n3parikh
/
pyceo
forked from public/pyceo
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Python CSC Electronic Office
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
484 Commits
5 Branches
0 Tags
1.4 MiB
 
 
 
 
 
Tag: Branch: Tree: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
pyceo/src/kadm.c

97 lines
2.5 KiB
Raw Permalink Blame History

#include <kadm5/admin.h>
#include "kadm.h"
#include "krb5.h"
#include "util.h"
#include "config.h"
extern char *prog;
static void *handle;
void ceo_kadm_init() {
krb5_error_code retval;
kadm5_config_params params;
memset((void *) &params, 0, sizeof(params));
debug("kadmin: initializing using keytab for %s", krb5_admin_principal);
retval = kadm5_init_with_skey(
#ifdef KADM5_API_VERSION_3
context,
#endif
krb5_admin_principal, NULL,
KADM5_ADMIN_SERVICE, &params, KADM5_STRUCT_VERSION,
KADM5_API_VERSION_2, NULL, &handle);
if (retval || !handle) {
com_err(prog, retval, "while initializing kadm5");
exit(1);
}
}
void ceo_kadm_cleanup() {
debug("kadmin: cleaning up");
kadm5_destroy(handle);
}
int ceo_add_princ(char *user, char *password) {
krb5_error_code retval;
debug("kadmin: adding principal %s", user);
// Added March 2012: Change behavior of ceod to add the kerberos principal.
kadm5_policy_ent_rec defpol;
kadm5_principal_ent_rec princ;
memset((void*) &princ, 0, sizeof(princ));
if ((retval = kadm5_get_policy(handle, "default", &defpol))) {
com_err(prog, retval, "while retrieving default policy");
return retval;
}
kadm5_free_policy_ent(handle, &defpol);
princ.policy = "default";
if ((retval = krb5_parse_name(context, user, &princ.principal))) {
com_err(prog, retval, "while parsing user name");
return retval;
}
long flags = KADM5_POLICY | KADM5_PRINCIPAL;
if ((retval = kadm5_create_principal(handle, &princ, flags, password))) {
if(retval == KADM5_DUP) {
if ((retval = kadm5_chpass_principal(handle, princ.principal, password))) {
com_err(prog, retval, "while setting principal password");
return retval;
}
} else {
com_err(prog, retval, "while creating principal");
return retval;
}
}
krb5_free_principal(context, princ.principal);
return 0;
}
int ceo_del_princ(char *user) {
krb5_error_code retval;
krb5_principal princ;
debug("kadmin: deleting principal %s", user);
if ((retval = krb5_parse_name(context, user, &princ))) {
com_err(prog, retval, "while parsing principal name");
return retval;
}
retval = kadm5_delete_principal(handle, princ);
if (retval && retval != KADM5_UNK_PRINC) {
com_err(prog, retval, "while deleting principal");
return retval;
}
krb5_free_principal(context, princ);
return 0;
}