kadm5_create.c revision 54925bf60766fbb4f1f2d7c843721406a7b7a3fb
/*
* Copyright 2007 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
/*
* Copyright 1993 OpenVision Technologies, Inc., All Rights Reserved.
*
* $Id: kadm5_create.c,v 1.6 1998/10/30 02:52:37 marc Exp $
*/
/*
* Copyright (C) 1998 by the FundsXpress, INC.
*
* All rights reserved.
*
* Export of this software from the United States of America may require
* a specific license from the United States Government. It is the
* responsibility of any person or organization contemplating export to
* obtain such a license before exporting.
*
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
* notice appear in all copies and that both that copyright notice and
* this permission notice appear in supporting documentation, and that
* the name of FundsXpress. not be used in advertising or publicity pertaining
* to distribution of the software without specific, written prior
* permission. FundsXpress makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*/
#include "string_table.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <k5-int.h>
#include <kdb.h>
#include <krb5/adm_proto.h>
#include <krb5.h>
#include "kdb5_util.h"
#include <libintl.h>
int
int
int
#define ERR 1
#define OK 0
extern char *progname;
/*
* Function: kadm5_create
*
* Purpose: create admin principals in KDC database
*
* Arguments: params (r) configuration parameters to use
*
* Effects: Creates KADM5_ADMIN_SERVICE and KADM5_CHANGEPW_SERVICE
* principals in the KDC database and sets their attributes
* appropriately.
*/
{
int retval;
/*
* The lock file has to exist before calling kadm5_init, but
* params->admin_lockfile may not be set yet...
*/
return 1;
}
return retval;
}
{
int retval;
void *handle;
if (retval)
return retval;
&handle))) {
return retval;
}
return retval;
}
/*
* Function: build_name_with_realm
*
* Purpose: concatenate a name and a realm to form a krb5 name
*
* Arguments:
*
* name (input) the name
* realm (input) the realm
*
* Returns:
*
* pointer to name@realm, in allocated memory, or NULL if it
* cannot be allocated
*
* Requires: both strings are null-terminated
*/
{
char *n;
return n;
}
/*
* Function: add_admin_princs
*
* Purpose: create admin principals
*
* Arguments:
*
* rseed (input) random seed
* realm (input) realm, or NULL for default realm
* <return value> (output) status, 0 for success, 1 for serious error
*
* Requires:
*
* Effects:
*
* add_admin_princs creates KADM5_ADMIN_SERVICE,
* KADM5_CHANGEPW_SERVICE. If any of these exist a message is
* printed. If any of these existing principal do not have the proper
* attributes, a warning message is printed.
*/
{
krb5_error_code ret = 0;
/*
* Solaris Kerberos:
* in AUTH_GSSAPI but Solaris doesn't support AUTH_GSSAPI. RPCSEC_GSS can only
* be used with host-based principals.
*
*/
#if 0
goto clean_and_exit;
#endif
goto clean_and_exit;
goto clean_and_exit;
goto clean_and_exit;
goto clean_and_exit;
return ret;
}
/*
* Function: add_admin_princ
*
* Arguments:
*
* creator (r) principal to use as "mod_by"
* rseed (r) seed for random key generator
* principal (r) kerberos principal to add
* attrs (r) principal's attributes
* lifetime (r) principal's max life, or 0
* not_unique (r) error message for multiple entries, never used
* exists (r) warning message for principal exists
* wrong_attrs (r) warning message for wrong attributes
*
* Returns:
*
* OK on success
* ERR on serious errors
*
* Effects:
*
* If the principal is not unique, not_unique is printed (but this
* never happens). If the principal exists, then exists is printed
* and if the principals attributes != attrs, wrong_attrs is printed.
* Otherwise, the principal is created with mod_by creator and
* attributes attrs and max life of lifetime (if not zero).
*/
{
char *fullname;
return ERR;
"to-be-random");
if (ret) {
return ERR;
}
} else {
/* only randomize key if we created the principal */
if (ret) {
return ERR;
}
if (ret) {
return ERR;
}
}
return OK;
}
int
{
char *fullname;
return (ERR);
}
}
int
{
KRB5_NT_SRV_HST, &principal)) {
gettext("Could not get host based "
"service name for %s principal\n"), sname);
return (ERR);
}
}