summaryrefslogtreecommitdiff
path: root/source4/heimdal/lib/hdb
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2011-07-15 09:10:30 +0200
committerStefan Metzmacher <metze@samba.org>2011-07-15 11:15:05 +0200
commit255e3e18e00f717d99f3bc57c8a8895ff624f3c3 (patch)
treea2933c88f38e8dd7fe612be8dd458d05918b1f15 /source4/heimdal/lib/hdb
parent70da27838bb3f6ed9c36add06ce0ccdf467ab1c3 (diff)
downloadsamba-255e3e18e00f717d99f3bc57c8a8895ff624f3c3.tar.gz
samba-255e3e18e00f717d99f3bc57c8a8895ff624f3c3.tar.bz2
samba-255e3e18e00f717d99f3bc57c8a8895ff624f3c3.zip
s4:heimdal: import lorikeet-heimdal-201107150856 (commit 48936803fae4a2fb362c79365d31f420c917b85b)
Diffstat (limited to 'source4/heimdal/lib/hdb')
-rw-r--r--source4/heimdal/lib/hdb/dbinfo.c2
-rw-r--r--source4/heimdal/lib/hdb/ext.c20
-rw-r--r--source4/heimdal/lib/hdb/hdb-keytab.c2
-rw-r--r--source4/heimdal/lib/hdb/hdb.c12
-rw-r--r--source4/heimdal/lib/hdb/hdb.h4
-rw-r--r--source4/heimdal/lib/hdb/keys.c16
-rw-r--r--source4/heimdal/lib/hdb/keytab.c48
-rw-r--r--source4/heimdal/lib/hdb/mkey.c18
8 files changed, 62 insertions, 60 deletions
diff --git a/source4/heimdal/lib/hdb/dbinfo.c b/source4/heimdal/lib/hdb/dbinfo.c
index 5019016ed5..52e394106e 100644
--- a/source4/heimdal/lib/hdb/dbinfo.c
+++ b/source4/heimdal/lib/hdb/dbinfo.c
@@ -112,7 +112,7 @@ hdb_get_dbinfo(krb5_context context, struct hdb_dbinfo **dbp)
if (ret == 0 && di) {
databases = di;
dt = &di->next;
- }
+ }
for ( ; db_binding != NULL; db_binding = db_binding->next) {
diff --git a/source4/heimdal/lib/hdb/ext.c b/source4/heimdal/lib/hdb/ext.c
index fb32fdb845..d2a4373b9b 100644
--- a/source4/heimdal/lib/hdb/ext.c
+++ b/source4/heimdal/lib/hdb/ext.c
@@ -37,7 +37,7 @@
krb5_error_code
hdb_entry_check_mandatory(krb5_context context, const hdb_entry *ent)
{
- int i;
+ size_t i;
if (ent->extensions == NULL)
return 0;
@@ -63,13 +63,13 @@ hdb_entry_check_mandatory(krb5_context context, const hdb_entry *ent)
HDB_extension *
hdb_find_extension(const hdb_entry *entry, int type)
{
- int i;
+ size_t i;
if (entry->extensions == NULL)
return NULL;
for (i = 0; i < entry->extensions->len; i++)
- if (entry->extensions->val[i].data.element == type)
+ if (entry->extensions->val[i].data.element == (unsigned)type)
return &entry->extensions->val[i];
return NULL;
}
@@ -112,7 +112,7 @@ hdb_replace_extension(krb5_context context,
Der_type replace_type, list_type;
unsigned int replace_tag, list_tag;
size_t size;
- int i;
+ size_t i;
ret = der_get_tag(ext->data.u.asn1_ellipsis.data,
ext->data.u.asn1_ellipsis.length,
@@ -180,13 +180,13 @@ hdb_clear_extension(krb5_context context,
hdb_entry *entry,
int type)
{
- int i;
+ size_t i;
if (entry->extensions == NULL)
return 0;
for (i = 0; i < entry->extensions->len; i++) {
- if (entry->extensions->val[i].data.element == type) {
+ if (entry->extensions->val[i].data.element == (unsigned)type) {
free_HDB_extension(&entry->extensions->val[i]);
memmove(&entry->extensions->val[i],
&entry->extensions->val[i + 1],
@@ -286,7 +286,7 @@ hdb_entry_get_password(krb5_context context, HDB *db,
ext = hdb_find_extension(entry, choice_HDB_extension_data_password);
if (ext) {
- heim_utf8_string str;
+ heim_utf8_string xstr;
heim_octet_string pw;
if (db->hdb_master_key_set && ext->data.u.password.mkvno) {
@@ -314,13 +314,13 @@ hdb_entry_get_password(krb5_context context, HDB *db,
return ret;
}
- str = pw.data;
- if (str[pw.length - 1] != '\0') {
+ xstr = pw.data;
+ if (xstr[pw.length - 1] != '\0') {
krb5_set_error_message(context, EINVAL, "malformed password");
return EINVAL;
}
- *p = strdup(str);
+ *p = strdup(xstr);
der_free_octet_string(&pw);
if (*p == NULL) {
diff --git a/source4/heimdal/lib/hdb/hdb-keytab.c b/source4/heimdal/lib/hdb/hdb-keytab.c
index c1bad86796..ab2afb5d74 100644
--- a/source4/heimdal/lib/hdb/hdb-keytab.c
+++ b/source4/heimdal/lib/hdb/hdb-keytab.c
@@ -206,7 +206,7 @@ hdb_keytab_create(krb5_context context, HDB ** db, const char *arg)
krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM;
}
-
+
(*db)->hdb_db = k;
diff --git a/source4/heimdal/lib/hdb/hdb.c b/source4/heimdal/lib/hdb/hdb.c
index 2c1de8b3d7..ca05cc4a17 100644
--- a/source4/heimdal/lib/hdb/hdb.c
+++ b/source4/heimdal/lib/hdb/hdb.c
@@ -78,7 +78,9 @@ static struct hdb_method methods[] = {
{ HDB_INTERFACE_VERSION, "ldap:", hdb_ldap_create},
{ HDB_INTERFACE_VERSION, "ldapi:", hdb_ldapi_create},
#endif
+#ifdef HAVE_SQLITE3
{ HDB_INTERFACE_VERSION, "sqlite:", hdb_sqlite_create},
+#endif
{0, NULL, NULL}
};
@@ -166,7 +168,7 @@ hdb_unlock(int fd)
void
hdb_free_entry(krb5_context context, hdb_entry_ex *ent)
{
- int i;
+ size_t i;
if (ent->free_entry)
(*ent->free_entry)(context, ent);
@@ -215,7 +217,7 @@ hdb_check_db_format(krb5_context context, HDB *db)
if (ret)
return ret;
- tag.data = HDB_DB_FORMAT_ENTRY;
+ tag.data = (void *)(intptr_t)HDB_DB_FORMAT_ENTRY;
tag.length = strlen(tag.data);
ret = (*db->hdb__get)(context, db, tag, &version);
ret2 = db->hdb_unlock(context, db);
@@ -248,7 +250,7 @@ hdb_init_db(krb5_context context, HDB *db)
if (ret)
return ret;
- tag.data = HDB_DB_FORMAT_ENTRY;
+ tag.data = (void *)(intptr_t)HDB_DB_FORMAT_ENTRY;
tag.length = strlen(tag.data);
snprintf(ver, sizeof(ver), "%u", HDB_DB_FORMAT);
version.data = ver;
@@ -317,7 +319,7 @@ find_dynamic_method (krb5_context context,
if (asprintf(&symbol, "hdb_%s_interface", prefix) == -1)
krb5_errx(context, 1, "out of memory");
-
+
mso = (struct hdb_so_method *) dlsym(dl, symbol);
if (mso == NULL) {
krb5_warnx(context, "error finding symbol %s in %s: %s\n",
@@ -432,7 +434,7 @@ _hdb_keytab2hdb_entry(krb5_context context,
entry->entry.keys.val[0].mkvno = NULL;
entry->entry.keys.val[0].salt = NULL;
-
+
return krb5_copy_keyblock_contents(context,
&ktentry->keyblock,
&entry->entry.keys.val[0].key);
diff --git a/source4/heimdal/lib/hdb/hdb.h b/source4/heimdal/lib/hdb/hdb.h
index fffda7aef0..469ec82ec0 100644
--- a/source4/heimdal/lib/hdb/hdb.h
+++ b/source4/heimdal/lib/hdb/hdb.h
@@ -153,7 +153,7 @@ typedef struct HDB{
/**
* As part of iteration, fetch next entry
*/
- krb5_error_code (*hdb_nextkey)(krb5_context, struct HDB*,
+ krb5_error_code (*hdb_nextkey)(krb5_context, struct HDB*,
unsigned, hdb_entry_ex*);
/**
* Lock database
@@ -221,7 +221,7 @@ typedef struct HDB{
* ->hdb_store() into the database. The backend will still perform
* all other operations, increasing the kvno, and update
* modification timestamp.
- *
+ *
* The backend needs to call _kadm5_set_keys() and perform password
* quality checks.
*/
diff --git a/source4/heimdal/lib/hdb/keys.c b/source4/heimdal/lib/hdb/keys.c
index 63f254d002..3d0b9d7c1b 100644
--- a/source4/heimdal/lib/hdb/keys.c
+++ b/source4/heimdal/lib/hdb/keys.c
@@ -221,10 +221,10 @@ add_enctype_to_key_set(Key **key_set, size_t *nkeyset,
free_Key(&key);
return ENOMEM;
}
-
+
key.salt->type = salt->salttype;
krb5_data_zero (&key.salt->salt);
-
+
ret = krb5_data_copy(&key.salt->salt,
salt->saltvalue.data,
salt->saltvalue.length);
@@ -256,8 +256,8 @@ hdb_generate_key_set(krb5_context context, krb5_principal principal,
char **ktypes, **kp;
krb5_error_code ret;
Key *k, *key_set;
- int i, j;
- char *default_keytypes[] = {
+ size_t i, j;
+ static const char *default_keytypes[] = {
"aes256-cts-hmac-sha1-96:pw-salt",
"des3-cbc-sha1:pw-salt",
"arcfour-hmac-md5:pw-salt",
@@ -267,7 +267,7 @@ hdb_generate_key_set(krb5_context context, krb5_principal principal,
ktypes = krb5_config_get_strings(context, NULL, "kadmin",
"default_keys", NULL);
if (ktypes == NULL)
- ktypes = default_keytypes;
+ ktypes = (char **)(intptr_t)default_keytypes;
*ret_key_set = key_set = NULL;
*nkeyset = 0;
@@ -290,7 +290,7 @@ hdb_generate_key_set(krb5_context context, krb5_principal principal,
p = "des:afs3-salt";
else if (strcmp(p, "arcfour-hmac-md5") == 0)
p = "arcfour-hmac-md5:pw-salt";
-
+
memset(&salt, 0, sizeof(salt));
ret = parse_key_set(context, p,
@@ -337,7 +337,7 @@ hdb_generate_key_set(krb5_context context, krb5_principal principal,
*ret_key_set = key_set;
out:
- if (ktypes != default_keytypes)
+ if (ktypes != (char **)(intptr_t)default_keytypes)
krb5_config_free_strings(ktypes);
if (ret) {
@@ -364,7 +364,7 @@ hdb_generate_key_set_password(krb5_context context,
Key **keys, size_t *num_keys)
{
krb5_error_code ret;
- int i;
+ size_t i;
ret = hdb_generate_key_set(context, principal,
keys, num_keys, 0);
diff --git a/source4/heimdal/lib/hdb/keytab.c b/source4/heimdal/lib/hdb/keytab.c
index 05b78dafc5..c72b797dab 100644
--- a/source4/heimdal/lib/hdb/keytab.c
+++ b/source4/heimdal/lib/hdb/keytab.c
@@ -37,7 +37,7 @@
struct hdb_data {
char *dbname;
- char *mkey;
+ char *mkey;
};
struct hdb_cursor {
@@ -184,7 +184,7 @@ hdb_get_entry(krb5_context context,
const char *mkey = d->mkey;
char *fdbname = NULL, *fmkey = NULL;
HDB *db;
- int i;
+ size_t i;
memset(&ent, 0, sizeof(ent));
@@ -204,13 +204,13 @@ hdb_get_entry(krb5_context context,
(*db->hdb_destroy)(context, db);
goto out2;
}
-
+
ret = (*db->hdb_open)(context, db, O_RDONLY, 0);
if (ret) {
(*db->hdb_destroy)(context, db);
goto out2;
}
-
+
ret = (*db->hdb_fetch_kvno)(context, db, principal,
HDB_F_DECRYPT|HDB_F_KVNO_SPECIFIED|
HDB_F_GET_CLIENT|HDB_F_GET_SERVER|HDB_F_GET_KRBTGT,
@@ -222,7 +222,7 @@ hdb_get_entry(krb5_context context,
}else if(ret)
goto out;
- if(kvno && ent.entry.kvno != kvno) {
+ if(kvno && (krb5_kvno)ent.entry.kvno != kvno) {
hdb_free_entry(context, &ent);
ret = KRB5_KT_NOTFOUND;
goto out;
@@ -268,10 +268,10 @@ hdb_start_seq_get(krb5_context context,
const char *dbname = d->dbname;
const char *mkey = d->mkey;
HDB *db;
-
+
if (dbname == NULL) {
/*
- * We don't support enumerating without being told what
+ * We don't support enumerating without being told what
* backend to enumerate on
*/
ret = KRB5_KT_NOTFOUND;
@@ -286,7 +286,7 @@ hdb_start_seq_get(krb5_context context,
(*db->hdb_destroy)(context, db);
return ret;
}
-
+
ret = (*db->hdb_open)(context, db, O_RDONLY, 0);
if (ret) {
(*db->hdb_destroy)(context, db);
@@ -314,16 +314,16 @@ static int KRB5_CALLCONV
hdb_next_entry(krb5_context context,
krb5_keytab id,
krb5_keytab_entry *entry,
- krb5_kt_cursor *cursor)
+ krb5_kt_cursor *cursor)
{
struct hdb_cursor *c = cursor->data;
krb5_error_code ret;
-
+
memset(entry, 0, sizeof(*entry));
if (c->first) {
c->first = FALSE;
- ret = (c->db->hdb_firstkey)(context, c->db,
+ ret = (c->db->hdb_firstkey)(context, c->db,
HDB_F_DECRYPT|
HDB_F_GET_CLIENT|HDB_F_GET_SERVER|HDB_F_GET_KRBTGT,
&c->hdb_entry);
@@ -331,15 +331,15 @@ hdb_next_entry(krb5_context context,
return KRB5_KT_END;
else if (ret)
return ret;
-
+
if (c->hdb_entry.entry.keys.len == 0)
hdb_free_entry(context, &c->hdb_entry);
else
c->next = FALSE;
- }
-
+ }
+
while (c->next) {
- ret = (c->db->hdb_nextkey)(context, c->db,
+ ret = (c->db->hdb_nextkey)(context, c->db,
HDB_F_DECRYPT|
HDB_F_GET_CLIENT|HDB_F_GET_SERVER|HDB_F_GET_KRBTGT,
&c->hdb_entry);
@@ -347,21 +347,21 @@ hdb_next_entry(krb5_context context,
return KRB5_KT_END;
else if (ret)
return ret;
-
+
/* If no keys on this entry, try again */
if (c->hdb_entry.entry.keys.len == 0)
hdb_free_entry(context, &c->hdb_entry);
else
c->next = FALSE;
}
-
+
/*
* Return next enc type (keytabs are one slot per key, while
* hdb is one record per principal.
*/
-
- ret = krb5_copy_principal(context,
- c->hdb_entry.entry.principal,
+
+ ret = krb5_copy_principal(context,
+ c->hdb_entry.entry.principal,
&entry->principal);
if (ret)
return ret;
@@ -376,13 +376,13 @@ hdb_next_entry(krb5_context context,
return ret;
}
c->key_idx++;
-
- /*
+
+ /*
* Once we get to the end of the list, signal that we want the
* next entry
*/
-
- if (c->key_idx == c->hdb_entry.entry.keys.len) {
+
+ if ((size_t)c->key_idx == c->hdb_entry.entry.keys.len) {
hdb_free_entry(context, &c->hdb_entry);
c->next = TRUE;
c->key_idx = 0;
diff --git a/source4/heimdal/lib/hdb/mkey.c b/source4/heimdal/lib/hdb/mkey.c
index 760eccfd43..9a13d55a51 100644
--- a/source4/heimdal/lib/hdb/mkey.c
+++ b/source4/heimdal/lib/hdb/mkey.c
@@ -153,7 +153,7 @@ read_master_mit(krb5_context context, const char *filename,
krb5_storage *sp;
int16_t enctype;
krb5_keyblock key;
-
+
fd = open(filename, O_RDONLY | O_BINARY);
if(fd < 0) {
int save_errno = errno;
@@ -200,7 +200,7 @@ read_master_encryptionkey(krb5_context context, const char *filename,
unsigned char buf[256];
ssize_t len;
size_t ret_len;
-
+
fd = open(filename, O_RDONLY | O_BINARY);
if(fd < 0) {
int save_errno = errno;
@@ -246,7 +246,7 @@ read_master_krb4(krb5_context context, const char *filename,
krb5_error_code ret;
unsigned char buf[256];
ssize_t len;
-
+
fd = open(filename, O_RDONLY | O_BINARY);
if(fd < 0) {
int save_errno = errno;
@@ -372,7 +372,7 @@ _hdb_find_master_key(uint32_t *mkvno, hdb_master_key mkey)
if(mkvno == NULL) {
if(ret == NULL || mkey->keytab.vno > ret->keytab.vno)
ret = mkey;
- } else if(mkey->keytab.vno == *mkvno)
+ } else if((uint32_t)mkey->keytab.vno == *mkvno)
return mkey;
mkey = mkey->next;
}
@@ -406,7 +406,7 @@ _hdb_mkey_encrypt(krb5_context context, hdb_master_key key,
krb5_error_code
hdb_unseal_key_mkey(krb5_context context, Key *k, hdb_master_key mkey)
{
-
+
krb5_error_code ret;
krb5_data res;
size_t keysize;
@@ -415,7 +415,7 @@ hdb_unseal_key_mkey(krb5_context context, Key *k, hdb_master_key mkey)
if(k->mkvno == NULL)
return 0;
-
+
key = _hdb_find_master_key(k->mkvno, mkey);
if (key == NULL)
@@ -459,7 +459,7 @@ hdb_unseal_key_mkey(krb5_context context, Key *k, hdb_master_key mkey)
krb5_error_code
hdb_unseal_keys_mkey(krb5_context context, hdb_entry *ent, hdb_master_key mkey)
{
- int i;
+ size_t i;
for(i = 0; i < ent->keys.len; i++){
krb5_error_code ret;
@@ -519,14 +519,14 @@ hdb_seal_key_mkey(krb5_context context, Key *k, hdb_master_key mkey)
return ENOMEM;
}
*k->mkvno = key->keytab.vno;
-
+
return 0;
}
krb5_error_code
hdb_seal_keys_mkey(krb5_context context, hdb_entry *ent, hdb_master_key mkey)
{
- int i;
+ size_t i;
for(i = 0; i < ent->keys.len; i++){
krb5_error_code ret;