212 check_1_6_dummy(kadm5_principal_ent_t entry, long mask,
220         !(entry->attributes & KRB5_KDB_DISALLOW_ALL_TIX))
234                        kadm5_principal_ent_t entry, long mask,
238         kadm5_create_principal_3(server_handle, entry, mask,
243                          kadm5_principal_ent_t entry, long mask,
261     check_1_6_dummy(entry, mask, n_ks_tuple, ks_tuple, &password);
275     if (entry == NULL)
281     ret = kdb_get_entry(handle, entry->principal, &kdb, &adb);
300              * entry).
317         if ((ret = kadm5_get_policy(handle->lhandle, entry->policy,
327                            &polent, entry->principal);
351      * entry->attributes, but also the generic params.flags
356         kdb.attributes |= entry->attributes;
362         kdb.max_life = entry->max_life;
367         kdb.max_renewable_life = entry->max_renewable_life;
372         kdb.expiration = entry->princ_expire_time;
384         kdb.pw_expiration = entry->pw_expiration;
391        to free the entire kdb entry, and that will try to free the
395                                     entry->principal, &(kdb.princ)))) {
409         /* splice entry->tl_data onto the front of kdb.tl_data */
411         for (tl_data_tail = entry->tl_data; tl_data_tail;
467                            password, (mask & KADM5_KVNO)?entry->kvno:1,
483     /* Record the master key VNO used to encrypt this entry's keys */
506         adb.policy = entry->policy;
526     /* store the new db entry */
603                        kadm5_principal_ent_t entry, long mask)
627     if(entry == (kadm5_principal_ent_t) NULL)
630         tl_data_orig = entry->tl_data;
638     ret = kdb_get_entry(handle, entry->principal, &kdb, &adb);
648         ret = kadm5_get_policy(handle->lhandle, entry->policy, &npol);
666             if(strcmp(adb.policy, entry->policy)) {
690         adb.policy = strdup(entry->policy);
741         kdb.attributes = entry->attributes;
743         kdb.max_life = entry->max_life;
745         kdb.expiration = entry->princ_expire_time;
747         kdb.pw_expiration = entry->pw_expiration;
749         kdb.max_renewable_life = entry->max_renewable_life;
753             kdb.key_data[i].key_data_kvno = entry->kvno;
761         for (tl = entry->tl_data; tl;
773      * Setting entry->fail_auth_count to 0 can be used to manually unlock
778         if (entry->fail_auth_count != 0) {
859                     kadm5_principal_ent_t entry,
875      * entry is a pointer to a kadm5_principal_ent_t_v1 that should be
880     memset(entry, 0, sizeof(*entry));
890         if ((entry->policy = strdup(adb.policy)) == NULL) {
897         entry->aux_attributes = adb.aux_attributes;
901                                    &entry->principal))) {
906         entry->princ_expire_time = kdb.expiration;
910                                                &(entry->last_pwd_change)))) {
915         entry->pw_expiration = kdb.pw_expiration;
917         entry->max_life = kdb.max_life;
923                                              &(entry->mod_date),
924                                              &(entry->mod_name));
930             entry->mod_date = 0;
932             krb5_free_principal(handle->context, entry->mod_name);
933             entry->mod_name = NULL;
938         entry->attributes = kdb.attributes;
941         for (entry->kvno = 0, i=0; i<kdb.n_key_data; i++)
942             if (kdb.key_data[i].key_data_kvno > entry->kvno)
943                 entry->kvno = kdb.key_data[i].key_data_kvno;
946         ret = krb5_dbe_get_mkvno(handle->context, &kdb, &entry->mkvno);
952         entry->max_renewable_life = kdb.max_renewable_life;
954         entry->last_success = kdb.last_success;
956         entry->last_failed = kdb.last_failed;
958         entry->fail_auth_count = kdb.fail_auth_count;
962         entry->tl_data = NULL;
971                 tl2->tl_data_next = entry->tl_data;
972                 entry->tl_data = tl2;
973                 entry->n_tl_data++;
980         entry->n_key_data = kdb.n_key_data;
981         if(entry->n_key_data) {
982             entry->key_data = malloc(entry->n_key_data*sizeof(krb5_key_data));
983             if (entry->key_data == NULL) {
988             entry->key_data = NULL;
990         for (i = 0; i < entry->n_key_data; i++)
993                                               &entry->key_data[i]);
1001     if (ret && entry->principal) {
1002         krb5_free_principal(handle->context, entry->principal);
1003         entry->principal = NULL;
1085  * Purpose: Creates a password history entry from an array of
1094  *      key_data        (r) keys to add to the history entry
1095  *      hist            (w) history entry to fill in
1160  *      adb             (r/w) admin principal entry to add keys to
1221          * To avoid losing old keys, shift forward each entry after
1281     /* free the old pw history entry if it contains data */
1287     /* store the new entry */
1664         /* If changing the history entry, the new entry must have exactly one
2228  *      entry           (r) principal retrieved with kadm5_get_principal
2237  * Effects: Searches the key_data array of entry, which must have been
2240  * principal entry.  If not found, return ENOENT.  Otherwise, decrypt
2251                               kadm5_principal_ent_t entry, krb5_int32
2263     if (entry->n_key_data == 0 || entry->key_data == NULL)
2267     dbent.n_key_data = entry->n_key_data;
2268     dbent.key_data = entry->key_data;
2274     dbent.tl_data = entry->tl_data;

Indexes created Tue Jul 24 14:28:13 CEST 2018