/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
*
* Copyright (c) 2004-2005, Novell, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* * Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
* * Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* * The copyright holder's name is not used to endorse or promote products
* derived from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
#include "ldap_main.h"
#include "kdb_ldap.h"
#include "ldap_tkt_policy.h"
#include "ldap_err.h"
#include <libintl.h> /* Solaris Kerberos */
/* Ticket policy object management */
/*
* create the Ticket policy object in Directory.
*/
int mask)
{
/* validate the input parameters */
goto cleanup;
}
GET_HANDLE();
goto cleanup;
goto cleanup;
strval[0] = "krbTicketPolicy";
goto cleanup;
if (mask & LDAP_POLICY_MAXTKTLIFE) {
policy->maxtktlife)) != 0)
goto cleanup;
}
if (mask & LDAP_POLICY_MAXRENEWLIFE) {
policy->maxrenewlife)) != 0)
goto cleanup;
}
if (mask & LDAP_POLICY_TKTFLAGS) {
goto cleanup;
}
/* ldap add operation */
goto cleanup;
}
return st;
}
/*
* modify the Ticket policy object in Directory.
*/
int mask)
{
int objectmask=0;
/* validate the input parameters */
goto cleanup;
}
GET_HANDLE();
goto cleanup;
/* the policydn object should be of the krbTicketPolicy object class */
strval[0] = "krbTicketPolicyAux";
goto cleanup;
}
if (mask & LDAP_POLICY_MAXTKTLIFE) {
policy->maxtktlife)) != 0)
goto cleanup;
}
if (mask & LDAP_POLICY_MAXRENEWLIFE) {
policy->maxrenewlife)) != 0)
goto cleanup;
}
if (mask & LDAP_POLICY_TKTFLAGS) {
goto cleanup;
}
goto cleanup;
}
return st;
}
/*
* Read the policy object from the Directory and populate the krb5_ldap_policy_params
* structure.
*/
/* Solaris kerberos: unsigned better for mask */
unsigned int *omask)
{
int objectmask=0;
/* validate the input parameters */
goto cleanup;
}
GET_HANDLE();
goto cleanup;
/* the policydn object should be of the krbTicketPolicy object class */
/* Initialize ticket policy structure */
goto cleanup;
}
*omask = 0;
}
if (st != 0) {
}
return st;
}
/*
* Function to delete ticket policy object from the directory. Before
* calling this function krb5_ldap_read_policy should be called to
* check the existence of the object. This serves one major purpose,
* i.e., if the object to be is anything other than the ticket policy
* object then the krb5_ldap_read_policy returns an error and thus is
* not accidently deleted in this function.
*
* references to the policy object to be deleted. This situation is
* not handled here, instead is taken care of at all the places where
* the deleted policy object is read, to ignore a return status of
* LDAP_NO_SUCH_OBJECT and continue.
*/
{
int refcount = 0;
if (policyname == NULL) {
goto cleanup;
}
GET_HANDLE();
goto cleanup;
/* Checking for policy count for 0 and will not permit delete if
* it is greater than 0. */
goto cleanup;
if (refcount == 0) {
goto cleanup;
}
} else {
prepend_err_str (context, gettext("Delete Failed: One or more Principals associated with the Ticket Policy"), st, st);
goto cleanup;
}
return st;
}
/*
* list policy objects from Directory
*/
{
int i, j, count;
if (policycontainerdn == NULL) {
}
goto cleanup;
count = i;
goto cleanup;
}
int ret;
if (ret != 0)
j--;
}
return st;
}
/*
* Function to free the ticket policy object structure.
* Note: this function assumes that memory of the policy structure is dynamically allocated and hence the whole
* structure is freed up. Care should be taken not to call this function on a static structure
*/
{
return st;
}
return st;
}
/*
* This function is general object listing routine. It is currently
* used for ticket policy object listing.
*/
char *containerdn)
{
GET_HANDLE();
/* check if the containerdn exists */
if (containerdn) {
goto cleanup;
}
}
/* set the filter for the search operation */
goto cleanup;
}
if (count == -1) {
goto cleanup;
}
goto cleanup;
}
for (ent=ldap_first_entry(ld, result), count=0; ent != NULL; ent=ldap_next_entry(ld, ent), ++count) {
continue;
ldap_memfree (dn);
goto cleanup;
}
}
if (filter)
/* some error, free up all the memory */
if (st != 0) {
if (*list) {
for (i=0; (*list)[i]; ++i)
}
}
return st;
}