17c478bd9Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI" 27c478bd9Sstevel@tonic-gate 37c478bd9Sstevel@tonic-gate /* 47c478bd9Sstevel@tonic-gate * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING 57c478bd9Sstevel@tonic-gate * 67c478bd9Sstevel@tonic-gate * Openvision retains the copyright to derivative works of 77c478bd9Sstevel@tonic-gate * this source code. Do *NOT* create a derivative of this 87c478bd9Sstevel@tonic-gate * source code before consulting with your legal department. 97c478bd9Sstevel@tonic-gate * Do *NOT* integrate *ANY* of this source code into another 107c478bd9Sstevel@tonic-gate * product before consulting with your legal department. 117c478bd9Sstevel@tonic-gate * 127c478bd9Sstevel@tonic-gate * For further information, read the top-level Openvision 137c478bd9Sstevel@tonic-gate * copyright which is contained in the top-level MIT Kerberos 147c478bd9Sstevel@tonic-gate * copyright. 157c478bd9Sstevel@tonic-gate * 167c478bd9Sstevel@tonic-gate * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING 177c478bd9Sstevel@tonic-gate * 187c478bd9Sstevel@tonic-gate */ 197c478bd9Sstevel@tonic-gate 207c478bd9Sstevel@tonic-gate 217c478bd9Sstevel@tonic-gate #include <unistd.h> 227c478bd9Sstevel@tonic-gate #include <string.h> 237c478bd9Sstevel@tonic-gate #include <stdlib.h> 24*54925bf6Swillf #include "autoconf.h" 2556a424ccSmp153739 #ifdef HAVE_MEMORY_H 267c478bd9Sstevel@tonic-gate #include <memory.h> 2756a424ccSmp153739 #endif 287c478bd9Sstevel@tonic-gate 29*54925bf6Swillf #include <k5-int.h> 30*54925bf6Swillf #include <kadm5/admin.h> 31*54925bf6Swillf #include <kadm5/server_internal.h> 32*54925bf6Swillf #include <kdb.h> 337c478bd9Sstevel@tonic-gate #include "import_err.h" 3456a424ccSmp153739 #include "kdb5_util.h" 3556a424ccSmp153739 #include "nstrtok.h" 367c478bd9Sstevel@tonic-gate 377c478bd9Sstevel@tonic-gate #define LINESIZE 32768 /* XXX */ 3856a424ccSmp153739 #define PLURAL(count) (((count) == 1) ? error_message(IMPORT_SINGLE_RECORD) : error_message(IMPORT_PLURAL_RECORDS)) 397c478bd9Sstevel@tonic-gate 4056a424ccSmp153739 static int parse_pw_hist_ent(current, hist) 417c478bd9Sstevel@tonic-gate char *current; 427c478bd9Sstevel@tonic-gate osa_pw_hist_ent *hist; 437c478bd9Sstevel@tonic-gate { 447c478bd9Sstevel@tonic-gate int tmp, i, j, ret; 457c478bd9Sstevel@tonic-gate char *cp; 467c478bd9Sstevel@tonic-gate 477c478bd9Sstevel@tonic-gate ret = 0; 487c478bd9Sstevel@tonic-gate hist->n_key_data = 1; 497c478bd9Sstevel@tonic-gate 507c478bd9Sstevel@tonic-gate hist->key_data = (krb5_key_data *) malloc(hist->n_key_data * 517c478bd9Sstevel@tonic-gate sizeof(krb5_key_data)); 527c478bd9Sstevel@tonic-gate if (hist->key_data == NULL) 5356a424ccSmp153739 return ENOMEM; 547c478bd9Sstevel@tonic-gate memset(hist->key_data, 0, sizeof(krb5_key_data)*hist->n_key_data); 557c478bd9Sstevel@tonic-gate 567c478bd9Sstevel@tonic-gate for (i = 0; i < hist->n_key_data; i++) { 577c478bd9Sstevel@tonic-gate krb5_key_data *key_data = &hist->key_data[i]; 587c478bd9Sstevel@tonic-gate 597c478bd9Sstevel@tonic-gate key_data->key_data_ver = 1; 607c478bd9Sstevel@tonic-gate 6156a424ccSmp153739 if((cp = nstrtok((char *) NULL, "\t")) == NULL) { 627c478bd9Sstevel@tonic-gate com_err(NULL, IMPORT_BAD_RECORD, "%s", current); 637c478bd9Sstevel@tonic-gate ret = IMPORT_FAILED; 647c478bd9Sstevel@tonic-gate goto done; 657c478bd9Sstevel@tonic-gate } 667c478bd9Sstevel@tonic-gate key_data->key_data_type[0] = atoi(cp); 677c478bd9Sstevel@tonic-gate 6856a424ccSmp153739 if((cp = nstrtok((char *) NULL, "\t")) == NULL) { 697c478bd9Sstevel@tonic-gate com_err(NULL, IMPORT_BAD_RECORD, "%s", current); 707c478bd9Sstevel@tonic-gate ret = IMPORT_FAILED; 717c478bd9Sstevel@tonic-gate goto done; 727c478bd9Sstevel@tonic-gate } 737c478bd9Sstevel@tonic-gate key_data->key_data_length[0] = atoi(cp); 747c478bd9Sstevel@tonic-gate 7556a424ccSmp153739 if((cp = nstrtok((char *) NULL, "\t")) == NULL) { 767c478bd9Sstevel@tonic-gate com_err(NULL, IMPORT_BAD_RECORD, "%s", current); 777c478bd9Sstevel@tonic-gate ret = IMPORT_FAILED; 787c478bd9Sstevel@tonic-gate goto done; 797c478bd9Sstevel@tonic-gate } 8056a424ccSmp153739 if(!(key_data->key_data_contents[0] = 8156a424ccSmp153739 (krb5_octet *) malloc(key_data->key_data_length[0]+1))) { 827c478bd9Sstevel@tonic-gate ret = ENOMEM; 837c478bd9Sstevel@tonic-gate goto done; 847c478bd9Sstevel@tonic-gate } 857c478bd9Sstevel@tonic-gate for(j = 0; j < key_data->key_data_length[0]; j++) { 867c478bd9Sstevel@tonic-gate if(sscanf(cp, "%02x", &tmp) != 1) { 877c478bd9Sstevel@tonic-gate com_err(NULL, IMPORT_BAD_RECORD, "%s", current); 887c478bd9Sstevel@tonic-gate ret = IMPORT_FAILED; 897c478bd9Sstevel@tonic-gate goto done; 907c478bd9Sstevel@tonic-gate } 917c478bd9Sstevel@tonic-gate key_data->key_data_contents[0][j] = tmp; 927c478bd9Sstevel@tonic-gate cp = strchr(cp, ' ') + 1; 937c478bd9Sstevel@tonic-gate } 947c478bd9Sstevel@tonic-gate } 957c478bd9Sstevel@tonic-gate 967c478bd9Sstevel@tonic-gate done: 9756a424ccSmp153739 return ret; 987c478bd9Sstevel@tonic-gate } 997c478bd9Sstevel@tonic-gate 1007c478bd9Sstevel@tonic-gate /* 1017c478bd9Sstevel@tonic-gate * Function: parse_principal 1027c478bd9Sstevel@tonic-gate * 1037c478bd9Sstevel@tonic-gate * Purpose: parse principal line in db dump file 1047c478bd9Sstevel@tonic-gate * 1057c478bd9Sstevel@tonic-gate * Arguments: 10656a424ccSmp153739 * <return value> 0 on success, error code on failure 1077c478bd9Sstevel@tonic-gate * 1087c478bd9Sstevel@tonic-gate * Requires: 1097c478bd9Sstevel@tonic-gate * principal database to be opened. 11056a424ccSmp153739 * nstrtok(3) to have a valid buffer in memory. 1117c478bd9Sstevel@tonic-gate * 1127c478bd9Sstevel@tonic-gate * Effects: 1137c478bd9Sstevel@tonic-gate * [effects] 1147c478bd9Sstevel@tonic-gate * 1157c478bd9Sstevel@tonic-gate * Modifies: 1167c478bd9Sstevel@tonic-gate * [modifies] 1177c478bd9Sstevel@tonic-gate * 1187c478bd9Sstevel@tonic-gate */ 119*54925bf6Swillf int process_ov_principal(fname, kcontext, filep, verbose, linenop) 1207c478bd9Sstevel@tonic-gate char *fname; 1217c478bd9Sstevel@tonic-gate krb5_context kcontext; 1227c478bd9Sstevel@tonic-gate FILE *filep; 1237c478bd9Sstevel@tonic-gate int verbose; 1247c478bd9Sstevel@tonic-gate int *linenop; 1257c478bd9Sstevel@tonic-gate { 1267c478bd9Sstevel@tonic-gate XDR xdrs; 1277c478bd9Sstevel@tonic-gate osa_princ_ent_t rec; 128*54925bf6Swillf krb5_error_code ret; 1297c478bd9Sstevel@tonic-gate krb5_tl_data tl_data; 1307c478bd9Sstevel@tonic-gate krb5_principal princ; 1317c478bd9Sstevel@tonic-gate krb5_db_entry kdb; 1327c478bd9Sstevel@tonic-gate char *current; 1337c478bd9Sstevel@tonic-gate char *cp; 13456a424ccSmp153739 int x, one; 13556a424ccSmp153739 krb5_boolean more; 1367c478bd9Sstevel@tonic-gate char line[LINESIZE]; 1377c478bd9Sstevel@tonic-gate 1387c478bd9Sstevel@tonic-gate if (fgets(line, LINESIZE, filep) == (char *) NULL) { 13956a424ccSmp153739 return IMPORT_BAD_FILE; 1407c478bd9Sstevel@tonic-gate } 14156a424ccSmp153739 if((cp = nstrtok(line, "\t")) == NULL) 14256a424ccSmp153739 return IMPORT_BAD_FILE; 14356a424ccSmp153739 if((rec = (osa_princ_ent_t) malloc(sizeof(osa_princ_ent_rec))) == NULL) 14456a424ccSmp153739 return ENOMEM; 1457c478bd9Sstevel@tonic-gate memset(rec, 0, sizeof(osa_princ_ent_rec)); 1467c478bd9Sstevel@tonic-gate if((ret = krb5_parse_name(kcontext, cp, &princ))) 1477c478bd9Sstevel@tonic-gate goto done; 1487c478bd9Sstevel@tonic-gate krb5_unparse_name(kcontext, princ, ¤t); 14956a424ccSmp153739 if((cp = nstrtok((char *) NULL, "\t")) == NULL) { 1507c478bd9Sstevel@tonic-gate com_err(NULL, IMPORT_BAD_RECORD, "%s", current); 1517c478bd9Sstevel@tonic-gate ret = IMPORT_FAILED; 1527c478bd9Sstevel@tonic-gate goto done; 1537c478bd9Sstevel@tonic-gate } else { 1547c478bd9Sstevel@tonic-gate if(strcmp(cp, "")) { 15556a424ccSmp153739 if((rec->policy = (char *) malloc(strlen(cp)+1)) == NULL) { 1567c478bd9Sstevel@tonic-gate ret = ENOMEM; 1577c478bd9Sstevel@tonic-gate goto done; 1587c478bd9Sstevel@tonic-gate } 1597c478bd9Sstevel@tonic-gate strcpy(rec->policy, cp); 16056a424ccSmp153739 } else rec->policy = NULL; 1617c478bd9Sstevel@tonic-gate } 16256a424ccSmp153739 if((cp = nstrtok((char *) NULL, "\t")) == NULL) { 1637c478bd9Sstevel@tonic-gate com_err(NULL, IMPORT_BAD_RECORD, "%s", current); 1647c478bd9Sstevel@tonic-gate ret = IMPORT_FAILED; 1657c478bd9Sstevel@tonic-gate goto done; 1667c478bd9Sstevel@tonic-gate } 1677c478bd9Sstevel@tonic-gate rec->aux_attributes = strtol(cp, (char **)NULL, 16); 16856a424ccSmp153739 if((cp = nstrtok((char *) NULL, "\t")) == NULL) { 1697c478bd9Sstevel@tonic-gate com_err(NULL, IMPORT_BAD_RECORD, "%s", current); 1707c478bd9Sstevel@tonic-gate ret = IMPORT_FAILED; 1717c478bd9Sstevel@tonic-gate goto done; 1727c478bd9Sstevel@tonic-gate } 1737c478bd9Sstevel@tonic-gate rec->old_key_len = atoi(cp); 17456a424ccSmp153739 if((cp = nstrtok((char *) NULL, "\t")) == NULL) { 1757c478bd9Sstevel@tonic-gate com_err(NULL, IMPORT_BAD_RECORD, "%s", current); 1767c478bd9Sstevel@tonic-gate ret = IMPORT_FAILED; 1777c478bd9Sstevel@tonic-gate goto done; 1787c478bd9Sstevel@tonic-gate } 1797c478bd9Sstevel@tonic-gate rec->old_key_next = atoi(cp); 18056a424ccSmp153739 if((cp = nstrtok((char *) NULL, "\t")) == NULL) { 1817c478bd9Sstevel@tonic-gate com_err(NULL, IMPORT_BAD_RECORD, "%s", current); 1827c478bd9Sstevel@tonic-gate ret = IMPORT_FAILED; 1837c478bd9Sstevel@tonic-gate goto done; 1847c478bd9Sstevel@tonic-gate } 1857c478bd9Sstevel@tonic-gate rec->admin_history_kvno = atoi(cp); 1867c478bd9Sstevel@tonic-gate if (! rec->old_key_len) { 1877c478bd9Sstevel@tonic-gate rec->old_keys = NULL; 1887c478bd9Sstevel@tonic-gate } else { 1897c478bd9Sstevel@tonic-gate if(!(rec->old_keys = (osa_pw_hist_ent *) 1907c478bd9Sstevel@tonic-gate malloc(sizeof(osa_pw_hist_ent) * rec->old_key_len))) { 1917c478bd9Sstevel@tonic-gate ret = ENOMEM; 1927c478bd9Sstevel@tonic-gate goto done; 1937c478bd9Sstevel@tonic-gate } 1947c478bd9Sstevel@tonic-gate memset(rec->old_keys,0, 1957c478bd9Sstevel@tonic-gate sizeof(osa_pw_hist_ent) * rec->old_key_len); 1967c478bd9Sstevel@tonic-gate for(x = 0; x < rec->old_key_len; x++) 1977c478bd9Sstevel@tonic-gate parse_pw_hist_ent(current, &rec->old_keys[x]); 1987c478bd9Sstevel@tonic-gate } 1997c478bd9Sstevel@tonic-gate 2007c478bd9Sstevel@tonic-gate xdralloc_create(&xdrs, XDR_ENCODE); 2017c478bd9Sstevel@tonic-gate if (! xdr_osa_princ_ent_rec(&xdrs, rec)) { 2027c478bd9Sstevel@tonic-gate xdr_destroy(&xdrs); 203*54925bf6Swillf ret = KADM5_XDR_FAILURE; 2047c478bd9Sstevel@tonic-gate goto done; 2057c478bd9Sstevel@tonic-gate } 20656a424ccSmp153739 2077c478bd9Sstevel@tonic-gate tl_data.tl_data_type = KRB5_TL_KADM_DATA; 2087c478bd9Sstevel@tonic-gate tl_data.tl_data_length = xdr_getpos(&xdrs); 2097c478bd9Sstevel@tonic-gate tl_data.tl_data_contents = (krb5_octet *) xdralloc_getdata(&xdrs); 2107c478bd9Sstevel@tonic-gate 2117c478bd9Sstevel@tonic-gate one = 1; 21256a424ccSmp153739 ret = krb5_db_get_principal(kcontext, princ, &kdb, &one, &more); 2137c478bd9Sstevel@tonic-gate if (ret) 2147c478bd9Sstevel@tonic-gate goto done; 2157c478bd9Sstevel@tonic-gate 21656a424ccSmp153739 ret = krb5_dbe_update_tl_data(kcontext, &kdb, &tl_data); 21756a424ccSmp153739 if (ret) 2187c478bd9Sstevel@tonic-gate goto done; 2197c478bd9Sstevel@tonic-gate 22056a424ccSmp153739 ret = krb5_db_put_principal(kcontext, &kdb, &one); 22156a424ccSmp153739 if (ret) 2227c478bd9Sstevel@tonic-gate goto done; 2237c478bd9Sstevel@tonic-gate 2247c478bd9Sstevel@tonic-gate xdr_destroy(&xdrs); 2257c478bd9Sstevel@tonic-gate 2267c478bd9Sstevel@tonic-gate (*linenop)++; 2277c478bd9Sstevel@tonic-gate 2287c478bd9Sstevel@tonic-gate done: 2297c478bd9Sstevel@tonic-gate free(current); 2307c478bd9Sstevel@tonic-gate krb5_free_principal(kcontext, princ); 2317c478bd9Sstevel@tonic-gate osa_free_princ_ent(rec); 23256a424ccSmp153739 return ret; 2337c478bd9Sstevel@tonic-gate } 234