Lines Matching +full:unlock +full:- +full:keys
2 * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
84 read-of-data: key-encrypted, key-usage 0, master-key
87 version2 = salt in key_data->key_data_contents[1]
117 key->data = str; in mdb_principal2key()
118 key->length = strlen(str) + 1; in mdb_principal2key()
134 Salt *salt = ent->keys.val[key_num].salt; in fix_salt()
136 switch((int)salt->type) { in fix_salt()
138 salt->type = KRB5_PADATA_PW_SALT; in fix_salt()
141 krb5_data_free(&salt->salt); in fix_salt()
142 salt->type = KRB5_PADATA_PW_SALT; in fix_salt()
151 for (i = 0; i < ent->principal->name.name_string.len; ++i) in fix_salt()
152 len += strlen(ent->principal->name.name_string.val[i]); in fix_salt()
153 ret = krb5_data_alloc (&salt->salt, len); in fix_salt()
156 p = salt->salt.data; in fix_salt()
157 for (i = 0; i < ent->principal->name.name_string.len; ++i) { in fix_salt()
159 ent->principal->name.name_string.val[i], in fix_salt()
160 strlen(ent->principal->name.name_string.val[i])); in fix_salt()
161 p += strlen(ent->principal->name.name_string.val[i]); in fix_salt()
164 salt->type = KRB5_PADATA_PW_SALT; in fix_salt()
168 krb5_data_free(&salt->salt); in fix_salt()
169 ret = krb5_data_copy(&salt->salt, in fix_salt()
170 ent->principal->realm, in fix_salt()
171 strlen(ent->principal->realm)); in fix_salt()
174 salt->type = KRB5_PADATA_PW_SALT; in fix_salt()
177 salt->type = KRB5_PADATA_PW_SALT; in fix_salt()
180 krb5_data_free(&salt->salt); in fix_salt()
181 ret = krb5_data_copy(&salt->salt, in fix_salt()
182 ent->principal->realm, in fix_salt()
183 strlen(ent->principal->realm)); in fix_salt()
186 salt->type = KRB5_PADATA_AFS3_SALT; in fix_salt()
189 krb5_data_free(&salt->salt); in fix_salt()
190 free(ent->keys.val[key_num].salt); in fix_salt()
191 ent->keys.val[key_num].salt = NULL; in fix_salt()
225 * keys} that follow it. Nothing supports such "extra data" in mdb_value2entry()
237 entry->flags.postdate = !(u32 & KRB5_KDB_DISALLOW_POSTDATED); in mdb_value2entry()
238 entry->flags.forwardable = !(u32 & KRB5_KDB_DISALLOW_FORWARDABLE); in mdb_value2entry()
239 entry->flags.initial = !!(u32 & KRB5_KDB_DISALLOW_TGT_BASED); in mdb_value2entry()
240 entry->flags.renewable = !(u32 & KRB5_KDB_DISALLOW_RENEWABLE); in mdb_value2entry()
241 entry->flags.proxiable = !(u32 & KRB5_KDB_DISALLOW_PROXIABLE); in mdb_value2entry()
243 entry->flags.invalid = !!(u32 & KRB5_KDB_DISALLOW_ALL_TIX); in mdb_value2entry()
244 entry->flags.require_preauth =!!(u32 & KRB5_KDB_REQUIRES_PRE_AUTH); in mdb_value2entry()
245 entry->flags.require_hwauth =!!(u32 & KRB5_KDB_REQUIRES_HW_AUTH); in mdb_value2entry()
246 entry->flags.server = !(u32 & KRB5_KDB_DISALLOW_SVR); in mdb_value2entry()
247 entry->flags.change_pw = !!(u32 & KRB5_KDB_PWCHANGE_SERVICE); in mdb_value2entry()
248 entry->flags.client = 1; /* XXX */ in mdb_value2entry()
253 entry->max_life = malloc(sizeof(*entry->max_life)); in mdb_value2entry()
254 *entry->max_life = u32; in mdb_value2entry()
259 entry->max_renew = malloc(sizeof(*entry->max_renew)); in mdb_value2entry()
260 *entry->max_renew = u32; in mdb_value2entry()
265 entry->valid_end = malloc(sizeof(*entry->valid_end)); in mdb_value2entry()
266 *entry->valid_end = u32; in mdb_value2entry()
271 entry->pw_end = malloc(sizeof(*entry->pw_end)); in mdb_value2entry()
272 *entry->pw_end = u32; in mdb_value2entry()
301 CHECK(ret = krb5_parse_name(context, p, &entry->principal)); in mdb_value2entry()
325 * keys for this kvno, the second meaning there's keys and salt[s?]. in mdb_value2entry()
339 * entry->kvno == 0. in mdb_value2entry()
341 if ((entry->kvno < u16) && (kvno == 0 || kvno == u16)) { in mdb_value2entry()
343 entry->kvno = u16; in mdb_value2entry()
346 * kvno keys. in mdb_value2entry()
350 * these keys, but keep them elsewhere. in mdb_value2entry()
352 for (j = 0; j < entry->keys.len; j++) in mdb_value2entry()
353 free_Key(&entry->keys.val[j]); in mdb_value2entry()
354 free(entry->keys.val); in mdb_value2entry()
355 entry->keys.len = 0; in mdb_value2entry()
356 entry->keys.val = NULL; in mdb_value2entry()
357 } else if (entry->kvno == u16) in mdb_value2entry()
358 /* Accumulate keys */ in mdb_value2entry()
364 ptr = realloc(entry->keys.val, sizeof(entry->keys.val[0]) * (entry->keys.len + 1)); in mdb_value2entry()
369 entry->keys.val = ptr; in mdb_value2entry()
372 k = &entry->keys.val[entry->keys.len]; in mdb_value2entry()
375 entry->keys.len += 1; in mdb_value2entry()
377 k->mkvno = malloc(sizeof(*k->mkvno)); in mdb_value2entry()
378 if (k->mkvno == NULL) { in mdb_value2entry()
382 *k->mkvno = 1; in mdb_value2entry()
390 k->key.keytype = type; in mdb_value2entry()
396 * MIT stores keys encrypted keys as {16-bit length in mdb_value2entry()
399 * length-preserving. Heimdal's approach is to in mdb_value2entry()
402 * 16-bit length-of-plaintext-key field. in mdb_value2entry()
405 k->key.keyvalue.length = u16 - 2; /* adjust cipher len */ in mdb_value2entry()
406 k->key.keyvalue.data = malloc(k->key.keyvalue.length); in mdb_value2entry()
407 krb5_storage_read(sp, k->key.keyvalue.data, in mdb_value2entry()
408 k->key.keyvalue.length); in mdb_value2entry()
411 k->salt = calloc(1, sizeof(*k->salt)); in mdb_value2entry()
412 if (k->salt == NULL) { in mdb_value2entry()
416 k->salt->type = type; in mdb_value2entry()
418 k->salt->salt.data = malloc(u16); in mdb_value2entry()
419 if (k->salt->salt.data == NULL) { in mdb_value2entry()
423 k->salt->salt.length = u16; in mdb_value2entry()
424 krb5_storage_read(sp, k->salt->salt.data, k->salt->salt.length); in mdb_value2entry()
426 fix_salt(context, entry, entry->keys.len - 1); in mdb_value2entry()
453 if (entry->kvno == 0 && kvno != 0) { in mdb_value2entry()
478 DB *d = (DB*)db->hdb_db; in mdb_close()
479 (*d->close)(d); in mdb_close()
489 free(db->hdb_name); in mdb_destroy()
497 DB *d = (DB*)db->hdb_db; in mdb_lock()
498 int fd = (*d->fd)(d); in mdb_lock()
501 "Can't lock database: %s", db->hdb_name); in mdb_lock()
510 DB *d = (DB*)db->hdb_db; in mdb_unlock()
511 int fd = (*d->fd)(d); in mdb_unlock()
514 "Can't unlock database: %s", db->hdb_name); in mdb_unlock()
525 DB *d = (DB*)db->hdb_db; in mdb_seq()
530 code = db->hdb_lock(context, db, HDB_RLOCK); in mdb_seq()
531 if(code == -1) { in mdb_seq()
532 krb5_set_error_message(context, HDB_ERR_DB_INUSE, "Database %s in use", db->hdb_name); in mdb_seq()
535 code = (*d->seq)(d, &key, &value, flag); in mdb_seq()
536 db->hdb_unlock(context, db); /* XXX check value */ in mdb_seq()
537 if(code == -1) { in mdb_seq()
540 db->hdb_name, strerror(code)); in mdb_seq()
554 if (mdb_value2entry(context, &data, 0, &entry->entry)) in mdb_seq()
557 if (db->hdb_master_key_set && (flags & HDB_F_DECRYPT)) { in mdb_seq()
558 code = hdb_unseal_keys (context, db, &entry->entry); in mdb_seq()
586 asprintf(&old, "%s.db", db->hdb_name); in mdb_rename()
594 free(db->hdb_name); in mdb_rename()
595 db->hdb_name = strdup(new_name); in mdb_rename()
602 DB *d = (DB*)db->hdb_db; in mdb__get()
608 code = db->hdb_lock(context, db, HDB_RLOCK); in mdb__get()
611 code = (*d->get)(d, &k, &v, 0); in mdb__get()
612 db->hdb_unlock(context, db); in mdb__get()
616 db->hdb_name, strerror(code)); in mdb__get()
632 DB *d = (DB*)db->hdb_db; in mdb__put()
640 code = db->hdb_lock(context, db, HDB_WLOCK); in mdb__put()
643 code = (*d->put)(d, &k, &v, replace ? 0 : R_NOOVERWRITE); in mdb__put()
644 db->hdb_unlock(context, db); in mdb__put()
648 db->hdb_name, strerror(code)); in mdb__put()
661 DB *d = (DB*)db->hdb_db; in mdb__del()
666 code = db->hdb_lock(context, db, HDB_WLOCK); in mdb__del()
669 code = (*d->del)(d, &k, 0); in mdb__del()
670 db->hdb_unlock(context, db); in mdb__del()
674 db->hdb_name, strerror(code)); in mdb__del()
692 code = db->hdb__get(context, db, key, &value); in mdb_fetch_kvno()
696 code = mdb_value2entry(context, &value, kvno, &entry->entry); in mdb_fetch_kvno()
701 if (db->hdb_master_key_set && (flags & HDB_F_DECRYPT)) { in mdb_fetch_kvno()
702 code = hdb_unseal_keys (context, db, &entry->entry); in mdb_fetch_kvno()
723 code = db->hdb__del(context, db, key); in mdb_remove()
734 asprintf(&fn, "%s.db", db->hdb_name); in mdb_open()
739 db->hdb_db = dbopen(fn, flags, mode, DB_BTREE, NULL); in mdb_open()
742 if (db->hdb_db == NULL) { in mdb_open()
748 db->hdb_db = dbopen(fn, flags, mode, DB_BTREE, NULL); in mdb_open()
753 if(db->hdb_db == NULL && errno == ENOENT) in mdb_open()
754 db->hdb_db = dbopen(db->hdb_name, flags, mode, DB_BTREE, NULL); in mdb_open()
755 if(db->hdb_db == NULL) { in mdb_open()
758 db->hdb_name, strerror(ret)); in mdb_open()
774 db->hdb_name); in mdb_open()
789 (*db)->hdb_db = NULL; in hdb_mdb_create()
790 (*db)->hdb_name = strdup(filename); in hdb_mdb_create()
791 if ((*db)->hdb_name == NULL) { in hdb_mdb_create()
797 (*db)->hdb_master_key_set = 0; in hdb_mdb_create()
798 (*db)->hdb_openp = 0; in hdb_mdb_create()
799 (*db)->hdb_capability_flags = 0; in hdb_mdb_create()
800 (*db)->hdb_open = mdb_open; in hdb_mdb_create()
801 (*db)->hdb_close = mdb_close; in hdb_mdb_create()
802 (*db)->hdb_fetch_kvno = mdb_fetch_kvno; in hdb_mdb_create()
803 (*db)->hdb_store = mdb_store; in hdb_mdb_create()
804 (*db)->hdb_remove = mdb_remove; in hdb_mdb_create()
805 (*db)->hdb_firstkey = mdb_firstkey; in hdb_mdb_create()
806 (*db)->hdb_nextkey= mdb_nextkey; in hdb_mdb_create()
807 (*db)->hdb_lock = mdb_lock; in hdb_mdb_create()
808 (*db)->hdb_unlock = mdb_unlock; in hdb_mdb_create()
809 (*db)->hdb_rename = mdb_rename; in hdb_mdb_create()
810 (*db)->hdb__get = mdb__get; in hdb_mdb_create()
811 (*db)->hdb__put = mdb__put; in hdb_mdb_create()
812 (*db)->hdb__del = mdb__del; in hdb_mdb_create()
813 (*db)->hdb_destroy = mdb_destroy; in hdb_mdb_create()