1 /* 2 * Copyright (c) 1997-2001 Kungliga Tekniska H�gskolan 3 * (Royal Institute of Technology, Stockholm, Sweden). 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * 3. Neither the name of the Institute nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34 #include "kadmin_locl.h" 35 #include <kadm5/private.h> 36 37 RCSID("$Id: load.c,v 1.41 2001/02/20 01:44:49 assar Exp $"); 38 39 struct entry { 40 char *principal; 41 char *key; 42 char *max_life; 43 char *max_renew; 44 char *created; 45 char *modified; 46 char *valid_start; 47 char *valid_end; 48 char *pw_end; 49 char *flags; 50 char *etypes; 51 }; 52 53 static char * 54 skip_next(char *p) 55 { 56 while(*p && !isspace((unsigned char)*p)) 57 p++; 58 *p++ = 0; 59 while(*p && isspace((unsigned char)*p)) 60 p++; 61 return p; 62 } 63 64 /* 65 * Parse the time in `s', returning: 66 * -1 if error parsing 67 * 0 if none present 68 * 1 if parsed ok 69 */ 70 71 static int 72 parse_time_string(time_t *t, const char *s) 73 { 74 int year, month, date, hour, minute, second; 75 struct tm tm; 76 77 if(strcmp(s, "-") == 0) 78 return 0; 79 if(sscanf(s, "%04d%02d%02d%02d%02d%02d", 80 &year, &month, &date, &hour, &minute, &second) != 6) 81 return -1; 82 tm.tm_year = year - 1900; 83 tm.tm_mon = month - 1; 84 tm.tm_mday = date; 85 tm.tm_hour = hour; 86 tm.tm_min = minute; 87 tm.tm_sec = second; 88 tm.tm_isdst = 0; 89 *t = timegm(&tm); 90 return 1; 91 } 92 93 /* 94 * parse time, allocating space in *t if it's there 95 */ 96 97 static int 98 parse_time_string_alloc (time_t **t, const char *s) 99 { 100 time_t tmp; 101 int ret; 102 103 *t = NULL; 104 ret = parse_time_string (&tmp, s); 105 if (ret == 1) { 106 *t = malloc (sizeof (**t)); 107 if (*t == NULL) 108 krb5_errx (context, 1, "malloc: out of memory"); 109 **t = tmp; 110 } 111 return ret; 112 } 113 114 /* 115 * see parse_time_string for calling convention 116 */ 117 118 static int 119 parse_integer(unsigned *u, const char *s) 120 { 121 if(strcmp(s, "-") == 0) 122 return 0; 123 if (sscanf(s, "%u", u) != 1) 124 return -1; 125 return 1; 126 } 127 128 static int 129 parse_integer_alloc (int **u, const char *s) 130 { 131 unsigned tmp; 132 int ret; 133 134 *u = NULL; 135 ret = parse_integer (&tmp, s); 136 if (ret == 1) { 137 *u = malloc (sizeof (**u)); 138 if (*u == NULL) 139 krb5_errx (context, 1, "malloc: out of memory"); 140 **u = tmp; 141 } 142 return ret; 143 } 144 145 /* 146 * Parse dumped keys in `str' and store them in `ent' 147 * return -1 if parsing failed 148 */ 149 150 static int 151 parse_keys(hdb_entry *ent, char *str) 152 { 153 krb5_error_code ret; 154 int tmp; 155 char *p; 156 int i; 157 158 p = strsep(&str, ":"); 159 if (sscanf(p, "%d", &tmp) != 1) 160 return 1; 161 ent->kvno = tmp; 162 p = strsep(&str, ":"); 163 while(p){ 164 Key *key; 165 key = realloc(ent->keys.val, 166 (ent->keys.len + 1) * sizeof(*ent->keys.val)); 167 if(key == NULL) 168 krb5_errx (context, 1, "realloc: out of memory"); 169 ent->keys.val = key; 170 key = ent->keys.val + ent->keys.len; 171 ent->keys.len++; 172 memset(key, 0, sizeof(*key)); 173 if(sscanf(p, "%d", &tmp) == 1) { 174 key->mkvno = malloc(sizeof(*key->mkvno)); 175 *key->mkvno = tmp; 176 } else 177 key->mkvno = NULL; 178 p = strsep(&str, ":"); 179 if (sscanf(p, "%d", &tmp) != 1) 180 return 1; 181 key->key.keytype = tmp; 182 p = strsep(&str, ":"); 183 ret = krb5_data_alloc(&key->key.keyvalue, (strlen(p) - 1) / 2 + 1); 184 if (ret) 185 krb5_err (context, 1, ret, "krb5_data_alloc"); 186 for(i = 0; i < strlen(p); i += 2) { 187 if(sscanf(p + i, "%02x", &tmp) != 1) 188 return 1; 189 ((u_char*)key->key.keyvalue.data)[i / 2] = tmp; 190 } 191 p = strsep(&str, ":"); 192 if(strcmp(p, "-") != 0){ 193 unsigned type; 194 size_t p_len; 195 196 if(sscanf(p, "%u/", &type) != 1) 197 return 1; 198 p = strchr(p, '/'); 199 if(p == NULL) 200 return 1; 201 p++; 202 p_len = strlen(p); 203 204 key->salt = malloc(sizeof(*key->salt)); 205 if (key->salt == NULL) 206 krb5_errx (context, 1, "malloc: out of memory"); 207 key->salt->type = type; 208 209 if (p_len) { 210 if(*p == '\"') { 211 ret = krb5_data_copy(&key->salt->salt, p + 1, p_len - 2); 212 if (ret) 213 krb5_err (context, 1, ret, "krb5_data_copy"); 214 } else { 215 ret = krb5_data_alloc(&key->salt->salt, 216 (p_len - 1) / 2 + 1); 217 if (ret) 218 krb5_err (context, 1, ret, "krb5_data_alloc"); 219 for(i = 0; i < p_len; i += 2){ 220 if (sscanf(p + i, "%02x", &tmp) != 1) 221 return 1; 222 ((u_char*)key->salt->salt.data)[i / 2] = tmp; 223 } 224 } 225 } else 226 krb5_data_zero (&key->salt->salt); 227 } 228 p = strsep(&str, ":"); 229 } 230 return 0; 231 } 232 233 /* 234 * see parse_time_string for calling convention 235 */ 236 237 static int 238 parse_event(Event *ev, char *s) 239 { 240 krb5_error_code ret; 241 char *p; 242 243 if(strcmp(s, "-") == 0) 244 return 0; 245 memset(ev, 0, sizeof(*ev)); 246 p = strsep(&s, ":"); 247 if(parse_time_string(&ev->time, p) != 1) 248 return -1; 249 p = strsep(&s, ":"); 250 ret = krb5_parse_name(context, p, &ev->principal); 251 if (ret) 252 return -1; 253 return 1; 254 } 255 256 static int 257 parse_event_alloc (Event **ev, char *s) 258 { 259 Event tmp; 260 int ret; 261 262 *ev = NULL; 263 ret = parse_event (&tmp, s); 264 if (ret == 1) { 265 *ev = malloc (sizeof (**ev)); 266 if (*ev == NULL) 267 krb5_errx (context, 1, "malloc: out of memory"); 268 **ev = tmp; 269 } 270 return ret; 271 } 272 273 static int 274 parse_hdbflags2int(HDBFlags *f, const char *s) 275 { 276 int ret; 277 unsigned tmp; 278 279 ret = parse_integer (&tmp, s); 280 if (ret == 1) 281 *f = int2HDBFlags (tmp); 282 return ret; 283 } 284 285 #if 0 286 static void 287 parse_etypes(char *str, unsigned **val, unsigned *len) 288 { 289 unsigned v; 290 291 *val = NULL; 292 *len = 0; 293 while(sscanf(str, "%u", &v) == 1) { 294 *val = realloc(*val, (*len+1) * sizeof(**val)); 295 (*val)[(*len)++] = v; 296 str = strchr(str, ':'); 297 if(str == NULL) 298 break; 299 str++; 300 } 301 } 302 #endif 303 304 /* 305 * Parse the dump file in `filename' and create the database (merging 306 * iff merge) 307 */ 308 309 static int 310 doit(const char *filename, int merge) 311 { 312 krb5_error_code ret; 313 FILE *f; 314 char s[1024]; 315 char *p; 316 int line; 317 int flags = O_RDWR; 318 struct entry e; 319 hdb_entry ent; 320 HDB *db = _kadm5_s_get_db(kadm_handle); 321 322 f = fopen(filename, "r"); 323 if(f == NULL){ 324 krb5_warn(context, errno, "fopen(%s)", filename); 325 return 1; 326 } 327 ret = kadm5_log_truncate (kadm_handle); 328 if (ret) { 329 fclose (f); 330 krb5_warn(context, ret, "kadm5_log_truncate"); 331 return 1; 332 } 333 334 if(!merge) 335 flags |= O_CREAT | O_TRUNC; 336 ret = db->open(context, db, flags, 0600); 337 if(ret){ 338 krb5_warn(context, ret, "hdb_open"); 339 fclose(f); 340 return 1; 341 } 342 line = 0; 343 ret = 0; 344 while(fgets(s, sizeof(s), f) != NULL) { 345 ret = 0; 346 line++; 347 e.principal = s; 348 for(p = s; *p; p++){ 349 if(*p == '\\') 350 p++; 351 else if(isspace((unsigned char)*p)) { 352 *p = 0; 353 break; 354 } 355 } 356 p = skip_next(p); 357 358 e.key = p; 359 p = skip_next(p); 360 361 e.created = p; 362 p = skip_next(p); 363 364 e.modified = p; 365 p = skip_next(p); 366 367 e.valid_start = p; 368 p = skip_next(p); 369 370 e.valid_end = p; 371 p = skip_next(p); 372 373 e.pw_end = p; 374 p = skip_next(p); 375 376 e.max_life = p; 377 p = skip_next(p); 378 379 e.max_renew = p; 380 p = skip_next(p); 381 382 e.flags = p; 383 p = skip_next(p); 384 385 e.etypes = p; 386 p = skip_next(p); 387 388 memset(&ent, 0, sizeof(ent)); 389 ret = krb5_parse_name(context, e.principal, &ent.principal); 390 if(ret) { 391 fprintf(stderr, "%s:%d:%s (%s)\n", 392 filename, 393 line, 394 krb5_get_err_text(context, ret), 395 e.principal); 396 continue; 397 } 398 399 if (parse_keys(&ent, e.key)) { 400 fprintf (stderr, "%s:%d:error parsing keys (%s)\n", 401 filename, line, e.key); 402 hdb_free_entry (context, &ent); 403 continue; 404 } 405 406 if (parse_event(&ent.created_by, e.created) == -1) { 407 fprintf (stderr, "%s:%d:error parsing created event (%s)\n", 408 filename, line, e.created); 409 hdb_free_entry (context, &ent); 410 continue; 411 } 412 if (parse_event_alloc (&ent.modified_by, e.modified) == -1) { 413 fprintf (stderr, "%s:%d:error parsing event (%s)\n", 414 filename, line, e.modified); 415 hdb_free_entry (context, &ent); 416 continue; 417 } 418 if (parse_time_string_alloc (&ent.valid_start, e.valid_start) == -1) { 419 fprintf (stderr, "%s:%d:error parsing time (%s)\n", 420 filename, line, e.valid_start); 421 hdb_free_entry (context, &ent); 422 continue; 423 } 424 if (parse_time_string_alloc (&ent.valid_end, e.valid_end) == -1) { 425 fprintf (stderr, "%s:%d:error parsing time (%s)\n", 426 filename, line, e.valid_end); 427 hdb_free_entry (context, &ent); 428 continue; 429 } 430 if (parse_time_string_alloc (&ent.pw_end, e.pw_end) == -1) { 431 fprintf (stderr, "%s:%d:error parsing time (%s)\n", 432 filename, line, e.pw_end); 433 hdb_free_entry (context, &ent); 434 continue; 435 } 436 437 if (parse_integer_alloc (&ent.max_life, e.max_life) == -1) { 438 fprintf (stderr, "%s:%d:error parsing lifetime (%s)\n", 439 filename, line, e.max_life); 440 hdb_free_entry (context, &ent); 441 continue; 442 443 } 444 if (parse_integer_alloc (&ent.max_renew, e.max_renew) == -1) { 445 fprintf (stderr, "%s:%d:error parsing lifetime (%s)\n", 446 filename, line, e.max_renew); 447 hdb_free_entry (context, &ent); 448 continue; 449 } 450 451 if (parse_hdbflags2int (&ent.flags, e.flags) != 1) { 452 fprintf (stderr, "%s:%d:error parsing flags (%s)\n", 453 filename, line, e.flags); 454 hdb_free_entry (context, &ent); 455 continue; 456 } 457 #if 0 458 ALLOC(ent.etypes); 459 parse_etypes(e.etypes, &ent.etypes->val, &ent.etypes->len); 460 if(ent.etypes->len == 0) { 461 free(ent.etypes); 462 ent.etypes = NULL; 463 } 464 #endif 465 466 ret = db->store(context, db, HDB_F_REPLACE, &ent); 467 hdb_free_entry (context, &ent); 468 if (ret) { 469 krb5_warn(context, ret, "db_store"); 470 break; 471 } 472 } 473 db->close(context, db); 474 fclose(f); 475 return ret != 0; 476 } 477 478 479 static struct getargs args[] = { 480 { "help", 'h', arg_flag, NULL } 481 }; 482 483 static int num_args = sizeof(args) / sizeof(args[0]); 484 485 static void 486 usage(const char *name) 487 { 488 arg_printusage (args, num_args, name, "file"); 489 } 490 491 492 493 int 494 load(int argc, char **argv) 495 { 496 int optind = 0; 497 int help_flag = 0; 498 499 args[0].value = &help_flag; 500 501 if(getarg(args, num_args, argc, argv, &optind)) { 502 usage ("load"); 503 return 0; 504 } 505 if(argc - optind != 1 || help_flag) { 506 usage ("load"); 507 return 0; 508 } 509 510 doit(argv[optind], 0); 511 return 0; 512 } 513 514 int 515 merge(int argc, char **argv) 516 { 517 int optind = 0; 518 int help_flag = 0; 519 520 args[0].value = &help_flag; 521 522 if(getarg(args, num_args, argc, argv, &optind)) { 523 usage ("merge"); 524 return 0; 525 } 526 if(argc - optind != 1 || help_flag) { 527 usage ("merge"); 528 return 0; 529 } 530 531 doit(argv[optind], 1); 532 return 0; 533 } 534