diff options
Diffstat (limited to 'usr/src/cmd/krb5/kadmin/server/misc.c')
| -rw-r--r-- | usr/src/cmd/krb5/kadmin/server/misc.c | 80 |
1 files changed, 10 insertions, 70 deletions
diff --git a/usr/src/cmd/krb5/kadmin/server/misc.c b/usr/src/cmd/krb5/kadmin/server/misc.c index 40965ed1db..9bdd12ed74 100644 --- a/usr/src/cmd/krb5/kadmin/server/misc.c +++ b/usr/src/cmd/krb5/kadmin/server/misc.c @@ -1,9 +1,7 @@ /* - * Copyright 2008 Sun Microsystems, Inc. All rights reserved. - * Use is subject to license terms. + * Copyright (c) 2001, 2010, Oracle and/or its affiliates. All rights reserved. */ - /* * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING * @@ -21,7 +19,6 @@ * */ - /* * Copyright 1993 OpenVision Technologies, Inc., All Rights Reserved * @@ -30,6 +27,7 @@ #include <k5-int.h> #include <krb5/kdb.h> #include <kadm5/server_internal.h> +#include <kadm5/admin.h> #include "misc.h" /* @@ -67,7 +65,8 @@ chpass_principal_wrapper_3(void *server_handle, { kadm5_ret_t ret; - ret = check_min_life(server_handle, principal, NULL, 0); + /* Solaris Kerberos */ + ret = kadm5_check_min_life(server_handle, principal, NULL, 0); if (ret) return ret; @@ -110,7 +109,8 @@ randkey_principal_wrapper_3(void *server_handle, { kadm5_ret_t ret; - ret = check_min_life(server_handle, principal, NULL, 0); + /* Solaris Kerberos */ + ret = kadm5_check_min_life(server_handle, principal, NULL, 0); if (ret) return ret; return kadm5_randkey_principal_3(server_handle, principal, @@ -125,7 +125,8 @@ schpw_util_wrapper(void *server_handle, krb5_principal princ, { kadm5_ret_t ret; - ret = check_min_life(server_handle, princ, msg_ret, msg_len); + /* Solaris Kerberos */ + ret = kadm5_check_min_life(server_handle, princ, msg_ret, msg_len); if (ret) return ret; @@ -140,71 +141,10 @@ randkey_principal_wrapper(void *server_handle, krb5_principal princ, { kadm5_ret_t ret; - ret = check_min_life(server_handle, princ, NULL, 0); + /* Solaris Kerberos */ + ret = kadm5_check_min_life(server_handle, princ, NULL, 0); if (ret) return ret; return kadm5_randkey_principal(server_handle, princ, keys, n_keys); } - -kadm5_ret_t -check_min_life(void *server_handle, krb5_principal principal, - char *msg_ret, unsigned int msg_len) -{ - krb5_int32 now; - kadm5_ret_t ret; - kadm5_policy_ent_rec pol; - kadm5_principal_ent_rec princ; - kadm5_server_handle_t handle = server_handle; - - if (msg_ret != NULL) - *msg_ret = '\0'; - - ret = krb5_timeofday(handle->context, &now); - if (ret) - return ret; - - ret = kadm5_get_principal(handle->lhandle, principal, - &princ, KADM5_PRINCIPAL_NORMAL_MASK); - if(ret) - return ret; - if(princ.aux_attributes & KADM5_POLICY) { - if((ret=kadm5_get_policy(handle->lhandle, - princ.policy, &pol)) != KADM5_OK) { - (void) kadm5_free_principal_ent(handle->lhandle, &princ); - return ret; - } - if((now - princ.last_pwd_change) < pol.pw_min_life && - !(princ.attributes & KRB5_KDB_REQUIRES_PWCHANGE)) { - if (msg_ret != NULL) { - time_t until; - char *time_string, *ptr, *errstr; - - until = princ.last_pwd_change + pol.pw_min_life; - - time_string = ctime(&until); - errstr = (char *)error_message(CHPASS_UTIL_PASSWORD_TOO_SOON); - - if (strlen(errstr) + strlen(time_string) >= msg_len) { - *errstr = '\0'; - } else { - if (*(ptr = &time_string[strlen(time_string)-1]) == '\n') - *ptr = '\0'; - sprintf(msg_ret, errstr, time_string); - } - } - - (void) kadm5_free_policy_ent(handle->lhandle, &pol); - (void) kadm5_free_principal_ent(handle->lhandle, &princ); - return KADM5_PASS_TOOSOON; - } - - ret = kadm5_free_policy_ent(handle->lhandle, &pol); - if (ret) { - (void) kadm5_free_principal_ent(handle->lhandle, &princ); - return ret; - } - } - - return kadm5_free_principal_ent(handle->lhandle, &princ); -} |