2N/A/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ 2N/A * Copyright (c) 2004-2005, Novell, Inc. 2N/A * All rights reserved. 2N/A * Redistribution and use in source and binary forms, with or without 2N/A * modification, are permitted provided that the following conditions are met: 2N/A * * Redistributions of source code must retain the above copyright notice, 2N/A * this list of conditions and the following disclaimer. 2N/A * * Redistributions in binary form must reproduce the above copyright 2N/A * notice, this list of conditions and the following disclaimer in the 2N/A * documentation and/or other materials provided with the distribution. 2N/A * * The copyright holder's name is not used to endorse or promote products 2N/A * derived from this software without specific prior written permission. 2N/A * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 2N/A * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 2N/A * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 2N/A * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE 2N/A * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 2N/A * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 2N/A * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 2N/A * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 2N/A * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 2N/A * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 2N/A * POSSIBILITY OF SUCH DAMAGE. 2N/A * Copyright 2006 Sun Microsystems, Inc. All rights reserved. 2N/A * Use is subject to license terms. 2N/A * Copyright (c) 2006, 2011, Oracle and/or its affiliates. All rights reserved. 2N/A "krbmaxrenewableage",
2N/A "krbprincipalexpiration",
2N/A "krbticketpolicyreference",
2N/A "krbpwdpolicyreference",
2N/A "krbpasswordexpiration",
2N/A "krbLastFailedAuth",
2N/A "krbLoginFailedCount",
2N/A "krbLastSuccessfulAuth",
2N/A "loginexpirationtime",
2N/A "krbObjectReferences",
2N/A "krbAllowedToDelegateTo",
2N/A "krbmaxrenewableage",
2N/A "krbprincipalexpiration",
2N/A "krbticketpolicyreference",
2N/A "krbpwdpolicyreference",
2N/A "krbpasswordexpiration",
2N/A "krbLastSuccessfulAuth",
2N/A "krbLastFailedAuth",
2N/A "krbLoginFailedCount",
2N/A /* Clear the global error string */ 2N/A /* LDAP does not support db_args DB arguments for krb5_ldap_iterate */ 2N/A * If no match_expr then iterate through all krb princs like the db2 plugin 2N/A }
/* end of for (ent= ... */ 2N/A }
/* end of for (tree= ... */ 2N/A * delete a principal from the directory. 2N/A /* Clear the global error string */ 2N/A /* get the principal info */ 2N/A * If the Kerberos user principal to be deleted happens to be the last one associated 2N/A * with the directory user object, then it is time to delete the other kerberos 2N/A * specific attributes like krbmaxticketlife, i.e, unkerberize the directory user. 2N/A * From the attrsetmask value, identify the attributes set on the directory user 2N/A * object and delete them. 2N/A * NOTE: krbsecretkey attribute has per principal entries. There can be chances that the 2N/A /* the same should be done with the objectclass attributes */ 2N/A/* char *attrvalues[] = {"krbpwdpolicyrefaux", "krbticketpolicyaux", "krbprincipalaux", NULL}; */ 2N/A for (p=
1, q=0; p<=
4; p<<=
1, ++q)
2N/A * Function: krb5_ldap_unparse_principal_name 2N/A * Purpose: Removes '\\' that comes before every occurence of '@' 2N/A * in the principal name component. 2N/A if (*
in ==
'\\' && *(
in +
1) ==
'@')
2N/A * Function: krb5_ldap_parse_principal_name 2N/A * Purpose: Inserts '\\' before every occurence of '@' 2N/A * in the principal name component. 2N/A * i_princ_name (input) Principal name without '\\' 2N/A * o_princ_name (output) Principal name with '\\' 2N/A * Note: The caller has to free the memory allocated for o_princ_name.