17c478bd9Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI"
27c478bd9Sstevel@tonic-gate
37c478bd9Sstevel@tonic-gate /*
47c478bd9Sstevel@tonic-gate * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
57c478bd9Sstevel@tonic-gate *
67c478bd9Sstevel@tonic-gate * Openvision retains the copyright to derivative works of
77c478bd9Sstevel@tonic-gate * this source code. Do *NOT* create a derivative of this
87c478bd9Sstevel@tonic-gate * source code before consulting with your legal department.
97c478bd9Sstevel@tonic-gate * Do *NOT* integrate *ANY* of this source code into another
107c478bd9Sstevel@tonic-gate * product before consulting with your legal department.
117c478bd9Sstevel@tonic-gate *
127c478bd9Sstevel@tonic-gate * For further information, read the top-level Openvision
137c478bd9Sstevel@tonic-gate * copyright which is contained in the top-level MIT Kerberos
147c478bd9Sstevel@tonic-gate * copyright.
157c478bd9Sstevel@tonic-gate *
167c478bd9Sstevel@tonic-gate * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
177c478bd9Sstevel@tonic-gate *
187c478bd9Sstevel@tonic-gate */
197c478bd9Sstevel@tonic-gate
207c478bd9Sstevel@tonic-gate
217c478bd9Sstevel@tonic-gate #include <unistd.h>
227c478bd9Sstevel@tonic-gate #include <string.h>
237c478bd9Sstevel@tonic-gate #include <stdlib.h>
24*54925bf6Swillf #include "autoconf.h"
2556a424ccSmp153739 #ifdef HAVE_MEMORY_H
267c478bd9Sstevel@tonic-gate #include <memory.h>
2756a424ccSmp153739 #endif
287c478bd9Sstevel@tonic-gate
29*54925bf6Swillf #include <k5-int.h>
30*54925bf6Swillf #include <kadm5/admin.h>
31*54925bf6Swillf #include <kadm5/server_internal.h>
32*54925bf6Swillf #include <kdb.h>
337c478bd9Sstevel@tonic-gate #include "import_err.h"
3456a424ccSmp153739 #include "kdb5_util.h"
3556a424ccSmp153739 #include "nstrtok.h"
367c478bd9Sstevel@tonic-gate
377c478bd9Sstevel@tonic-gate #define LINESIZE 32768 /* XXX */
3856a424ccSmp153739 #define PLURAL(count) (((count) == 1) ? error_message(IMPORT_SINGLE_RECORD) : error_message(IMPORT_PLURAL_RECORDS))
397c478bd9Sstevel@tonic-gate
parse_pw_hist_ent(current,hist)4056a424ccSmp153739 static int parse_pw_hist_ent(current, hist)
417c478bd9Sstevel@tonic-gate char *current;
427c478bd9Sstevel@tonic-gate osa_pw_hist_ent *hist;
437c478bd9Sstevel@tonic-gate {
447c478bd9Sstevel@tonic-gate int tmp, i, j, ret;
457c478bd9Sstevel@tonic-gate char *cp;
467c478bd9Sstevel@tonic-gate
477c478bd9Sstevel@tonic-gate ret = 0;
487c478bd9Sstevel@tonic-gate hist->n_key_data = 1;
497c478bd9Sstevel@tonic-gate
507c478bd9Sstevel@tonic-gate hist->key_data = (krb5_key_data *) malloc(hist->n_key_data *
517c478bd9Sstevel@tonic-gate sizeof(krb5_key_data));
527c478bd9Sstevel@tonic-gate if (hist->key_data == NULL)
5356a424ccSmp153739 return ENOMEM;
547c478bd9Sstevel@tonic-gate memset(hist->key_data, 0, sizeof(krb5_key_data)*hist->n_key_data);
557c478bd9Sstevel@tonic-gate
567c478bd9Sstevel@tonic-gate for (i = 0; i < hist->n_key_data; i++) {
577c478bd9Sstevel@tonic-gate krb5_key_data *key_data = &hist->key_data[i];
587c478bd9Sstevel@tonic-gate
597c478bd9Sstevel@tonic-gate key_data->key_data_ver = 1;
607c478bd9Sstevel@tonic-gate
6156a424ccSmp153739 if((cp = nstrtok((char *) NULL, "\t")) == NULL) {
627c478bd9Sstevel@tonic-gate com_err(NULL, IMPORT_BAD_RECORD, "%s", current);
637c478bd9Sstevel@tonic-gate ret = IMPORT_FAILED;
647c478bd9Sstevel@tonic-gate goto done;
657c478bd9Sstevel@tonic-gate }
667c478bd9Sstevel@tonic-gate key_data->key_data_type[0] = atoi(cp);
677c478bd9Sstevel@tonic-gate
6856a424ccSmp153739 if((cp = nstrtok((char *) NULL, "\t")) == NULL) {
697c478bd9Sstevel@tonic-gate com_err(NULL, IMPORT_BAD_RECORD, "%s", current);
707c478bd9Sstevel@tonic-gate ret = IMPORT_FAILED;
717c478bd9Sstevel@tonic-gate goto done;
727c478bd9Sstevel@tonic-gate }
737c478bd9Sstevel@tonic-gate key_data->key_data_length[0] = atoi(cp);
747c478bd9Sstevel@tonic-gate
7556a424ccSmp153739 if((cp = nstrtok((char *) NULL, "\t")) == NULL) {
767c478bd9Sstevel@tonic-gate com_err(NULL, IMPORT_BAD_RECORD, "%s", current);
777c478bd9Sstevel@tonic-gate ret = IMPORT_FAILED;
787c478bd9Sstevel@tonic-gate goto done;
797c478bd9Sstevel@tonic-gate }
8056a424ccSmp153739 if(!(key_data->key_data_contents[0] =
8156a424ccSmp153739 (krb5_octet *) malloc(key_data->key_data_length[0]+1))) {
827c478bd9Sstevel@tonic-gate ret = ENOMEM;
837c478bd9Sstevel@tonic-gate goto done;
847c478bd9Sstevel@tonic-gate }
857c478bd9Sstevel@tonic-gate for(j = 0; j < key_data->key_data_length[0]; j++) {
867c478bd9Sstevel@tonic-gate if(sscanf(cp, "%02x", &tmp) != 1) {
877c478bd9Sstevel@tonic-gate com_err(NULL, IMPORT_BAD_RECORD, "%s", current);
887c478bd9Sstevel@tonic-gate ret = IMPORT_FAILED;
897c478bd9Sstevel@tonic-gate goto done;
907c478bd9Sstevel@tonic-gate }
917c478bd9Sstevel@tonic-gate key_data->key_data_contents[0][j] = tmp;
927c478bd9Sstevel@tonic-gate cp = strchr(cp, ' ') + 1;
937c478bd9Sstevel@tonic-gate }
947c478bd9Sstevel@tonic-gate }
957c478bd9Sstevel@tonic-gate
967c478bd9Sstevel@tonic-gate done:
9756a424ccSmp153739 return ret;
987c478bd9Sstevel@tonic-gate }
997c478bd9Sstevel@tonic-gate
1007c478bd9Sstevel@tonic-gate /*
1017c478bd9Sstevel@tonic-gate * Function: parse_principal
1027c478bd9Sstevel@tonic-gate *
1037c478bd9Sstevel@tonic-gate * Purpose: parse principal line in db dump file
1047c478bd9Sstevel@tonic-gate *
1057c478bd9Sstevel@tonic-gate * Arguments:
10656a424ccSmp153739 * <return value> 0 on success, error code on failure
1077c478bd9Sstevel@tonic-gate *
1087c478bd9Sstevel@tonic-gate * Requires:
1097c478bd9Sstevel@tonic-gate * principal database to be opened.
11056a424ccSmp153739 * nstrtok(3) to have a valid buffer in memory.
1117c478bd9Sstevel@tonic-gate *
1127c478bd9Sstevel@tonic-gate * Effects:
1137c478bd9Sstevel@tonic-gate * [effects]
1147c478bd9Sstevel@tonic-gate *
1157c478bd9Sstevel@tonic-gate * Modifies:
1167c478bd9Sstevel@tonic-gate * [modifies]
1177c478bd9Sstevel@tonic-gate *
1187c478bd9Sstevel@tonic-gate */
process_ov_principal(fname,kcontext,filep,verbose,linenop)119*54925bf6Swillf int process_ov_principal(fname, kcontext, filep, verbose, linenop)
1207c478bd9Sstevel@tonic-gate char *fname;
1217c478bd9Sstevel@tonic-gate krb5_context kcontext;
1227c478bd9Sstevel@tonic-gate FILE *filep;
1237c478bd9Sstevel@tonic-gate int verbose;
1247c478bd9Sstevel@tonic-gate int *linenop;
1257c478bd9Sstevel@tonic-gate {
1267c478bd9Sstevel@tonic-gate XDR xdrs;
1277c478bd9Sstevel@tonic-gate osa_princ_ent_t rec;
128*54925bf6Swillf krb5_error_code ret;
1297c478bd9Sstevel@tonic-gate krb5_tl_data tl_data;
1307c478bd9Sstevel@tonic-gate krb5_principal princ;
1317c478bd9Sstevel@tonic-gate krb5_db_entry kdb;
1327c478bd9Sstevel@tonic-gate char *current;
1337c478bd9Sstevel@tonic-gate char *cp;
13456a424ccSmp153739 int x, one;
13556a424ccSmp153739 krb5_boolean more;
1367c478bd9Sstevel@tonic-gate char line[LINESIZE];
1377c478bd9Sstevel@tonic-gate
1387c478bd9Sstevel@tonic-gate if (fgets(line, LINESIZE, filep) == (char *) NULL) {
13956a424ccSmp153739 return IMPORT_BAD_FILE;
1407c478bd9Sstevel@tonic-gate }
14156a424ccSmp153739 if((cp = nstrtok(line, "\t")) == NULL)
14256a424ccSmp153739 return IMPORT_BAD_FILE;
14356a424ccSmp153739 if((rec = (osa_princ_ent_t) malloc(sizeof(osa_princ_ent_rec))) == NULL)
14456a424ccSmp153739 return ENOMEM;
1457c478bd9Sstevel@tonic-gate memset(rec, 0, sizeof(osa_princ_ent_rec));
1467c478bd9Sstevel@tonic-gate if((ret = krb5_parse_name(kcontext, cp, &princ)))
1477c478bd9Sstevel@tonic-gate goto done;
1487c478bd9Sstevel@tonic-gate krb5_unparse_name(kcontext, princ, ¤t);
14956a424ccSmp153739 if((cp = nstrtok((char *) NULL, "\t")) == NULL) {
1507c478bd9Sstevel@tonic-gate com_err(NULL, IMPORT_BAD_RECORD, "%s", current);
1517c478bd9Sstevel@tonic-gate ret = IMPORT_FAILED;
1527c478bd9Sstevel@tonic-gate goto done;
1537c478bd9Sstevel@tonic-gate } else {
1547c478bd9Sstevel@tonic-gate if(strcmp(cp, "")) {
15556a424ccSmp153739 if((rec->policy = (char *) malloc(strlen(cp)+1)) == NULL) {
1567c478bd9Sstevel@tonic-gate ret = ENOMEM;
1577c478bd9Sstevel@tonic-gate goto done;
1587c478bd9Sstevel@tonic-gate }
1597c478bd9Sstevel@tonic-gate strcpy(rec->policy, cp);
16056a424ccSmp153739 } else rec->policy = NULL;
1617c478bd9Sstevel@tonic-gate }
16256a424ccSmp153739 if((cp = nstrtok((char *) NULL, "\t")) == NULL) {
1637c478bd9Sstevel@tonic-gate com_err(NULL, IMPORT_BAD_RECORD, "%s", current);
1647c478bd9Sstevel@tonic-gate ret = IMPORT_FAILED;
1657c478bd9Sstevel@tonic-gate goto done;
1667c478bd9Sstevel@tonic-gate }
1677c478bd9Sstevel@tonic-gate rec->aux_attributes = strtol(cp, (char **)NULL, 16);
16856a424ccSmp153739 if((cp = nstrtok((char *) NULL, "\t")) == NULL) {
1697c478bd9Sstevel@tonic-gate com_err(NULL, IMPORT_BAD_RECORD, "%s", current);
1707c478bd9Sstevel@tonic-gate ret = IMPORT_FAILED;
1717c478bd9Sstevel@tonic-gate goto done;
1727c478bd9Sstevel@tonic-gate }
1737c478bd9Sstevel@tonic-gate rec->old_key_len = atoi(cp);
17456a424ccSmp153739 if((cp = nstrtok((char *) NULL, "\t")) == NULL) {
1757c478bd9Sstevel@tonic-gate com_err(NULL, IMPORT_BAD_RECORD, "%s", current);
1767c478bd9Sstevel@tonic-gate ret = IMPORT_FAILED;
1777c478bd9Sstevel@tonic-gate goto done;
1787c478bd9Sstevel@tonic-gate }
1797c478bd9Sstevel@tonic-gate rec->old_key_next = atoi(cp);
18056a424ccSmp153739 if((cp = nstrtok((char *) NULL, "\t")) == NULL) {
1817c478bd9Sstevel@tonic-gate com_err(NULL, IMPORT_BAD_RECORD, "%s", current);
1827c478bd9Sstevel@tonic-gate ret = IMPORT_FAILED;
1837c478bd9Sstevel@tonic-gate goto done;
1847c478bd9Sstevel@tonic-gate }
1857c478bd9Sstevel@tonic-gate rec->admin_history_kvno = atoi(cp);
1867c478bd9Sstevel@tonic-gate if (! rec->old_key_len) {
1877c478bd9Sstevel@tonic-gate rec->old_keys = NULL;
1887c478bd9Sstevel@tonic-gate } else {
1897c478bd9Sstevel@tonic-gate if(!(rec->old_keys = (osa_pw_hist_ent *)
1907c478bd9Sstevel@tonic-gate malloc(sizeof(osa_pw_hist_ent) * rec->old_key_len))) {
1917c478bd9Sstevel@tonic-gate ret = ENOMEM;
1927c478bd9Sstevel@tonic-gate goto done;
1937c478bd9Sstevel@tonic-gate }
1947c478bd9Sstevel@tonic-gate memset(rec->old_keys,0,
1957c478bd9Sstevel@tonic-gate sizeof(osa_pw_hist_ent) * rec->old_key_len);
1967c478bd9Sstevel@tonic-gate for(x = 0; x < rec->old_key_len; x++)
1977c478bd9Sstevel@tonic-gate parse_pw_hist_ent(current, &rec->old_keys[x]);
1987c478bd9Sstevel@tonic-gate }
1997c478bd9Sstevel@tonic-gate
2007c478bd9Sstevel@tonic-gate xdralloc_create(&xdrs, XDR_ENCODE);
2017c478bd9Sstevel@tonic-gate if (! xdr_osa_princ_ent_rec(&xdrs, rec)) {
2027c478bd9Sstevel@tonic-gate xdr_destroy(&xdrs);
203*54925bf6Swillf ret = KADM5_XDR_FAILURE;
2047c478bd9Sstevel@tonic-gate goto done;
2057c478bd9Sstevel@tonic-gate }
20656a424ccSmp153739
2077c478bd9Sstevel@tonic-gate tl_data.tl_data_type = KRB5_TL_KADM_DATA;
2087c478bd9Sstevel@tonic-gate tl_data.tl_data_length = xdr_getpos(&xdrs);
2097c478bd9Sstevel@tonic-gate tl_data.tl_data_contents = (krb5_octet *) xdralloc_getdata(&xdrs);
2107c478bd9Sstevel@tonic-gate
2117c478bd9Sstevel@tonic-gate one = 1;
21256a424ccSmp153739 ret = krb5_db_get_principal(kcontext, princ, &kdb, &one, &more);
2137c478bd9Sstevel@tonic-gate if (ret)
2147c478bd9Sstevel@tonic-gate goto done;
2157c478bd9Sstevel@tonic-gate
21656a424ccSmp153739 ret = krb5_dbe_update_tl_data(kcontext, &kdb, &tl_data);
21756a424ccSmp153739 if (ret)
2187c478bd9Sstevel@tonic-gate goto done;
2197c478bd9Sstevel@tonic-gate
22056a424ccSmp153739 ret = krb5_db_put_principal(kcontext, &kdb, &one);
22156a424ccSmp153739 if (ret)
2227c478bd9Sstevel@tonic-gate goto done;
2237c478bd9Sstevel@tonic-gate
2247c478bd9Sstevel@tonic-gate xdr_destroy(&xdrs);
2257c478bd9Sstevel@tonic-gate
2267c478bd9Sstevel@tonic-gate (*linenop)++;
2277c478bd9Sstevel@tonic-gate
2287c478bd9Sstevel@tonic-gate done:
2297c478bd9Sstevel@tonic-gate free(current);
2307c478bd9Sstevel@tonic-gate krb5_free_principal(kcontext, princ);
2317c478bd9Sstevel@tonic-gate osa_free_princ_ent(rec);
23256a424ccSmp153739 return ret;
2337c478bd9Sstevel@tonic-gate }
234