xref: /freebsd/crypto/heimdal/kadmin/load.c (revision 6990ffd8a95caaba6858ad44ff1b3157d1efba8f)
1 /*
2  * Copyright (c) 1997-2001 Kungliga Tekniska H�gskolan
3  * (Royal Institute of Technology, Stockholm, Sweden).
4  * All rights reserved.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  *
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  *
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  *
17  * 3. Neither the name of the Institute nor the names of its contributors
18  *    may be used to endorse or promote products derived from this software
19  *    without specific prior written permission.
20  *
21  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31  * SUCH DAMAGE.
32  */
33 
34 #include "kadmin_locl.h"
35 #include <kadm5/private.h>
36 
37 RCSID("$Id: load.c,v 1.41 2001/02/20 01:44:49 assar Exp $");
38 
39 struct entry {
40     char *principal;
41     char *key;
42     char *max_life;
43     char *max_renew;
44     char *created;
45     char *modified;
46     char *valid_start;
47     char *valid_end;
48     char *pw_end;
49     char *flags;
50     char *etypes;
51 };
52 
53 static char *
54 skip_next(char *p)
55 {
56     while(*p && !isspace((unsigned char)*p))
57 	p++;
58     *p++ = 0;
59     while(*p && isspace((unsigned char)*p))
60 	p++;
61     return p;
62 }
63 
64 /*
65  * Parse the time in `s', returning:
66  * -1 if error parsing
67  * 0  if none  present
68  * 1  if parsed ok
69  */
70 
71 static int
72 parse_time_string(time_t *t, const char *s)
73 {
74     int year, month, date, hour, minute, second;
75     struct tm tm;
76 
77     if(strcmp(s, "-") == 0)
78 	return 0;
79     if(sscanf(s, "%04d%02d%02d%02d%02d%02d",
80 	      &year, &month, &date, &hour, &minute, &second) != 6)
81 	return -1;
82     tm.tm_year  = year - 1900;
83     tm.tm_mon   = month - 1;
84     tm.tm_mday  = date;
85     tm.tm_hour  = hour;
86     tm.tm_min   = minute;
87     tm.tm_sec   = second;
88     tm.tm_isdst = 0;
89     *t = timegm(&tm);
90     return 1;
91 }
92 
93 /*
94  * parse time, allocating space in *t if it's there
95  */
96 
97 static int
98 parse_time_string_alloc (time_t **t, const char *s)
99 {
100     time_t tmp;
101     int ret;
102 
103     *t = NULL;
104     ret = parse_time_string (&tmp, s);
105     if (ret == 1) {
106 	*t = malloc (sizeof (**t));
107 	if (*t == NULL)
108 	    krb5_errx (context, 1, "malloc: out of memory");
109 	**t = tmp;
110     }
111     return ret;
112 }
113 
114 /*
115  * see parse_time_string for calling convention
116  */
117 
118 static int
119 parse_integer(unsigned *u, const char *s)
120 {
121     if(strcmp(s, "-") == 0)
122 	return 0;
123     if (sscanf(s, "%u", u) != 1)
124 	return -1;
125     return 1;
126 }
127 
128 static int
129 parse_integer_alloc (int **u, const char *s)
130 {
131     unsigned tmp;
132     int ret;
133 
134     *u = NULL;
135     ret = parse_integer (&tmp, s);
136     if (ret == 1) {
137 	*u = malloc (sizeof (**u));
138 	if (*u == NULL)
139 	    krb5_errx (context, 1, "malloc: out of memory");
140 	**u = tmp;
141     }
142     return ret;
143 }
144 
145 /*
146  * Parse dumped keys in `str' and store them in `ent'
147  * return -1 if parsing failed
148  */
149 
150 static int
151 parse_keys(hdb_entry *ent, char *str)
152 {
153     krb5_error_code ret;
154     int tmp;
155     char *p;
156     int i;
157 
158     p = strsep(&str, ":");
159     if (sscanf(p, "%d", &tmp) != 1)
160 	return 1;
161     ent->kvno = tmp;
162     p = strsep(&str, ":");
163     while(p){
164 	Key *key;
165 	key = realloc(ent->keys.val,
166 		      (ent->keys.len + 1) * sizeof(*ent->keys.val));
167 	if(key == NULL)
168 	    krb5_errx (context, 1, "realloc: out of memory");
169 	ent->keys.val = key;
170 	key = ent->keys.val + ent->keys.len;
171 	ent->keys.len++;
172 	memset(key, 0, sizeof(*key));
173 	if(sscanf(p, "%d", &tmp) == 1) {
174 	    key->mkvno = malloc(sizeof(*key->mkvno));
175 	    *key->mkvno = tmp;
176 	} else
177 	    key->mkvno = NULL;
178 	p = strsep(&str, ":");
179 	if (sscanf(p, "%d", &tmp) != 1)
180 	    return 1;
181 	key->key.keytype = tmp;
182 	p = strsep(&str, ":");
183 	ret = krb5_data_alloc(&key->key.keyvalue, (strlen(p) - 1) / 2 + 1);
184 	if (ret)
185 	    krb5_err (context, 1, ret, "krb5_data_alloc");
186 	for(i = 0; i < strlen(p); i += 2) {
187 	    if(sscanf(p + i, "%02x", &tmp) != 1)
188 		return 1;
189 	    ((u_char*)key->key.keyvalue.data)[i / 2] = tmp;
190 	}
191 	p = strsep(&str, ":");
192 	if(strcmp(p, "-") != 0){
193 	    unsigned type;
194 	    size_t p_len;
195 
196 	    if(sscanf(p, "%u/", &type) != 1)
197 		return 1;
198 	    p = strchr(p, '/');
199 	    if(p == NULL)
200 		return 1;
201 	    p++;
202 	    p_len = strlen(p);
203 
204 	    key->salt = malloc(sizeof(*key->salt));
205 	    if (key->salt == NULL)
206 		krb5_errx (context, 1, "malloc: out of memory");
207 	    key->salt->type = type;
208 
209 	    if (p_len) {
210 		if(*p == '\"') {
211 		    ret = krb5_data_copy(&key->salt->salt, p + 1, p_len - 2);
212 		    if (ret)
213 			krb5_err (context, 1, ret, "krb5_data_copy");
214 		} else {
215 		    ret = krb5_data_alloc(&key->salt->salt,
216 					  (p_len - 1) / 2 + 1);
217 		    if (ret)
218 			krb5_err (context, 1, ret, "krb5_data_alloc");
219 		    for(i = 0; i < p_len; i += 2){
220 			if (sscanf(p + i, "%02x", &tmp) != 1)
221 			    return 1;
222 			((u_char*)key->salt->salt.data)[i / 2] = tmp;
223 		    }
224 		}
225 	    } else
226 		krb5_data_zero (&key->salt->salt);
227 	}
228 	p = strsep(&str, ":");
229     }
230     return 0;
231 }
232 
233 /*
234  * see parse_time_string for calling convention
235  */
236 
237 static int
238 parse_event(Event *ev, char *s)
239 {
240     krb5_error_code ret;
241     char *p;
242 
243     if(strcmp(s, "-") == 0)
244 	return 0;
245     memset(ev, 0, sizeof(*ev));
246     p = strsep(&s, ":");
247     if(parse_time_string(&ev->time, p) != 1)
248 	return -1;
249     p = strsep(&s, ":");
250     ret = krb5_parse_name(context, p, &ev->principal);
251     if (ret)
252 	return -1;
253     return 1;
254 }
255 
256 static int
257 parse_event_alloc (Event **ev, char *s)
258 {
259     Event tmp;
260     int ret;
261 
262     *ev = NULL;
263     ret = parse_event (&tmp, s);
264     if (ret == 1) {
265 	*ev = malloc (sizeof (**ev));
266 	if (*ev == NULL)
267 	    krb5_errx (context, 1, "malloc: out of memory");
268 	**ev = tmp;
269     }
270     return ret;
271 }
272 
273 static int
274 parse_hdbflags2int(HDBFlags *f, const char *s)
275 {
276     int ret;
277     unsigned tmp;
278 
279     ret = parse_integer (&tmp, s);
280     if (ret == 1)
281 	*f = int2HDBFlags (tmp);
282     return ret;
283 }
284 
285 #if 0
286 static void
287 parse_etypes(char *str, unsigned **val, unsigned *len)
288 {
289     unsigned v;
290 
291     *val = NULL;
292     *len = 0;
293     while(sscanf(str, "%u", &v) == 1) {
294 	*val = realloc(*val, (*len+1) * sizeof(**val));
295 	(*val)[(*len)++] = v;
296 	str = strchr(str, ':');
297 	if(str == NULL)
298 	    break;
299 	str++;
300     }
301 }
302 #endif
303 
304 /*
305  * Parse the dump file in `filename' and create the database (merging
306  * iff merge)
307  */
308 
309 static int
310 doit(const char *filename, int merge)
311 {
312     krb5_error_code ret;
313     FILE *f;
314     char s[1024];
315     char *p;
316     int line;
317     int flags = O_RDWR;
318     struct entry e;
319     hdb_entry ent;
320     HDB *db = _kadm5_s_get_db(kadm_handle);
321 
322     f = fopen(filename, "r");
323     if(f == NULL){
324 	krb5_warn(context, errno, "fopen(%s)", filename);
325 	return 1;
326     }
327     ret = kadm5_log_truncate (kadm_handle);
328     if (ret) {
329 	fclose (f);
330 	krb5_warn(context, ret, "kadm5_log_truncate");
331 	return 1;
332     }
333 
334     if(!merge)
335 	flags |= O_CREAT | O_TRUNC;
336     ret = db->open(context, db, flags, 0600);
337     if(ret){
338 	krb5_warn(context, ret, "hdb_open");
339 	fclose(f);
340 	return 1;
341     }
342     line = 0;
343     ret = 0;
344     while(fgets(s, sizeof(s), f) != NULL) {
345 	ret = 0;
346 	line++;
347 	e.principal = s;
348 	for(p = s; *p; p++){
349 	    if(*p == '\\')
350 		p++;
351 	    else if(isspace((unsigned char)*p)) {
352 		*p = 0;
353 		break;
354 	    }
355 	}
356 	p = skip_next(p);
357 
358 	e.key = p;
359 	p = skip_next(p);
360 
361 	e.created = p;
362 	p = skip_next(p);
363 
364 	e.modified = p;
365 	p = skip_next(p);
366 
367 	e.valid_start = p;
368 	p = skip_next(p);
369 
370 	e.valid_end = p;
371 	p = skip_next(p);
372 
373 	e.pw_end = p;
374 	p = skip_next(p);
375 
376 	e.max_life = p;
377 	p = skip_next(p);
378 
379 	e.max_renew = p;
380 	p = skip_next(p);
381 
382 	e.flags = p;
383 	p = skip_next(p);
384 
385 	e.etypes = p;
386 	p = skip_next(p);
387 
388 	memset(&ent, 0, sizeof(ent));
389 	ret = krb5_parse_name(context, e.principal, &ent.principal);
390 	if(ret) {
391 	    fprintf(stderr, "%s:%d:%s (%s)\n",
392 		    filename,
393 		    line,
394 		    krb5_get_err_text(context, ret),
395 		    e.principal);
396 	    continue;
397 	}
398 
399 	if (parse_keys(&ent, e.key)) {
400 	    fprintf (stderr, "%s:%d:error parsing keys (%s)\n",
401 		     filename, line, e.key);
402 	    hdb_free_entry (context, &ent);
403 	    continue;
404 	}
405 
406 	if (parse_event(&ent.created_by, e.created) == -1) {
407 	    fprintf (stderr, "%s:%d:error parsing created event (%s)\n",
408 		     filename, line, e.created);
409 	    hdb_free_entry (context, &ent);
410 	    continue;
411 	}
412 	if (parse_event_alloc (&ent.modified_by, e.modified) == -1) {
413 	    fprintf (stderr, "%s:%d:error parsing event (%s)\n",
414 		     filename, line, e.modified);
415 	    hdb_free_entry (context, &ent);
416 	    continue;
417 	}
418 	if (parse_time_string_alloc (&ent.valid_start, e.valid_start) == -1) {
419 	    fprintf (stderr, "%s:%d:error parsing time (%s)\n",
420 		     filename, line, e.valid_start);
421 	    hdb_free_entry (context, &ent);
422 	    continue;
423 	}
424 	if (parse_time_string_alloc (&ent.valid_end,   e.valid_end) == -1) {
425 	    fprintf (stderr, "%s:%d:error parsing time (%s)\n",
426 		     filename, line, e.valid_end);
427 	    hdb_free_entry (context, &ent);
428 	    continue;
429 	}
430 	if (parse_time_string_alloc (&ent.pw_end,      e.pw_end) == -1) {
431 	    fprintf (stderr, "%s:%d:error parsing time (%s)\n",
432 		     filename, line, e.pw_end);
433 	    hdb_free_entry (context, &ent);
434 	    continue;
435 	}
436 
437 	if (parse_integer_alloc (&ent.max_life,  e.max_life) == -1) {
438 	    fprintf (stderr, "%s:%d:error parsing lifetime (%s)\n",
439 		     filename, line, e.max_life);
440 	    hdb_free_entry (context, &ent);
441 	    continue;
442 
443 	}
444 	if (parse_integer_alloc (&ent.max_renew, e.max_renew) == -1) {
445 	    fprintf (stderr, "%s:%d:error parsing lifetime (%s)\n",
446 		     filename, line, e.max_renew);
447 	    hdb_free_entry (context, &ent);
448 	    continue;
449 	}
450 
451 	if (parse_hdbflags2int (&ent.flags, e.flags) != 1) {
452 	    fprintf (stderr, "%s:%d:error parsing flags (%s)\n",
453 		     filename, line, e.flags);
454 	    hdb_free_entry (context, &ent);
455 	    continue;
456 	}
457 #if 0
458 	ALLOC(ent.etypes);
459 	parse_etypes(e.etypes, &ent.etypes->val, &ent.etypes->len);
460 	if(ent.etypes->len == 0) {
461 	    free(ent.etypes);
462 	    ent.etypes = NULL;
463 	}
464 #endif
465 
466 	ret = db->store(context, db, HDB_F_REPLACE, &ent);
467 	hdb_free_entry (context, &ent);
468 	if (ret) {
469 	    krb5_warn(context, ret, "db_store");
470 	    break;
471 	}
472     }
473     db->close(context, db);
474     fclose(f);
475     return ret != 0;
476 }
477 
478 
479 static struct getargs args[] = {
480     { "help", 'h', arg_flag, NULL }
481 };
482 
483 static int num_args = sizeof(args) / sizeof(args[0]);
484 
485 static void
486 usage(const char *name)
487 {
488     arg_printusage (args, num_args, name, "file");
489 }
490 
491 
492 
493 int
494 load(int argc, char **argv)
495 {
496     int optind = 0;
497     int help_flag = 0;
498 
499     args[0].value = &help_flag;
500 
501     if(getarg(args, num_args, argc, argv, &optind)) {
502 	usage ("load");
503 	return 0;
504     }
505     if(argc - optind != 1 || help_flag) {
506 	usage ("load");
507 	return 0;
508     }
509 
510     doit(argv[optind], 0);
511     return 0;
512 }
513 
514 int
515 merge(int argc, char **argv)
516 {
517     int optind = 0;
518     int help_flag = 0;
519 
520     args[0].value = &help_flag;
521 
522     if(getarg(args, num_args, argc, argv, &optind)) {
523 	usage ("merge");
524 	return 0;
525     }
526     if(argc - optind != 1 || help_flag) {
527 	usage ("merge");
528 	return 0;
529     }
530 
531     doit(argv[optind], 1);
532     return 0;
533 }
534