17c478bd9Sstevel@tonic-gate /*
27c478bd9Sstevel@tonic-gate * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
37c478bd9Sstevel@tonic-gate *
47c478bd9Sstevel@tonic-gate * Openvision retains the copyright to derivative works of
57c478bd9Sstevel@tonic-gate * this source code. Do *NOT* create a derivative of this
67c478bd9Sstevel@tonic-gate * source code before consulting with your legal department.
77c478bd9Sstevel@tonic-gate * Do *NOT* integrate *ANY* of this source code into another
87c478bd9Sstevel@tonic-gate * product before consulting with your legal department.
97c478bd9Sstevel@tonic-gate *
107c478bd9Sstevel@tonic-gate * For further information, read the top-level Openvision
117c478bd9Sstevel@tonic-gate * copyright which is contained in the top-level MIT Kerberos
127c478bd9Sstevel@tonic-gate * copyright.
137c478bd9Sstevel@tonic-gate *
147c478bd9Sstevel@tonic-gate * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
157c478bd9Sstevel@tonic-gate *
167c478bd9Sstevel@tonic-gate */
177c478bd9Sstevel@tonic-gate
187c478bd9Sstevel@tonic-gate
197c478bd9Sstevel@tonic-gate #include <unistd.h>
207c478bd9Sstevel@tonic-gate #include <string.h>
217c478bd9Sstevel@tonic-gate #include <stdlib.h>
22*54925bf6Swillf #include "autoconf.h"
2356a424ccSmp153739 #ifdef HAVE_MEMORY_H
247c478bd9Sstevel@tonic-gate #include <memory.h>
2556a424ccSmp153739 #endif
267c478bd9Sstevel@tonic-gate
27*54925bf6Swillf #include <k5-int.h>
28*54925bf6Swillf #include <kadm5/admin.h>
29*54925bf6Swillf #include <kadm5/server_internal.h>
30*54925bf6Swillf #include <kdb.h>
317c478bd9Sstevel@tonic-gate #include "import_err.h"
3256a424ccSmp153739 #include "kdb5_util.h"
3356a424ccSmp153739 #include "nstrtok.h"
347c478bd9Sstevel@tonic-gate
357c478bd9Sstevel@tonic-gate #define LINESIZE 32768 /* XXX */
3656a424ccSmp153739 #define PLURAL(count) (((count) == 1) ? error_message(IMPORT_SINGLE_RECORD) : error_message(IMPORT_PLURAL_RECORDS))
377c478bd9Sstevel@tonic-gate
parse_pw_hist_ent(current,hist)3856a424ccSmp153739 static int parse_pw_hist_ent(current, hist)
397c478bd9Sstevel@tonic-gate char *current;
407c478bd9Sstevel@tonic-gate osa_pw_hist_ent *hist;
417c478bd9Sstevel@tonic-gate {
427c478bd9Sstevel@tonic-gate int tmp, i, j, ret;
437c478bd9Sstevel@tonic-gate char *cp;
447c478bd9Sstevel@tonic-gate
457c478bd9Sstevel@tonic-gate ret = 0;
467c478bd9Sstevel@tonic-gate hist->n_key_data = 1;
477c478bd9Sstevel@tonic-gate
487c478bd9Sstevel@tonic-gate hist->key_data = (krb5_key_data *) malloc(hist->n_key_data *
497c478bd9Sstevel@tonic-gate sizeof(krb5_key_data));
507c478bd9Sstevel@tonic-gate if (hist->key_data == NULL)
5156a424ccSmp153739 return ENOMEM;
527c478bd9Sstevel@tonic-gate memset(hist->key_data, 0, sizeof(krb5_key_data)*hist->n_key_data);
537c478bd9Sstevel@tonic-gate
547c478bd9Sstevel@tonic-gate for (i = 0; i < hist->n_key_data; i++) {
557c478bd9Sstevel@tonic-gate krb5_key_data *key_data = &hist->key_data[i];
567c478bd9Sstevel@tonic-gate
577c478bd9Sstevel@tonic-gate key_data->key_data_ver = 1;
587c478bd9Sstevel@tonic-gate
5956a424ccSmp153739 if((cp = nstrtok((char *) NULL, "\t")) == NULL) {
607c478bd9Sstevel@tonic-gate com_err(NULL, IMPORT_BAD_RECORD, "%s", current);
617c478bd9Sstevel@tonic-gate ret = IMPORT_FAILED;
627c478bd9Sstevel@tonic-gate goto done;
637c478bd9Sstevel@tonic-gate }
647c478bd9Sstevel@tonic-gate key_data->key_data_type[0] = atoi(cp);
657c478bd9Sstevel@tonic-gate
6656a424ccSmp153739 if((cp = nstrtok((char *) NULL, "\t")) == NULL) {
677c478bd9Sstevel@tonic-gate com_err(NULL, IMPORT_BAD_RECORD, "%s", current);
687c478bd9Sstevel@tonic-gate ret = IMPORT_FAILED;
697c478bd9Sstevel@tonic-gate goto done;
707c478bd9Sstevel@tonic-gate }
717c478bd9Sstevel@tonic-gate key_data->key_data_length[0] = atoi(cp);
727c478bd9Sstevel@tonic-gate
7356a424ccSmp153739 if((cp = nstrtok((char *) NULL, "\t")) == NULL) {
747c478bd9Sstevel@tonic-gate com_err(NULL, IMPORT_BAD_RECORD, "%s", current);
757c478bd9Sstevel@tonic-gate ret = IMPORT_FAILED;
767c478bd9Sstevel@tonic-gate goto done;
777c478bd9Sstevel@tonic-gate }
7856a424ccSmp153739 if(!(key_data->key_data_contents[0] =
7956a424ccSmp153739 (krb5_octet *) malloc(key_data->key_data_length[0]+1))) {
807c478bd9Sstevel@tonic-gate ret = ENOMEM;
817c478bd9Sstevel@tonic-gate goto done;
827c478bd9Sstevel@tonic-gate }
837c478bd9Sstevel@tonic-gate for(j = 0; j < key_data->key_data_length[0]; j++) {
847c478bd9Sstevel@tonic-gate if(sscanf(cp, "%02x", &tmp) != 1) {
857c478bd9Sstevel@tonic-gate com_err(NULL, IMPORT_BAD_RECORD, "%s", current);
867c478bd9Sstevel@tonic-gate ret = IMPORT_FAILED;
877c478bd9Sstevel@tonic-gate goto done;
887c478bd9Sstevel@tonic-gate }
897c478bd9Sstevel@tonic-gate key_data->key_data_contents[0][j] = tmp;
907c478bd9Sstevel@tonic-gate cp = strchr(cp, ' ') + 1;
917c478bd9Sstevel@tonic-gate }
927c478bd9Sstevel@tonic-gate }
937c478bd9Sstevel@tonic-gate
947c478bd9Sstevel@tonic-gate done:
9556a424ccSmp153739 return ret;
967c478bd9Sstevel@tonic-gate }
977c478bd9Sstevel@tonic-gate
987c478bd9Sstevel@tonic-gate /*
997c478bd9Sstevel@tonic-gate * Function: parse_principal
1007c478bd9Sstevel@tonic-gate *
1017c478bd9Sstevel@tonic-gate * Purpose: parse principal line in db dump file
1027c478bd9Sstevel@tonic-gate *
1037c478bd9Sstevel@tonic-gate * Arguments:
10456a424ccSmp153739 * <return value> 0 on success, error code on failure
1057c478bd9Sstevel@tonic-gate *
1067c478bd9Sstevel@tonic-gate * Requires:
1077c478bd9Sstevel@tonic-gate * principal database to be opened.
10856a424ccSmp153739 * nstrtok(3) to have a valid buffer in memory.
1097c478bd9Sstevel@tonic-gate *
1107c478bd9Sstevel@tonic-gate * Effects:
1117c478bd9Sstevel@tonic-gate * [effects]
1127c478bd9Sstevel@tonic-gate *
1137c478bd9Sstevel@tonic-gate * Modifies:
1147c478bd9Sstevel@tonic-gate * [modifies]
1157c478bd9Sstevel@tonic-gate *
1167c478bd9Sstevel@tonic-gate */
process_ov_principal(fname,kcontext,filep,verbose,linenop)117*54925bf6Swillf int process_ov_principal(fname, kcontext, filep, verbose, linenop)
1187c478bd9Sstevel@tonic-gate char *fname;
1197c478bd9Sstevel@tonic-gate krb5_context kcontext;
1207c478bd9Sstevel@tonic-gate FILE *filep;
1217c478bd9Sstevel@tonic-gate int verbose;
1227c478bd9Sstevel@tonic-gate int *linenop;
1237c478bd9Sstevel@tonic-gate {
1247c478bd9Sstevel@tonic-gate XDR xdrs;
1257c478bd9Sstevel@tonic-gate osa_princ_ent_t rec;
126*54925bf6Swillf krb5_error_code ret;
1277c478bd9Sstevel@tonic-gate krb5_tl_data tl_data;
1287c478bd9Sstevel@tonic-gate krb5_principal princ;
1297c478bd9Sstevel@tonic-gate krb5_db_entry kdb;
1307c478bd9Sstevel@tonic-gate char *current;
1317c478bd9Sstevel@tonic-gate char *cp;
13256a424ccSmp153739 int x, one;
13356a424ccSmp153739 krb5_boolean more;
1347c478bd9Sstevel@tonic-gate char line[LINESIZE];
1357c478bd9Sstevel@tonic-gate
1367c478bd9Sstevel@tonic-gate if (fgets(line, LINESIZE, filep) == (char *) NULL) {
13756a424ccSmp153739 return IMPORT_BAD_FILE;
1387c478bd9Sstevel@tonic-gate }
13956a424ccSmp153739 if((cp = nstrtok(line, "\t")) == NULL)
14056a424ccSmp153739 return IMPORT_BAD_FILE;
14156a424ccSmp153739 if((rec = (osa_princ_ent_t) malloc(sizeof(osa_princ_ent_rec))) == NULL)
14256a424ccSmp153739 return ENOMEM;
1437c478bd9Sstevel@tonic-gate memset(rec, 0, sizeof(osa_princ_ent_rec));
1447c478bd9Sstevel@tonic-gate if((ret = krb5_parse_name(kcontext, cp, &princ)))
1457c478bd9Sstevel@tonic-gate goto done;
1467c478bd9Sstevel@tonic-gate krb5_unparse_name(kcontext, princ, ¤t);
14756a424ccSmp153739 if((cp = nstrtok((char *) NULL, "\t")) == NULL) {
1487c478bd9Sstevel@tonic-gate com_err(NULL, IMPORT_BAD_RECORD, "%s", current);
1497c478bd9Sstevel@tonic-gate ret = IMPORT_FAILED;
1507c478bd9Sstevel@tonic-gate goto done;
1517c478bd9Sstevel@tonic-gate } else {
1527c478bd9Sstevel@tonic-gate if(strcmp(cp, "")) {
15356a424ccSmp153739 if((rec->policy = (char *) malloc(strlen(cp)+1)) == NULL) {
1547c478bd9Sstevel@tonic-gate ret = ENOMEM;
1557c478bd9Sstevel@tonic-gate goto done;
1567c478bd9Sstevel@tonic-gate }
1577c478bd9Sstevel@tonic-gate strcpy(rec->policy, cp);
15856a424ccSmp153739 } else rec->policy = NULL;
1597c478bd9Sstevel@tonic-gate }
16056a424ccSmp153739 if((cp = nstrtok((char *) NULL, "\t")) == NULL) {
1617c478bd9Sstevel@tonic-gate com_err(NULL, IMPORT_BAD_RECORD, "%s", current);
1627c478bd9Sstevel@tonic-gate ret = IMPORT_FAILED;
1637c478bd9Sstevel@tonic-gate goto done;
1647c478bd9Sstevel@tonic-gate }
1657c478bd9Sstevel@tonic-gate rec->aux_attributes = strtol(cp, (char **)NULL, 16);
16656a424ccSmp153739 if((cp = nstrtok((char *) NULL, "\t")) == NULL) {
1677c478bd9Sstevel@tonic-gate com_err(NULL, IMPORT_BAD_RECORD, "%s", current);
1687c478bd9Sstevel@tonic-gate ret = IMPORT_FAILED;
1697c478bd9Sstevel@tonic-gate goto done;
1707c478bd9Sstevel@tonic-gate }
1717c478bd9Sstevel@tonic-gate rec->old_key_len = atoi(cp);
17256a424ccSmp153739 if((cp = nstrtok((char *) NULL, "\t")) == NULL) {
1737c478bd9Sstevel@tonic-gate com_err(NULL, IMPORT_BAD_RECORD, "%s", current);
1747c478bd9Sstevel@tonic-gate ret = IMPORT_FAILED;
1757c478bd9Sstevel@tonic-gate goto done;
1767c478bd9Sstevel@tonic-gate }
1777c478bd9Sstevel@tonic-gate rec->old_key_next = atoi(cp);
17856a424ccSmp153739 if((cp = nstrtok((char *) NULL, "\t")) == NULL) {
1797c478bd9Sstevel@tonic-gate com_err(NULL, IMPORT_BAD_RECORD, "%s", current);
1807c478bd9Sstevel@tonic-gate ret = IMPORT_FAILED;
1817c478bd9Sstevel@tonic-gate goto done;
1827c478bd9Sstevel@tonic-gate }
1837c478bd9Sstevel@tonic-gate rec->admin_history_kvno = atoi(cp);
1847c478bd9Sstevel@tonic-gate if (! rec->old_key_len) {
1857c478bd9Sstevel@tonic-gate rec->old_keys = NULL;
1867c478bd9Sstevel@tonic-gate } else {
1877c478bd9Sstevel@tonic-gate if(!(rec->old_keys = (osa_pw_hist_ent *)
1887c478bd9Sstevel@tonic-gate malloc(sizeof(osa_pw_hist_ent) * rec->old_key_len))) {
1897c478bd9Sstevel@tonic-gate ret = ENOMEM;
1907c478bd9Sstevel@tonic-gate goto done;
1917c478bd9Sstevel@tonic-gate }
1927c478bd9Sstevel@tonic-gate memset(rec->old_keys,0,
1937c478bd9Sstevel@tonic-gate sizeof(osa_pw_hist_ent) * rec->old_key_len);
1947c478bd9Sstevel@tonic-gate for(x = 0; x < rec->old_key_len; x++)
1957c478bd9Sstevel@tonic-gate parse_pw_hist_ent(current, &rec->old_keys[x]);
1967c478bd9Sstevel@tonic-gate }
1977c478bd9Sstevel@tonic-gate
1987c478bd9Sstevel@tonic-gate xdralloc_create(&xdrs, XDR_ENCODE);
1997c478bd9Sstevel@tonic-gate if (! xdr_osa_princ_ent_rec(&xdrs, rec)) {
2007c478bd9Sstevel@tonic-gate xdr_destroy(&xdrs);
201*54925bf6Swillf ret = KADM5_XDR_FAILURE;
2027c478bd9Sstevel@tonic-gate goto done;
2037c478bd9Sstevel@tonic-gate }
20456a424ccSmp153739
2057c478bd9Sstevel@tonic-gate tl_data.tl_data_type = KRB5_TL_KADM_DATA;
2067c478bd9Sstevel@tonic-gate tl_data.tl_data_length = xdr_getpos(&xdrs);
2077c478bd9Sstevel@tonic-gate tl_data.tl_data_contents = (krb5_octet *) xdralloc_getdata(&xdrs);
2087c478bd9Sstevel@tonic-gate
2097c478bd9Sstevel@tonic-gate one = 1;
21056a424ccSmp153739 ret = krb5_db_get_principal(kcontext, princ, &kdb, &one, &more);
2117c478bd9Sstevel@tonic-gate if (ret)
2127c478bd9Sstevel@tonic-gate goto done;
2137c478bd9Sstevel@tonic-gate
21456a424ccSmp153739 ret = krb5_dbe_update_tl_data(kcontext, &kdb, &tl_data);
21556a424ccSmp153739 if (ret)
2167c478bd9Sstevel@tonic-gate goto done;
2177c478bd9Sstevel@tonic-gate
21856a424ccSmp153739 ret = krb5_db_put_principal(kcontext, &kdb, &one);
21956a424ccSmp153739 if (ret)
2207c478bd9Sstevel@tonic-gate goto done;
2217c478bd9Sstevel@tonic-gate
2227c478bd9Sstevel@tonic-gate xdr_destroy(&xdrs);
2237c478bd9Sstevel@tonic-gate
2247c478bd9Sstevel@tonic-gate (*linenop)++;
2257c478bd9Sstevel@tonic-gate
2267c478bd9Sstevel@tonic-gate done:
2277c478bd9Sstevel@tonic-gate free(current);
2287c478bd9Sstevel@tonic-gate krb5_free_principal(kcontext, princ);
2297c478bd9Sstevel@tonic-gate osa_free_princ_ent(rec);
23056a424ccSmp153739 return ret;
2317c478bd9Sstevel@tonic-gate }
232