@ kadm5_ret_t kadm5_init(char *client_name, char *pass,
return ret;
}
- ret = krb5_db_open(handle->context, db_args, KRB5_KDB_OPEN_RW);
+ ret = krb5_db_open(handle->context, db_args,
+ KRB5_KDB_OPEN_RW | KRB5_KDB_SRV_TYPE_ADMIN);
if (ret) {
krb5_free_context(handle->context);
free_db_args(handle);
@@ -406,7 +407,8 @@ kadm5_ret_t kadm5_flush(void *server_handle)
CHECK_HANDLE(server_handle);
if ((ret = krb5_db_fini(handle->context)) ||
- (ret = krb5_db_open(handle->context, handle->db_args, KRB5_KDB_OPEN_RW)) ||
+ (ret = krb5_db_open(handle->context, handle->db_args,
+ KRB5_KDB_OPEN_RW | KRB5_KDB_SRV_TYPE_ADMIN)) ||
(ret = adb_policy_close(handle)) ||
(ret = adb_policy_init(handle))) {
(void) kadm5_destroy(server_handle);
diff --git a/src/lib/kadm5/srv/server_misc.c b/src/lib/kadm5/srv/server_misc.c
index f7bfd58..fa4e62e 100644
--- a/src/lib/kadm5/srv/server_misc.c
+++ b/src/lib/kadm5/srv/server_misc.c
@@ -25,7 +25,8 @@ adb_policy_init(kadm5_server_handle_t handle)
if( krb5_db_inited( handle->context ) )
return KADM5_OK;
- return krb5_db_open( handle->context, NULL, KRB5_KDB_OPEN_RW );
+ return krb5_db_open( handle->context, NULL,
+ KRB5_KDB_OPEN_RW | KRB5_KDB_SRV_TYPE_ADMIN );
}
kadm5_ret_t
diff --git a/src/lib/kadm5/srv/svr_policy.c b/src/lib/kadm5/srv/svr_policy.c
index 31333b7..d57d2f1 100644
--- a/src/lib/kadm5/srv/svr_policy.c
+++ b/src/lib/kadm5/srv/svr_policy.c
@@ -47,7 +47,7 @@ kadm5_create_policy(void *server_handle,
{
CHECK_HANDLE(server_handle);
- krb5_db_clr_error();
+ krb5_clear_error_message(((kadm5_server_handle_t)server_handle)->context);
if (mask & KADM5_REF_COUNT)
return KADM5_BAD_MASK;
@@ -157,7 +157,7 @@ kadm5_delete_policy(void *server_handle, kadm5_policy_t name)
CHECK_HANDLE(server_handle);
- krb5_db_clr_error();
+ krb5_clear_error_message(handle->context);
if(name == (kadm5_policy_t) NULL)
return EINVAL;
@@ -185,7 +185,7 @@ kadm5_modify_policy(void *server_handle,
{
CHECK_HANDLE(server_handle);
- krb5_db_clr_error();
+ krb5_clear_error_message(((kadm5_server_handle_t)server_handle)->context);
if (mask & KADM5_REF_COUNT)
return KADM5_BAD_MASK;
@@ -266,7 +266,7 @@ kadm5_get_policy(void *server_handle, kadm5_policy_t name,
CHECK_HANDLE(server_handle);
- krb5_db_clr_error();
+ krb5_clear_error_message(handle->context);
/*
* In version 1, entry is a pointer to a kadm5_policy_ent_t that
diff --git a/src/lib/kadm5/srv/svr_principal.c b/src/lib/kadm5/srv/svr_principal.c
index 18ab480..36ca2a1 100644
--- a/src/lib/kadm5/srv/svr_principal.c
+++ b/src/lib/kadm5/srv/svr_principal.c
@@ -199,7 +199,7 @@ kadm5_create_principal_3(void *server_handle,
CHECK_HANDLE(server_handle);
- krb5_db_clr_error();
+ krb5_clear_error_message(handle->context);
/*
* Argument sanity checking, and opening up the DB
@@ -380,6 +380,9 @@ kadm5_create_principal_3(void *server_handle,
}
}
+ /* In all cases key and the principal data is set, let the database provider know */
+ kdb.mask = mask | KADM5_KEY_DATA | KADM5_PRINCIPAL ;
+
/* store the new db entry */
ret = kdb_put_entry(handle, &kdb, &adb);
@@ -421,7 +424,7 @@ kadm5_delete_principal(void *server_handle, krb5_principal principal)
CHECK_HANDLE(server_handle);
- krb5_db_clr_error();
+ krb5_clear_error_message(handle->context);
if (principal == NULL)
return EINVAL;
@@ -469,7 +472,7 @@ kadm5_modify_principal(void *server_handle,
CHECK_HANDLE(server_handle);
- krb5_db_clr_error();
+ krb5_clear_error_message(handle->context);
if((mask & KADM5_PRINCIPAL) || (mask & KADM5_LAST_PWD_CHANGE) ||
(mask & KADM5_MOD_TIME) || (mask & KADM5_MOD_NAME) ||
@@ -628,6 +631,9 @@ kadm5_modify_principal(void *server_handle,
}
}
+ /* let the mask propagate to the database provider */
+ kdb.mask = mask;
+
ret = kdb_put_entry(handle, &kdb, &adb);
if (ret) goto done;
@@ -656,7 +662,7 @@ kadm5_rename_principal(void *server_handle,
CHECK_HANDLE(server_handle);
- krb5_db_clr_error();
+ krb5_clear_error_message(handle->context);
if (source == NULL || target == NULL)
return EINVAL;
@@ -711,7 +717,7 @@ kadm5_get_principal(void *server_handle, krb5_principal principal,
CHECK_HANDLE(server_handle);
- krb5_db_clr_error();
+ krb5_clear_error_message(handle->context);
/*
* In version 1, all the defined fields are always returned.
@@ -1289,7 +1295,7 @@ kadm5_chpass_principal_3(void *server_handle,
CHECK_HANDLE(server_handle);
- krb5_db_clr_error();
+ krb5_clear_error_message(handle->context);
hist_added = 0;
memset(&hist, 0, sizeof(hist));
@@ -1433,6 +1439,9 @@ kadm5_chpass_principal_3(void *server_handle,
if (ret)
goto done;
+ /* key data and attributes changed, let the database provider know */
+ kdb.mask = KADM5_KEY_DATA | KADM5_ATTRIBUTES /* | KADM5_CPW_FUNCTION */;
+
if ((ret = kdb_put_entry(handle, &kdb, &adb)))
goto done;
@@ -1478,13 +1487,13 @@ kadm5_randkey_principal_3(void *server_handle,
int ret, last_pwd, have_pol = 0;
kadm5_server_handle_t handle = server_handle;
- krb5_db_clr_error();
-
if (keyblocks)
*keyblocks = NULL;
CHECK_HANDLE(server_handle);
+ krb5_clear_error_message(handle->context);
+
if (principal == NULL)
return EINVAL;
if (hist_princ && /* this will be NULL when initializing the databse */
@@ -1580,6 +1589,9 @@ kadm5_randkey_principal_3(void *server_handle,
}
}
+ /* key data changed, let the database provider know */
+ kdb.mask = KADM5_KEY_DATA /* | KADM5_RANDKEY_USED */;
+
if ((ret = kdb_put_entry(handle, &kdb, &adb)))
goto done;
@@ -1616,12 +1628,12 @@ kadm5_setv4key_principal(void *server_handle,
kadm5_server_handle_t handle = server_handle;
krb5_key_data tmp_key_data;
- krb5_db_clr_error();
-
memset( &tmp_key_data, 0, sizeof(tmp_key_data));
CHECK_HANDLE(server_handle);
+ krb5_clear_error_message(handle->context);
+
if (principal == NULL || keyblock == NULL)
return EINVAL;
if (hist_princ && /* this will be NULL when initializing the databse */
@@ -1797,7 +1809,7 @@ kadm5_setkey_principal_3(void *server_handle,
CHECK_HANDLE(server_handle);
- krb5_db_clr_error();
+ krb5_clear_error_message(handle->context);
if (principal == NULL || keyblocks == NULL)
return EINVAL;
generated by cgit v1.1 at 2024-07-09 16:14:07 +0000