Skip to content

Commit

Permalink
Move kadm5.acl code into kadmind
Browse files Browse the repository at this point in the history 
Only kadmind uses the kadm5.acl code, so move it from libkadm5srv into
kadmind.
  • Loading branch information
@greghudson
greghudson committed Jul 3, 2017
1 parent f8ed1bd commit 0a04159
Show file tree
Hide file tree
Showing 12 changed files with 81 additions and 104 deletions.
6 changes: 4 additions & 2 deletions src/kadmin/server/Makefile.in
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,10 @@ LOCALINCLUDES = -I$(top_srcdir)/lib/gssapi/generic \
-I$(BUILDTOP)/lib/gssapi/krb5 -I$(top_srcdir)/lib/kadm5/srv

PROG = kadmind
OBJS = kadm_rpc_svc.o server_stubs.o ovsec_kadmd.o schpw.o misc.o ipropd_svc.o
SRCS = kadm_rpc_svc.c server_stubs.c ovsec_kadmd.c schpw.c misc.c ipropd_svc.c
OBJS = auth_acl.o kadm_rpc_svc.o server_stubs.o ovsec_kadmd.o schpw.o misc.o \
ipropd_svc.o
SRCS = auth_acl.c kadm_rpc_svc.c server_stubs.c ovsec_kadmd.c schpw.c misc.c \
ipropd_svc.c

all: $(PROG)

Expand Down
18 changes: 2 additions & 16 deletions src/lib/kadm5/srv/server_acl.c → src/kadmin/server/auth_acl.c
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/* lib/kadm5/srv/server_acl.c */
/* kadmin/server/auth_acl.c */
/*
* Copyright 1995-2004, 2007, 2008 by the Massachusetts Institute of Technology.
* All Rights Reserved.
Expand Down Expand Up @@ -31,7 +31,7 @@
#include <kadm5/server_internal.h>
#include <kadm5/admin.h>
#include "adm_proto.h"
#include "server_acl.h"
#include "auth_acl.h"
#include <ctype.h>

typedef struct _acl_op_table {
Expand Down Expand Up @@ -808,17 +808,3 @@ kadm5int_acl_check(kcontext, caller, opmask, principal, restrictions)

return retval;
}

kadm5_ret_t
kadm5_get_privs(void *server_handle, long *privs)
{
CHECK_HANDLE(server_handle);

/* this is impossible to do with the current interface. For now,
return all privs, which will confuse some clients, but not
deny any access to users of "smart" clients which try to cache */

*privs = ~0;

return KADM5_OK;
}
2 changes: 1 addition & 1 deletion src/lib/kadm5/srv/server_acl.h → src/kadmin/server/auth_acl.h
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/* lib/kadm5/srv/server_acl.h */
/* kadmin/server/auth_acl.h */
/*
* Copyright 1995-2004, 2007, 2008 by the Massachusetts Institute of Technology.
* All Rights Reserved.
Expand Down
91 changes: 55 additions & 36 deletions src/kadmin/server/deps
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,26 @@
#
# Generated makefile dependencies follow.
#
$(OUTPRE)auth_acl.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssapi/gssapi_generic.h \
$(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/kadm5/admin.h \
$(BUILDTOP)/include/kadm5/admin_internal.h $(BUILDTOP)/include/kadm5/chpass_util_strings.h \
$(BUILDTOP)/include/kadm5/kadm_err.h $(BUILDTOP)/include/kadm5/server_internal.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/adm_proto.h \
$(top_srcdir)/include/gssrpc/auth.h $(top_srcdir)/include/gssrpc/auth_gss.h \
$(top_srcdir)/include/gssrpc/auth_unix.h $(top_srcdir)/include/gssrpc/clnt.h \
$(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/rpc.h \
$(top_srcdir)/include/gssrpc/rpc_msg.h $(top_srcdir)/include/gssrpc/svc.h \
$(top_srcdir)/include/gssrpc/svc_auth.h $(top_srcdir)/include/gssrpc/xdr.h \
$(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
$(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
$(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
$(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
$(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/kdb.h \
$(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
$(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
$(top_srcdir)/include/socket-utils.h auth_acl.c auth_acl.h
$(OUTPRE)kadm_rpc_svc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssapi/gssapi_ext.h \
$(BUILDTOP)/include/gssapi/gssapi_krb5.h $(BUILDTOP)/include/gssrpc/types.h \
Expand Down Expand Up @@ -29,28 +49,27 @@ $(OUTPRE)server_stubs.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/gssapi/gssapi_krb5.h $(BUILDTOP)/include/gssrpc/types.h \
$(BUILDTOP)/include/kadm5/admin.h $(BUILDTOP)/include/kadm5/admin_internal.h \
$(BUILDTOP)/include/kadm5/chpass_util_strings.h $(BUILDTOP)/include/kadm5/kadm_err.h \
$(BUILDTOP)/include/kadm5/kadm_rpc.h $(BUILDTOP)/include/kadm5/server_acl.h \
$(BUILDTOP)/include/kadm5/server_internal.h $(BUILDTOP)/include/krb5/krb5.h \
$(COM_ERR_DEPS) $(VERTO_DEPS) $(top_srcdir)/include/adm_proto.h \
$(top_srcdir)/include/gssrpc/auth.h $(top_srcdir)/include/gssrpc/auth_gss.h \
$(top_srcdir)/include/gssrpc/auth_unix.h $(top_srcdir)/include/gssrpc/clnt.h \
$(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/rpc.h \
$(top_srcdir)/include/gssrpc/rpc_msg.h $(top_srcdir)/include/gssrpc/svc.h \
$(top_srcdir)/include/gssrpc/svc_auth.h $(top_srcdir)/include/gssrpc/xdr.h \
$(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-thread.h \
$(top_srcdir)/include/kdb.h $(top_srcdir)/include/krb5.h \
$(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/net-server.h \
$(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
misc.h server_stubs.c
$(BUILDTOP)/include/kadm5/kadm_rpc.h $(BUILDTOP)/include/kadm5/server_internal.h \
$(BUILDTOP)/include/krb5/krb5.h $(COM_ERR_DEPS) $(VERTO_DEPS) \
$(top_srcdir)/include/adm_proto.h $(top_srcdir)/include/gssrpc/auth.h \
$(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \
$(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \
$(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \
$(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \
$(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/k5-platform.h \
$(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/kdb.h \
$(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/plugin.h \
$(top_srcdir)/include/net-server.h $(top_srcdir)/include/port-sockets.h \
$(top_srcdir)/include/socket-utils.h auth_acl.h misc.h \
server_stubs.c
$(OUTPRE)ovsec_kadmd.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssapi/gssapi_alloc.h \
$(BUILDTOP)/include/gssapi/gssapi_ext.h $(BUILDTOP)/include/gssrpc/types.h \
$(BUILDTOP)/include/kadm5/admin.h $(BUILDTOP)/include/kadm5/admin_internal.h \
$(BUILDTOP)/include/kadm5/chpass_util_strings.h $(BUILDTOP)/include/kadm5/kadm_err.h \
$(BUILDTOP)/include/kadm5/kadm_rpc.h $(BUILDTOP)/include/kadm5/server_acl.h \
$(BUILDTOP)/include/kadm5/server_internal.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(BUILDTOP)/lib/gssapi/generic/gssapi_err_generic.h \
$(BUILDTOP)/include/kadm5/kadm_rpc.h $(BUILDTOP)/include/kadm5/server_internal.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(BUILDTOP)/lib/gssapi/generic/gssapi_err_generic.h \
$(BUILDTOP)/lib/gssapi/krb5/gssapi_err_krb5.h $(COM_ERR_DEPS) \
$(VERTO_DEPS) $(top_srcdir)/include/adm_proto.h $(top_srcdir)/include/gssrpc/auth.h \
$(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_gssapi.h \
Expand All @@ -71,7 +90,7 @@ $(OUTPRE)ovsec_kadmd.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(top_srcdir)/lib/gssapi/generic/gssapiP_generic.h \
$(top_srcdir)/lib/gssapi/generic/gssapi_ext.h $(top_srcdir)/lib/gssapi/generic/gssapi_generic.h \
$(top_srcdir)/lib/gssapi/krb5/gssapiP_krb5.h $(top_srcdir)/lib/gssapi/krb5/gssapi_krb5.h \
misc.h ovsec_kadmd.c
auth_acl.h misc.h ovsec_kadmd.c
$(OUTPRE)schpw.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \
$(BUILDTOP)/include/kadm5/admin.h $(BUILDTOP)/include/kadm5/admin_internal.h \
Expand All @@ -97,23 +116,23 @@ $(OUTPRE)misc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \
$(BUILDTOP)/include/kadm5/admin.h $(BUILDTOP)/include/kadm5/admin_internal.h \
$(BUILDTOP)/include/kadm5/chpass_util_strings.h $(BUILDTOP)/include/kadm5/kadm_err.h \
$(BUILDTOP)/include/kadm5/server_acl.h $(BUILDTOP)/include/kadm5/server_internal.h \
$(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \
$(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(VERTO_DEPS) \
$(top_srcdir)/include/gssrpc/auth.h $(top_srcdir)/include/gssrpc/auth_gss.h \
$(top_srcdir)/include/gssrpc/auth_unix.h $(top_srcdir)/include/gssrpc/clnt.h \
$(top_srcdir)/include/gssrpc/rename.h $(top_srcdir)/include/gssrpc/rpc.h \
$(top_srcdir)/include/gssrpc/rpc_msg.h $(top_srcdir)/include/gssrpc/svc.h \
$(top_srcdir)/include/gssrpc/svc_auth.h $(top_srcdir)/include/gssrpc/xdr.h \
$(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \
$(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \
$(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \
$(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \
$(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/kdb.h \
$(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
$(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/net-server.h \
$(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
misc.c misc.h
$(BUILDTOP)/include/kadm5/server_internal.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(COM_ERR_DEPS) $(VERTO_DEPS) $(top_srcdir)/include/gssrpc/auth.h \
$(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \
$(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \
$(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \
$(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \
$(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/k5-buf.h \
$(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
$(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
$(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
$(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
$(top_srcdir)/include/kdb.h $(top_srcdir)/include/krb5.h \
$(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
$(top_srcdir)/include/net-server.h $(top_srcdir)/include/port-sockets.h \
$(top_srcdir)/include/socket-utils.h auth_acl.h misc.c \
misc.h
$(OUTPRE)ipropd_svc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssapi/gssapi_ext.h \
$(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/kadm5/admin.h \
Expand All @@ -131,5 +150,5 @@ $(OUTPRE)ipropd_svc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
$(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/kdb.h \
$(top_srcdir)/include/kdb_log.h $(top_srcdir)/include/krb5.h \
$(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/net-server.h \
$(top_srcdir)/lib/gssapi/krb5/gssapi_krb5.h $(top_srcdir)/lib/kadm5/srv/server_acl.h \
$(top_srcdir)/lib/gssapi/krb5/gssapi_krb5.h auth_acl.h \
ipropd_svc.c misc.h
2 changes: 1 addition & 1 deletion src/kadmin/server/ipropd_svc.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,6 @@
#include <kadm5/admin.h>
#include <kadm5/kadm_rpc.h>
#include <kadm5/server_internal.h>
#include <server_acl.h>
#include <adm_proto.h>
#include <string.h>
#include <gssapi_krb5.h>
Expand All @@ -25,6 +24,7 @@
#include <arpa/inet.h>
#include <netdb.h>
#include <kdb_log.h>
#include "auth_acl.h"
#include "misc.h"
#include "osconf.h"

Expand Down
2 changes: 1 addition & 1 deletion src/kadmin/server/misc.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,8 @@
#include <k5-int.h>
#include <kdb.h>
#include <kadm5/server_internal.h>
#include <kadm5/server_acl.h>
#include "misc.h"
#include "auth_acl.h"
#include "net-server.h"

/*
Expand Down
2 changes: 1 addition & 1 deletion src/kadmin/server/ovsec_kadmd.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,14 +51,14 @@
#include <gssrpc/auth_gssapi.h>
#include <kadm5/admin.h>
#include <kadm5/kadm_rpc.h>
#include <kadm5/server_acl.h>
#include <adm_proto.h>
#include "kdb_kt.h" /* for krb5_ktkdb_set_context */
#include <string.h>
#include "kadm5/server_internal.h" /* XXX for kadm5_server_handle_t */
#include <kdb_log.h>

#include "misc.h"
#include "auth_acl.h"

#if defined(NEED_DAEMON_PROTO)
int daemon(int, int);
Expand Down
2 changes: 1 addition & 1 deletion src/kadmin/server/server_stubs.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,10 +12,10 @@
#include <kadm5/admin.h>
#include <kadm5/kadm_rpc.h>
#include <kadm5/server_internal.h>
#include <kadm5/server_acl.h>
#include <syslog.h>
#include <adm_proto.h> /* krb5_klog_syslog */
#include "misc.h"
#include "auth_acl.h"

extern gss_name_t gss_changepw_name;
extern gss_name_t gss_oldchangepw_name;
Expand Down
20 changes: 1 addition & 19 deletions src/lib/kadm5/srv/Makefile.in
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,6 @@ SRCS = $(srcdir)/pwqual.c \
$(srcdir)/pwqual_princ.c \
$(srcdir)/svr_policy.c \
$(srcdir)/svr_principal.c \
$(srcdir)/server_acl.c \
$(srcdir)/server_kdb.c \
$(srcdir)/server_misc.c \
$(srcdir)/server_init.c \
Expand All @@ -48,7 +47,6 @@ OBJS = pwqual.$(OBJEXT) \
kadm5_hook.$(OBJEXT) \
svr_policy.$(OBJEXT) \
svr_principal.$(OBJEXT) \
server_acl.$(OBJEXT) \
server_kdb.$(OBJEXT) \
server_misc.$(OBJEXT) \
server_init.$(OBJEXT) \
Expand All @@ -65,31 +63,17 @@ STLIBOBJS = \
kadm5_hook.o \
svr_policy.o \
svr_principal.o \
server_acl.o \
server_kdb.o \
server_misc.o \
server_init.o \
svr_iters.o \
svr_chpass_util.o \
adb_xdr.o

all-unix: includes
all-unix: all-liblinks
all-windows: $(OBJS)

generate-files-mac: includes darwin.exports

includes: server_acl.h
if cmp $(srcdir)/server_acl.h \
$(BUILDTOP)/include/kadm5/server_acl.h >/dev/null 2>&1; then :; \
else \
(set -x; $(RM) $(BUILDTOP)/include/kadm5/server_acl.h; \
$(CP) $(srcdir)/server_acl.h \
$(BUILDTOP)/include/kadm5/server_acl.h) ; \
fi

clean-unix::
$(RM) $(BUILDTOP)/include/kadm5/server_acl.h
generate-files-mac: darwin.exports

check-windows:

Expand All @@ -104,8 +88,6 @@ install-unix:
(cd $(DESTDIR)$(KRB5_LIBDIR) && $(LN_S) lib$(LIBBASE)$(DEPLIBEXT) \
libkadm5srv$(DEPLIBEXT))

depend: includes

@lib_frag@
@libobj_frag@

21 changes: 0 additions & 21 deletions src/lib/kadm5/srv/deps
View file
Original file line number Diff line number Diff line change
Expand Up @@ -150,27 +150,6 @@ svr_principal.so svr_principal.po $(OUTPRE)svr_principal.$(OBJEXT): \
$(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/kadm5_hook_plugin.h \
$(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \
$(top_srcdir)/include/socket-utils.h svr_principal.c
server_acl.so server_acl.po $(OUTPRE)server_acl.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssapi/gssapi_generic.h $(BUILDTOP)/include/gssrpc/types.h \
$(BUILDTOP)/include/kadm5/admin.h $(BUILDTOP)/include/kadm5/admin_internal.h \
$(BUILDTOP)/include/kadm5/chpass_util_strings.h $(BUILDTOP)/include/kadm5/kadm_err.h \
$(BUILDTOP)/include/kadm5/server_internal.h $(BUILDTOP)/include/krb5/krb5.h \
$(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \
$(COM_ERR_DEPS) $(top_srcdir)/include/adm_proto.h $(top_srcdir)/include/gssrpc/auth.h \
$(top_srcdir)/include/gssrpc/auth_gss.h $(top_srcdir)/include/gssrpc/auth_unix.h \
$(top_srcdir)/include/gssrpc/clnt.h $(top_srcdir)/include/gssrpc/rename.h \
$(top_srcdir)/include/gssrpc/rpc.h $(top_srcdir)/include/gssrpc/rpc_msg.h \
$(top_srcdir)/include/gssrpc/svc.h $(top_srcdir)/include/gssrpc/svc_auth.h \
$(top_srcdir)/include/gssrpc/xdr.h $(top_srcdir)/include/k5-buf.h \
$(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \
$(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \
$(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \
$(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \
$(top_srcdir)/include/kdb.h $(top_srcdir)/include/krb5.h \
$(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \
$(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
server_acl.c server_acl.h
server_kdb.so server_kdb.po $(OUTPRE)server_kdb.$(OBJEXT): \
$(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \
$(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/kadm5/admin.h \
Expand Down
5 changes: 0 additions & 5 deletions src/lib/kadm5/srv/libkadm5srv_mit.exports
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,5 @@
_kadm5_check_handle
_kadm5_chpass_principal_util
kadm5int_acl_check
kadm5int_acl_check_krb
kadm5int_acl_finish
kadm5int_acl_impose_restrictions
kadm5int_acl_init
hist_princ
kadm5_set_use_password_server
kadm5_chpass_principal
Expand Down
14 changes: 14 additions & 0 deletions src/lib/kadm5/srv/server_misc.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -142,3 +142,17 @@ destroy_pwqual(kadm5_server_handle_t handle)
k5_pwqual_free_handles(handle->context, handle->qual_handles);
handle->qual_handles = NULL;
}

kadm5_ret_t
kadm5_get_privs(void *server_handle, long *privs)
{
CHECK_HANDLE(server_handle);

/* this is impossible to do with the current interface. For now,
return all privs, which will confuse some clients, but not
deny any access to users of "smart" clients which try to cache */

*privs = ~0;

return KADM5_OK;
}

0 comments on commit 0a04159

Please sign in to comment.