118     int ret, limit = LDAP_NO_LIMIT;
120     ret = ldap_set_option(lp, LDAP_OPT_SIZELIMIT, (const void *)&limit);
121     if (ret != LDAP_SUCCESS) {
124 			       ldap_err2string(ret));
131 check_ldap(krb5_context context, HDB *db, int ret)
133     switch (ret) {
202     krb5_error_code ret;
205     ret = LDAP__setmod(modlist, modop | LDAP_MOD_BVALUES, attribute, &cMods);
206     if (ret)
207 	return ret;
242     krb5_error_code ret;
244     ret = LDAP__setmod(modlist, modop, attribute, &cMods);
245     if (ret)
246 	return ret;
292     krb5_error_code ret;
295     ret = asprintf(&buf, "%ld", l);
296     if (ret < 0) {
301     ret = LDAP_addmod(mods, modop, attribute, buf);
303     return ret;
336     krb5_error_code ret;
339     ret = LDAP_get_string_value(db, entry, attribute, &val);
340     if (ret)
341 	return ret;
353     int ret;
357     ret = LDAP_get_string_value(db, entry, attribute, &gentime);
358     if (ret)
359 	return ret;
386     krb5_error_code ret;
405 	ret = LDAP_message2entry(context, db, msg, 0, &orig);
406 	if (ret)
436 		ret = HDB_ERR_NOENTRY;
449 	ret = LDAP_addmod(&mods, LDAP_MOD_ADD, "objectClass", "top");
450 	if (ret)
455 	    ret = LDAP_addmod(&mods, LDAP_MOD_ADD, "objectClass",
458 	    if (ret)
462 	ret = LDAP_addmod(&mods, LDAP_MOD_ADD, "objectClass", "krb5Principal");
464 	if (ret)
467 	ret = LDAP_addmod(&mods, LDAP_MOD_ADD, "objectClass", "krb5KDCEntry");
469 	if (ret)
479 	    ret = krb5_unparse_name(context, ent->entry.principal, &tmp);
480 	    if (ret)
483 	    ret = LDAP_addmod(&mods, LDAP_MOD_REPLACE,
485 	    if (ret) {
493 	    ret = krb5_unparse_name_short(context, ent->entry.principal, &tmp);
494 	    if (ret)
496 	    ret = LDAP_addmod(&mods, LDAP_MOD_REPLACE, "uid", tmp);
497 	    if (ret) {
506 	ret = LDAP_addmod_integer(context, &mods, LDAP_MOD_REPLACE,
509 	if (ret)
516 	    ret = LDAP_addmod_generalized_time(&mods, LDAP_MOD_REPLACE,
519 	    if (ret)
527 		ret = LDAP_addmod_generalized_time(&mods, LDAP_MOD_REPLACE,
530 		if (ret)
534 		ret = LDAP_addmod_integer(context, &mods,  LDAP_MOD_REPLACE,
537 		if (ret)
546 		ret = LDAP_addmod_generalized_time(&mods, LDAP_MOD_REPLACE,
549 		if (ret)
554 		ret = LDAP_addmod_integer(context, &mods, LDAP_MOD_REPLACE,
557 		if (ret)
567 	    ret = LDAP_addmod_integer(context, &mods, LDAP_MOD_REPLACE,
570 	    if (ret)
580 	    ret = LDAP_addmod_integer(context, &mods, LDAP_MOD_REPLACE,
583 	    if (ret)
592 	    ret = LDAP_addmod_integer(context, &mods, LDAP_MOD_REPLACE,
595 	    if (ret)
605 	ret = LDAP_addmod_integer(context, &mods, LDAP_MOD_REPLACE,
608 	if (ret)
618 	    ret = LDAP_addmod(&mods, LDAP_MOD_DELETE, "krb5Key", NULL);
619 	    if (ret)
634 	    ret = hdb_unseal_key(context, db, &ent->entry.keys.val[i]);
635 	    if (ret)
640 	    ret = hex_encode(nt, 16, &ntHexPassword);
641 	    if (ret < 0) {
642 		ret = ENOMEM;
643 		krb5_set_error_message(context, ret, "hdb-ldap: failed to "
647 	    ret = LDAP_addmod(&mods, LDAP_MOD_REPLACE, "sambaNTPassword",
650 	    if (ret)
652 	    ret = LDAP_addmod_integer(context, &mods, LDAP_MOD_REPLACE,
654 	    if (ret)
661 		ret = LDAP_addmod(&mods, LDAP_MOD_DELETE,
663 		if (ret)
671 	    ASN1_MALLOC_ENCODE(Key, buf, buf_size, &ent->entry.keys.val[i], &len, ret);
672 	    if (ret)
678 	    ret = LDAP_addmod_len(&mods, LDAP_MOD_ADD, "krb5Key", buf, len);
679 	    if (ret)
696 		ret = LDAP_addmod(&mods, LDAP_MOD_DELETE, "krb5EncryptionType",
698 		if (ret)
712 		    ret = LDAP_addmod_integer(context, &mods, LDAP_MOD_ADD,
715 		    if (ret)
723     ret = 0;
727     if (ret == 0)
737     return ret;
744     krb5_error_code ret;
750     ret = LDAP_no_size_limit(context, HDB2LDAP(db));
751     if (ret)
759 	ret = HDB_ERR_NOENTRY;
760 	krb5_set_error_message(context, ret, "ldap_search_ext_s: "
768 	ret = HDB_ERR_NOENTRY;
772     ret = LDAP_get_string_value(db, e, "krb5PrincipalName", &p);
773     if (ret) {
774 	ret = HDB_ERR_NOENTRY;
778     ret = krb5_parse_name(context, p, principal);
785     return ret;
838     krb5_error_code ret;
842     ret = LDAP__connect(context, db);
843     if (ret)
844 	return ret;
851     ret = escape_value(context, princname, &quote);
852     if (ret)
861 	ret = ENOMEM;
862 	krb5_set_error_message(context, ret, "malloc: out of memory");
866     ret = LDAP_no_size_limit(context, HDB2LDAP(db));
867     if (ret)
876 	ret = HDB_ERR_NOENTRY;
877 	krb5_set_error_message(context, ret, "ldap_search_ext_s: "
889 	ret = escape_value(context, userid, &quote);
890 	if (ret)
898 	    ret = ENOMEM;
899 	    krb5_set_error_message(context, ret, "asprintf: out of memory");
903 	ret = LDAP_no_size_limit(context, HDB2LDAP(db));
904 	if (ret)
912 	    ret = HDB_ERR_NOENTRY;
913 	    krb5_set_error_message(context, ret,
920     ret = 0;
926     return ret;
934     krb5_error_code ret;
939     ret = krb5_unparse_name(context, princ, &name);
940     if (ret)
941 	return ret;
943     ret = krb5_get_default_realms(context, &r0);
944     if(ret) {
946 	return ret;
950 	    ret = krb5_unparse_name_short(context, princ, &name_short);
951 	    if (ret) {
954 		return ret;
961     ret = LDAP__lookup_princ(context, db, name, name_short, msg);
965     return ret;
979     int tmp, tmp_time, i, ret, have_arcfour = 0;
984     ret = LDAP_get_string_value(db, msg, "krb5PrincipalName", &unparsed_name);
985     if (ret == 0) {
986 	ret = krb5_parse_name(context, unparsed_name, &ent->entry.principal);
987 	if (ret)
990 	ret = LDAP_get_string_value(db, msg, "uid",
992 	if (ret == 0) {
993 	    ret = krb5_parse_name(context, unparsed_name, &ent->entry.principal);
994 	    if (ret)
1006 	ret = LDAP_get_integer_value(db, msg, "krb5KeyVersionNumber",
1008 	if (ret)
1022 	    ret = ENOMEM;
1023 	    krb5_set_error_message(context, ret, "calloc: out of memory");
1041 	ret = HDB_ERR_NOENTRY;
1052 	    ret = ENOMEM;
1053 	    krb5_set_error_message(context, ret,"malloc: out of memory");
1059 	    ret = ENOMEM;
1060 	    krb5_set_error_message(context, ret, "malloc: out of memory");
1069 		ret = ENOMEM;
1070 		krb5_set_error_message(context, ret, "malloc: out of memory");
1089     ret = LDAP_get_string_value(db, msg, "sambaNTPassword", &ntPasswordIN);
1090     if (ret == 0 && have_arcfour == 0) {
1099 	    ret = ENOMEM;
1100 	    krb5_set_error_message(context, ret, "malloc: out of memory");
1106 	ret = krb5_data_alloc (&ent->entry.keys.val[ent->entry.keys.len].key.keyvalue, 16);
1107 	if (ret) {
1108 	    krb5_set_error_message(context, ret, "malloc: out of memory");
1110 	    ret = ENOMEM;
1113 	ret = hex_decode(ntPasswordIN,
1120 		ret = ENOMEM;
1121 		krb5_set_error_message(context, ret, "malloc: out of memory");
1137 		ret = ENOMEM;
1138 		krb5_set_error_message(context, ret, "malloc: out of memory");
1148     ret = LDAP_get_generalized_time_value(db, msg, "createTimestamp",
1150     if (ret)
1156 	ret = LDAP_get_string_value(db, msg, "creatorsName", &dn);
1157 	if (ret == 0) {
1164 	    ret = ENOMEM;
1165 	    krb5_set_error_message(context, ret, "malloc: out of memory");
1169 	ret = LDAP_get_generalized_time_value(db, msg, "modifyTimestamp",
1171 	if (ret == 0) {
1172 	    ret = LDAP_get_string_value(db, msg, "modifiersName", &dn);
1173 	    if (ret == 0) {
1185 	ret = ENOMEM;
1186 	krb5_set_error_message(context, ret, "malloc: out of memory");
1189     ret = LDAP_get_generalized_time_value(db, msg, "krb5ValidStart",
1191     if (ret) {
1199 	ret = ENOMEM;
1200 	krb5_set_error_message(context, ret, "malloc: out of memory");
1203     ret = LDAP_get_generalized_time_value(db, msg, "krb5ValidEnd",
1205     if (ret) {
1211     ret = LDAP_get_integer_value(db, msg, "sambaKickoffTime", &tmp_time);
1212     if (ret == 0) {
1216  		ret = ENOMEM;
1217  		krb5_set_error_message(context, ret, "malloc: out of memory");
1226 	ret = ENOMEM;
1227 	krb5_set_error_message(context, ret, "malloc: out of memory");
1230     ret = LDAP_get_generalized_time_value(db, msg, "krb5PasswordEnd",
1232     if (ret) {
1238     ret = LDAP_get_integer_value(db, msg, "sambaPwdLastSet", &tmp_time);
1239     if (ret == 0) {
1245                 ret = ENOMEM;
1246                 krb5_set_error_message(context, ret, "malloc: out of memory");
1259     ret = LDAP_get_integer_value(db, msg, "sambaPwdMustChange", &tmp_time);
1260     if (ret == 0) {
1264 		ret = ENOMEM;
1265 		krb5_set_error_message(context, ret, "malloc: out of memory");
1273     ret = LDAP_get_integer_value(db, msg, "sambaPwdLastSet", &tmp_time);
1274     if (ret == 0)
1282 	    ret = ENOMEM;
1283 	    krb5_set_error_message(context, ret, "malloc: out of memory");
1286 	ret = LDAP_get_integer_value(db, msg, "krb5MaxLife", &max_life);
1287 	if (ret) {
1299 	    ret = ENOMEM;
1300 	    krb5_set_error_message(context, ret, "malloc: out of memory");
1303 	ret = LDAP_get_integer_value(db, msg, "krb5MaxRenew", &max_renew);
1304 	if (ret) {
1311     ret = LDAP_get_integer_value(db, msg, "krb5KDCFlags", &tmp);
1312     if (ret)
1318     ret = LDAP_get_string_value(db, msg, "sambaAcctFlags", &samba_acct_flags);
1319     if (ret == 0) {
1397     ret = 0;
1403     if (ret)
1406     return ret;
1436     krb5_error_code ret;
1448 	    ret = 0;
1452 	    ret = LDAP_message2entry(context, db, e, flags, entry);
1460 	    ret = HDB_ERR_NOENTRY;
1463 	        krb5_set_error_message(context, ret, "ldap_parse_result: %s",
1473 	    ret = ENETDOWN;
1479 	    ret = HDB_ERR_NOENTRY;
1485     if (ret == 0) {
1487 	    ret = hdb_unseal_keys(context, db, &entry->entry);
1488 	    if (ret)
1493     return ret;
1500     krb5_error_code ret;
1503     ret = LDAP__connect(context, db);
1504     if (ret)
1505 	return ret;
1507     ret = LDAP_no_size_limit(context, HDB2LDAP(db));
1508     if (ret)
1509 	return ret;
1511     ret = ldap_search_ext(HDB2LDAP(db), HDB2BASE(db),
1611     krb5_error_code ret;
1613     ret = LDAP_principal2message(context, db, principal, &msg);
1614     if (ret)
1615 	return ret;
1619 	ret = HDB_ERR_NOENTRY;
1623     ret = LDAP_message2entry(context, db, e, flags, entry);
1624     if (ret == 0) {
1626 	    ret = hdb_unseal_keys(context, db, &entry->entry);
1627 	    if (ret)
1635     return ret;
1651     krb5_error_code ret;
1657     ret = LDAP_principal2message(context, db, entry->entry.principal, &msg);
1658     if (ret == 0)
1661     ret = krb5_unparse_name(context, entry->entry.principal, &name);
1662     if (ret) {
1664 	return ret;
1667     ret = hdb_seal_keys(context, db, &entry->entry);
1668     if (ret)
1672     ret = LDAP_entry2mods(context, db, entry, e, &mods);
1673     if (ret)
1677 	ret = asprintf(&dn, "krb5PrincipalName=%s,%s", name, HDB2CREATE(db));
1678 	if (ret < 0) {
1679 	    ret = ENOMEM;
1680 	    krb5_set_error_message(context, ret, "asprintf: out of memory");
1688 	ret = HDB_ERR_EXISTS;
1707 	ret = HDB_ERR_CANT_LOCK_DB;
1708 	krb5_set_error_message(context, ret, "%s: %s (DN=%s) %s: %s",
1711 	ret = 0;
1724     return ret;
1730     krb5_error_code ret;
1735     ret = LDAP_principal2message(context, db, principal, &msg);
1736     if (ret)
1741 	ret = HDB_ERR_NOENTRY;
1747 	ret = HDB_ERR_NOENTRY;
1753 	ret = HDB_ERR_BADVERSION;
1754 	krb5_set_error_message(context, ret, "ldap_set_option: %s",
1761 	ret = HDB_ERR_CANT_LOCK_DB;
1762 	krb5_set_error_message(context, ret, "ldap_delete_ext_s: %s",
1765 	ret = 0;
1773     return ret;
1779     krb5_error_code ret;
1783     ret = hdb_clear_master_key(context, db);
1795     return ret;
1906     krb5_error_code ret;
1925     ret = hdb_ldap_common(context, db, search_base, p);
1927     return ret;

Indexes created Tue Sep 03 12:52:19 MDT 2024