conv_princ.c revision 7c478bd95313f5f23a4c958a745db2134aa03244
/*
* Copyright 2002 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
/*
*
* Copyright 1992 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* Export of this software from the United States of America may
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
*
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
* notice appear in all copies and that both that copyright notice and
* this permission notice appear in supporting documentation, and that
* the name of M.I.T. not be used in advertising or publicity pertaining
* to distribution of the software without specific, written prior
* permission. Furthermore if you modify this software you must label
* your software as modified software and not distribute it in such a
* fashion that it might be confused with the original M.I.T. software.
* M.I.T. makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
*
* Build a principal from a V4 specification, or separate a V5
* principal into name, instance, and realm.
*
* NOTE: This is highly site specific, and is only really necessary
* for sites who need to convert from V4 to V5. It is used by both
* the KDC and the kdb5_convert program. Since its use is highly
* specialized, the necesary information is just going to be
* hard-coded in this file.
*/
#include <k5-int.h>
#include <string.h>
#include <ctype.h>
/* The maximum sizes for V4 aname, realm, sname, and instance +1 */
/* Taken from krb.h */
#define ANAME_SZ 40
#define REALM_SZ 40
#define SNAME_SZ 40
#define INST_SZ 40
struct krb_convert {
char *v4_str;
char *v5_str;
int flags;
};
#define DO_REALM_CONVERSION 0x00000001
/*
* Kadmin doesn't do realm conversion because it's currently
* kadmin/REALM.NAME. It should be kadmin/kerberos.master.host, but
* we'll fix that in the next release.
*/
static const struct krb_convert sconv_list[] = {
{"kadmin", "kadmin", 0},
{"zephyr", "zephyr", 0},
{0, 0, 0},
};
/*
* char *strnchr(s, c, n)
* char *s;
* char c;
* int n;
*
* returns a pointer to the first occurrence of character c in the
* string s, or a NULL pointer if c does not occur in in the string;
* however, at most the first n characters will be considered.
*
* This falls in the "should have been in the ANSI C library"
* category. :-)
*/
static char *strnchr(s, c, n)
register char *s, c;
register int n;
{
if (n < 1)
return 0;
while (n-- && *s) {
if (*s == c)
return s;
s++;
}
return 0;
}
/* XXX This calls for a new error code */
/*ARGSUSED*/
const krb5_principal princ;
{
const struct krb_convert *p;
char *c, *tmp_realm, *tmp_prealm;
int tmp_realm_len, retval;
case 2:
/* Check if this principal is listed in the table */
p = sconv_list;
while (p->v4_str) {
/*
* It is, so set the new name now, and chop off
* instance's domain name if requested.
*/
return KRB5_INVALID_PRINCIPAL;
if (p->flags & DO_REALM_CONVERSION) {
return KRB5_INVALID_PRINCIPAL;
}
break;
}
p++;
}
/* If inst isn't set, the service isn't listed in the table, */
/* so just copy it. */
if (*inst == '\0') {
return KRB5_INVALID_PRINCIPAL;
}
/* fall through */
/*FALLTHRU*/
case 1:
/* name may have been set above; otherwise, just copy it */
if (*name == '\0') {
return KRB5_INVALID_PRINCIPAL;
}
break;
default:
return KRB5_INVALID_PRINCIPAL;
}
if (tmp_prealm == NULL)
return ENOMEM;
/* Ask for v4_realm corresponding to
krb5 principal realm from krb5.conf realms stanza */
return KRB5_CONFIG_CANTOPEN;
tmp_prealm, "v4_realm", 0,
&tmp_realm);
if (retval) {
return retval;
} else {
if (tmp_realm == 0) {
return KRB5_INVALID_PRINCIPAL;
} else {
return KRB5_INVALID_PRINCIPAL;
}
}
return 0;
}
/*ARGSUSED*/
{
const struct krb_convert *p;
char **full_name = 0;
const char *names[5];
char* realm_name = NULL;
char* dummy_value = NULL;
/* First, convert the realm, since the v4 realm is not necessarily the same as the v5 realm
To do that, iterate over all the realms in the config file, looking for a matching
v4_realm line */
names [0] = "realms";
retval = profile_iterator_create (context -> profile, names, PROFILE_ITER_LIST_SECTION | PROFILE_ITER_SECTIONS_ONLY, &iterator);
while (retval == 0) {
names [0] = "realms";
if ((retval == 0) && (v4realms != NULL) && (v4realms [0] != NULL) && (strcmp (v4realms [0], realm) == 0)) {
realm = realm_name;
break;
} else if (retval == PROF_NO_RELATION) {
/* If it's not found, just keep going */
retval = 0;
}
break;
}
if (realm_name != NULL) {
realm_name = NULL;
}
if (dummy_value != NULL) {
dummy_value = NULL;
}
}
if (instance) {
if (instance[0] == '\0') {
instance = 0;
goto not_service;
}
p = sconv_list;
/*CONSTCOND*/
while (TRUE) {
if (!p->v4_str)
goto not_service;
break;
p++;
}
names[0] = "realms";
names[4] = 0;
} else {
if (retval)
return retval;
if (domain) {
}
}
}
}
instance, 0);
return retval;
}