xref: /freebsd/crypto/heimdal/lib/kadm5/ent_setup.c (revision 1e413cf93298b5b97441a21d9a50fdcd0ee9945e)
1 /*
2  * Copyright (c) 1997 - 2000 Kungliga Tekniska H�gskolan
3  * (Royal Institute of Technology, Stockholm, Sweden).
4  * All rights reserved.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  *
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  *
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  *
17  * 3. Neither the name of the Institute nor the names of its contributors
18  *    may be used to endorse or promote products derived from this software
19  *    without specific prior written permission.
20  *
21  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31  * SUCH DAMAGE.
32  */
33 
34 #include "kadm5_locl.h"
35 
36 RCSID("$Id: ent_setup.c,v 1.12 2000/03/23 23:02:35 assar Exp $");
37 
38 #define set_value(X, V) do { if((X) == NULL) (X) = malloc(sizeof(*(X))); *(X) = V; } while(0)
39 #define set_null(X)     do { if((X) != NULL) free((X)); (X) = NULL; } while (0)
40 
41 static void
42 attr_to_flags(unsigned attr, HDBFlags *flags)
43 {
44     flags->postdate =		!(attr & KRB5_KDB_DISALLOW_POSTDATED);
45     flags->forwardable =	!(attr & KRB5_KDB_DISALLOW_FORWARDABLE);
46     flags->initial =	       !!(attr & KRB5_KDB_DISALLOW_TGT_BASED);
47     flags->renewable =		!(attr & KRB5_KDB_DISALLOW_RENEWABLE);
48     flags->proxiable =		!(attr & KRB5_KDB_DISALLOW_PROXIABLE);
49     /* DUP_SKEY */
50     flags->invalid =	       !!(attr & KRB5_KDB_DISALLOW_ALL_TIX);
51     flags->require_preauth =   !!(attr & KRB5_KDB_REQUIRES_PRE_AUTH);
52     /* HW_AUTH */
53     flags->server =		!(attr & KRB5_KDB_DISALLOW_SVR);
54     flags->change_pw = 	       !!(attr & KRB5_KDB_PWCHANGE_SERVICE);
55     flags->client =	        1; /* XXX */
56 }
57 
58 /*
59  * Create the hdb entry `ent' based on data from `princ' with
60  * `princ_mask' specifying what fields to be gotten from there and
61  * `mask' specifying what fields we want filled in.
62  */
63 
64 kadm5_ret_t
65 _kadm5_setup_entry(kadm5_server_context *context,
66 		   hdb_entry *ent,
67 		   u_int32_t mask,
68 		   kadm5_principal_ent_t princ,
69 		   u_int32_t princ_mask,
70 		   kadm5_principal_ent_t def,
71 		   u_int32_t def_mask)
72 {
73     if(mask & KADM5_PRINC_EXPIRE_TIME
74        && princ_mask & KADM5_PRINC_EXPIRE_TIME) {
75 	if (princ->princ_expire_time)
76 	    set_value(ent->valid_end, princ->princ_expire_time);
77 	else
78 	    set_null(ent->valid_end);
79     }
80     if(mask & KADM5_PW_EXPIRATION
81        && princ_mask & KADM5_PW_EXPIRATION) {
82 	if (princ->pw_expiration)
83 	    set_value(ent->pw_end, princ->pw_expiration);
84 	else
85 	    set_null(ent->pw_end);
86     }
87     if(mask & KADM5_ATTRIBUTES) {
88 	if (princ_mask & KADM5_ATTRIBUTES) {
89 	    attr_to_flags(princ->attributes, &ent->flags);
90 	} else if(def_mask & KADM5_ATTRIBUTES) {
91 	    attr_to_flags(def->attributes, &ent->flags);
92 	    ent->flags.invalid = 0;
93 	} else {
94 	    ent->flags.client      = 1;
95 	    ent->flags.server      = 1;
96 	    ent->flags.forwardable = 1;
97 	    ent->flags.proxiable   = 1;
98 	    ent->flags.renewable   = 1;
99 	    ent->flags.postdate    = 1;
100 	}
101     }
102     if(mask & KADM5_MAX_LIFE) {
103 	if(princ_mask & KADM5_MAX_LIFE) {
104 	    if(princ->max_life)
105 	      set_value(ent->max_life, princ->max_life);
106 	    else
107 	      set_null(ent->max_life);
108 	} else if(def_mask & KADM5_MAX_LIFE) {
109 	    if(def->max_life)
110 	      set_value(ent->max_life, def->max_life);
111 	    else
112 	      set_null(ent->max_life);
113 	}
114     }
115     if(mask & KADM5_KVNO
116        && princ_mask & KADM5_KVNO)
117 	ent->kvno = princ->kvno;
118     if(mask & KADM5_MAX_RLIFE) {
119 	if(princ_mask & KADM5_MAX_RLIFE) {
120 	  if(princ->max_renewable_life)
121 	    set_value(ent->max_renew, princ->max_renewable_life);
122 	  else
123 	    set_null(ent->max_renew);
124 	} else if(def_mask & KADM5_MAX_RLIFE) {
125 	  if(def->max_renewable_life)
126 	    set_value(ent->max_renew, def->max_renewable_life);
127 	  else
128 	    set_null(ent->max_renew);
129 	}
130     }
131     if(mask & KADM5_KEY_DATA
132        && princ_mask & KADM5_KEY_DATA) {
133 	_kadm5_set_keys2(context, ent, princ->n_key_data, princ->key_data);
134     }
135     if(mask & KADM5_TL_DATA) {
136 	/* XXX */
137     }
138     if(mask & KADM5_FAIL_AUTH_COUNT) {
139 	/* XXX */
140     }
141     return 0;
142 }
143