202 			    kadm5_principal_ent_t entry, long mask,
206 	kadm5_create_principal_3(server_handle, entry, mask,
211 			 kadm5_principal_ent_t entry, long mask,
239     if (entry == (kadm5_principal_ent_t) NULL || password == NULL)
245     ret = kdb_get_entry(handle, entry->principal, &kdb, &adb);
267 		 * entry).
282 	 if ((ret = kadm5_get_policy(handle->lhandle, entry->policy,
291 			    &polent, entry->principal))) {
313      * entry->attributes, but also the generic params.flags
318 	kdb.attributes |= entry->attributes;
324 	kdb.max_life = entry->max_life; 
329 	 kdb.max_renewable_life = entry->max_renewable_life;
334 	kdb.expiration = entry->princ_expire_time;
346 	 kdb.pw_expiration = entry->pw_expiration;
353        to free the entire kdb entry, and that will try to free the
357 				    entry->principal, &(kdb.princ)))) {
371 	/* splice entry->tl_data onto the front of kdb.tl_data */
373 	for (tl_data_tail = entry->tl_data; tl_data_tail;
393 			    (mask & KADM5_KVNO)?entry->kvno:1,
414 	adb.policy = entry->policy;
434     /* store the new db entry */
511 			    kadm5_principal_ent_t entry, long mask)
535     if(entry == (kadm5_principal_ent_t) NULL)
538 	 tl_data_orig = entry->tl_data;
546     ret = kdb_get_entry(handle, entry->principal, &kdb, &adb);
556 	 ret = kadm5_get_policy(handle->lhandle, entry->policy, &npol);
574 	      if(strcmp(adb.policy, entry->policy)) {
598 	 adb.policy = strdup(entry->policy);
649 	kdb.attributes = entry->attributes;
651 	kdb.max_life = entry->max_life;
653 	kdb.expiration = entry->princ_expire_time;
655 	 kdb.pw_expiration = entry->pw_expiration;
657 	 kdb.max_renewable_life = entry->max_renewable_life;
659 	 kdb.fail_auth_count = entry->fail_auth_count;
663 	      kdb.key_data[i].key_data_kvno = entry->kvno;
671 	 for (tl = entry->tl_data; tl;
755 		    kadm5_principal_ent_t entry,
772      * entry is a pointer to a kadm5_principal_ent_t_v1 that should be
777 	 entry_orig = entry;
778 	 entry = &entry_local;
783     memset((char *) entry, 0, sizeof(*entry));
793 	if ((entry->policy = (char *) malloc(strlen(adb.policy) + 1)) == NULL) {
797 	strcpy(entry->policy, adb.policy);
801 	 entry->aux_attributes = adb.aux_attributes;
805 				   &entry->principal))) { 
810 	 entry->princ_expire_time = kdb.expiration;
814 					       &(entry->last_pwd_change)))) {
819 	 entry->pw_expiration = kdb.pw_expiration;
821 	 entry->max_life = kdb.max_life;
827 					     &(entry->mod_date), 
828 					     &(entry->mod_name));
834 	    entry->mod_date = 0;
836 	    krb5_free_principal(handle->context, entry->principal);
837 	    entry->principal = NULL;
842 	 entry->attributes = kdb.attributes;
845 	 for (entry->kvno = 0, i=0; i<kdb.n_key_data; i++)
846 	      if (kdb.key_data[i].key_data_kvno > entry->kvno)
847 		   entry->kvno = kdb.key_data[i].key_data_kvno;
850 	 entry->mkvno = 0;
853 	 entry->mkvno = 1;
861 	      entry->max_renewable_life = kdb.max_renewable_life;
863 	      entry->last_success = kdb.last_success;
865 	      entry->last_failed = kdb.last_failed;
867 	      entry->fail_auth_count = kdb.fail_auth_count;
871 	      entry->tl_data = NULL;
880 			tl2->tl_data_next = entry->tl_data;
881 			entry->tl_data = tl2;
882 			entry->n_tl_data++;
889 	      entry->n_key_data = kdb.n_key_data;
890 	      if(entry->n_key_data) {
891 		      entry->key_data = (krb5_key_data *)
892 			      malloc(entry->n_key_data*sizeof(krb5_key_data));
893 		      if (entry->key_data == NULL) {
898 		      entry->key_data = NULL;
900 	      for (i = 0; i < entry->n_key_data; i++)
903 						    &entry->key_data[i]);
923 	 newv1->principal = entry->principal;
924 	 newv1->princ_expire_time = entry->princ_expire_time;
925 	 newv1->last_pwd_change = entry->last_pwd_change;
926 	 newv1->pw_expiration = entry->pw_expiration;
927 	 newv1->max_life = entry->max_life;
928 	 newv1->mod_name = entry->mod_name;
929 	 newv1->mod_date = entry->mod_date;
930 	 newv1->attributes = entry->attributes;
931 	 newv1->kvno = entry->kvno;
932 	 newv1->mkvno = entry->mkvno;
933 	 newv1->policy = entry->policy;
934 	 newv1->aux_attributes = entry->aux_attributes;
942     if (ret && entry->principal)
943 	 krb5_free_principal(handle->context, entry->principal);
1025  * Purpose: Creates a password history entry from an array of
1033  *	key_data	(r) keys to add to the history entry
1034  *	hist		(w) history entry to fill in
1098  *	adb		(r/w) admin principal entry to add keys to
1149 	   * To avoid losing old keys, shift forward each entry after
1209      /* free the old pw history entry if it contains data */
1215      /* store the new entry */
2138  *	entry		(r) principal retrieved with kadm5_get_principal
2147  * Effects: Searches the key_data array of entry, which must have been
2150  * principal entry.  If not found, return ENOENT.  Otherwise, decrypt
2161 			      kadm5_principal_ent_t entry, krb5_int32
2173     if (entry->n_key_data == 0 || entry->key_data == NULL)
2177     dbent.n_key_data = entry->n_key_data;
2178     dbent.key_data = entry->key_data;

Indexes created Tue Jul 24 14:28:13 CEST 2018