display_status("initializing context", maj_stat,
init_sec_min_stat);
(void) gss_release_name(&min_stat, &target_name);
+ (void) gss_release_cred(&min_stat, &cred);
if (*gss_context != GSS_C_NO_CONTEXT)
gss_delete_sec_context(&min_stat, gss_context,
GSS_C_NO_BUFFER);
krb5_free_string(kcontext, cache_name);
}
krb5_cccol_cursor_free(kcontext, &cursor);
+ krb5_free_context(kcontext);
return 0;
}
if (!quiet && !errflg)
print_remaining_cc_warning(kcontext);
+ krb5_free_context(kcontext);
return errflg;
}
#define KINIT_EXTERN_H
krb5_error_code kinit_kdb_init(krb5_context *pcontext, char *realm);
+void kinit_kdb_fini(void);
#endif /* KINIT_EXTERN_H */
}
cleanup:
+#ifndef _WIN32
+ kinit_kdb_fini();
+#endif
if (options)
krb5_get_init_creds_opt_free(k5->ctx, options);
if (my_creds.client == k5->me) {
retval = krb5_kt_register(*pcontext, &krb5_kt_kdb_ops);
return retval;
}
+
+void
+kinit_kdb_fini()
+{
+ kadm5_destroy(server_handle);
+}
}
printf("\n");
krb5_free_unparsed_name(kcontext, pname);
+ krb5_free_keytab_entry_contents(kcontext, &entry);
}
if (code && code != KRB5_KT_END) {
com_err(progname, code, _("while scanning keytab"));
krb5_free_cred_contents(kcontext, &creds);
}
krb5_free_principal(kcontext, princ);
+ krb5_free_unparsed_name(kcontext, defname);
+ defname = NULL;
if (code == KRB5_CC_END) {
if ((code = krb5_cc_end_seq_get(kcontext, cache, &cur))) {
com_err(progname, code, _("while finishing ticket retrieval"));
princ_name);
exit(1);
}
+ krb5_free_principal(context, princ);
}
ret = krb5_cc_switch(context, cache);
com_err(progname, ret, _("while switching to credential cache"));
exit(1);
}
+
+ krb5_cc_close(context, cache);
+ krb5_free_context(context);
return 0;
}
if (freeprinc)
free(princstr);
+ free(params.keysalts);
free(db_name);
free(db_args);
remove_principal(char *keytab_str, krb5_keytab keytab,
char *princ_str, char *kvno_str)
{
- krb5_principal princ;
+ krb5_principal princ = NULL;
krb5_keytab_entry entry;
krb5_kt_cursor cursor;
enum { UNDEF, SPEC, HIGH, ALL, OLD } mode;
code = krb5_parse_name(context, princ_str, &princ);
if (code != 0) {
com_err(whoami, code, _("while parsing principal name %s"), princ_str);
- return;
+ goto cleanup;
}
mode = UNDEF;
com_err(whoami, code,
_("while retrieving highest kvno from keytab"));
}
- return;
+ goto cleanup;
}
/* set kvno to spec'ed value for SPEC, highest kvno otherwise */
code = krb5_kt_start_seq_get(context, keytab, &cursor);
if (code != 0) {
com_err(whoami, code, _("while starting keytab scan"));
- return;
+ goto cleanup;
}
did_something = 0;
if (code != 0) {
com_err(whoami, code,
_("while temporarily ending keytab scan"));
- return;
+ goto cleanup;
}
code = krb5_kt_remove_entry(context, keytab, &entry);
if (code != 0) {
com_err(whoami, code, _("while deleting entry from keytab"));
- return;
+ goto cleanup;
}
code = krb5_kt_start_seq_get(context, keytab, &cursor);
if (code != 0) {
com_err(whoami, code, _("while restarting keytab scan"));
- return;
+ goto cleanup;
}
did_something++;
}
if (code && code != KRB5_KT_END) {
com_err(whoami, code, _("while scanning keytab"));
- return;
+ goto cleanup;
}
code = krb5_kt_end_seq_get(context, keytab, &cursor);
if (code) {
com_err(whoami, code, _("while ending keytab scan"));
- return;
+ goto cleanup;
}
/*
fprintf(stderr, _("%s: There is only one entry for principal %s in "
"keytab %s\n"), whoami, princ_str, keytab_str);
}
+
+cleanup:
+ krb5_free_principal(context, princ);
}
/*
retval = krb5_lock_file(context, *fd, KRB5_LOCKMODE_EXCLUSIVE);
if (retval) {
com_err(progname, retval, _("while locking 'ok' file, '%s'"), file_ok);
+ free(file_ok);
return 0;
}
+ free(file_ok);
return 1;
}
fputc('\n', fp);
free(princstr);
+ xdr_free(xdr_osa_princ_ent_rec, &adb);
return 0;
}
extern krb5_keyblock master_keyblock;
extern krb5_principal master_princ;
+extern char *mkey_fullname;
krb5_data master_salt;
krb5_data tgt_princ_entries[] = {
int optchar;
krb5_error_code retval;
- char *mkey_fullname;
char *pw_str = 0;
unsigned int pw_size = 0;
int do_stash = 0;
if ((retval = add_principal(util_context, master_princ, MASTER_KEY, &rblock)) ||
(retval = add_principal(util_context, &tgt_princ, TGT_KEY, &rblock))) {
- (void) krb5_db_fini(util_context);
com_err(progname, retval, _("while adding entries to the database"));
exit_status++; return;
}
printf(_("Warning: couldn't stash master key.\n"));
}
/* clean up */
- (void) krb5_db_fini(util_context);
- memset(master_keyblock.contents, 0, master_keyblock.length);
- free(master_keyblock.contents);
if (pw_str) {
memset(pw_str, 0, pw_size);
free(pw_str);
char *dbname;
char buf[5];
krb5_error_code retval1;
- krb5_context context;
int force = 0;
- retval1 = kadm5_init_krb5_context(&context);
- if( retval1 )
- {
- com_err(progname, retval1, _("while initializing krb5_context"));
- exit(1);
- }
-
- if ((retval1 = krb5_set_default_realm(context,
- util_context->default_realm))) {
- com_err(progname, retval1, _("while setting default realm name"));
- exit(1);
- }
-
dbname = global_params.dbname;
optind = 1;
printf(_("OK, deleting database '%s'...\n"), dbname);
}
- retval1 = krb5_db_destroy(context, db5util_db_args);
+ retval1 = krb5_db_destroy(util_context, db5util_db_args);
if (retval1) {
com_err(progname, retval1, _("deleting database '%s'"), dbname);
exit_status++; return;
extern krb5_kvno master_kvno;
extern krb5_principal master_princ;
extern krb5_data master_salt;
+extern char *mkey_fullname;
extern char *mkey_password;
extern char *progname;
extern int exit_status;
* krb5_key_data key_data_contents is a pointer to this key. Using some
* logic from master_key_convert().
*/
+ for (i = 0; i < master_entry->n_key_data; i++)
+ krb5_free_key_data_contents(context, &master_entry->key_data[i]);
+ free(master_entry->key_data);
master_entry->key_data = (krb5_key_data *) malloc(sizeof(krb5_key_data) *
(old_key_data_count + 1));
if (master_entry->key_data == NULL)
{
int optchar;
krb5_error_code retval;
- char *mkey_fullname;
char *pw_str = 0;
unsigned int pw_size = 0;
int do_stash = 0;
krb5_keyblock new_mkeyblock;
krb5_enctype new_master_enctype = ENCTYPE_UNKNOWN;
char *new_mkey_password;
- krb5_db_entry *master_entry;
+ krb5_db_entry *master_entry = NULL;
krb5_timestamp now;
/*
*/
memset(&new_mkeyblock, 0, sizeof(new_mkeyblock));
- memset(&master_princ, 0, sizeof(master_princ));
master_salt.data = NULL;
while ((optchar = getopt(argc, argv, "e:s")) != -1) {
if (new_master_enctype == ENCTYPE_UNKNOWN)
new_master_enctype = global_params.enctype;
- /* assemble & parse the master key name */
- if ((retval = krb5_db_setup_mkey_name(util_context,
- global_params.mkey_name,
- global_params.realm,
- &mkey_fullname, &master_princ))) {
- com_err(progname, retval, _("while setting up master key name"));
- exit_status++;
- return;
- }
-
retval = krb5_db_get_principal(util_context, master_princ, 0,
&master_entry);
if (retval != 0) {
}
if ((retval = krb5_db_put_principal(util_context, master_entry))) {
- (void) krb5_db_fini(util_context);
com_err(progname, retval, _("while adding master key entry to the "
"database"));
exit_status++;
cleanup_return:
/* clean up */
- (void) krb5_db_fini(util_context);
- zap((char *)master_keyblock.contents, master_keyblock.length);
- free(master_keyblock.contents);
+ krb5_db_free_principal(util_context, master_entry);
zap((char *)new_mkeyblock.contents, new_mkeyblock.length);
free(new_mkeyblock.contents);
if (pw_str) {
free(pw_str);
}
free(master_salt.data);
- krb5_free_unparsed_name(util_context, mkey_fullname);
return;
}
kdb5_use_mkey(int argc, char *argv[])
{
krb5_error_code retval;
- char *mkey_fullname = NULL;
krb5_kvno use_kvno;
krb5_timestamp now, start_time;
krb5_actkvno_node *actkvno_list = NULL, *new_actkvno = NULL,
*prev_actkvno, *cur_actkvno;
- krb5_db_entry *master_entry;
+ krb5_db_entry *master_entry = NULL;
krb5_keylist_node *keylist_node;
krb5_boolean inserted = FALSE;
krb5_keylist_node *master_keylist = krb5_db_mkey_list_alias(util_context);
- memset(&master_princ, 0, sizeof(master_princ));
-
if (argc < 2 || argc > 3) {
/* usage calls exit */
usage();
* 5. put mkey princ.
*/
- /* assemble & parse the master key name */
- if ((retval = krb5_db_setup_mkey_name(util_context,
- global_params.mkey_name,
- global_params.realm,
- &mkey_fullname, &master_princ))) {
- com_err(progname, retval, _("while setting up master key name"));
- exit_status++;
- goto cleanup_return;
- }
-
retval = krb5_db_get_principal(util_context, master_princ, 0,
&master_entry);
if (retval != 0) {
}
if ((retval = krb5_db_put_principal(util_context, master_entry))) {
- (void) krb5_db_fini(util_context);
com_err(progname, retval,
_("while adding master key entry to the database"));
exit_status++;
cleanup_return:
/* clean up */
- (void) krb5_db_fini(util_context);
- krb5_free_unparsed_name(util_context, mkey_fullname);
- krb5_free_principal(util_context, master_princ);
+ krb5_db_free_principal(util_context, master_entry);
krb5_dbe_free_actkvno_list(util_context, actkvno_list);
return;
}
kdb5_list_mkeys(int argc, char *argv[])
{
krb5_error_code retval;
- char *mkey_fullname = NULL, *output_str = NULL, enctype[BUFSIZ];
+ char *output_str = NULL, enctype[BUFSIZ];
krb5_kvno act_kvno;
krb5_timestamp act_time;
krb5_actkvno_node *actkvno_list = NULL, *cur_actkvno;
- krb5_db_entry *master_entry;
+ krb5_db_entry *master_entry = NULL;
krb5_keylist_node *cur_kb_node;
krb5_keyblock *act_mkey;
krb5_keylist_node *master_keylist = krb5_db_mkey_list_alias(util_context);
return;
}
- /* assemble & parse the master key name */
- if ((retval = krb5_db_setup_mkey_name(util_context,
- global_params.mkey_name,
- global_params.realm,
- &mkey_fullname, &master_princ))) {
- com_err(progname, retval, _("while setting up master key name"));
- exit_status++;
- return;
- }
-
retval = krb5_db_get_principal(util_context, master_princ, 0,
&master_entry);
if (retval != 0) {
cleanup_return:
/* clean up */
- (void) krb5_db_fini(util_context);
- krb5_free_unparsed_name(util_context, mkey_fullname);
+ krb5_db_free_principal(util_context, master_entry);
free(output_str);
- krb5_free_principal(util_context, master_princ);
krb5_dbe_free_actkvno_list(util_context, actkvno_list);
return;
}
int optchar;
krb5_error_code retval;
krb5_actkvno_node *actkvno_list = 0;
- krb5_db_entry *master_entry;
- char *mkey_fullname = 0;
+ krb5_db_entry *master_entry = NULL;
#ifdef BSD_REGEXPS
char *msg;
#endif
usage();
}
- retval = krb5_unparse_name(util_context, master_princ, &mkey_fullname);
- if (retval) {
- com_err(progname, retval, _("while formatting master principal name"));
- exit_status++;
- goto cleanup;
- }
-
if (master_keylist == NULL) {
- com_err(progname, retval, _("master keylist not initialized"));
+ com_err(progname, 0, _("master keylist not initialized"));
exit_status++;
goto cleanup;
}
com_err(progname, retval, _("trying to process principal database"));
exit_status++;
}
- (void) krb5_db_fini(util_context);
if (data.dry_run) {
printf(_("%u principals processed: %u would be updated, %u already "
"current\n"),
}
cleanup:
+ krb5_db_free_principal(util_context, master_entry);
free(regexp);
+#ifdef POSIX_REGEXPS
+ regfree(&data.preg);
+#endif
memset(&new_master_keyblock, 0, sizeof(new_master_keyblock));
- krb5_free_unparsed_name(util_context, mkey_fullname);
krb5_dbe_free_actkvno_list(util_context, actkvno_list);
}
{
int optchar;
krb5_error_code retval;
- char *mkey_fullname = NULL;
krb5_timestamp now;
- krb5_db_entry *master_entry;
+ krb5_db_entry *master_entry = NULL;
krb5_boolean force = FALSE, dry_run = FALSE, verbose = FALSE;
struct purge_args args;
char buf[5];
return;
}
- memset(&master_princ, 0, sizeof(master_princ));
memset(&args, 0, sizeof(args));
optind = 1;
}
}
- /* assemble & parse the master key name */
- if ((retval = krb5_db_setup_mkey_name(util_context,
- global_params.mkey_name,
- global_params.realm,
- &mkey_fullname, &master_princ))) {
- com_err(progname, retval, _("while setting up master key name"));
- exit_status++;
- return;
- }
-
retval = krb5_db_get_principal(util_context, master_princ, 0,
&master_entry);
if (retval != 0) {
if (args.kvnos[j].kvno == (krb5_kvno) old_key_data[i].key_data_kvno) {
if (args.kvnos[j].use_count != 0) {
master_entry->key_data[k++] = old_key_data[i];
+ memset(&old_key_data[i], 0, sizeof(old_key_data[i]));
break;
} else {
/* remove unused mkey */
}
assert(k == num_kvnos_inuse);
+ /* Free any key data entries we did not consume in the loop above. */
+ for (i = 0; i < old_key_data_count; i++)
+ krb5_dbe_free_key_data_contents(util_context, &old_key_data[i]);
+ free(old_key_data);
+
if ((retval = krb5_dbe_update_actkvno(util_context, master_entry,
actkvno_list))) {
com_err(progname, retval,
master_entry->mask |= KADM5_KEY_DATA | KADM5_TL_DATA;
if ((retval = krb5_db_put_principal(util_context, master_entry))) {
- (void) krb5_db_fini(util_context);
com_err(progname, retval,
_("while adding master key entry to the database"));
exit_status++;
printf(_("%d key(s) purged.\n"), num_kvnos_purged);
cleanup_return:
- /* clean up */
- (void) krb5_db_fini(util_context);
- krb5_free_principal(util_context, master_princ);
+ krb5_db_free_principal(util_context, master_entry);
free(args.kvnos);
- krb5_free_unparsed_name(util_context, mkey_fullname);
krb5_dbe_free_actkvno_list(util_context, actkvno_list);
krb5_dbe_free_mkey_aux_list(util_context, mkey_aux_list);
return;
krb5_keyblock master_keyblock;
krb5_kvno master_kvno; /* fetched */
extern krb5_principal master_princ;
+char *mkey_fullname;
krb5_db_entry *master_entry = NULL;
int valid_master_key = 0;
com_err(progname, retval, _("while getting default realm"));
exit(1);
}
- util_context->default_realm = temp;
+ krb5_free_default_realm(util_context, temp);
}
retval = kadm5_get_config_params(util_context, 1,
if( db5util_db_args )
free(db5util_db_args);
+ quit();
kadm5_free_config_params(util_context, &global_params);
krb5_free_context(util_context);
+ free(cmd_argv);
return exit_status;
}
valid_master_key = 0;
}
krb5_free_principal(util_context, master_princ);
+ free(mkey_fullname);
dbactive = FALSE;
}
if ((retval = krb5_db_setup_mkey_name(util_context,
global_params.mkey_name,
global_params.realm,
- 0, &master_princ))) {
+ &mkey_fullname, &master_princ))) {
com_err(progname, retval, _("while setting up master key name"));
exit_status++;
return(1);
if (finished)
return 0;
+ ulog_fini(util_context);
retval = krb5_db_fini(util_context);
- memset(master_keyblock.contents, 0, master_keyblock.length);
+ zapfree(master_keyblock.contents, master_keyblock.length);
+ krb5_free_principal(util_context, master_princ);
finished = TRUE;
if (retval && retval != KRB5_KDB_DBNOTINITED) {
com_err(progname, retval, _("while closing database"));
return ret;
/* Don't print unknown flags if they're not set and numeric output
* isn't requested. */
- if (!(flags & (1UL << i)) && strncmp(s, "0x", 2) == 0)
+ if (!(flags & (1UL << i)) && strncmp(s, "0x", 2) == 0) {
+ free(s);
continue;
+ }
}
ret = princflag_rec(h, name, s, ((flags & (1UL << i)) != 0));
free(s);
destroy_pwqual(handle);
k5_kadm5_hook_free_handles(handle->context, handle->hook_handles);
+ ulog_fini(handle->context);
krb5_db_fini(handle->context);
krb5_free_principal(handle->context, handle->current_caller);
kadm5_free_config_params(handle->context, &handle->params);
realm = r;
}
+ krb5_free_principal(handle->context, master_princ);
+ master_princ = NULL;
if ((ret = krb5_db_setup_mkey_name(handle->context,
handle->params.mkey_name,
realm, NULL, &master_princ)))
goto done;
+ krb5_free_keyblock_contents(handle->context, &master_keyblock);
master_keyblock.enctype = handle->params.enctype;
/*
krb5_dbe_update_mkey_aux(krb5_context context, krb5_db_entry *entry,
krb5_mkey_aux_node *mkey_aux_data_list)
{
+ krb5_error_code status;
krb5_tl_data tl_data;
krb5_int16 version, tmp_kvno;
unsigned char *nextloc;
}
}
- return (krb5_dbe_update_tl_data(context, entry, &tl_data));
+ status = krb5_dbe_update_tl_data(context, entry, &tl_data);
+ free(tl_data.tl_data_contents);
+ return status;
}
#endif /* KRB5_TL_MKEY_AUX_VER == 1 */
global_params.realm);
goto err_nomsg;
}
+ free(rparams->containerref);
rparams->containerref = strdup(argv[i]);
if (rparams->containerref == NULL) {
retval = ENOMEM;
global_params.realm);
goto err_nomsg;
}
+ free(ldap_context->lrparams->realm_name);
ldap_context->lrparams->realm_name = strdup(global_params.realm);
if (ldap_context->lrparams->realm_name == NULL) {
retval = ENOMEM;
exit_status++;
}
- return;
+ krb5_free_keyblock_contents(util_context, &master_keyblock);
+ krb5_free_principal(util_context, master_princ);
}
if (rparams->subtree) {
for (k=0; k<rparams->subtreecount && rparams->subtree[k]; k++)
free(rparams->subtree[k]);
+ free(rparams->subtree);
rparams->subtreecount=0;
+ rparams->subtree = NULL;
}
}
if (strncmp(argv[i] ,"", strlen(argv[i]))!=0) {
global_params.realm);
goto err_nomsg;
}
+ free(rparams->containerref);
rparams->containerref = strdup(argv[i]);
if (rparams->containerref == NULL) {
retval = ENOMEM;
exit_status++;
goto cleanup;
}
- } else
- util_context->default_realm = temp;
+ }
+ krb5_free_default_realm(util_context, temp);
}
/* If we have the realm name, we can safely say that
* realm_name is required so that we don't neglect any information.
if (util_context) {
if (gp_is_static == 0)
kadm5_free_config_params(util_context, &global_params);
- krb5_ldap_close(util_context);
+ krb5_db_fini(util_context);
krb5_free_context(util_context);
}
free(rparams->subtree);
}
+ if (rparams->containerref)
+ free(rparams->containerref);
+
if (rparams->kdcservers) {
for (i=0; rparams->kdcservers[i]; ++i)
free(rparams->kdcservers[i]);
/* Ticket policy object management */
+static void
+free_list(char **list)
+{
+ int i;
+
+ for (i = 0; list != NULL && list[i] != NULL; i++)
+ free(list[i]);
+ free(list);
+}
+
/*
* create the Ticket policy object in Directory.
*/
krb5_ldap_free_policy(context, lpolicy);
*policy = NULL;
}
+ free(policy_dn);
ldap_msgfree(result);
krb5_ldap_put_handle_to_pool(ldap_context, ldap_server_handle);
return st;
}
cleanup:
+ free_list(list);
return st;
}
/* some error, free up all the memory */
if (st != 0) {
- if (*list) {
- for (i=0; (*list)[i]; ++i)
- free ((*list)[i]);
- free (*list);
- *list = NULL;
- }
+ free_list(*list);
+ *list = NULL;
}
ldap_msgfree(result);
krb5_ldap_put_handle_to_pool(ldap_context, ldap_server_handle);
exit(1);
}
- /* Fill in the client. */
- retval = krb5_copy_principal(context, my_principal, &creds.client);
- if (retval) {
- com_err(progname, retval, _("while copying client principal"));
- exit(1);
- }
-
if (srvtab != NULL) {
retval = krb5_kt_resolve(context, srvtab, &keytab);
if (retval) {
send_size, database_size);
exit(1);
}
+ free(inbuf.data);
free(outbuf.data);
}
free(master_svc_princstr);
krb5_free_default_realm(kpropd_context, def_realm);
kadm5_destroy(server_handle);
+ krb5_db_fini(kpropd_context);
+ ulog_fini(kpropd_context);
krb5_free_context(kpropd_context);
return (runonce == 1) ? 0 : 1;
printf("\n");
+ kadm5_free_config_params(context, ¶ms);
+ krb5_free_context(context);
return 0;
}
projects / thirdparty / krb5.git / commitdiff
