--- src/kadmin/server/misc.c.orig Mon Jul 22 16:28:55 1996 +++ src/kadmin/server/misc.c Mon Oct 7 09:46:13 2002 @@ -14,7 +14,7 @@ #include "misc.h" /* - * Function: chpass_principal_wrapper + * Function: chpass_principal_wrapper_3 * * Purpose: wrapper to kadm5_chpass_principal that checks to see if * pw_min_life has been reached. if not it returns an error. @@ -23,6 +23,10 @@ * Arguments: * principal (input) krb5_principals whose password we are * changing + * keepold (input) whether to preserve old keys + * n_ks_tuple (input) the number of key-salt tuples in ks_tuple + * ks_tuple (input) array of tuples indicating the caller's + * requested enctypes/salttypes * passoword (input) passowrd we are going to change to. * 0 on sucsess error code on failure. * @@ -35,8 +39,12 @@ * */ kadm5_ret_t -chpass_principal_wrapper(void *server_handle, - krb5_principal principal, char *password) +chpass_principal_wrapper_3(void *server_handle, + krb5_principal principal, + krb5_boolean keepold, + int n_ks_tuple, + krb5_key_salt_tuple *ks_tuple, + char *password) { krb5_int32 now; kadm5_ret_t ret; @@ -72,12 +80,14 @@ if (ret = kadm5_free_principal_ent(handle->lhandle, &princ)) return ret; - return kadm5_chpass_principal(server_handle, principal, password); + return kadm5_chpass_principal_3(server_handle, principal, + keepold, n_ks_tuple, ks_tuple, + password); } /* - * Function: randkey_principal_wrapper + * Function: randkey_principal_wrapper_3 * * Purpose: wrapper to kadm5_randkey_principal which checks the passwords min. life. @@ -85,6 +95,10 @@ * Arguments: * principal (input) krb5_principal whose password we are * changing + * keepold (input) whether to preserve old keys + * n_ks_tuple (input) the number of key-salt tuples in ks_tuple + * ks_tuple (input) array of tuples indicating the caller's + * requested enctypes/salttypes * key (output) new random key * 0, error code on error. * @@ -96,9 +110,12 @@ * */ kadm5_ret_t -randkey_principal_wrapper(void *server_handle, - krb5_principal principal, - krb5_keyblock **keys, int *n_keys) +randkey_principal_wrapper_3(void *server_handle, + krb5_principal principal, + krb5_boolean keepold, + int n_ks_tuple, + krb5_key_salt_tuple *ks_tuple, + krb5_keyblock **keys, int *n_keys) { krb5_int32 now; @@ -134,5 +151,7 @@ } if (ret = kadm5_free_principal_ent(handle->lhandle, &princ)) return ret; - return kadm5_randkey_principal(server_handle, principal, keys, n_keys); + return kadm5_randkey_principal_3(server_handle, principal, + keepold, n_ks_tuple, ks_tuple, + keys, n_keys); } --- src/kadmin/server/server_stubs.c.orig Mon Aug 12 18:55:58 2002 +++ src/kadmin/server/server_stubs.c Mon Oct 7 09:48:27 2002 @@ -683,8 +683,8 @@ } if (cmp_gss_krb5_name(handle, rqstp->rq_clntcred, arg->princ)) { - ret.code = chpass_principal_wrapper((void *)handle, arg->princ, - arg->pass); + ret.code = chpass_principal_wrapper_3((void *)handle, arg->princ, + FALSE, 0, NULL, arg->pass); } else if (!(CHANGEPW_SERVICE(rqstp)) && acl_check(handle->context, rqstp->rq_clntcred, ACL_CHANGEPW, arg->princ, NULL)) { @@ -744,8 +744,11 @@ } if (cmp_gss_krb5_name(handle, rqstp->rq_clntcred, arg->princ)) { - ret.code = chpass_principal_wrapper((void *)handle, arg->princ, - arg->pass); + ret.code = chpass_principal_wrapper_3((void *)handle, arg->princ, + arg->keepold, + arg->n_ks_tuple, + arg->ks_tuple, + arg->pass); } else if (!(CHANGEPW_SERVICE(rqstp)) && acl_check(handle->context, rqstp->rq_clntcred, ACL_CHANGEPW, arg->princ, NULL)) { @@ -991,8 +994,8 @@ } if (cmp_gss_krb5_name(handle, rqstp->rq_clntcred, arg->princ)) { - ret.code = randkey_principal_wrapper((void *)handle, - arg->princ, &k, &nkeys); + ret.code = randkey_principal_wrapper_3((void *)handle, arg->princ, + FALSE, 0, NULL, &k, &nkeys); } else if (!(CHANGEPW_SERVICE(rqstp)) && acl_check(handle->context, rqstp->rq_clntcred, ACL_CHANGEPW, arg->princ, NULL)) { @@ -1067,8 +1070,11 @@ } if (cmp_gss_krb5_name(handle, rqstp->rq_clntcred, arg->princ)) { - ret.code = randkey_principal_wrapper((void *)handle, - arg->princ, &k, &nkeys); + ret.code = randkey_principal_wrapper_3((void *)handle, arg->princ, + arg->keepold, + arg->n_ks_tuple, + arg->ks_tuple, + &k, &nkeys); } else if (!(CHANGEPW_SERVICE(rqstp)) && acl_check(handle->context, rqstp->rq_clntcred, ACL_CHANGEPW, arg->princ, NULL)) {