xref: /illumos-gate/usr/src/lib/krb5/kdb/kdb_default.c (revision 54925bf6)
1*54925bf6Swillf /*
2*54925bf6Swillf  * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
3*54925bf6Swillf  * Use is subject to license terms.
4*54925bf6Swillf  */
5*54925bf6Swillf 
6*54925bf6Swillf #pragma ident	"%Z%%M%	%I%	%E% SMI"
7*54925bf6Swillf 
8*54925bf6Swillf /*
9*54925bf6Swillf  * lib/kdb/kdb_helper.c
10*54925bf6Swillf  *
11*54925bf6Swillf  * Copyright 1995 by the Massachusetts Institute of Technology.
12*54925bf6Swillf  * All Rights Reserved.
13*54925bf6Swillf  *
14*54925bf6Swillf  * Export of this software from the United States of America may
15*54925bf6Swillf  *   require a specific license from the United States Government.
16*54925bf6Swillf  *   It is the responsibility of any person or organization contemplating
17*54925bf6Swillf  *   export to obtain such a license before exporting.
18*54925bf6Swillf  *
19*54925bf6Swillf  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
20*54925bf6Swillf  * distribute this software and its documentation for any purpose and
21*54925bf6Swillf  * without fee is hereby granted, provided that the above copyright
22*54925bf6Swillf  * notice appear in all copies and that both that copyright notice and
23*54925bf6Swillf  * this permission notice appear in supporting documentation, and that
24*54925bf6Swillf  * the name of M.I.T. not be used in advertising or publicity pertaining
25*54925bf6Swillf  * to distribution of the software without specific, written prior
26*54925bf6Swillf  * permission.  Furthermore if you modify this software you must label
27*54925bf6Swillf  * your software as modified software and not distribute it in such a
28*54925bf6Swillf  * fashion that it might be confused with the original M.I.T. software.
29*54925bf6Swillf  * M.I.T. makes no representations about the suitability of
30*54925bf6Swillf  * this software for any purpose.  It is provided "as is" without express
31*54925bf6Swillf  * or implied warranty.
32*54925bf6Swillf  *
33*54925bf6Swillf  */
34*54925bf6Swillf 
35*54925bf6Swillf #include "k5-int.h"
36*54925bf6Swillf #include "kdb.h"
37*54925bf6Swillf #include <string.h>
38*54925bf6Swillf #include <stdio.h>
39*54925bf6Swillf #include <errno.h>
40*54925bf6Swillf #include <libintl.h>
41*54925bf6Swillf 
42*54925bf6Swillf 
43*54925bf6Swillf /*
44*54925bf6Swillf  * Given a particular enctype and optional salttype and kvno, find the
45*54925bf6Swillf  * most appropriate krb5_key_data entry of the database entry.
46*54925bf6Swillf  *
47*54925bf6Swillf  * If stype or kvno is negative, it is ignored.
48*54925bf6Swillf  * If kvno is 0 get the key which is maxkvno for the princ and matches
49*54925bf6Swillf  * the other attributes.
50*54925bf6Swillf  */
51*54925bf6Swillf krb5_error_code
krb5_dbe_def_search_enctype(kcontext,dbentp,start,ktype,stype,kvno,kdatap)52*54925bf6Swillf krb5_dbe_def_search_enctype(kcontext, dbentp, start, ktype, stype, kvno, kdatap)
53*54925bf6Swillf     krb5_context	kcontext;
54*54925bf6Swillf     krb5_db_entry	*dbentp;
55*54925bf6Swillf     krb5_int32		*start;
56*54925bf6Swillf     krb5_int32		ktype;
57*54925bf6Swillf     krb5_int32		stype;
58*54925bf6Swillf     krb5_int32		kvno;
59*54925bf6Swillf     krb5_key_data	**kdatap;
60*54925bf6Swillf {
61*54925bf6Swillf     int			i, idx;
62*54925bf6Swillf     int			maxkvno;
63*54925bf6Swillf     krb5_key_data	*datap;
64*54925bf6Swillf     krb5_error_code	ret;
65*54925bf6Swillf 
66*54925bf6Swillf     ret = 0;
67*54925bf6Swillf     if (kvno == -1 && stype == -1 && ktype == -1)
68*54925bf6Swillf 	kvno = 0;
69*54925bf6Swillf 
70*54925bf6Swillf     if (kvno == 0) {
71*54925bf6Swillf 	/* Get the max key version */
72*54925bf6Swillf 	for (i = 0; i < dbentp->n_key_data; i++) {
73*54925bf6Swillf 	    if (kvno < dbentp->key_data[i].key_data_kvno) {
74*54925bf6Swillf 		kvno = dbentp->key_data[i].key_data_kvno;
75*54925bf6Swillf 	    }
76*54925bf6Swillf 	}
77*54925bf6Swillf     }
78*54925bf6Swillf 
79*54925bf6Swillf     maxkvno = -1;
80*54925bf6Swillf     datap = (krb5_key_data *) NULL;
81*54925bf6Swillf     for (i = *start; i < dbentp->n_key_data; i++) {
82*54925bf6Swillf         krb5_boolean    similar;
83*54925bf6Swillf         krb5_int32      db_stype;
84*54925bf6Swillf 
85*54925bf6Swillf 	ret = 0;
86*54925bf6Swillf 	if (dbentp->key_data[i].key_data_ver > 1) {
87*54925bf6Swillf 	    db_stype = dbentp->key_data[i].key_data_type[1];
88*54925bf6Swillf 	} else {
89*54925bf6Swillf 	    db_stype = KRB5_KDB_SALTTYPE_NORMAL;
90*54925bf6Swillf 	}
91