usr/src/cmd/krb5/kadmin/server/misc.c

   1 /*
   2  * Copyright (c) 2001, 2010, Oracle and/or its affiliates. All rights reserved.
   3  */
   4
   5 /*
   6  * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
   7  *
   8  *      Openvision retains the copyright to derivative works of
   9  *      this source code.  Do *NOT* create a derivative of this
  10  *      source code before consulting with your legal department.
  11  *      Do *NOT* integrate *ANY* of this source code into another
  12  *      product before consulting with your legal department.
  13  *
  14  *      For further information, read the top-level Openvision
  15  *      copyright which is contained in the top-level MIT Kerberos
  16  *      copyright.
  17  *
  18  * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
  19  *
  20  */
  21
  22 /*
  23  * Copyright 1993 OpenVision Technologies, Inc., All Rights Reserved
  24  *
  25  */
  26
  27 #include    <k5-int.h>
  28 #include    <krb5/kdb.h>
  29 #include    <kadm5/server_internal.h>
  30 #include    <kadm5/admin.h>
  31 #include    "misc.h"
  32
  33 /*
  34  * Function: chpass_principal_wrapper_3
  35  *
  36  * Purpose: wrapper to kadm5_chpass_principal that checks to see if
  37  *          pw_min_life has been reached. if not it returns an error.
  38  *          otherwise it calls kadm5_chpass_principal
  39  *
  40  * Arguments:
  41  *      principal       (input) krb5_principals whose password we are
  42  *                              changing
  43  *      keepold         (input) whether to preserve old keys
  44  *      n_ks_tuple      (input) the number of key-salt tuples in ks_tuple
  45  *      ks_tuple        (input) array of tuples indicating the caller's
  46  *                              requested enctypes/salttypes
  47  *      password        (input) password we are going to change to.
  48  *      <return value>  0 on success error code on failure.
  49  *
  50  * Requires:
  51  *      kadm5_init to have been run.
  52  *
  53  * Effects:
  54  *      calls kadm5_chpass_principal which changes the kdb and the
  55  *      the admin db.
  56  *
  57  */
  58 kadm5_ret_t
  59 chpass_principal_wrapper_3(void *server_handle,
  60                            krb5_principal principal,
  61                            krb5_boolean keepold,
  62                            int n_ks_tuple,
  63                            krb5_key_salt_tuple *ks_tuple,
  64                            char *password)
  65 {
  66     kadm5_ret_t                 ret;
  67
  68     /* Solaris Kerberos */
  69     ret = kadm5_check_min_life(server_handle, principal, NULL, 0);
  70     if (ret)
  71          return ret;
  72
  73     return kadm5_chpass_principal_3(server_handle, principal,
  74                                     keepold, n_ks_tuple, ks_tuple,
  75                                     password);
  76 }
  77
  78
  79 /*
  80  * Function: randkey_principal_wrapper_3
  81  *
  82  * Purpose: wrapper to kadm5_randkey_principal which checks the
  83  *          password's min. life.
  84  *
  85  * Arguments:
  86  *      principal           (input) krb5_principal whose password we are
  87  *                                  changing
  88  *      keepold         (input) whether to preserve old keys
  89  *      n_ks_tuple      (input) the number of key-salt tuples in ks_tuple
  90  *      ks_tuple        (input) array of tuples indicating the caller's
  91  *                              requested enctypes/salttypes
  92  *      key                 (output) new random key
  93  *      <return value>      0, error code on error.
  94  *
  95  * Requires:
  96  *      kadm5_init       needs to be run
  97  *
  98  * Effects:
  99  *      calls kadm5_randkey_principal
 100  *
 101  */
 102 kadm5_ret_t
 103 randkey_principal_wrapper_3(void *server_handle,
 104                             krb5_principal principal,
 105                             krb5_boolean keepold,
 106                             int n_ks_tuple,
 107                             krb5_key_salt_tuple *ks_tuple,
 108                             krb5_keyblock **keys, int *n_keys)
 109 {
 110     kadm5_ret_t                 ret;
 111
 112     /* Solaris Kerberos */
 113     ret = kadm5_check_min_life(server_handle, principal, NULL, 0);
 114     if (ret)
 115          return ret;
 116     return kadm5_randkey_principal_3(server_handle, principal,
 117                                      keepold, n_ks_tuple, ks_tuple,
 118                                      keys, n_keys);
 119 }
 120
 121 kadm5_ret_t
 122 schpw_util_wrapper(void *server_handle, krb5_principal princ,
 123                    char *new_pw, char **ret_pw,
 124                    char *msg_ret, unsigned int msg_len)
 125 {
 126     kadm5_ret_t ret;
 127
 128     /* Solaris Kerberos */
 129     ret = kadm5_check_min_life(server_handle, princ, msg_ret, msg_len);
 130     if (ret)
 131         return ret;
 132
 133     return kadm5_chpass_principal_util(server_handle, princ,
 134                                        new_pw, ret_pw,
 135                                        msg_ret, msg_len);
 136 }
 137
 138 kadm5_ret_t
 139 randkey_principal_wrapper(void *server_handle, krb5_principal princ,
 140                           krb5_keyblock ** keys, int *n_keys)
 141 {
 142     kadm5_ret_t ret;
 143
 144     /* Solaris Kerberos */
 145     ret = kadm5_check_min_life(server_handle, princ, NULL, 0);
 146         if (ret)
 147             return ret;
 148
 149     return kadm5_randkey_principal(server_handle, princ, keys, n_keys);
 150 }