Lines Matching refs:st
171 krb5_error_code st = 0, tempst = 0;
182 if ((st = krb5_ldap_read_krbcontainer_params(context,
202 ldap_get_option(ld, LDAP_OPT_ERROR_NUMBER, &st);
203 st = set_ldap_error (context, st, OP_SEARCH);
227 if (st != 0) {
240 return st;
257 krb5_error_code st = 0, tempst=0;
270 st = EINVAL;
271 krb5_set_error_message (context, st, gettext("Realm information not available"));
275 if ((st=krb5_ldap_read_realm_params(context, lrealm, &rparam, &mask)) != 0)
296 if ((st=krb5_get_subtree_info(&lcontext, &subtrees, (unsigned int *)&ntree)) != 0)
302 st = ENOMEM;
326 if ((st=krb5_ldap_delete_principal(context, principal,
343 if ((st = krb5_ldap_list_policy (context, ldap_context->lrparams->realmdn, &policy)) != 0) {
344 prepend_err_str (context, "Error reading ticket policy: ", st, st);
353 if ((st=ldap_delete_ext_s(ld, ldap_context->lrparams->realmdn, NULL, NULL)) != LDAP_SUCCESS) {
354 int ost = st;
355 st = translate_ldap_error (st, OP_DEL);
356 krb5_set_error_message (context, st, gettext("Realm Delete FAILED: %s"),
381 return st;
394 krb5_error_code st=0;
418 st = EINVAL;
419 return st;
436 st = EINVAL;
449 if ((st=decode_tl_data(rparams->tl_data, KDB_TL_MASK, &voidptr)) == 0) {
453 st = EINVAL;
454 krb5_set_error_message (context, st, gettext("tl_data not available"));
455 return st;
467 st = checkattributevalue(ld, rparams->subtree[k], "Objectclass", subtreeclass,
469 CHECK_CLASS_VALIDITY(st, objectmask, "subtree value: ");
473 if ((st=krb5_add_str_mem_ldap_mod(&mods, "krbsubtrees", LDAP_MOD_REPLACE,
483 st = checkattributevalue(ld, rparams->containerref, "Objectclass", subtreeclass,
485 CHECK_CLASS_VALIDITY(st, objectmask, "container reference value: ");
488 if ((st=krb5_add_str_mem_ldap_mod(&mods, "krbPrincContainerRef", LDAP_MOD_REPLACE,
496 if ((st=krb5_add_int_mem_ldap_mod(&mods, "krbsearchscope", LDAP_MOD_REPLACE,
505 if ((st=krb5_add_int_mem_ldap_mod(&mods, "krbMaxRenewableAge", LDAP_MOD_REPLACE,
514 if ((st=krb5_add_int_mem_ldap_mod(&mods, "krbMaxTicketLife", LDAP_MOD_REPLACE,
523 if ((st=krb5_add_int_mem_ldap_mod(&mods, "krbTicketFlags", LDAP_MOD_REPLACE,
535 st = checkattributevalue(ld, rparams->kdcservers[i], "objectClass", kdcclass,
537 CHECK_CLASS_VALIDITY(st, objectmask, "kdc service object value: ");
540 if ((st=krb5_add_str_mem_ldap_mod(&mods, "krbkdcservers", LDAP_MOD_REPLACE,
549 st = checkattributevalue(ld, rparams->adminservers[i], "objectClass", adminclass,
551 CHECK_CLASS_VALIDITY(st, objectmask, "admin service object value: ");
554 if ((st=krb5_add_str_mem_ldap_mod(&mods, "krbadmservers", LDAP_MOD_REPLACE,
563 st = checkattributevalue(ld, rparams->passwdservers[i], "objectClass", pwdclass,
565 CHECK_CLASS_VALIDITY(st, objectmask, "password service object value: ");
568 if ((st=krb5_add_str_mem_ldap_mod(&mods, "krbpwdservers", LDAP_MOD_REPLACE,
582 if ((st= ldap_search_ext_s(ld,
593 st = set_ldap_error (context, st, OP_SEARCH);
601 if ((st=copy_arrays(values, &oldkdcservers, count)) != 0)
608 if ((st=copy_arrays(values, &oldadminservers, count)) != 0)
615 if ((st=copy_arrays(values, &oldpasswdservers, count)) != 0)
626 if ((st=ldap_modify_ext_s(ld, rparams->realmdn, mods, NULL, NULL)) != LDAP_SUCCESS) {
627 st = set_ldap_error (context, st, OP_MOD);
640 if ((st=copy_arrays(rparams->kdcservers, &newkdcservers, count)) != 0)
650 if ((st=deleteAttribute(ld, oldkdcservers[i], "krbRealmReferences",
654 prepend_err_str (context, errbuf, st, st);
661 if ((st=updateAttribute(ld, newkdcservers[i], "krbRealmReferences",
665 prepend_err_str (context, errbuf, st, st);
677 if ((st=copy_arrays(rparams->adminservers, &newadminservers, count)) != 0)
687 if ((st=deleteAttribute(ld, oldadminservers[i], "krbRealmReferences",
691 prepend_err_str (context, errbuf, st, st);
698 if ((st=updateAttribute(ld, newadminservers[i], "krbRealmReferences",
702 prepend_err_str (context, errbuf, st, st);
713 if ((st=copy_arrays(rparams->passwdservers, &newpasswdservers, count)) != 0)
723 if ((st=deleteAttribute(ld, oldpasswdservers[i], "krbRealmReferences",
727 prepend_err_str (context, errbuf, st, st);
734 if ((st=updateAttribute(ld, newpasswdservers[i], "krbRealmReferences",
738 prepend_err_str (context, errbuf, st, st);
770 return st;
788 krb5_error_code st=0;
808 st = EINVAL;
809 krb5_set_error_message (context, st, gettext("Kerberos Container information is missing"));
816 if ((st=krb5_add_str_mem_ldap_mod(&mods, "objectclass", LDAP_MOD_ADD, strval)) != 0)
821 st = EINVAL;
822 krb5_set_error_message(context, st, gettext("Invalid Kerberos container DN"));
828 if ((st=krb5_add_str_mem_ldap_mod(&mods, "cn", LDAP_MOD_ADD, strval)) != 0)
833 st = checkattributevalue(ld, krbcontparams->policyreference, "objectclass", policyclass,
835 CHECK_CLASS_VALIDITY(st, pmask, "ticket policy object value: ");
839 if ((st=krb5_add_str_mem_ldap_mod(&mods, "krbticketpolicyreference", LDAP_MOD_ADD,
845 if ((st = ldap_add_ext_s(ld, kerberoscontdn, mods, NULL, NULL)) != LDAP_SUCCESS) {
846 int ost = st;
847 st = translate_ldap_error (st, OP_ADD);
848 krb5_set_error_message (context, st, gettext("Kerberos Container create FAILED: %s"), ldap_err2string(ost));
859 if ((st=checkattributevalue(ld, SECURITY_CONTAINER, "objectClass",
861 prepend_err_str (context, "Security Container read FAILED: ", st, st);
870 if ((st=krb5_add_str_mem_ldap_mod(&mods, "objectclass", LDAP_MOD_ADD, strval)) != 0)
876 if ((st=krb5_add_str_mem_ldap_mod(&mods, "krbcontainerreference", LDAP_MOD_ADD, strval)) != 0)
880 if ((st=ldap_modify_ext_s(ld, SECURITY_CONTAINER, mods, NULL, NULL)) != LDAP_SUCCESS) {
881 int ost = st;
882 st = translate_ldap_error (st, OP_MOD);
883 krb5_set_error_message (context, st, gettext("Security Container update FAILED: %s"), ldap_err2string(ost));
897 return(st);
911 krb5_error_code st=0;
928 st = EINVAL;
929 krb5_set_error_message (context, st, gettext("Kerberos Container information is missing"));
935 if ((st = ldap_delete_ext_s(ld, kerberoscontdn, NULL, NULL)) != LDAP_SUCCESS) {
936 int ost = st;
937 st = translate_ldap_error (st, OP_ADD);
938 krb5_set_error_message (context, st, gettext("Kerberos Container delete FAILED: %s"), ldap_err2string(ost));
945 return(st);
958 krb5_error_code st=0;
988 st = EINVAL;
989 return st;
993 if ((st = krb5_ldap_read_krbcontainer_params(context,
1010 if ((st=krb5_add_str_mem_ldap_mod(&mods, "cn", LDAP_MOD_ADD, strval)) != 0)
1018 if ((st=krb5_add_str_mem_ldap_mod(&mods, "objectclass", LDAP_MOD_ADD, strval)) != 0)
1027 st = checkattributevalue(ld, rparams->subtree[i], "Objectclass", subtreeclass,
1029 CHECK_CLASS_VALIDITY(st, objectmask, "realm object value: ");
1032 if ((st=krb5_add_str_mem_ldap_mod(&mods, "krbsubtrees", LDAP_MOD_ADD,
1042 st = checkattributevalue(ld, rparams->containerref, "Objectclass", subtreeclass,
1044 CHECK_CLASS_VALIDITY(st, objectmask, "realm object value: ");
1047 if ((st=krb5_add_str_mem_ldap_mod(&mods, "krbPrincContainerRef", LDAP_MOD_ADD,
1055 if ((st=krb5_add_int_mem_ldap_mod(&mods, "krbsearchscope", LDAP_MOD_ADD,
1063 if ((st=krb5_add_int_mem_ldap_mod(&mods, "krbMaxRenewableAge", LDAP_MOD_ADD,
1072 if ((st=krb5_add_int_mem_ldap_mod(&mods, "krbMaxTicketLife", LDAP_MOD_ADD,
1081 if ((st=krb5_add_int_mem_ldap_mod(&mods, "krbTicketFlags", LDAP_MOD_ADD,
1093 st = checkattributevalue(ld, rparams->kdcservers[i], "objectClass", kdcclass,
1095 CHECK_CLASS_VALIDITY(st, objectmask, "kdc service object value: ");
1099 if ((st=krb5_add_str_mem_ldap_mod(&mods, "krbkdcservers", LDAP_MOD_ADD,
1108 st = checkattributevalue(ld, rparams->adminservers[i], "objectClass", adminclass,
1110 CHECK_CLASS_VALIDITY(st, objectmask, "admin service object value: ");
1114 if ((st=krb5_add_str_mem_ldap_mod(&mods, "krbadmservers", LDAP_MOD_ADD,
1123 st = checkattributevalue(ld, rparams->passwdservers[i], "objectClass", pwdclass,
1125 CHECK_CLASS_VALIDITY(st, objectmask, "password service object value: ");
1129 if ((st=krb5_add_str_mem_ldap_mod(&mods, "krbpwdservers", LDAP_MOD_ADD,
1136 if ((st=ldap_add_ext_s(ld, dn, mods, NULL, NULL)) != LDAP_SUCCESS) {
1137 st = set_ldap_error (context, st, OP_ADD);
1144 if ((st=updateAttribute(ld, rparams->kdcservers[i], "krbRealmReferences", dn)) != 0) {
1147 prepend_err_str (context, errbuf, st, st);
1155 if ((st=updateAttribute(ld, rparams->adminservers[i], "krbRealmReferences", dn)) != 0) {
1158 prepend_err_str (context, errbuf, st, st);
1166 if ((st=updateAttribute(ld, rparams->passwdservers[i], "krbRealmReferences", dn)) != 0) {
1169 prepend_err_str (context, errbuf, st, st);
1183 return st;
1198 krb5_error_code st=0, tempst=0;
1213 st = EINVAL;
1219 if ((st = krb5_ldap_read_krbcontainer_params(context,
1234 st = ENOMEM;
1250 st = ENOMEM;
1260 if ((st = ldap_count_entries(ld, result)) <= 0) {
1264 st = KRB5_KDB_ACCESS_ERROR; /* return some other error ? */
1270 ldap_get_option (ld, LDAP_OPT_ERROR_NUMBER, (void *) &st);
1272 st = translate_ldap_error(st, OP_SEARCH);
1283 st = ENOMEM;
1289 st = ENOMEM;
1301 st = ENOMEM;
1339 if ((st=copy_arrays(values, &(rlparams->kdcservers), (int) count)) != 0)
1347 if ((st=copy_arrays(values, &(rlparams->adminservers), (int) count)) != 0)
1355 if ((st=copy_arrays(values, &(rlparams->passwdservers), (int) count)) != 0)
1374 if (st != LDAP_SUCCESS && st != LDAP_NO_SUCH_OBJECT) {
1375 int ost = st;
1376 st = translate_ldap_error (st, OP_SEARCH);
1377 krb5_set_error_message (context, st, gettext("Policy object read failed: %s"), ldap_err2string(ost));
1411 st = store_tl_data(rlparams->tl_data, KDB_TL_MASK, mask);
1416 if (st != 0) {
1421 return st;