diff options
Diffstat (limited to 'src/lib')
-rw-r--r-- | src/lib/kadm5/srv/server_kdb.c | 4 | ||||
-rw-r--r-- | src/lib/kadm5/srv/svr_principal.c | 51 | ||||
-rw-r--r-- | src/lib/kdb/decrypt_key.c | 10 | ||||
-rw-r--r-- | src/lib/kdb/encrypt_key.c | 12 | ||||
-rw-r--r-- | src/lib/kdb/kdb5.c | 26 | ||||
-rw-r--r-- | src/lib/kdb/kdb_cpw.c | 11 | ||||
-rw-r--r-- | src/lib/kdb/kdb_default.c | 24 | ||||
-rw-r--r-- | src/lib/kdb/keytab.c | 4 | ||||
-rw-r--r-- | src/lib/kdb/libkdb5.exports | 8 |
9 files changed, 68 insertions, 82 deletions
diff --git a/src/lib/kadm5/srv/server_kdb.c b/src/lib/kadm5/srv/server_kdb.c index 3c09f90..768c8f7 100644 --- a/src/lib/kadm5/srv/server_kdb.c +++ b/src/lib/kadm5/srv/server_kdb.c @@ -213,8 +213,8 @@ kdb_get_hist_key(kadm5_server_handle_t handle, krb5_keyblock *hist_keyblock, if (ret) goto done; - ret = krb5_dbekd_decrypt_key_data(handle->context, mkey, - &kdb.key_data[0], hist_keyblock, NULL); + ret = krb5_dbe_decrypt_key_data(handle->context, mkey, &kdb.key_data[0], + hist_keyblock, NULL); if (ret) goto done; diff --git a/src/lib/kadm5/srv/svr_principal.c b/src/lib/kadm5/srv/svr_principal.c index 469a8e8..451e4ff 100644 --- a/src/lib/kadm5/srv/svr_principal.c +++ b/src/lib/kadm5/srv/svr_principal.c @@ -977,18 +977,15 @@ check_pw_reuse(krb5_context context, krb5_error_code ret; for (x = 0; x < n_new_key_data; x++) { - ret = krb5_dbekd_decrypt_key_data(context, - mkey, - &(new_key_data[x]), - &newkey, NULL); + ret = krb5_dbe_decrypt_key_data(context, mkey, &(new_key_data[x]), + &newkey, NULL); if (ret) return(ret); for (y = 0; y < n_pw_hist_data; y++) { for (z = 0; z < pw_hist_data[y].n_key_data; z++) { - ret = krb5_dbekd_decrypt_key_data(context, - hist_keyblock, - &pw_hist_data[y].key_data[z], - &histkey, NULL); + ret = krb5_dbe_decrypt_key_data(context, hist_keyblock, + &pw_hist_data[y].key_data[z], + &histkey, NULL); if (ret) return(ret); @@ -1047,17 +1044,14 @@ int create_history_entry(krb5_context context, krb5_keyblock *mkey, memset(hist->key_data, 0, n_key_data*sizeof(krb5_key_data)); for (i = 0; i < n_key_data; i++) { - ret = krb5_dbekd_decrypt_key_data(context, - mkey, - &key_data[i], - &key, &salt); + ret = krb5_dbe_decrypt_key_data(context, mkey, &key_data[i], &key, + &salt); if (ret) return ret; - ret = krb5_dbekd_encrypt_key_data(context, hist_key, - &key, &salt, - key_data[i].key_data_kvno, - &hist->key_data[i]); + ret = krb5_dbe_encrypt_key_data(context, hist_key, &key, &salt, + key_data[i].key_data_kvno, + &hist->key_data[i]); if (ret) return ret; @@ -1731,9 +1725,8 @@ kadm5_setv4key_principal(void *server_handle, goto done; /* use tmp_key_data as temporary location and reallocate later */ - ret = krb5_dbekd_encrypt_key_data(handle->context, act_mkey, - keyblock, &keysalt, kvno + 1, - &tmp_key_data); + ret = krb5_dbe_encrypt_key_data(handle->context, act_mkey, keyblock, + &keysalt, kvno + 1, &tmp_key_data); if (ret) { goto done; } @@ -1935,12 +1928,10 @@ kadm5_setkey_principal_3(void *server_handle, if (ret) goto done; - ret = krb5_dbekd_encrypt_key_data(handle->context, - act_mkey, - &keyblocks[i], - n_ks_tuple ? &keysalt : NULL, - kvno + 1, - &tmp_key_data); + ret = krb5_dbe_encrypt_key_data(handle->context, act_mkey, + &keyblocks[i], + n_ks_tuple ? &keysalt : NULL, kvno + 1, + &tmp_key_data); if (ret) goto done; @@ -2120,9 +2111,8 @@ static int decrypt_key_data(krb5_context context, krb5_keyblock *mkey, memset(keys, 0, n_key_data*sizeof(krb5_keyblock)); for (i = 0; i < n_key_data; i++) { - ret = krb5_dbekd_decrypt_key_data(context, mkey, - &key_data[i], - &keys[i], NULL); + ret = krb5_dbe_decrypt_key_data(context, mkey, &key_data[i], &keys[i], + NULL); if (ret) { for (; i >= 0; i--) { if (keys[i].contents) { @@ -2218,9 +2208,8 @@ kadm5_ret_t kadm5_decrypt_key(void *server_handle, } } - if ((ret = krb5_dbekd_decrypt_key_data(handle->context, - mkey_ptr, key_data, - keyblock, keysalt))) + if ((ret = krb5_dbe_decrypt_key_data(handle->context, mkey_ptr, key_data, + keyblock, keysalt))) return ret; /* diff --git a/src/lib/kdb/decrypt_key.c b/src/lib/kdb/decrypt_key.c index 8006cf3..37c4597 100644 --- a/src/lib/kdb/decrypt_key.c +++ b/src/lib/kdb/decrypt_key.c @@ -64,11 +64,11 @@ */ krb5_error_code -krb5_dbekd_def_decrypt_key_data( krb5_context context, - const krb5_keyblock * mkey, - const krb5_key_data * key_data, - krb5_keyblock * dbkey, - krb5_keysalt * keysalt) +krb5_dbe_def_decrypt_key_data( krb5_context context, + const krb5_keyblock * mkey, + const krb5_key_data * key_data, + krb5_keyblock * dbkey, + krb5_keysalt * keysalt) { krb5_error_code retval = 0; krb5_int16 tmplen; diff --git a/src/lib/kdb/encrypt_key.c b/src/lib/kdb/encrypt_key.c index bbf520b..02f0932 100644 --- a/src/lib/kdb/encrypt_key.c +++ b/src/lib/kdb/encrypt_key.c @@ -64,12 +64,12 @@ */ krb5_error_code -krb5_dbekd_def_encrypt_key_data( krb5_context context, - const krb5_keyblock * mkey, - const krb5_keyblock * dbkey, - const krb5_keysalt * keysalt, - int keyver, - krb5_key_data * key_data) +krb5_dbe_def_encrypt_key_data( krb5_context context, + const krb5_keyblock * mkey, + const krb5_keyblock * dbkey, + const krb5_keysalt * keysalt, + int keyver, + krb5_key_data * key_data) { krb5_error_code retval; krb5_octet * ptr; diff --git a/src/lib/kdb/kdb5.c b/src/lib/kdb/kdb5.c index bfcdbd6..11be6df 100644 --- a/src/lib/kdb/kdb5.c +++ b/src/lib/kdb/kdb5.c @@ -267,9 +267,9 @@ kdb_setup_opt_functions(db_library lib) if (lib->vftabl.promote_db == NULL) lib->vftabl.promote_db = krb5_def_promote_db; if (lib->vftabl.dbekd_decrypt_key_data == NULL) - lib->vftabl.dbekd_decrypt_key_data = krb5_dbekd_def_decrypt_key_data; + lib->vftabl.dbekd_decrypt_key_data = krb5_dbe_def_decrypt_key_data; if (lib->vftabl.dbekd_encrypt_key_data == NULL) - lib->vftabl.dbekd_encrypt_key_data = krb5_dbekd_def_encrypt_key_data; + lib->vftabl.dbekd_encrypt_key_data = krb5_dbe_def_encrypt_key_data; } #ifdef STATIC_PLUGINS @@ -2308,11 +2308,11 @@ clean_n_exit: } krb5_error_code -krb5_dbekd_decrypt_key_data( krb5_context kcontext, - const krb5_keyblock * mkey, - const krb5_key_data * key_data, - krb5_keyblock * dbkey, - krb5_keysalt * keysalt) +krb5_dbe_decrypt_key_data( krb5_context kcontext, + const krb5_keyblock * mkey, + const krb5_key_data * key_data, + krb5_keyblock * dbkey, + krb5_keysalt * keysalt) { krb5_error_code status = 0; kdb_vftabl *v; @@ -2324,12 +2324,12 @@ krb5_dbekd_decrypt_key_data( krb5_context kcontext, } krb5_error_code -krb5_dbekd_encrypt_key_data( krb5_context kcontext, - const krb5_keyblock * mkey, - const krb5_keyblock * dbkey, - const krb5_keysalt * keysalt, - int keyver, - krb5_key_data * key_data) +krb5_dbe_encrypt_key_data( krb5_context kcontext, + const krb5_keyblock * mkey, + const krb5_keyblock * dbkey, + const krb5_keysalt * keysalt, + int keyver, + krb5_key_data * key_data) { krb5_error_code status = 0; kdb_vftabl *v; diff --git a/src/lib/kdb/kdb_cpw.c b/src/lib/kdb/kdb_cpw.c index 723d98e..dcf00ab 100644 --- a/src/lib/kdb/kdb_cpw.c +++ b/src/lib/kdb/kdb_cpw.c @@ -186,9 +186,8 @@ add_key_rnd(context, master_key, ks_tuple, ks_tuple_count, db_entry, kvno) /* db library will free this. Since, its a so, it could actually be using different memory management function. So, its better if the memory is allocated by the db's malloc. So, a temporary memory is used here which will later be copied to the db_entry */ - retval = krb5_dbekd_encrypt_key_data(context, master_key, - &key, NULL, kvno, - &tmp_key_data); + retval = krb5_dbe_encrypt_key_data(context, master_key, &key, NULL, + kvno, &tmp_key_data); krb5_free_keyblock_contents(context, &key); if( retval ) @@ -464,9 +463,9 @@ add_key_pwd(context, master_key, ks_tuple, ks_tuple_count, passwd, /* memory allocation to be done by db. So, use temporary block and later copy it to the memory allocated by db */ - retval = krb5_dbekd_encrypt_key_data(context, master_key, &key, - (const krb5_keysalt *)&key_salt, - kvno, &tmp_key_data); + retval = krb5_dbe_encrypt_key_data(context, master_key, &key, + (const krb5_keysalt *)&key_salt, + kvno, &tmp_key_data); if (key_salt.data.data) free(key_salt.data.data); free(key.contents); diff --git a/src/lib/kdb/kdb_default.c b/src/lib/kdb/kdb_default.c index 545d503..e8fe54f 100644 --- a/src/lib/kdb/kdb_default.c +++ b/src/lib/kdb/kdb_default.c @@ -463,9 +463,9 @@ krb5_def_verify_master_key(krb5_context context, return(KRB5KDC_ERR_PRINCIPAL_NOT_UNIQUE); } - if ((retval = krb5_dbekd_decrypt_key_data(context, mkey, - &master_entry.key_data[0], - &tempkey, NULL))) { + if ((retval = krb5_dbe_decrypt_key_data(context, mkey, + &master_entry.key_data[0], + &tempkey, NULL))) { krb5_db_free_principal(context, &master_entry, nprinc); return retval; } @@ -534,9 +534,8 @@ krb5_def_fetch_mkey_list(krb5_context context, */ if (mkey->enctype == master_entry.key_data[0].key_data_type[0]) { - if (krb5_dbekd_decrypt_key_data(context, mkey, - &master_entry.key_data[0], - &cur_mkey, NULL) == 0) { + if (krb5_dbe_decrypt_key_data(context, mkey, &master_entry.key_data[0], + &cur_mkey, NULL) == 0) { found_key = TRUE; } } @@ -549,9 +548,9 @@ krb5_def_fetch_mkey_list(krb5_context context, for (aux_data_entry = mkey_aux_data_list; aux_data_entry != NULL; aux_data_entry = aux_data_entry->next) { - if (krb5_dbekd_decrypt_key_data(context, mkey, - &aux_data_entry->latest_mkey, - &cur_mkey, NULL) == 0) { + if (krb5_dbe_decrypt_key_data(context, mkey, + &aux_data_entry->latest_mkey, + &cur_mkey, NULL) == 0) { found_key = TRUE; break; } @@ -596,10 +595,9 @@ krb5_def_fetch_mkey_list(krb5_context context, memset(*mkey_list_node, 0, sizeof(krb5_keylist_node)); } key_data = &master_entry.key_data[i]; - retval = krb5_dbekd_decrypt_key_data(context, &cur_mkey, - key_data, - &((*mkey_list_node)->keyblock), - NULL); + retval = krb5_dbe_decrypt_key_data(context, &cur_mkey, key_data, + &((*mkey_list_node)->keyblock), + NULL); if (retval) goto clean_n_exit; diff --git a/src/lib/kdb/keytab.c b/src/lib/kdb/keytab.c index 03cc897..ae02e91 100644 --- a/src/lib/kdb/keytab.c +++ b/src/lib/kdb/keytab.c @@ -185,8 +185,8 @@ krb5_ktkdb_get_entry(in_context, id, principal, kvno, enctype, entry) goto error; - kerror = krb5_dbekd_decrypt_key_data(context, master_key, - key_data, &entry->key, NULL); + kerror = krb5_dbe_decrypt_key_data(context, master_key, key_data, + &entry->key, NULL); if (kerror) goto error; diff --git a/src/lib/kdb/libkdb5.exports b/src/lib/kdb/libkdb5.exports index c988098..c32a8db 100644 --- a/src/lib/kdb/libkdb5.exports +++ b/src/lib/kdb/libkdb5.exports @@ -55,10 +55,10 @@ krb5_dbe_update_mkey_aux krb5_dbe_update_mkvno krb5_dbe_update_mod_princ_data krb5_dbe_update_tl_data -krb5_dbekd_def_encrypt_key_data -krb5_dbekd_def_decrypt_key_data -krb5_dbekd_decrypt_key_data -krb5_dbekd_encrypt_key_data +krb5_dbe_def_encrypt_key_data +krb5_dbe_def_decrypt_key_data +krb5_dbe_decrypt_key_data +krb5_dbe_encrypt_key_data krb5_kt_kdb_ops krb5_ktkdb_close krb5_ktkdb_get_entry |