1 /* 2 * Copyright (c) 1997-2002 Kungliga Tekniska H�gskolan 3 * (Royal Institute of Technology, Stockholm, Sweden). 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * 3. Neither the name of the Institute nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34 #include "kadmin_locl.h" 35 #include <kadm5/private.h> 36 37 RCSID("$Id: load.c,v 1.44 2002/09/04 20:44:35 joda Exp $"); 38 39 struct entry { 40 char *principal; 41 char *key; 42 char *max_life; 43 char *max_renew; 44 char *created; 45 char *modified; 46 char *valid_start; 47 char *valid_end; 48 char *pw_end; 49 char *flags; 50 char *generation; 51 }; 52 53 static char * 54 skip_next(char *p) 55 { 56 while(*p && !isspace((unsigned char)*p)) 57 p++; 58 *p++ = 0; 59 while(*p && isspace((unsigned char)*p)) 60 p++; 61 return p; 62 } 63 64 /* 65 * Parse the time in `s', returning: 66 * -1 if error parsing 67 * 0 if none present 68 * 1 if parsed ok 69 */ 70 71 static int 72 parse_time_string(time_t *t, const char *s) 73 { 74 int year, month, date, hour, minute, second; 75 struct tm tm; 76 77 if(strcmp(s, "-") == 0) 78 return 0; 79 if(sscanf(s, "%04d%02d%02d%02d%02d%02d", 80 &year, &month, &date, &hour, &minute, &second) != 6) 81 return -1; 82 tm.tm_year = year - 1900; 83 tm.tm_mon = month - 1; 84 tm.tm_mday = date; 85 tm.tm_hour = hour; 86 tm.tm_min = minute; 87 tm.tm_sec = second; 88 tm.tm_isdst = 0; 89 *t = timegm(&tm); 90 return 1; 91 } 92 93 /* 94 * parse time, allocating space in *t if it's there 95 */ 96 97 static int 98 parse_time_string_alloc (time_t **t, const char *s) 99 { 100 time_t tmp; 101 int ret; 102 103 *t = NULL; 104 ret = parse_time_string (&tmp, s); 105 if (ret == 1) { 106 *t = malloc (sizeof (**t)); 107 if (*t == NULL) 108 krb5_errx (context, 1, "malloc: out of memory"); 109 **t = tmp; 110 } 111 return ret; 112 } 113 114 /* 115 * see parse_time_string for calling convention 116 */ 117 118 static int 119 parse_integer(unsigned *u, const char *s) 120 { 121 if(strcmp(s, "-") == 0) 122 return 0; 123 if (sscanf(s, "%u", u) != 1) 124 return -1; 125 return 1; 126 } 127 128 static int 129 parse_integer_alloc (int **u, const char *s) 130 { 131 unsigned tmp; 132 int ret; 133 134 *u = NULL; 135 ret = parse_integer (&tmp, s); 136 if (ret == 1) { 137 *u = malloc (sizeof (**u)); 138 if (*u == NULL) 139 krb5_errx (context, 1, "malloc: out of memory"); 140 **u = tmp; 141 } 142 return ret; 143 } 144 145 /* 146 * Parse dumped keys in `str' and store them in `ent' 147 * return -1 if parsing failed 148 */ 149 150 static int 151 parse_keys(hdb_entry *ent, char *str) 152 { 153 krb5_error_code ret; 154 int tmp; 155 char *p; 156 int i; 157 158 p = strsep(&str, ":"); 159 if (sscanf(p, "%d", &tmp) != 1) 160 return 1; 161 ent->kvno = tmp; 162 p = strsep(&str, ":"); 163 while(p){ 164 Key *key; 165 key = realloc(ent->keys.val, 166 (ent->keys.len + 1) * sizeof(*ent->keys.val)); 167 if(key == NULL) 168 krb5_errx (context, 1, "realloc: out of memory"); 169 ent->keys.val = key; 170 key = ent->keys.val + ent->keys.len; 171 ent->keys.len++; 172 memset(key, 0, sizeof(*key)); 173 if(sscanf(p, "%d", &tmp) == 1) { 174 key->mkvno = malloc(sizeof(*key->mkvno)); 175 *key->mkvno = tmp; 176 } else 177 key->mkvno = NULL; 178 p = strsep(&str, ":"); 179 if (sscanf(p, "%d", &tmp) != 1) 180 return 1; 181 key->key.keytype = tmp; 182 p = strsep(&str, ":"); 183 ret = krb5_data_alloc(&key->key.keyvalue, (strlen(p) - 1) / 2 + 1); 184 if (ret) 185 krb5_err (context, 1, ret, "krb5_data_alloc"); 186 for(i = 0; i < strlen(p); i += 2) { 187 if(sscanf(p + i, "%02x", &tmp) != 1) 188 return 1; 189 ((u_char*)key->key.keyvalue.data)[i / 2] = tmp; 190 } 191 p = strsep(&str, ":"); 192 if(strcmp(p, "-") != 0){ 193 unsigned type; 194 size_t p_len; 195 196 if(sscanf(p, "%u/", &type) != 1) 197 return 1; 198 p = strchr(p, '/'); 199 if(p == NULL) 200 return 1; 201 p++; 202 p_len = strlen(p); 203 204 key->salt = malloc(sizeof(*key->salt)); 205 if (key->salt == NULL) 206 krb5_errx (context, 1, "malloc: out of memory"); 207 key->salt->type = type; 208 209 if (p_len) { 210 if(*p == '\"') { 211 ret = krb5_data_copy(&key->salt->salt, p + 1, p_len - 2); 212 if (ret) 213 krb5_err (context, 1, ret, "krb5_data_copy"); 214 } else { 215 ret = krb5_data_alloc(&key->salt->salt, 216 (p_len - 1) / 2 + 1); 217 if (ret) 218 krb5_err (context, 1, ret, "krb5_data_alloc"); 219 for(i = 0; i < p_len; i += 2){ 220 if (sscanf(p + i, "%02x", &tmp) != 1) 221 return 1; 222 ((u_char*)key->salt->salt.data)[i / 2] = tmp; 223 } 224 } 225 } else 226 krb5_data_zero (&key->salt->salt); 227 } 228 p = strsep(&str, ":"); 229 } 230 return 0; 231 } 232 233 /* 234 * see parse_time_string for calling convention 235 */ 236 237 static int 238 parse_event(Event *ev, char *s) 239 { 240 krb5_error_code ret; 241 char *p; 242 243 if(strcmp(s, "-") == 0) 244 return 0; 245 memset(ev, 0, sizeof(*ev)); 246 p = strsep(&s, ":"); 247 if(parse_time_string(&ev->time, p) != 1) 248 return -1; 249 p = strsep(&s, ":"); 250 ret = krb5_parse_name(context, p, &ev->principal); 251 if (ret) 252 return -1; 253 return 1; 254 } 255 256 static int 257 parse_event_alloc (Event **ev, char *s) 258 { 259 Event tmp; 260 int ret; 261 262 *ev = NULL; 263 ret = parse_event (&tmp, s); 264 if (ret == 1) { 265 *ev = malloc (sizeof (**ev)); 266 if (*ev == NULL) 267 krb5_errx (context, 1, "malloc: out of memory"); 268 **ev = tmp; 269 } 270 return ret; 271 } 272 273 static int 274 parse_hdbflags2int(HDBFlags *f, const char *s) 275 { 276 int ret; 277 unsigned tmp; 278 279 ret = parse_integer (&tmp, s); 280 if (ret == 1) 281 *f = int2HDBFlags (tmp); 282 return ret; 283 } 284 285 static int 286 parse_generation(char *str, GENERATION **gen) 287 { 288 char *p; 289 int v; 290 291 if(strcmp(str, "-") == 0 || *str == '\0') { 292 *gen = NULL; 293 return 0; 294 } 295 *gen = calloc(1, sizeof(**gen)); 296 297 p = strsep(&str, ":"); 298 if(parse_time_string(&(*gen)->time, p) != 1) 299 return -1; 300 p = strsep(&str, ":"); 301 if(sscanf(p, "%d", &v) != 1) 302 return -1; 303 (*gen)->usec = v; 304 p = strsep(&str, ":"); 305 if(sscanf(p, "%d", &v) != 1) 306 return -1; 307 (*gen)->gen = v - 1; /* XXX gets bumped in _hdb_store */ 308 return 0; 309 } 310 311 312 /* 313 * Parse the dump file in `filename' and create the database (merging 314 * iff merge) 315 */ 316 317 static int 318 doit(const char *filename, int merge) 319 { 320 krb5_error_code ret; 321 FILE *f; 322 char s[8192]; /* XXX should fix this properly */ 323 char *p; 324 int line; 325 int flags = O_RDWR; 326 struct entry e; 327 hdb_entry ent; 328 HDB *db = _kadm5_s_get_db(kadm_handle); 329 330 f = fopen(filename, "r"); 331 if(f == NULL){ 332 krb5_warn(context, errno, "fopen(%s)", filename); 333 return 1; 334 } 335 ret = kadm5_log_truncate (kadm_handle); 336 if (ret) { 337 fclose (f); 338 krb5_warn(context, ret, "kadm5_log_truncate"); 339 return 1; 340 } 341 342 if(!merge) 343 flags |= O_CREAT | O_TRUNC; 344 ret = db->open(context, db, flags, 0600); 345 if(ret){ 346 krb5_warn(context, ret, "hdb_open"); 347 fclose(f); 348 return 1; 349 } 350 line = 0; 351 ret = 0; 352 while(fgets(s, sizeof(s), f) != NULL) { 353 ret = 0; 354 line++; 355 e.principal = s; 356 for(p = s; *p; p++){ 357 if(*p == '\\') 358 p++; 359 else if(isspace((unsigned char)*p)) { 360 *p = 0; 361 break; 362 } 363 } 364 p = skip_next(p); 365 366 e.key = p; 367 p = skip_next(p); 368 369 e.created = p; 370 p = skip_next(p); 371 372 e.modified = p; 373 p = skip_next(p); 374 375 e.valid_start = p; 376 p = skip_next(p); 377 378 e.valid_end = p; 379 p = skip_next(p); 380 381 e.pw_end = p; 382 p = skip_next(p); 383 384 e.max_life = p; 385 p = skip_next(p); 386 387 e.max_renew = p; 388 p = skip_next(p); 389 390 e.flags = p; 391 p = skip_next(p); 392 393 e.generation = p; 394 p = skip_next(p); 395 396 memset(&ent, 0, sizeof(ent)); 397 ret = krb5_parse_name(context, e.principal, &ent.principal); 398 if(ret) { 399 fprintf(stderr, "%s:%d:%s (%s)\n", 400 filename, 401 line, 402 krb5_get_err_text(context, ret), 403 e.principal); 404 continue; 405 } 406 407 if (parse_keys(&ent, e.key)) { 408 fprintf (stderr, "%s:%d:error parsing keys (%s)\n", 409 filename, line, e.key); 410 hdb_free_entry (context, &ent); 411 continue; 412 } 413 414 if (parse_event(&ent.created_by, e.created) == -1) { 415 fprintf (stderr, "%s:%d:error parsing created event (%s)\n", 416 filename, line, e.created); 417 hdb_free_entry (context, &ent); 418 continue; 419 } 420 if (parse_event_alloc (&ent.modified_by, e.modified) == -1) { 421 fprintf (stderr, "%s:%d:error parsing event (%s)\n", 422 filename, line, e.modified); 423 hdb_free_entry (context, &ent); 424 continue; 425 } 426 if (parse_time_string_alloc (&ent.valid_start, e.valid_start) == -1) { 427 fprintf (stderr, "%s:%d:error parsing time (%s)\n", 428 filename, line, e.valid_start); 429 hdb_free_entry (context, &ent); 430 continue; 431 } 432 if (parse_time_string_alloc (&ent.valid_end, e.valid_end) == -1) { 433 fprintf (stderr, "%s:%d:error parsing time (%s)\n", 434 filename, line, e.valid_end); 435 hdb_free_entry (context, &ent); 436 continue; 437 } 438 if (parse_time_string_alloc (&ent.pw_end, e.pw_end) == -1) { 439 fprintf (stderr, "%s:%d:error parsing time (%s)\n", 440 filename, line, e.pw_end); 441 hdb_free_entry (context, &ent); 442 continue; 443 } 444 445 if (parse_integer_alloc (&ent.max_life, e.max_life) == -1) { 446 fprintf (stderr, "%s:%d:error parsing lifetime (%s)\n", 447 filename, line, e.max_life); 448 hdb_free_entry (context, &ent); 449 continue; 450 451 } 452 if (parse_integer_alloc (&ent.max_renew, e.max_renew) == -1) { 453 fprintf (stderr, "%s:%d:error parsing lifetime (%s)\n", 454 filename, line, e.max_renew); 455 hdb_free_entry (context, &ent); 456 continue; 457 } 458 459 if (parse_hdbflags2int (&ent.flags, e.flags) != 1) { 460 fprintf (stderr, "%s:%d:error parsing flags (%s)\n", 461 filename, line, e.flags); 462 hdb_free_entry (context, &ent); 463 continue; 464 } 465 466 if(parse_generation(e.generation, &ent.generation) == -1) { 467 fprintf (stderr, "%s:%d:error parsing generation (%s)\n", 468 filename, line, e.generation); 469 hdb_free_entry (context, &ent); 470 continue; 471 } 472 473 ret = db->store(context, db, HDB_F_REPLACE, &ent); 474 hdb_free_entry (context, &ent); 475 if (ret) { 476 krb5_warn(context, ret, "db_store"); 477 break; 478 } 479 } 480 db->close(context, db); 481 fclose(f); 482 return ret != 0; 483 } 484 485 486 static struct getargs args[] = { 487 { "help", 'h', arg_flag, NULL } 488 }; 489 490 static int num_args = sizeof(args) / sizeof(args[0]); 491 492 static void 493 usage(const char *name) 494 { 495 arg_printusage (args, num_args, name, "file"); 496 } 497 498 499 500 int 501 load(int argc, char **argv) 502 { 503 int optind = 0; 504 int help_flag = 0; 505 506 args[0].value = &help_flag; 507 508 if(getarg(args, num_args, argc, argv, &optind)) { 509 usage ("load"); 510 return 0; 511 } 512 if(argc - optind != 1 || help_flag) { 513 usage ("load"); 514 return 0; 515 } 516 517 doit(argv[optind], 0); 518 return 0; 519 } 520 521 int 522 merge(int argc, char **argv) 523 { 524 int optind = 0; 525 int help_flag = 0; 526 527 args[0].value = &help_flag; 528 529 if(getarg(args, num_args, argc, argv, &optind)) { 530 usage ("merge"); 531 return 0; 532 } 533 if(argc - optind != 1 || help_flag) { 534 usage ("merge"); 535 return 0; 536 } 537 538 doit(argv[optind], 1); 539 return 0; 540 } 541