#include "k5-int.h"
#include <kadm5/admin.h>
#include "adm_proto.h"
#include <stdio.h>
#include <ctype.h>
static krb5_key_salt_tuple *copy_key_salt_tuple(ksalt, len)
krb5_key_salt_tuple *ksalt;
krb5_int32 len;
{
krb5_key_salt_tuple *knew;
if((knew = (krb5_key_salt_tuple *)
malloc((len ) * sizeof(krb5_key_salt_tuple)))) {
memcpy(knew, ksalt, len * sizeof(krb5_key_salt_tuple));
return knew;
}
return 0;
}
krb5_error_code
krb5_aprof_init(fname, envname, acontextp)
char *fname;
char *envname;
krb5_pointer *acontextp;
{
krb5_error_code kret;
profile_t profile;
const char *kdc_config;
size_t krb5_config_len, kdc_config_len;
char *profile_path;
char **filenames;
int i;
kret = krb5_get_default_config_files (&filenames);
if (kret)
return kret;
krb5_config_len = 0;
for (i = 0; filenames[i] != NULL; i++)
krb5_config_len += strlen(filenames[i]) + 1;
if (i > 0)
krb5_config_len--;
if (envname == NULL
|| (kdc_config = getenv(envname)) == NULL)
kdc_config = fname;
if (kdc_config == NULL)
kdc_config_len = 0;
else
kdc_config_len = strlen(kdc_config);
profile_path = malloc(2 + krb5_config_len + kdc_config_len);
if (profile_path == NULL) {
krb5_free_config_files(filenames);
return errno;
}
if (kdc_config_len)
strcpy(profile_path, kdc_config);
else
profile_path[0] = 0;
if (krb5_config_len)
for (i = 0; filenames[i] != NULL; i++) {
if (kdc_config_len || i)
strcat(profile_path, ":");
strcat(profile_path, filenames[i]);
}
krb5_free_config_files(filenames);
profile = (profile_t) NULL;
kret = profile_init_path(profile_path, &profile);
free(profile_path);
if (kret)
return kret;
*acontextp = profile;
return 0;
}
krb5_error_code
krb5_aprof_getvals(acontext, hierarchy, retdata)
krb5_pointer acontext;
const char **hierarchy;
char ***retdata;
{
return(profile_get_values((profile_t) acontext,
hierarchy,
retdata));
}
static krb5_error_code
string_to_boolean (const char *string, krb5_boolean *out)
{
static const char *const yes[] = { "y", "yes", "true", "t", "1", "on" };
static const char *const no[] = { "n", "no", "false", "f", "nil", "0", "off" };
int i;
for (i = 0; i < sizeof(yes)/sizeof(yes[0]); i++)
if (!strcasecmp(string, yes[i])) {
*out = 1;
return 0;
}
for (i = 0; i < sizeof(no)/sizeof(no[0]); i++)
if (!strcasecmp(string, no[i])) {
*out = 0;
return 0;
}
return PROF_BAD_BOOLEAN;
}
krb5_error_code
krb5_aprof_get_boolean(krb5_pointer acontext, const char **hierarchy,
int uselast, krb5_boolean *retdata)
{
krb5_error_code kret;
char **values;
char *valp;
int idx;
krb5_boolean val;
kret = krb5_aprof_getvals (acontext, hierarchy, &values);
if (kret)
return kret;
idx = 0;
if (uselast) {
while (values[idx])
idx++;
idx--;
}
valp = values[idx];
kret = string_to_boolean (valp, &val);
if (kret)
return kret;
*retdata = val;
return 0;
}
krb5_error_code
krb5_aprof_get_deltat(acontext, hierarchy, uselast, deltatp)
krb5_pointer acontext;
const char **hierarchy;
krb5_boolean uselast;
krb5_deltat *deltatp;
{
krb5_error_code kret;
char **values;
char *valp;
int idx;
if (!(kret = krb5_aprof_getvals(acontext, hierarchy, &values))) {
idx = 0;
if (uselast) {
for (idx=0; values[idx]; idx++);
idx--;
}
valp = values[idx];
kret = krb5_string_to_deltat(valp, deltatp);
for (idx=0; values[idx]; idx++)
krb5_xfree(values[idx]);
krb5_xfree(values);
}
return(kret);
}
krb5_error_code
krb5_aprof_get_string(acontext, hierarchy, uselast, stringp)
krb5_pointer acontext;
const char **hierarchy;
krb5_boolean uselast;
char **stringp;
{
krb5_error_code kret;
char **values;
int idx, i;
if (!(kret = krb5_aprof_getvals(acontext, hierarchy, &values))) {
idx = 0;
if (uselast) {
for (idx=0; values[idx]; idx++);
idx--;
}
*stringp = values[idx];
for (i=0; values[i]; i++)
if (i != idx)
krb5_xfree(values[i]);
krb5_xfree(values);
}
return(kret);
}
krb5_error_code
krb5_aprof_get_int32(acontext, hierarchy, uselast, intp)
krb5_pointer acontext;
const char **hierarchy;
krb5_boolean uselast;
krb5_int32 *intp;
{
krb5_error_code kret;
char **values;
int idx;
if (!(kret = krb5_aprof_getvals(acontext, hierarchy, &values))) {
idx = 0;
if (uselast) {
for (idx=0; values[idx]; idx++);
idx--;
}
if (sscanf(values[idx], "%d", intp) != 1)
kret = EINVAL;
for (idx=0; values[idx]; idx++)
krb5_xfree(values[idx]);
krb5_xfree(values);
}
return(kret);
}
krb5_error_code
krb5_aprof_finish(acontext)
krb5_pointer acontext;
{
profile_release(acontext);
return(0);
}
krb5_error_code kadm5_get_config_params(context, use_kdc_config,
params_in, params_out)
krb5_context context;
int use_kdc_config;
kadm5_config_params *params_in, *params_out;
{
char *filename;
char *envname;
char *lrealm;
krb5_pointer aprofile = 0;
const char *hierarchy[4];
char *svalue;
krb5_int32 ivalue;
krb5_deltat dtvalue;
kadm5_config_params params, empty_params;
krb5_error_code kret = 0;
memset((char *) ¶ms, 0, sizeof(params));
memset((char *) &empty_params, 0, sizeof(empty_params));
if (params_in == NULL) params_in = &empty_params;
if (params_in->mask & KADM5_CONFIG_REALM) {
lrealm = params.realm = strdup(params_in->realm);
if (params.realm)
params.mask |= KADM5_CONFIG_REALM;
} else {
kret = krb5_get_default_realm(context, &lrealm);
if (kret)
goto cleanup;
params.realm = lrealm;
params.mask |= KADM5_CONFIG_REALM;
}
if (use_kdc_config) {
filename = DEFAULT_KDC_PROFILE;
envname = KDC_PROFILE_ENV;
} else {
filename = DEFAULT_PROFILE_PATH;
envname = "KRB5_CONFIG";
}
if (context->profile_secure == TRUE) envname = 0;
kret = krb5_aprof_init(filename, envname, &aprofile);
if (kret)
goto cleanup;
hierarchy[0] = "realms";
hierarchy[1] = lrealm;
hierarchy[3] = (char *) NULL;
hierarchy[2] = "admin_server";
if (params_in->mask & KADM5_CONFIG_ADMIN_SERVER) {
params.admin_server = strdup(params_in->admin_server);
if (params.admin_server)
params.mask |= KADM5_CONFIG_ADMIN_SERVER;
} else if (aprofile &&
!krb5_aprof_get_string(aprofile, hierarchy, TRUE, &svalue)) {
params.admin_server = svalue;
params.mask |= KADM5_CONFIG_ADMIN_SERVER;
}
if (params.mask & KADM5_CONFIG_ADMIN_SERVER) {
char *p;
p = strchr(params.admin_server, ':');
if (p) {
params.kadmind_port = atoi(p+1);
params.mask |= KADM5_CONFIG_KADMIND_PORT;
*p = '\0';
}
}
hierarchy[2] = "database_name";
if (params_in->mask & KADM5_CONFIG_DBNAME) {
params.dbname = strdup(params_in->dbname);
if (params.dbname)
params.mask |= KADM5_CONFIG_DBNAME;
} else if (aprofile &&
!krb5_aprof_get_string(aprofile, hierarchy, TRUE, &svalue)) {
params.dbname = svalue;
params.mask |= KADM5_CONFIG_DBNAME;
} else {
params.dbname = strdup(DEFAULT_KDB_FILE);
if (params.dbname)
params.mask |= KADM5_CONFIG_DBNAME;
}
if (params.mask & KADM5_CONFIG_DBNAME) {
params.admin_dbname = (char *) malloc(strlen(params.dbname) + 7);
if (params.admin_dbname) {
sprintf(params.admin_dbname, "%s.kadm5", params.dbname);
params.mask |= KADM5_CONFIG_ADBNAME;
}
}
if (params.mask & KADM5_CONFIG_ADBNAME) {
params.admin_lockfile = (char *) malloc(strlen(params.admin_dbname)
+ 6);
if (params.admin_lockfile) {
sprintf(params.admin_lockfile, "%s.lock", params.admin_dbname);
params.mask |= KADM5_CONFIG_ADB_LOCKFILE;
}
}
hierarchy[2] = "admin_keytab";
if (params_in->mask & KADM5_CONFIG_ADMIN_KEYTAB) {
params.admin_keytab = strdup(params_in->admin_keytab);
if (params.admin_keytab)
params.mask |= KADM5_CONFIG_ADMIN_KEYTAB;
} else if (aprofile &&
!krb5_aprof_get_string(aprofile, hierarchy, TRUE, &svalue)) {
params.mask |= KADM5_CONFIG_ADMIN_KEYTAB;
params.admin_keytab = svalue;
} else if ((params.admin_keytab = (char *) getenv("KRB5_KTNAME"))) {
params.admin_keytab = strdup(params.admin_keytab);
if (params.admin_keytab)
params.mask |= KADM5_CONFIG_ADMIN_KEYTAB;
} else {
params.admin_keytab = strdup(DEFAULT_KADM5_KEYTAB);
if (params.admin_keytab)
params.mask |= KADM5_CONFIG_ADMIN_KEYTAB;
}
hierarchy[2] = "acl_file";
if (params_in->mask & KADM5_CONFIG_ACL_FILE) {
params.acl_file = strdup(params_in->acl_file);
if (params.acl_file)
params.mask |= KADM5_CONFIG_ACL_FILE;
} else if (aprofile &&
!krb5_aprof_get_string(aprofile, hierarchy, TRUE, &svalue)) {
params.mask |= KADM5_CONFIG_ACL_FILE;
params.acl_file = svalue;
} else {
params.acl_file = strdup(DEFAULT_KADM5_ACL_FILE);
if (params.acl_file)
params.mask |= KADM5_CONFIG_ACL_FILE;
}
hierarchy[2] = "dict_file";
if (params_in->mask & KADM5_CONFIG_DICT_FILE) {
params.dict_file = strdup(params_in->dict_file);
if (params.dict_file)
params.mask |= KADM5_CONFIG_DICT_FILE;
} else if (aprofile &&
!krb5_aprof_get_string(aprofile, hierarchy, TRUE, &svalue)) {
params.mask |= KADM5_CONFIG_DICT_FILE;
params.dict_file = svalue;
}
if (! (params.mask & KADM5_CONFIG_KADMIND_PORT)) {
hierarchy[2] = "kadmind_port";
if (params_in->mask & KADM5_CONFIG_KADMIND_PORT) {
params.mask |= KADM5_CONFIG_KADMIND_PORT;
params.kadmind_port = params_in->kadmind_port;
} else if (aprofile &&
!krb5_aprof_get_int32(aprofile, hierarchy, TRUE,
&ivalue)) {
params.kadmind_port = ivalue;
params.mask |= KADM5_CONFIG_KADMIND_PORT;
} else {
params.kadmind_port = DEFAULT_KADM5_PORT;
params.mask |= KADM5_CONFIG_KADMIND_PORT;
}
}
if (! (params.mask & KADM5_CONFIG_KPASSWD_PORT)) {
hierarchy[2] = "kpasswd_port";
if (params_in->mask & KADM5_CONFIG_KPASSWD_PORT) {
params.mask |= KADM5_CONFIG_KPASSWD_PORT;
params.kpasswd_port = params_in->kpasswd_port;
} else if (aprofile &&
!krb5_aprof_get_int32(aprofile, hierarchy, TRUE,
&ivalue)) {
params.kpasswd_port = ivalue;
params.mask |= KADM5_CONFIG_KPASSWD_PORT;
} else {
params.kpasswd_port = DEFAULT_KPASSWD_PORT;
params.mask |= KADM5_CONFIG_KPASSWD_PORT;
}
}
hierarchy[2] = "master_key_name";
if (params_in->mask & KADM5_CONFIG_MKEY_NAME) {
params.mkey_name = strdup(params_in->mkey_name);
if (params.mkey_name)
params.mask |= KADM5_CONFIG_MKEY_NAME;
} else if (aprofile &&
!krb5_aprof_get_string(aprofile, hierarchy, TRUE, &svalue)) {
params.mask |= KADM5_CONFIG_MKEY_NAME;
params.mkey_name = svalue;
}
hierarchy[2] = "master_key_type";
if (params_in->mask & KADM5_CONFIG_ENCTYPE) {
params.mask |= KADM5_CONFIG_ENCTYPE;
params.enctype = params_in->enctype;
} else if (aprofile &&
!krb5_aprof_get_string(aprofile, hierarchy, TRUE, &svalue)) {
if (!krb5_string_to_enctype(svalue, ¶ms.enctype)) {
params.mask |= KADM5_CONFIG_ENCTYPE;
krb5_xfree(svalue);
}
} else {
params.mask |= KADM5_CONFIG_ENCTYPE;
params.enctype = DEFAULT_KDC_ENCTYPE;
}
if (params_in->mask & KADM5_CONFIG_MKEY_FROM_KBD) {
params.mask |= KADM5_CONFIG_MKEY_FROM_KBD;
params.mkey_from_kbd = params_in->mkey_from_kbd;
}
hierarchy[2] = "key_stash_file";
if (params_in->mask & KADM5_CONFIG_STASH_FILE) {
params.stash_file = strdup(params_in->stash_file);
if (params.stash_file)
params.mask |= KADM5_CONFIG_STASH_FILE;
} else if (aprofile &&
!krb5_aprof_get_string(aprofile, hierarchy, TRUE, &svalue)) {
params.mask |= KADM5_CONFIG_STASH_FILE;
params.stash_file = svalue;
}
hierarchy[2] = "max_life";
if (params_in->mask & KADM5_CONFIG_MAX_LIFE) {
params.mask |= KADM5_CONFIG_MAX_LIFE;
params.max_life = params_in->max_life;
} else if (aprofile &&
!krb5_aprof_get_deltat(aprofile, hierarchy, TRUE, &dtvalue)) {
params.max_life = dtvalue;
params.mask |= KADM5_CONFIG_MAX_LIFE;
} else {
params.max_life = 24 * 60 * 60;
params.mask |= KADM5_CONFIG_MAX_LIFE;
}
hierarchy[2] = "max_renewable_life";
if (params_in->mask & KADM5_CONFIG_MAX_RLIFE) {
params.mask |= KADM5_CONFIG_MAX_RLIFE;
params.max_rlife = params_in->max_rlife;
} else if (aprofile &&
!krb5_aprof_get_deltat(aprofile, hierarchy, TRUE, &dtvalue)) {
params.max_rlife = dtvalue;
params.mask |= KADM5_CONFIG_MAX_RLIFE;
} else {
params.max_rlife = 0;
params.mask |= KADM5_CONFIG_MAX_RLIFE;
}
hierarchy[2] = "default_principal_expiration";
if (params_in->mask & KADM5_CONFIG_EXPIRATION) {
params.mask |= KADM5_CONFIG_EXPIRATION;
params.expiration = params_in->expiration;
} else if (aprofile &&
!krb5_aprof_get_string(aprofile, hierarchy, TRUE, &svalue)) {
if (!krb5_string_to_timestamp(svalue, ¶ms.expiration)) {
params.mask |= KADM5_CONFIG_EXPIRATION;
krb5_xfree(svalue);
}
} else {
params.mask |= KADM5_CONFIG_EXPIRATION;
params.expiration = 0;
}
hierarchy[2] = "default_principal_flags";
if (params_in->mask & KADM5_CONFIG_FLAGS) {
params.mask |= KADM5_CONFIG_FLAGS;
params.flags = params_in->flags;
} else if (aprofile &&
!krb5_aprof_get_string(aprofile, hierarchy, TRUE, &svalue)) {
char *sp, *ep, *tp;
sp = svalue;
params.flags = 0;
while (sp) {
if ((ep = strchr(sp, (int) ',')) ||
(ep = strchr(sp, (int) ' ')) ||
(ep = strchr(sp, (int) '\t'))) {
tp = ep - 1;
while (isspace((int) *tp) && (tp > sp)) {
*tp = '\0';
tp--;
}
*ep = '\0';
ep++;
while (isspace((int) *ep) && (*ep)) ep++;
}
if (krb5_string_to_flags(sp,
"+",
"-",
¶ms.flags))
break;
sp = ep;
}
if (!sp)
params.mask |= KADM5_CONFIG_FLAGS;
krb5_xfree(svalue);
} else {
params.mask |= KADM5_CONFIG_FLAGS;
params.flags = KRB5_KDB_DEF_FLAGS;
}
hierarchy[2] = "supported_enctypes";
if (params_in->mask & KADM5_CONFIG_ENCTYPES) {
if(params_in->keysalts) {
params.keysalts = copy_key_salt_tuple(params_in->keysalts,
params_in->num_keysalts);
if(params.keysalts) {
params.mask |= KADM5_CONFIG_ENCTYPES;
params.num_keysalts = params_in->num_keysalts;
}
} else {
params.mask |= KADM5_CONFIG_ENCTYPES;
params.keysalts = 0;
params.num_keysalts = params_in->num_keysalts;
}
} else {
svalue = NULL;
if (aprofile)
krb5_aprof_get_string(aprofile, hierarchy, TRUE, &svalue);
if (svalue == NULL)
svalue = strdup("des3-hmac-sha1:normal des-cbc-crc:normal");
params.keysalts = NULL;
params.num_keysalts = 0;
krb5_string_to_keysalts(svalue,
", \t",
":.-",
0,
¶ms.keysalts,
¶ms.num_keysalts);
if (params.num_keysalts)
params.mask |= KADM5_CONFIG_ENCTYPES;
if (svalue)
krb5_xfree(svalue);
}
*params_out = params;
cleanup:
if (aprofile)
krb5_aprof_finish(aprofile);
if (kret) {
kadm5_free_config_params(context, ¶ms);
params_out->mask = 0;
}
return(kret);
}
krb5_error_code
kadm5_free_config_params(context, params)
krb5_context context;
kadm5_config_params *params;
{
if (params) {
if (params->dbname)
krb5_xfree(params->dbname);
if (params->mkey_name)
krb5_xfree(params->mkey_name);
if (params->stash_file)
krb5_xfree(params->stash_file);
if (params->keysalts)
krb5_xfree(params->keysalts);
if (params->admin_server)
free(params->admin_server);
if (params->admin_keytab)
free(params->admin_keytab);
if (params->dict_file)
free(params->dict_file);
if (params->acl_file)
free(params->acl_file);
if (params->realm)
free(params->realm);
if (params->admin_dbname)
free(params->admin_dbname);
if (params->admin_lockfile)
free(params->admin_lockfile);
}
return(0);
}
krb5_error_code
kadm5_get_admin_service_name(krb5_context ctx,
char *realm_in,
char *admin_name,
size_t maxlen)
{
krb5_error_code ret;
kadm5_config_params params_in, params_out;
struct hostent *hp;
memset(¶ms_in, 0, sizeof(params_in));
memset(¶ms_out, 0, sizeof(params_out));
params_in.mask |= KADM5_CONFIG_REALM;
params_in.realm = realm_in;
ret = kadm5_get_config_params(ctx, 0, ¶ms_in, ¶ms_out);
if (ret)
return ret;
if (!(params_out.mask & KADM5_CONFIG_ADMIN_SERVER)) {
ret = KADM5_MISSING_KRB5_CONF_PARAMS;
goto err_params;
}
hp = gethostbyname(params_out.admin_server);
if (hp == NULL) {
ret = errno;
goto err_params;
}
if (strlen(hp->h_name) + sizeof("kadmin/") > maxlen) {
ret = ENOMEM;
goto err_params;
}
sprintf(admin_name, "kadmin/%s", hp->h_name);
err_params:
kadm5_free_config_params(ctx, ¶ms_out);
return ret;
}
krb5_error_code
krb5_read_realm_params(kcontext, realm, rparamp)
krb5_context kcontext;
char *realm;
krb5_realm_params **rparamp;
{
char *filename;
char *envname;
char *lrealm;
krb5_pointer aprofile = 0;
krb5_realm_params *rparams;
const char *hierarchy[4];
char *svalue;
krb5_int32 ivalue;
krb5_boolean bvalue;
krb5_deltat dtvalue;
char *kdcprofile = 0;
char *kdcenv = 0;
krb5_error_code kret;
filename = (kdcprofile) ? kdcprofile : DEFAULT_KDC_PROFILE;
envname = (kdcenv) ? kdcenv : KDC_PROFILE_ENV;
if (kcontext->profile_secure == TRUE) envname = 0;
rparams = (krb5_realm_params *) NULL;
if (realm)
lrealm = strdup(realm);
else {
kret = krb5_get_default_realm(kcontext, &lrealm);
if (kret)
goto cleanup;
}
kret = krb5_aprof_init(filename, envname, &aprofile);
if (kret)
goto cleanup;
rparams = (krb5_realm_params *) malloc(sizeof(krb5_realm_params));
if (rparams == 0) {
kret = ENOMEM;
goto cleanup;
}
memset((char *) rparams, 0, sizeof(krb5_realm_params));
hierarchy[0] = "realms";
hierarchy[1] = lrealm;
hierarchy[2] = "database_name";
hierarchy[3] = (char *) NULL;
if (!krb5_aprof_get_string(aprofile, hierarchy, TRUE, &svalue))
rparams->realm_dbname = svalue;
hierarchy[2] = "kdc_ports";
if (!krb5_aprof_get_string(aprofile, hierarchy, TRUE, &svalue))
rparams->realm_kdc_ports = svalue;
hierarchy[2] = "kdc_tcp_ports";
if (!krb5_aprof_get_string(aprofile, hierarchy, TRUE, &svalue))
rparams->realm_kdc_tcp_ports = svalue;
hierarchy[2] = "acl_file";
if (!krb5_aprof_get_string(aprofile, hierarchy, TRUE, &svalue))
rparams->realm_acl_file = svalue;
hierarchy[2] = "kadmind_port";
if (!krb5_aprof_get_int32(aprofile, hierarchy, TRUE, &ivalue)) {
rparams->realm_kadmind_port = ivalue;
rparams->realm_kadmind_port_valid = 1;
}
hierarchy[2] = "master_key_name";
if (!krb5_aprof_get_string(aprofile, hierarchy, TRUE, &svalue))
rparams->realm_mkey_name = svalue;
hierarchy[2] = "master_key_type";
if (!krb5_aprof_get_string(aprofile, hierarchy, TRUE, &svalue)) {
if (!krb5_string_to_enctype(svalue, &rparams->realm_enctype))
rparams->realm_enctype_valid = 1;
krb5_xfree(svalue);
}
hierarchy[2] = "key_stash_file";
if (!krb5_aprof_get_string(aprofile, hierarchy, TRUE, &svalue))
rparams->realm_stash_file = svalue;
hierarchy[2] = "max_life";
if (!krb5_aprof_get_deltat(aprofile, hierarchy, TRUE, &dtvalue)) {
rparams->realm_max_life = dtvalue;
rparams->realm_max_life_valid = 1;
}
hierarchy[2] = "max_renewable_life";
if (!krb5_aprof_get_deltat(aprofile, hierarchy, TRUE, &dtvalue)) {
rparams->realm_max_rlife = dtvalue;
rparams->realm_max_rlife_valid = 1;
}
hierarchy[2] = "default_principal_expiration";
if (!krb5_aprof_get_string(aprofile, hierarchy, TRUE, &svalue)) {
if (!krb5_string_to_timestamp(svalue,
&rparams->realm_expiration))
rparams->realm_expiration_valid = 1;
krb5_xfree(svalue);
}
hierarchy[2] = "reject_bad_transit";
if (!krb5_aprof_get_boolean(aprofile, hierarchy, TRUE, &bvalue)) {
rparams->realm_reject_bad_transit = bvalue;
rparams->realm_reject_bad_transit_valid = 1;
}
hierarchy[2] = "default_principal_flags";
if (!krb5_aprof_get_string(aprofile, hierarchy, TRUE, &svalue)) {
char *sp, *ep, *tp;
sp = svalue;
rparams->realm_flags = 0;
while (sp) {
if ((ep = strchr(sp, (int) ',')) ||
(ep = strchr(sp, (int) ' ')) ||
(ep = strchr(sp, (int) '\t'))) {
tp = ep - 1;
while (isspace((int) *tp) && (tp < sp)) {
*tp = '\0';
tp--;
}
*ep = '\0';
ep++;
while (isspace((int) *ep) && (*ep)) ep++;
}
if (krb5_string_to_flags(sp,
"+",
"-",
&rparams->realm_flags))
break;
sp = ep;
}
if (!sp)
rparams->realm_flags_valid = 1;
krb5_xfree(svalue);
}
rparams->realm_keysalts = NULL;
rparams->realm_num_keysalts = 0;
cleanup:
if (aprofile)
krb5_aprof_finish(aprofile);
if (lrealm)
free(lrealm);
if (kret) {
if (rparams)
krb5_free_realm_params(kcontext, rparams);
rparams = 0;
}
*rparamp = rparams;
return(kret);
}
krb5_error_code
krb5_free_realm_params(kcontext, rparams)
krb5_context kcontext;
krb5_realm_params *rparams;
{
if (rparams) {
if (rparams->realm_profile)
krb5_xfree(rparams->realm_profile);
if (rparams->realm_dbname)
krb5_xfree(rparams->realm_dbname);
if (rparams->realm_mkey_name)
krb5_xfree(rparams->realm_mkey_name);
if (rparams->realm_stash_file)
krb5_xfree(rparams->realm_stash_file);
if (rparams->realm_keysalts)
krb5_xfree(rparams->realm_keysalts);
if (rparams->realm_kdc_ports)
krb5_xfree(rparams->realm_kdc_ports);
if (rparams->realm_kdc_tcp_ports)
krb5_xfree(rparams->realm_kdc_tcp_ports);
if (rparams->realm_acl_file)
krb5_xfree(rparams->realm_acl_file);
krb5_xfree(rparams);
}
return(0);
}