Restore recursive dump functionality

author Tom Yu <tlyu@mit.edu>

Thu, 11 Aug 2016 22:05:33 +0000 (18:05 -0400)

committer Tom Yu <tlyu@mit.edu>

Tue, 16 Aug 2016 19:26:05 +0000 (15:26 -0400)
author Tom Yu <tlyu@mit.edu>
Thu, 11 Aug 2016 22:05:33 +0000 (18:05 -0400)
committer Tom Yu <tlyu@mit.edu>
Tue, 16 Aug 2016 19:26:05 +0000 (15:26 -0400)
diff --git a/doc/admin/admin_commands/kdb5_util.rst b/doc/admin/admin_commands/kdb5_util.rst

index f43bcf1f9da7544c5cbd4525f259a18f373d4534..258498f0d6ef67b59f3091536279e53d278279f2 100644 (file)
--- a/doc/admin/admin_commands/kdb5_util.rst
+++ b/doc/admin/admin_commands/kdb5_util.rst
@@ -182,11 +182,13 @@ load_dump version 7".  If filename is not specified, or is the string
      corruption, this option will probably retrieve more principals
      than the **-rev** option will.
  
-    .. note::
-        The **-recurse** option currently doesn't modify the dump
-        functionality as described above; it does a normal dump.
+    .. versionchanged:: 1.15
+        Release 1.15 restored the functionality of the **-recurse**
+        option.
  
-    .. deprecated:: 1.5
+    .. versionchanged:: 1.5
+        The **-recurse** option ceased working until release 1.15,
+        doing a normal dump instead of a recursive traversal.
  
  .. _kdb5_util_dump_end:
  
diff --git a/src/include/kdb.h b/src/include/kdb.h

index df02ec6d3ce9177720339ede88c6e720442c1cec..c6dd15f46d86f58ef12889ce5229b44cfd09b9f5 100644 (file)
--- a/src/include/kdb.h
+++ b/src/include/kdb.h
@@ -135,6 +135,7 @@
  /* KDB iteration flags */
  #define KRB5_DB_ITER_WRITE      0x00000001
  #define KRB5_DB_ITER_REV        0x00000002
+#define KRB5_DB_ITER_RECURSE    0x00000004
  
  /* String attribute names recognized by krb5 */
  #define KRB5_KDB_SK_SESSION_ENCTYPES            "session_enctypes"
diff --git a/src/kadmin/dbutil/dump.c b/src/kadmin/dbutil/dump.c

index 412763874a7d7d2886e199eefebccf72f7f90f37..f7889bd234f5f9e0069e0ef06a56a95bf4ae1feb 100644 (file)
--- a/src/kadmin/dbutil/dump.c
+++ b/src/kadmin/dbutil/dump.c
@@ -1304,11 +1304,7 @@ dump_db(int argc, char **argv)
          } else if (!strcmp(argv[aindex], "-rev")) {
              iterflags |= KRB5_DB_ITER_REV;
          } else if (!strcmp(argv[aindex], "-recurse")) {
-            /* Accept this for compatibility, but do nothing since
-             * krb5_db_iterate doesn't support it. */
-            fprintf(stderr,
-                    _("%s: WARNING: the -recurse option is currently "
-                      "unimplemented\n"), progname);
+            iterflags |= KRB5_DB_ITER_RECURSE;
          } else {
              break;
          }
diff --git a/src/plugins/kdb/db2/kdb_db2.c b/src/plugins/kdb/db2/kdb_db2.c

index d69643c7204f0d332bcb67a9a14cd4ff211e5bc9..4c4036eb4714cf46e9abb88fa8175b320f4f8090 100644 (file)
--- a/src/plugins/kdb/db2/kdb_db2.c
+++ b/src/plugins/kdb/db2/kdb_db2.c
@@ -968,6 +968,10 @@ static krb5_error_code
  curs_init(iter_curs *curs, krb5_context ctx, krb5_db2_context *dbc,
            krb5_flags iterflags)
  {
+    int isrecurse = iterflags & KRB5_DB_ITER_RECURSE;
+    unsigned int prevflag = R_PREV;
+    unsigned int nextflag = R_NEXT;
+
      curs->keycopy.size = 0;
      curs->keycopy.data = NULL;
      curs->islocked = FALSE;
@@ -979,12 +983,27 @@ curs_init(iter_curs *curs, krb5_context ctx, krb5_db2_context *dbc,
      else
          curs->lockmode = KRB5_LOCKMODE_SHARED;
  
+    if (isrecurse) {
+#ifdef R_RNEXT
+        if (dbc->hashfirst) {
+            k5_setmsg(ctx, EINVAL, _("Recursive iteration is not supported "
+                                     "for hash databases"));
+            return EINVAL;
+        }
+        prevflag = R_RPREV;
+        nextflag = R_RNEXT;
+#else
+        k5_setmsg(ctx, EINVAL, _("Recursive iteration not supported "
+                                 "in this version of libdb"));
+        return EINVAL;
+#endif
+    }
      if (iterflags & KRB5_DB_ITER_REV) {
          curs->startflag = R_LAST;
-        curs->stepflag = R_PREV;
+        curs->stepflag = prevflag;
      } else {
          curs->startflag = R_FIRST;
-        curs->stepflag = R_NEXT;
+        curs->stepflag = nextflag;
      }
      return curs_lock(curs);
  }
author	Tom Yu <tlyu@mit.edu>
	Thu, 11 Aug 2016 22:05:33 +0000 (18:05 -0400)
committer	Tom Yu <tlyu@mit.edu>
	Tue, 16 Aug 2016 19:26:05 +0000 (15:26 -0400)
doc/admin/admin_commands/kdb5_util.rst		patch \| blob \| blame \| history
src/include/kdb.h		patch \| blob \| blame \| history
src/kadmin/dbutil/dump.c		patch \| blob \| blame \| history
src/plugins/kdb/db2/kdb_db2.c		patch \| blob \| blame \| history