source-git / krb5

Clone
Source Code
GIT

Blame src/lib/kadm5/str_conv.c

c8 c8s master
  1.   c8s
  2.   src
  3.   lib
  4.   kadm5
  5.   str_conv.c
Blob History Raw
Packit fd8b60 
/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
Packit fd8b60 
/* lib/kadm5/str_conv.c */
Packit fd8b60 
/*
Packit fd8b60 
 * Copyright (C) 1995-2015 by the Massachusetts Institute of Technology.
Packit fd8b60 
 * All rights reserved.
Packit fd8b60 
 *
Packit fd8b60 
 * Redistribution and use in source and binary forms, with or without
Packit fd8b60 
 * modification, are permitted provided that the following conditions
Packit fd8b60 
 * are met:
Packit fd8b60 
 *
Packit fd8b60 
 * * Redistributions of source code must retain the above copyright
Packit fd8b60 
 *   notice, this list of conditions and the following disclaimer.
Packit fd8b60 
 *
Packit fd8b60 
 * * Redistributions in binary form must reproduce the above copyright
Packit fd8b60 
 *   notice, this list of conditions and the following disclaimer in
Packit fd8b60 
 *   the documentation and/or other materials provided with the
Packit fd8b60 
 *   distribution.
Packit fd8b60 
 *
Packit fd8b60 
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
Packit fd8b60 
 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
Packit fd8b60 
 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
Packit fd8b60 
 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
Packit fd8b60 
 * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
Packit fd8b60 
 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
Packit fd8b60 
 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
Packit fd8b60 
 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
Packit fd8b60 
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
Packit fd8b60 
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
Packit fd8b60 
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
Packit fd8b60 
 * OF THE POSSIBILITY OF SUCH DAMAGE.
Packit fd8b60 
 */
Packit fd8b60
Packit fd8b60 
/* Convert between strings and Kerberos internal data. */
Packit fd8b60
Packit fd8b60 
#include "k5-int.h"
Packit fd8b60 
#include "admin_internal.h"
Packit fd8b60 
#include "adm_proto.h"
Packit fd8b60
Packit fd8b60 
#include <ctype.h>
Packit fd8b60
Packit fd8b60 
static const char default_tupleseps[]   = ", \t";
Packit fd8b60 
static const char default_ksaltseps[]   = ":";
Packit fd8b60
Packit fd8b60 
struct flag_table_row {
Packit fd8b60 
    const char *spec;           /* Input specifier string */
Packit fd8b60 
    krb5_flags flag;            /* Flag */
Packit fd8b60 
    int invert;                 /* Whether to invert the sense */
Packit fd8b60 
};
Packit fd8b60
Packit fd8b60 
static const struct flag_table_row ftbl[] = {
Packit fd8b60 
    {"allow_postdated",         KRB5_KDB_DISALLOW_POSTDATED,    1},
Packit fd8b60 
    {"postdateable",            KRB5_KDB_DISALLOW_POSTDATED,    1},
Packit fd8b60 
    {"disallow_postdated",      KRB5_KDB_DISALLOW_POSTDATED,    0},
Packit fd8b60 
    {"allow_forwardable",       KRB5_KDB_DISALLOW_FORWARDABLE,  1},
Packit fd8b60 
    {"forwardable",             KRB5_KDB_DISALLOW_FORWARDABLE,  1},
Packit fd8b60 
    {"disallow_forwardable",    KRB5_KDB_DISALLOW_FORWARDABLE,  0},
Packit fd8b60 
    {"allow_tgs_req",           KRB5_KDB_DISALLOW_TGT_BASED,    1},
Packit fd8b60 
    {"tgt_based",               KRB5_KDB_DISALLOW_TGT_BASED,    1},
Packit fd8b60 
    {"disallow_tgt_based",      KRB5_KDB_DISALLOW_TGT_BASED,    0},
Packit fd8b60 
    {"allow_renewable",         KRB5_KDB_DISALLOW_RENEWABLE,    1},
Packit fd8b60 
    {"renewable",               KRB5_KDB_DISALLOW_RENEWABLE,    1},
Packit fd8b60 
    {"disallow_renewable",      KRB5_KDB_DISALLOW_RENEWABLE,    0},
Packit fd8b60 
    {"allow_proxiable",         KRB5_KDB_DISALLOW_PROXIABLE,    1},
Packit fd8b60 
    {"proxiable",               KRB5_KDB_DISALLOW_PROXIABLE,    1},
Packit fd8b60 
    {"disallow_proxiable",      KRB5_KDB_DISALLOW_PROXIABLE,    0},
Packit fd8b60 
    {"allow_dup_skey",          KRB5_KDB_DISALLOW_DUP_SKEY,     1},
Packit fd8b60 
    {"dup_skey",                KRB5_KDB_DISALLOW_DUP_SKEY,     1},
Packit fd8b60 
    {"disallow_dup_skey",       KRB5_KDB_DISALLOW_DUP_SKEY,     0},
Packit fd8b60 
    {"allow_tickets",           KRB5_KDB_DISALLOW_ALL_TIX,      1},
Packit fd8b60 
    {"allow_tix",               KRB5_KDB_DISALLOW_ALL_TIX,      1},
Packit fd8b60 
    {"disallow_all_tix",        KRB5_KDB_DISALLOW_ALL_TIX,      0},
Packit fd8b60 
    {"preauth",                 KRB5_KDB_REQUIRES_PRE_AUTH,     0},
Packit fd8b60 
    {"requires_pre_auth",       KRB5_KDB_REQUIRES_PRE_AUTH,     0},
Packit fd8b60 
    {"requires_preauth",        KRB5_KDB_REQUIRES_PRE_AUTH,     0},
Packit fd8b60 
    {"hwauth",                  KRB5_KDB_REQUIRES_HW_AUTH,      0},
Packit fd8b60 
    {"requires_hw_auth",        KRB5_KDB_REQUIRES_HW_AUTH,      0},
Packit fd8b60 
    {"requires_hwauth",         KRB5_KDB_REQUIRES_HW_AUTH,      0},
Packit fd8b60 
    {"needchange",              KRB5_KDB_REQUIRES_PWCHANGE,     0},
Packit fd8b60 
    {"pwchange",                KRB5_KDB_REQUIRES_PWCHANGE,     0},
Packit fd8b60 
    {"requires_pwchange",       KRB5_KDB_REQUIRES_PWCHANGE,     0},
Packit fd8b60 
    {"allow_svr",               KRB5_KDB_DISALLOW_SVR,          1},
Packit fd8b60 
    {"service",                 KRB5_KDB_DISALLOW_SVR,          1},
Packit fd8b60 
    {"disallow_svr",            KRB5_KDB_DISALLOW_SVR,          0},
Packit fd8b60 
    {"password_changing_service", KRB5_KDB_PWCHANGE_SERVICE,    0},
Packit fd8b60 
    {"pwchange_service",        KRB5_KDB_PWCHANGE_SERVICE,      0},
Packit fd8b60 
    {"pwservice",               KRB5_KDB_PWCHANGE_SERVICE,      0},
Packit fd8b60 
    {"md5",                     KRB5_KDB_SUPPORT_DESMD5,        0},
Packit fd8b60 
    {"support_desmd5",          KRB5_KDB_SUPPORT_DESMD5,        0},
Packit fd8b60 
    {"new_princ",               KRB5_KDB_NEW_PRINC,             0},
Packit fd8b60 
    {"ok_as_delegate",          KRB5_KDB_OK_AS_DELEGATE,        0},
Packit fd8b60 
    {"ok_to_auth_as_delegate",  KRB5_KDB_OK_TO_AUTH_AS_DELEGATE, 0},
Packit fd8b60 
    {"no_auth_data_required",   KRB5_KDB_NO_AUTH_DATA_REQUIRED, 0},
Packit fd8b60 
    {"lockdown_keys",           KRB5_KDB_LOCKDOWN_KEYS,         0},
Packit fd8b60 
};
Packit fd8b60 
#define NFTBL (sizeof(ftbl) / sizeof(ftbl[0]))
Packit fd8b60
Packit fd8b60 
static const char *outflags[] = {
Packit fd8b60 
    "DISALLOW_POSTDATED",       /* 0x00000001 */
Packit fd8b60 
    "DISALLOW_FORWARDABLE",     /* 0x00000002 */
Packit fd8b60 
    "DISALLOW_TGT_BASED",       /* 0x00000004 */
Packit fd8b60 
    "DISALLOW_RENEWABLE",       /* 0x00000008 */
Packit fd8b60 
    "DISALLOW_PROXIABLE",       /* 0x00000010 */
Packit fd8b60 
    "DISALLOW_DUP_SKEY",        /* 0x00000020 */
Packit fd8b60 
    "DISALLOW_ALL_TIX",         /* 0x00000040 */
Packit fd8b60 
    "REQUIRES_PRE_AUTH",        /* 0x00000080 */
Packit fd8b60 
    "REQUIRES_HW_AUTH",         /* 0x00000100 */
Packit fd8b60 
    "REQUIRES_PWCHANGE",        /* 0x00000200 */
Packit fd8b60 
    NULL,                       /* 0x00000400 */
Packit fd8b60 
    NULL,                       /* 0x00000800 */
Packit fd8b60 
    "DISALLOW_SVR",             /* 0x00001000 */
Packit fd8b60 
    "PWCHANGE_SERVICE",         /* 0x00002000 */
Packit fd8b60 
    "SUPPORT_DESMD5",           /* 0x00004000 */
Packit fd8b60 
    "NEW_PRINC",                /* 0x00008000 */
Packit fd8b60 
    NULL,                       /* 0x00010000 */
Packit fd8b60 
    NULL,                       /* 0x00020000 */
Packit fd8b60 
    NULL,                       /* 0x00040000 */
Packit fd8b60 
    NULL,                       /* 0x00080000 */
Packit fd8b60 
    "OK_AS_DELEGATE",           /* 0x00100000 */
Packit fd8b60 
    "OK_TO_AUTH_AS_DELEGATE",   /* 0x00200000 */
Packit fd8b60 
    "NO_AUTH_DATA_REQUIRED",    /* 0x00400000 */
Packit fd8b60 
    "LOCKDOWN_KEYS",            /* 0x00800000 */
Packit fd8b60 
};
Packit fd8b60 
#define NOUTFLAGS (sizeof(outflags) / sizeof(outflags[0]))
Packit fd8b60
Packit fd8b60 
/*
Packit fd8b60 
 * Given s, which is a normalized flagspec with the prefix stripped off, and
Packit fd8b60 
 * req_neg indicating whether the flagspec is negated, update the toset and
Packit fd8b60 
 * toclear masks.
Packit fd8b60 
 */
Packit fd8b60 
static krb5_error_code
Packit fd8b60 
raw_flagspec_to_mask(const char *s, int req_neg, krb5_flags *toset,
Packit fd8b60 
                     krb5_flags *toclear)
Packit fd8b60 
{
Packit fd8b60 
    int found = 0, invert = 0;
Packit fd8b60 
    size_t i;
Packit fd8b60 
    krb5_flags flag;
Packit fd8b60 
    unsigned long ul;
Packit fd8b60
Packit fd8b60 
    for (i = 0; !found && i < NFTBL; i++) {
Packit fd8b60 
        if (strcmp(s, ftbl[i].spec) != 0)
Packit fd8b60 
            continue;
Packit fd8b60 
        /* Found a match */
Packit fd8b60 
        found = 1;
Packit fd8b60 
        invert = ftbl[i].invert;
Packit fd8b60 
        flag = ftbl[i].flag;
Packit fd8b60 
    }
Packit fd8b60 
    /* Accept hexadecimal numbers. */
Packit fd8b60 
    if (!found && strncmp(s, "0x", 2) == 0) {
Packit fd8b60 
        /* Assume that krb5_flags are 32 bits long. */
Packit fd8b60 
        ul = strtoul(s, NULL, 16) & 0xffffffff;
Packit fd8b60 
        flag = (krb5_flags)ul;
Packit fd8b60 
        found = 1;
Packit fd8b60 
    }
Packit fd8b60 
    if (!found)
Packit fd8b60 
        return EINVAL;
Packit fd8b60 
    if (req_neg)
Packit fd8b60 
        invert = !invert;
Packit fd8b60 
    if (invert)
Packit fd8b60 
        *toclear &= ~flag;
Packit fd8b60 
    else
Packit fd8b60 
        *toset |= flag;
Packit fd8b60 
    return 0;
Packit fd8b60 
}
Packit fd8b60
Packit fd8b60 
/*
Packit fd8b60 
 * Update the toset and toclear flag masks according to flag specifier string
Packit fd8b60 
 * spec, which is of the form {+|-}flagname.  toset and toclear can point to
Packit fd8b60 
 * the same flag word.
Packit fd8b60 
 */
Packit fd8b60 
krb5_error_code
Packit fd8b60 
krb5_flagspec_to_mask(const char *spec, krb5_flags *toset, krb5_flags *toclear)
Packit fd8b60 
{
Packit fd8b60 
    int req_neg = 0;
Packit fd8b60 
    char *copy, *cp, *s;
Packit fd8b60 
    krb5_error_code retval;
Packit fd8b60
Packit fd8b60 
    s = copy = strdup(spec);
Packit fd8b60 
    if (s == NULL)
Packit fd8b60 
        return ENOMEM;
Packit fd8b60
Packit fd8b60 
    if (*s == '-') {
Packit fd8b60 
        req_neg = 1;
Packit fd8b60 
        s++;
Packit fd8b60 
    } else if (*s == '+')
Packit fd8b60 
        s++;
Packit fd8b60
Packit fd8b60 
    for (cp = s; *cp != '\0'; cp++) {
Packit fd8b60 
        /* Transform hyphens to underscores.*/
Packit fd8b60 
        if (*cp == '-')
Packit fd8b60 
            *cp = '_';
Packit fd8b60 
        /* Downcase. */
Packit fd8b60 
        if (isupper((unsigned char)*cp))
Packit fd8b60 
            *cp = tolower((unsigned char)*cp);
Packit fd8b60 
    }
Packit fd8b60 
    retval = raw_flagspec_to_mask(s, req_neg, toset, toclear);
Packit fd8b60 
    free(copy);
Packit fd8b60 
    return retval;
Packit fd8b60 
}
Packit fd8b60
Packit fd8b60 
/*
Packit fd8b60 
 * Copy the flag name of flagnum to outstr.  On error, outstr points to a null
Packit fd8b60 
 * pointer.
Packit fd8b60 
 */
Packit fd8b60 
krb5_error_code
Packit fd8b60 
krb5_flagnum_to_string(int flagnum, char **outstr)
Packit fd8b60 
{
Packit fd8b60 
    const char *s = NULL;
Packit fd8b60
Packit fd8b60 
    *outstr = NULL;
Packit fd8b60 
    if ((unsigned int)flagnum < NOUTFLAGS)
Packit fd8b60 
        s = outflags[flagnum];
Packit fd8b60 
    if (s == NULL) {
Packit fd8b60 
        /* Assume that krb5_flags are 32 bits long. */
Packit fd8b60 
        if (asprintf(outstr, "0x%08lx", 1UL << flagnum) == -1)
Packit fd8b60 
            *outstr = NULL;
Packit fd8b60 
    } else {
Packit fd8b60 
        *outstr = strdup(s);
Packit fd8b60 
    }
Packit fd8b60 
    if (*outstr == NULL)
Packit fd8b60 
        return ENOMEM;
Packit fd8b60 
    return 0;
Packit fd8b60 
}
Packit fd8b60
Packit fd8b60 
/*
Packit fd8b60 
 * Create a null-terminated array of string representations of flags.  Store a
Packit fd8b60 
 * null pointer into outarray if there would be no strings.
Packit fd8b60 
 */
Packit fd8b60 
krb5_error_code
Packit fd8b60 
krb5_flags_to_strings(krb5_int32 flags, char ***outarray)
Packit fd8b60 
{
Packit fd8b60 
    char **a = NULL, **a_new = NULL, **ap;
Packit fd8b60 
    size_t amax = 0, i;
Packit fd8b60 
    krb5_error_code retval;
Packit fd8b60
Packit fd8b60 
    *outarray = NULL;
Packit fd8b60
Packit fd8b60 
    /* Assume that krb5_flags are 32 bits long. */
Packit fd8b60 
    for (i = 0; i < 32; i++) {
Packit fd8b60 
        if (!(flags & (1UL << i)))
Packit fd8b60 
            continue;
Packit fd8b60
Packit fd8b60 
        a_new = realloc(a, (amax + 2) * sizeof(*a));
Packit fd8b60 
        if (a_new == NULL) {
Packit fd8b60 
            retval = ENOMEM;
Packit fd8b60 
            goto cleanup;
Packit fd8b60 
        }
Packit fd8b60 
        a = a_new;
Packit fd8b60 
        retval = krb5_flagnum_to_string(i, &a[amax++]);
Packit fd8b60 
        a[amax] = NULL;
Packit fd8b60 
        if (retval)
Packit fd8b60 
            goto cleanup;
Packit fd8b60 
    }
Packit fd8b60 
    *outarray = a;
Packit fd8b60 
    return 0;
Packit fd8b60 
cleanup:
Packit fd8b60 
    for (ap = a; ap != NULL && *ap != NULL; ap++) {
Packit fd8b60 
        free(*ap);
Packit fd8b60 
    }
Packit fd8b60 
    free(a);
Packit fd8b60 
    return retval;
Packit fd8b60 
}
Packit fd8b60
Packit fd8b60 
/*
Packit fd8b60 
 * krb5_keysalt_is_present()    - Determine if a key/salt pair is present
Packit fd8b60 
 *                                in a list of key/salt tuples.
Packit fd8b60 
 *
Packit fd8b60 
 *      Salttype may be negative to indicate a search for only a enctype.
Packit fd8b60 
 */
Packit fd8b60 
krb5_boolean
Packit fd8b60 
krb5_keysalt_is_present(ksaltlist, nksalts, enctype, salttype)
Packit fd8b60 
    krb5_key_salt_tuple *ksaltlist;
Packit fd8b60 
    krb5_int32          nksalts;
Packit fd8b60 
    krb5_enctype        enctype;
Packit fd8b60 
    krb5_int32          salttype;
Packit fd8b60 
{
Packit fd8b60 
    krb5_boolean        foundit;
Packit fd8b60 
    int                 i;
Packit fd8b60
Packit fd8b60 
    foundit = 0;
Packit fd8b60 
    if (ksaltlist) {
Packit fd8b60 
        for (i=0; i
Packit fd8b60 
            if ((ksaltlist[i].ks_enctype == enctype) &&
Packit fd8b60 
                ((ksaltlist[i].ks_salttype == salttype) ||
Packit fd8b60 
                 (salttype < 0))) {
Packit fd8b60 
                foundit = 1;
Packit fd8b60 
                break;
Packit fd8b60 
            }
Packit fd8b60 
        }
Packit fd8b60 
    }
Packit fd8b60 
    return(foundit);
Packit fd8b60 
}
Packit fd8b60
Packit fd8b60 
/* NOTE: This is a destructive parser (writes NULs). */
Packit fd8b60 
static krb5_error_code
Packit fd8b60 
string_to_keysalt(char *s, const char *ksaltseps,
Packit fd8b60 
                  krb5_enctype *etype, krb5_int32 *stype)
Packit fd8b60 
{
Packit fd8b60 
    char *sp;
Packit fd8b60 
    const char *ksseps = (ksaltseps != NULL) ? ksaltseps : default_ksaltseps;
Packit fd8b60 
    krb5_error_code ret = 0;
Packit fd8b60
Packit fd8b60 
    sp = strpbrk(s, ksseps);
Packit fd8b60 
    if (sp != NULL) {
Packit fd8b60 
        *sp++ = '\0';
Packit fd8b60 
    }
Packit fd8b60 
    ret = krb5_string_to_enctype(s, etype);
Packit fd8b60 
    if (ret)
Packit fd8b60 
        return ret;
Packit fd8b60
Packit fd8b60 
    /* Default to normal salt if omitted. */
Packit fd8b60 
    *stype = KRB5_KDB_SALTTYPE_NORMAL;
Packit fd8b60 
    if (sp == NULL)
Packit fd8b60 
        return 0;
Packit fd8b60 
    return krb5_string_to_salttype(sp, stype);
Packit fd8b60 
}
Packit fd8b60
Packit fd8b60 
/*
Packit fd8b60 
 * krb5_string_to_keysalts()    - Convert a string representation to a list
Packit fd8b60 
 *                                of key/salt tuples.
Packit fd8b60 
 */
Packit fd8b60 
krb5_error_code
Packit fd8b60 
krb5_string_to_keysalts(const char *string, const char *tupleseps,
Packit fd8b60 
                        const char *ksaltseps, krb5_boolean dups,
Packit fd8b60 
                        krb5_key_salt_tuple **ksaltp, krb5_int32 *nksaltp)
Packit fd8b60 
{
Packit fd8b60 
    char *copy, *p, *ksp;
Packit fd8b60 
    char *tlasts = NULL;
Packit fd8b60 
    const char *tseps = (tupleseps != NULL) ? tupleseps : default_tupleseps;
Packit fd8b60 
    krb5_int32 nksalts = 0;
Packit fd8b60 
    krb5_int32 stype;
Packit fd8b60 
    krb5_enctype etype;
Packit fd8b60 
    krb5_error_code ret = 0;
Packit fd8b60 
    krb5_key_salt_tuple *ksalts = NULL, *ksalts_new = NULL;
Packit fd8b60
Packit fd8b60 
    *ksaltp = NULL;
Packit fd8b60 
    *nksaltp = 0;
Packit fd8b60 
    p = copy = strdup(string);
Packit fd8b60 
    if (p == NULL)
Packit fd8b60 
        return ENOMEM;
Packit fd8b60 
    while ((ksp = strtok_r(p, tseps, &tlasts)) != NULL) {
Packit fd8b60 
        /* Pass a null pointer to subsequent calls to strtok_r(). */
Packit fd8b60 
        p = NULL;
rpm-build 9e666a
rpm-build 9e666a 
        /* Discard unrecognized keysalts. */
rpm-build 9e666a 
        if (string_to_keysalt(ksp, ksaltseps, &etype, &stype) != 0)
rpm-build 9e666a 
            continue;
Packit fd8b60
Packit fd8b60 
        /* Ignore duplicate keysalts if caller asks. */
Packit fd8b60 
        if (!dups && krb5_keysalt_is_present(ksalts, nksalts, etype, stype))
Packit fd8b60 
            continue;
Packit fd8b60
Packit fd8b60 
        ksalts_new = realloc(ksalts, (nksalts + 1) * sizeof(*ksalts));
Packit fd8b60 
        if (ksalts_new == NULL) {
Packit fd8b60 
            ret = ENOMEM;
Packit fd8b60 
            goto cleanup;
Packit fd8b60 
        }
Packit fd8b60 
        ksalts = ksalts_new;
Packit fd8b60 
        ksalts[nksalts].ks_enctype = etype;
Packit fd8b60 
        ksalts[nksalts].ks_salttype = stype;
Packit fd8b60 
        nksalts++;
Packit fd8b60 
    }
Packit fd8b60 
    *ksaltp = ksalts;
Packit fd8b60 
    *nksaltp = nksalts;
Packit fd8b60 
cleanup:
Packit fd8b60 
    if (ret)
Packit fd8b60 
        free(ksalts);
Packit fd8b60 
    free(copy);
Packit fd8b60 
    return ret;
Packit fd8b60 
}
Packit fd8b60
Packit fd8b60 
/*
Packit fd8b60 
 * krb5_keysalt_iterate()       - Do something for each unique key/salt
Packit fd8b60 
 *                                combination.
Packit fd8b60 
 *
Packit fd8b60 
 * If ignoresalt set, then salttype is ignored.
Packit fd8b60 
 */
Packit fd8b60 
krb5_error_code
Packit fd8b60 
krb5_keysalt_iterate(ksaltlist, nksalt, ignoresalt, iterator, arg)
Packit fd8b60 
    krb5_key_salt_tuple *ksaltlist;
Packit fd8b60 
    krb5_int32          nksalt;
Packit fd8b60 
    krb5_boolean        ignoresalt;
Packit fd8b60 
    krb5_error_code     (*iterator) (krb5_key_salt_tuple *, krb5_pointer);
Packit fd8b60 
    krb5_pointer        arg;
Packit fd8b60 
{
Packit fd8b60 
    int                 i;
Packit fd8b60 
    krb5_error_code     kret;
Packit fd8b60 
    krb5_key_salt_tuple scratch;
Packit fd8b60
Packit fd8b60 
    kret = 0;
Packit fd8b60 
    for (i=0; i
Packit fd8b60 
        scratch.ks_enctype = ksaltlist[i].ks_enctype;
Packit fd8b60 
        scratch.ks_salttype = (ignoresalt) ? -1 : ksaltlist[i].ks_salttype;
Packit fd8b60 
        if (!krb5_keysalt_is_present(ksaltlist,
Packit fd8b60 
                                     i,
Packit fd8b60 
                                     scratch.ks_enctype,
Packit fd8b60 
                                     scratch.ks_salttype)) {
Packit fd8b60 
            kret = (*iterator)(&scratch, arg);
Packit fd8b60 
            if (kret)
Packit fd8b60 
                break;
Packit fd8b60 
        }
Packit fd8b60 
    }
Packit fd8b60 
    return(kret);
Packit fd8b60 
}

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation