int ext_keytab(struct ext_keytab_options *opt, int argc, char **argv) { krb5_error_code ret; int i; struct ext_keytab_data data; if (opt->keytab_string == NULL) ret = krb5_kt_default(context, &data.keytab); else ret = krb5_kt_resolve(context, opt->keytab_string, &data.keytab); if(ret){ krb5_warn(context, ret, "krb5_kt_resolve"); return 1; } for(i = 0; i < argc; i++) { ret = foreach_principal(argv[i], do_ext_keytab, "ext", &data); if (ret) break; } krb5_kt_close(context, data.keytab); return ret != 0; }
static int getit(struct get_options *opt, const char *name, int argc, char **argv) { int i; krb5_error_code ret; struct get_entry_data data; if(opt->long_flag == -1 && (opt->short_flag == 1 || opt->terse_flag == 1)) opt->long_flag = 0; if(opt->short_flag == -1 && (opt->long_flag == 1 || opt->terse_flag == 1)) opt->short_flag = 0; if(opt->terse_flag == -1 && (opt->long_flag == 1 || opt->short_flag == 1)) opt->terse_flag = 0; if(opt->long_flag == 0 && opt->short_flag == 0 && opt->terse_flag == 0) opt->short_flag = 1; if (opt->terse_flag) return listit(name, argc, argv); data.table = NULL; data.chead = NULL; data.ctail = &data.chead; data.mask = 0; data.extra_mask = 0; if(opt->short_flag) { data.table = rtbl_create(); rtbl_set_separator(data.table, " "); data.format = print_entry_short; } else data.format = print_entry_long; if(opt->column_info_string == NULL) { if(opt->long_flag) ret = setup_columns(&data, DEFAULT_COLUMNS_LONG); else ret = setup_columns(&data, DEFAULT_COLUMNS_SHORT); } else ret = setup_columns(&data, opt->column_info_string); if(ret != 0) { if(data.table != NULL) rtbl_destroy(data.table); return 0; } for(i = 0; i < argc; i++) ret = foreach_principal(argv[i], do_get_entry, name, &data); if(data.table != NULL) { rtbl_format(data.table, stdout); rtbl_destroy(data.table); } free_columns(&data); return ret != 0; }
int cpw_entry(struct passwd_options *opt, int argc, char **argv) { krb5_error_code ret = 0; int i; struct cpw_entry_data data; int num; krb5_key_data key_data[3]; data.keepold = opt->keepold_flag; data.random_key = opt->random_key_flag; data.random_password = opt->random_password_flag; data.password = opt->password_string; data.key_data = NULL; num = 0; if (data.random_key) ++num; if (data.random_password) ++num; if (data.password) ++num; if (opt->key_string) ++num; if (num > 1) { fprintf (stderr, "give only one of " "--random-key, --random-password, --password, --key\n"); return 1; } if (opt->key_string) { const char *error; if (parse_des_key (opt->key_string, key_data, &error)) { fprintf (stderr, "failed parsing key \"%s\": %s\n", opt->key_string, error); return 1; } data.key_data = key_data; } for(i = 0; i < argc; i++) ret = foreach_principal(argv[i], do_cpw_entry, "cpw", &data); if (data.key_data) { int16_t dummy; kadm5_free_key_data (kadm_handle, &dummy, key_data); } return ret != 0; }
int del_entry(void *opt, int argc, char **argv) { int i; krb5_error_code ret = 0; for(i = 0; i < argc; i++) { ret = foreach_principal(argv[i], do_del_entry, "del", NULL); if (ret) break; } return ret != 0; }
int mod_entry(struct modify_options *opt, int argc, char **argv) { krb5_error_code ret = 0; int i; for(i = 0; i < argc; i++) { ret = foreach_principal(argv[i], do_mod_entry, "mod", opt); if (ret) break; } return ret != 0; }
static int listit(const char *funcname, int argc, char **argv) { int i; krb5_error_code ret, saved_ret = 0; for (i = 0; i < argc; i++) { ret = foreach_principal(argv[i], do_list_entry, funcname, NULL); if (saved_ret == 0 && ret != 0) saved_ret = ret; } return saved_ret != 0; }
int check(void *opt, int argc, char **argv) { kadm5_principal_ent_rec ent; krb5_error_code ret; char *realm = NULL, *p, *p2; int found; if (argc == 0) { ret = krb5_get_default_realm(context, &realm); if (ret) { krb5_warn(context, ret, "krb5_get_default_realm"); goto fail; } } else { realm = strdup(argv[0]); if (realm == NULL) { krb5_warnx(context, "malloc"); goto fail; } } /* * Check krbtgt/REALM@REALM * * For now, just check existance */ if (asprintf(&p, "%s/%s@%s", KRB5_TGS_NAME, realm, realm) == -1) { krb5_warn(context, errno, "asprintf"); goto fail; } ret = get_check_entry(p, &ent); if (ret) { printf("%s doesn't exist, are you sure %s is a realm in your database", p, realm); free(p); goto fail; } free(p); kadm5_free_principal_ent(kadm_handle, &ent); /* * Check kadmin/admin@REALM */ if (asprintf(&p, "kadmin/admin@%s", realm) == -1) { krb5_warn(context, errno, "asprintf"); goto fail; } ret = get_check_entry(p, &ent); if (ret) { printf("%s doesn't exist, " "there is no way to do remote administration", p); free(p); goto fail; } free(p); kadm5_free_principal_ent(kadm_handle, &ent); /* * Check kadmin/changepw@REALM */ if (asprintf(&p, "kadmin/changepw@%s", realm) == -1) { krb5_warn(context, errno, "asprintf"); goto fail; } ret = get_check_entry(p, &ent); if (ret) { printf("%s doesn't exist, " "there is no way to do change password", p); free(p); goto fail; } free(p); kadm5_free_principal_ent(kadm_handle, &ent); /* * Check for duplicate afs keys */ p2 = strdup(realm); if (p2 == NULL) { krb5_warn(context, errno, "malloc"); goto fail; } strlwr(p2); if (asprintf(&p, "afs/%s@%s", p2, realm) == -1) { krb5_warn(context, errno, "asprintf"); free(p2); goto fail; } free(p2); ret = get_check_entry(p, &ent); free(p); if (ret == 0) { kadm5_free_principal_ent(kadm_handle, &ent); found = 1; } else found = 0; if (asprintf(&p, "afs@%s", realm) == -1) { krb5_warn(context, errno, "asprintf"); goto fail; } ret = get_check_entry(p, &ent); free(p); if (ret == 0) { kadm5_free_principal_ent(kadm_handle, &ent); if (found) { krb5_warnx(context, "afs@REALM and afs/cellname@REALM both exists"); goto fail; } } foreach_principal("*", do_check_entry, "check", NULL); free(realm); return 0; fail: free(realm); return 1; }