kadm5_ret_t
kadmind_dispatch(void *kadm_handle, krb5_storage *sp)
{
- int32_t cmd;
kadm5_ret_t ret;
+ int32_t cmd, mask, tmp;
kadm5_server_context *context = kadm_handle;
char client[128], name[128], name2[128];
char *op = "";
krb5_principal princ, princ2;
kadm5_principal_ent_rec ent;
- int32_t mask;
- char *password;
+ char *password, *exp;
krb5_keyblock *new_keys;
int n_keys;
+ char **princs;
+ int n_princs;
krb5_unparse_name_fixed(context->context, context->caller,
client, sizeof(client));
krb5_store_int32(sp, mask);
break;
}
+ case kadm_get_princs:{
+ op = "LIST";
+ ret = krb5_ret_int32(sp, &tmp);
+ if(ret)
+ goto fail;
+ if(tmp){
+ ret = krb5_ret_string(sp, &exp);
+ if(ret)
+ goto fail;
+ }else
+ exp = NULL;
+ krb5_warnx(context->context, "%s: %s %s", client, op, exp ? exp : "*");
+ ret = _kadm5_acl_check_permission(context, KADM5_PRIV_LIST);
+ if(ret){
+ free(exp);
+ goto fail;
+ }
+ ret = kadm5_get_principals(kadm_handle, exp, &princs, &n_princs);
+ free(exp);
+ sp->seek(sp, 0, SEEK_SET);
+ krb5_store_int32(sp, ret);
+ if(ret == 0){
+ int i;
+ krb5_store_int32(sp, n_princs);
+ for(i = 0; i < n_princs; i++)
+ krb5_store_string(sp, princs[i]);
+ kadm5_free_name_list(kadm_handle, princs, &n_princs);
+ }
+ break;
+ }
default:
krb5_warnx(context->context, "%s: UNKNOWN OP %d", client, cmd);
sp->seek(sp, 0, SEEK_SET);
#ifdef HAVE_FCNTL_H
#include <fcntl.h>
#endif
+#ifdef HAVE_FNMATCH_H
+#include <fnmatch.h>
+#endif
#include "admin.h"
#include "kadm5_err.h"
#include <hdb.h>
kadm_chpass,
kadm_modify,
kadm_randkey,
- kadm_get_privs
+ kadm_get_privs,
+ kadm_get_princs
};
#define KADMIN_APPL_VERSION "KADM0.0"
kadm5_ret_t
_kadm5_error_code __P((kadm5_ret_t code));
+kadm5_ret_t
+_kadm5_privs_to_string __P((
+ u_int32_t privs,
+ char *string,
+ size_t len));
+
kadm5_ret_t
_kadm5_s_init_context __P((
kadm5_server_context **ctx,
kadm5_ret_t
_kadm5_string_to_privs __P((
- const char *s,
+ const char *s,
u_int32_t* privs));
-kadm5_ret_t
-_kadm5_privs_to_string __P((
- u_int32_t privs,
- char *string,
- size_t len));
-
#endif /* __KADM5_LOCL_H__ */
kadm5_ret_t
kadmind_dispatch(void *kadm_handle, krb5_storage *sp)
{
- int32_t cmd;
kadm5_ret_t ret;
+ int32_t cmd, mask, tmp;
kadm5_server_context *context = kadm_handle;
char client[128], name[128], name2[128];
char *op = "";
krb5_principal princ, princ2;
kadm5_principal_ent_rec ent;
- int32_t mask;
- char *password;
+ char *password, *exp;
krb5_keyblock *new_keys;
int n_keys;
+ char **princs;
+ int n_princs;
krb5_unparse_name_fixed(context->context, context->caller,
client, sizeof(client));
krb5_store_int32(sp, mask);
break;
}
+ case kadm_get_princs:{
+ op = "LIST";
+ ret = krb5_ret_int32(sp, &tmp);
+ if(ret)
+ goto fail;
+ if(tmp){
+ ret = krb5_ret_string(sp, &exp);
+ if(ret)
+ goto fail;
+ }else
+ exp = NULL;
+ krb5_warnx(context->context, "%s: %s %s", client, op, exp ? exp : "*");
+ ret = _kadm5_acl_check_permission(context, KADM5_PRIV_LIST);
+ if(ret){
+ free(exp);
+ goto fail;
+ }
+ ret = kadm5_get_principals(kadm_handle, exp, &princs, &n_princs);
+ free(exp);
+ sp->seek(sp, 0, SEEK_SET);
+ krb5_store_int32(sp, ret);
+ if(ret == 0){
+ int i;
+ krb5_store_int32(sp, n_princs);
+ for(i = 0; i < n_princs; i++)
+ krb5_store_string(sp, princs[i]);
+ kadm5_free_name_list(kadm_handle, princs, &n_princs);
+ }
+ break;
+ }
default:
krb5_warnx(context->context, "%s: UNKNOWN OP %d", client, cmd);
sp->seek(sp, 0, SEEK_SET);