Bug Summary

File:src/shisa.c
Warning:line 102, column 35
Access to field 'etype' results in a dereference of a null pointer (loaded from variable 'dbkey')

Annotated Source Code

Press '?' to see keyboard shortcuts

clang -cc1 -cc1 -triple x86_64-redhat-linux-gnu -analyze -disable-free -clear-ast-before-backend -disable-llvm-verifier -discard-value-names -main-file-name shisa.c -analyzer-store=region -analyzer-opt-analyze-nested-blocks -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -mrelocation-model static -mframe-pointer=none -fmath-errno -ffp-contract=on -fno-rounding-math -mconstructor-aliases -funwind-tables=2 -target-cpu x86-64 -tune-cpu generic -debugger-tuning=gdb -fcoverage-compilation-dir=/builds/gsasl/shishi/src -resource-dir /usr/lib64/clang/14.0.0 -D HAVE_CONFIG_H -I . -I .. -I ./gl -I ./gl -I ../lib/gl -I ../lib/gl -I ../lib -I ../lib -I ../db -D LOCALEDIR="/usr/local/share/locale" -D SYSTEMCFGFILE="/usr/local/etc/shishi/shishi.conf" -D HOSTKEYSFILE="/usr/local/etc/shishi/shishi.keys" -internal-isystem /usr/lib64/clang/14.0.0/include -internal-isystem /usr/local/include -internal-isystem /usr/bin/../lib/gcc/x86_64-redhat-linux/12/../../../../x86_64-redhat-linux/include -internal-externc-isystem /include -internal-externc-isystem /usr/include -O2 -fdebug-compilation-dir=/builds/gsasl/shishi/src -ferror-limit 19 -fgnuc-version=4.2.1 -vectorize-loops -vectorize-slp -analyzer-output=html -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /builds/gsasl/shishi/clang-analyzer/2022-08-08-065803-50050-1 -x c shisa.c
1/* shisa.c --- Command line interface to Shishi database.
2 * Copyright (C) 2003-2022 Simon Josefsson
3 *
4 * This file is part of Shishi.
5 *
6 * Shishi is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
10 *
11 * Shishi is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with Shishi; if not, see http://www.gnu.org/licenses or write
18 * to the Free Software Foundation, Inc., 51 Franklin Street, Fifth
19 * Floor, Boston, MA 02110-1301, USA
20 *
21 */
22
23#if HAVE_CONFIG_H1
24# include "config.h"
25#endif
26
27#include <stdio.h>
28#include <stdlib.h>
29#include <stdarg.h>
30#include <string.h>
31#include <ctype.h>
32#include <inttypes.h>
33
34/* Setup i18n. */
35#include <locale.h>
36#include <gettext.h>
37#define _(String)dcgettext (((void*)0), String, 5) gettext (String)dcgettext (((void*)0), String, 5)
38
39/* Gnulib helpers. */
40#include "xvasprintf.h"
41#include "xgethostname.h"
42#include "progname.h"
43#include "error.h"
44#include "version-etc.h"
45
46/* Shishi and Shisa library. */
47#include <shisa.h>
48#include <shishi.h>
49
50/* Command line parameter parser via gengetopt. */
51#include "shisa_cmd.h"
52
53/* Global variables. */
54Shishi *sh;
55Shisa *dbh;
56struct gengetopt_args_info args;
57
58static void
59printfield (const char *fieldname, const char *value)
60{
61 printf ("\t\t%s %s.\n", fieldname, value);
62}
63
64static void
65printtimefield (const char *fieldname, time_t t)
66{
67 char *p = ctime (&t);
68 p[strlen (p) - 1] = '\0';
69 printfield (fieldname, t == (time_t) - 1 ? "N/A" : p);
70}
71
72static void
73printintfield (const char *fieldname, int num)
74{
75 char *p = xasprintf ("%d (0x%x)", num, (unsigned) num);
76 printfield (fieldname, p);
77 free (p);
78}
79
80static void
81printuint32field (const char *fieldname, uint32_t num)
82{
83 char *p = xasprintf ("%" PRIu32"u" " (0x%x)", num, num);
84 printfield (fieldname, p);
85 free (p);
86}
87
88static void
89print3field (const char *fieldname, const char *text, uint32_t num)
90{
91 char *p = xasprintf ("%s (0x%x, %" PRIu32"u" ")", text, num, num);
92 printfield (fieldname, p);
93 free (p);
94}
95
96static void
97printdbkey (const char *realm, const char *principal, Shisa_key * dbkey)
98{
99 Shishi_key *key;
100 int rc;
101
102 rc = shishi_key_from_value (sh, dbkey->etype, dbkey->key, &key);
38
Access to field 'etype' results in a dereference of a null pointer (loaded from variable 'dbkey')
103 if (rc == SHISHI_OK)
104 {
105 shishi_key_realm_set (key, realm);
106 shishi_key_principal_set (key, principal);
107 shishi_key_print (sh, stdoutstdout, key);
108 }
109 else
110 error (0, 0, "shishi_key_from_value (%d):\n%s", rc, shishi_strerror (rc));
111}
112
113static int
114dumplist_realm_principal (const char *realm, const char *principal)
115{
116 Shisa_principal ph;
117 int rc;
118
119 if (args.dump_given || args.enabled_flag || args.disabled_flag)
120 {
121 rc = shisa_principal_find (dbh, realm, principal, &ph);
122 if (rc != SHISA_OK)
123 {
124 error (0, 0, "shishi_principal_find (%d):\n%s",
125 rc, shisa_strerror (rc));
126 return rc;
127 }
128
129 if (args.enabled_flag && ph.isdisabled)
130 return SHISA_OK;
131
132 if (args.disabled_flag && !ph.isdisabled)
133 return SHISA_OK;
134 }
135
136 printf ("\t%s\n", principal);
137
138 if (args.dump_given)
139 {
140 Shisa_key **keys;
141 size_t nkeys;
142 size_t i;
143
144 printfield (_("Account is")dcgettext (((void*)0), "Account is", 5),
145 ph.isdisabled ? _("DISABLED")dcgettext (((void*)0), "DISABLED", 5) : _("enabled")dcgettext (((void*)0), "enabled", 5));
146 printuint32field (_("Current key version")dcgettext (((void*)0), "Current key version", 5), ph.kvno);
147 if (ph.notusedbefore != (time_t) - 1)
148 printtimefield (_("Account not valid before")dcgettext (((void*)0), "Account not valid before", 5), ph.notusedbefore);
149 if (ph.lastinitialtgt != (time_t) - 1)
150 printtimefield (_("Last initial TGT request at")dcgettext (((void*)0), "Last initial TGT request at", 5), ph.lastinitialtgt);
151 if (ph.lastinitialrequest != (time_t) - 1)
152 printtimefield (_("Last initial request at")dcgettext (((void*)0), "Last initial request at", 5), ph.lastinitialrequest);
153 if (ph.lasttgt != (time_t) - 1)
154 printtimefield (_("Last TGT request at")dcgettext (((void*)0), "Last TGT request at", 5), ph.lasttgt);
155 if (ph.lastrenewal != (time_t) - 1)
156 printtimefield (_("Last ticket renewal at")dcgettext (((void*)0), "Last ticket renewal at", 5), ph.lastrenewal);
157 if (ph.passwordexpire != (time_t) - 1)
158 printtimefield (_("Password expire on")dcgettext (((void*)0), "Password expire on", 5), ph.passwordexpire);
159 if (ph.accountexpire != (time_t) - 1)
160 printtimefield (_("Account expire on")dcgettext (((void*)0), "Account expire on", 5), ph.accountexpire);
161
162 rc = shisa_keys_find (dbh, realm, principal, NULL((void*)0), &keys, &nkeys);
163 if (rc != SHISA_OK)
164 {
165 error (0, 0, "shishi_keys_find(%s, %s) (%d):\n%s",
166 realm, principal, rc, shisa_strerror (rc));
167 return rc;
168 }
169
170 for (i = 0; i < nkeys; i++)
171 if (keys[i])
172 {
173 printintfield (_("Key")dcgettext (((void*)0), "Key", 5), i);
174
175 print3field (_("\tEtype")dcgettext (((void*)0), "\tEtype", 5), shishi_cipher_name (keys[i]->etype),
176 keys[i]->etype);
177 if (keys[i]->priority > 0)
178 printintfield (_("\tPriority")dcgettext (((void*)0), "\tPriority", 5), keys[i]->priority);
179 if (args.keys_given)
180 printdbkey (realm, principal, keys[i]);
181 if (keys[i]->saltlen > 0)
182 printfield (_("\tSalt")dcgettext (((void*)0), "\tSalt", 5), keys[i]->salt);
183 if (keys[i]->str2keyparamlen > 0)
184 printfield (_("\tS2K params")dcgettext (((void*)0), "\tS2K params", 5), keys[i]->str2keyparam);
185 if (args.keys_given)
186 if (keys[i]->password)
187 printfield (_("\tPassword")dcgettext (((void*)0), "\tPassword", 5), keys[i]->password);
188 }
189 else
190 printfield (_("\tKey is")dcgettext (((void*)0), "\tKey is", 5), _("MISSING")dcgettext (((void*)0), "MISSING", 5));
191
192 shisa_keys_free (dbh, keys, nkeys);
193 }
194
195 return SHISA_OK;
196}
197
198static int
199dumplist_realm (const char *realm)
200{
201 char **principals;
202 size_t nprincipals;
203 size_t i;
204 int rc;
205
206 printf ("%s\n", realm);
207
208 rc = shisa_enumerate_principals (dbh, realm, &principals, &nprincipals);
209 if (rc != SHISA_OK)
210 return rc;
211
212 for (i = 0; i < nprincipals; i++)
213 {
214 if (rc == SHISA_OK)
215 rc = dumplist_realm_principal (realm, principals[i]);
216 free (principals[i]);
217 }
218 if (nprincipals > 0)
219 free (principals);
220
221 return rc;
222}
223
224static int
225dumplist (void)
226{
227 int rc;
228
229 if (args.inputs_num == 1)
230 rc = dumplist_realm (args.inputs[0]);
231 else if (args.inputs_num == 2)
232 {
233 char *realm = args.inputs[0];
234 char *principal = args.inputs[1];
235 printf ("%s\n", realm);
236 rc = dumplist_realm_principal (realm, principal);
237 }
238 else
239 {
240 char **realms;
241 size_t nrealms;
242 size_t i;
243
244 rc = shisa_enumerate_realms (dbh, &realms, &nrealms);
245 if (rc != SHISA_OK)
246 return rc;
247
248 for (i = 0; i < nrealms; i++)
249 {
250 if (rc == SHISA_OK)
251 rc = dumplist_realm (realms[i]);
252 free (realms[i]);
253 }
254 if (nrealms > 0)
255 free (realms);
256 }
257
258 return rc;
259}
260
261static void
262add (const char *realm, const char *principal,
263 Shisa_principal * ph, Shisa_key * key)
264{
265 int rc;
266
267 if (principal
30.1
'principal' is equal to NULL
== NULL((void*)0))
31
Taking true branch
268 printf (_("Adding realm `%s'...\n")dcgettext (((void*)0), "Adding realm `%s'...\n", 5), realm);
269 else
270 printf (_("Adding principal `%s@%s'...\n")dcgettext (((void*)0), "Adding principal `%s@%s'...\n", 5), principal, realm);
271
272 rc = shisa_principal_add (dbh, realm, principal, ph, key);
273 if (rc != SHISA_OK)
32
Assuming 'rc' is equal to SHISA_OK
33
Taking false branch
274 error (EXIT_FAILURE1, 0, "shisa_principal_add (%d):\n%s",
275 rc, shisa_strerror (rc));
276
277 if (args.keys_given)
34
Assuming field 'keys_given' is not equal to 0
35
Taking true branch
278 printdbkey (realm, principal, key);
36
Passing null pointer value via 3rd parameter 'dbkey'
37
Calling 'printdbkey'
279
280 if (principal == NULL((void*)0))
281 printf (_("Adding realm `%s'...done\n")dcgettext (((void*)0), "Adding realm `%s'...done\n", 5), realm);
282 else
283 printf (_("Adding principal `%s@%s'...done\n")dcgettext (((void*)0), "Adding principal `%s@%s'...done\n", 5
)
, principal, realm);
284}
285
286static void
287delete (const char *realm, const char *principal)
288{
289 int rc;
290
291 if (principal == NULL((void*)0) && args.force_flag)
292 {
293 char **principals;
294 size_t nprincipals;
295 size_t i;
296
297 rc = shisa_enumerate_principals (dbh, realm, &principals, &nprincipals);
298 if (rc != SHISA_OK)
299 error (EXIT_FAILURE1, 0, "shisa_enumerate_principals (%d):\n%s",
300 rc, shisa_strerror (rc));
301
302 for (i = 0; i < nprincipals; i++)
303 if (principals[i])
304 {
305 delete (realm, principals[i]);
306 free (principals[i]);
307 }
308
309 if (nprincipals > 0)
310 free (principals);
311 }
312
313 if (principal == NULL((void*)0))
314 printf (_("Removing realm `%s'...\n")dcgettext (((void*)0), "Removing realm `%s'...\n", 5), realm);
315 else
316 printf (_("Removing principal `%s@%s'...\n")dcgettext (((void*)0), "Removing principal `%s@%s'...\n", 5), principal, realm);
317
318 rc = shisa_principal_remove (dbh, realm, principal);
319 if (rc != SHISA_OK)
320 error (EXIT_FAILURE1, 0, "shisa_principal_remove (%d):\n%s",
321 rc, shisa_strerror (rc));
322
323 if (principal == NULL((void*)0))
324 printf (_("Removing realm `%s'...done\n")dcgettext (((void*)0), "Removing realm `%s'...done\n", 5), realm);
325 else
326 printf (_("Removing principal `%s@%s'...done\n")dcgettext (((void*)0), "Removing principal `%s@%s'...done\n",
5)
, principal, realm);
327}
328
329static void
330apply_options (const char *realm,
331 const char *principal, Shisa_principal * ph, Shisa_key * dbkey)
332{
333 char *passwd = args.password_arg;
334 char *salt = args.salt_arg;
335 char *str2keyparam = NULL((void*)0);
336 size_t str2keyparamlen = 0;
337 Shishi_key *key;
338 int32_t etype;
339 int rc;
340
341 if (ph)
342 {
343 if (args.key_version_given)
344 ph->kvno = args.key_version_arg;
345 }
346
347 if (dbkey)
348 {
349 etype = shishi_cfg_clientkdcetype_fast (sh);
350
351 if (!salt && realm && principal)
352 {
353 char *name = xasprintf ("%s@%s", principal, realm);
354
355 rc = shishi_derive_default_salt (sh, name, &salt);
356 free (name);
357 if (rc != SHISHI_OK)
358 error (EXIT_FAILURE1, 0, "shisa_derive_default_salt (%d):\n%s",
359 rc, shisa_strerror (rc));
360 }
361
362 if (args.string_to_key_parameter_given)
363 {
364 /* XXX */
365 }
366
367 if (args.password_given)
368 {
369 if (!passwd)
370 {
371 if (realm && principal)
372 rc = shishi_prompt_password (sh, &passwd,
373 _("Password for `%s@%s': ")dcgettext (((void*)0), "Password for `%s@%s': ", 5),
374 principal, realm);
375 else
376 rc = shishi_prompt_password (sh, &passwd, _("Password: ")dcgettext (((void*)0), "Password: ", 5));
377 if (rc != SHISHI_OK)
378 error (EXIT_FAILURE1, 0, _("Could not read password")dcgettext (((void*)0), "Could not read password", 5));
379 }
380
381 rc = shishi_key_from_string (sh, etype,
382 passwd, strlen (passwd),
383 salt, salt ? strlen (salt) : 0,
384 str2keyparam, &key);
385 }
386 else
387 rc = shishi_key_random (sh, etype, &key);
388
389 if (rc != SHISHI_OK)
390 error (EXIT_FAILURE1, 0, _("Could not create key (%d):\n%s")dcgettext (((void*)0), "Could not create key (%d):\n%s", 5),
391 rc, shishi_strerror (rc));
392
393 if (realm && principal)
394 {
395 shishi_key_realm_set (key, realm);
396 shishi_key_principal_set (key, principal);
397 }
398
399 dbkey->kvno = args.key_version_arg;
400 dbkey->etype = etype;
401 dbkey->priority = args.priority_arg;
402 dbkey->key = (char *) shishi_key_value (key);
403 dbkey->keylen = shishi_key_length (key);
404 dbkey->salt = salt;
405 dbkey->saltlen = salt ? strlen (salt) : 0;
406 dbkey->str2keyparam = str2keyparam;
407 dbkey->str2keyparamlen = str2keyparamlen;
408 dbkey->password = passwd;
409 }
410}
411
412const char version_etc_copyright[] =
413 /* Do *not* mark this string for translation. %s is a copyright
414 symbol suitable for this locale, and %d is the copyright
415 year. */
416 "Copyright %s %d Simon Josefsson.";
417
418static void usage (int status) __attribute__((__noreturn__));
419
420static void
421usage (int status)
422{
423 if (status != EXIT_SUCCESS0)
424 fprintf (stderrstderr, _("Try `%s --help' for more information.\n")dcgettext (((void*)0), "Try `%s --help' for more information.\n"
, 5)
,
425 program_name);
426 else
427 {
428 cmdline_parser_print_help ();
429 printf (_("\nMandatory arguments to long options are "dcgettext (((void*)0), "\nMandatory arguments to long options are "
"mandatory for short options too.\n", 5)
430 "mandatory for short options too.\n")dcgettext (((void*)0), "\nMandatory arguments to long options are "
"mandatory for short options too.\n", 5)
);
431 emit_bug_reporting_address ();
432 }
433 exit (status);
434}
435
436int
437main (int argc, char *argv[])
438{
439 const char *realm = NULL((void*)0);
440 const char *principal = NULL((void*)0);
441 Shisa_principal ph;
442 Shisa_key key;
443 int rc;
444
445 setlocale (LC_ALL6, "");
446 bindtextdomain (PACKAGE"shishi", LOCALEDIR"/usr/local/share/locale");
447 textdomain (PACKAGE"shishi");
448 set_program_name (argv[0]);
449
450 if (cmdline_parser (argc, argv, &args) != 0)
1
Assuming the condition is false
2
Taking false branch
451 usage (EXIT_FAILURE1);
452
453 if (args.version_given)
3
Assuming field 'version_given' is 0
4
Taking false branch
454 {
455 const char *p = PACKAGE_NAME"GNU Shishi";
456 if (strcmp (shishi_check_version (NULL((void*)0)), PACKAGE_VERSION"1.0.3.7-c46a") != 0)
457 p = PACKAGE_STRING"GNU Shishi 1.0.3.7-c46a";
458 version_etc (stdoutstdout, program_name, p, shishi_check_version (NULL((void*)0)),
459 "Simon Josefsson", (char *) NULL((void*)0));
460 return EXIT_SUCCESS0;
461 }
462
463 rc = args.add_given + args.dump_given + args.list_given +
464 args.modify_given + args.remove_given +
465 args.key_add_given + args.key_remove_given;
466
467 if (rc > 1 || args.inputs_num > 2)
5
Assuming 'rc' is <= 1
6
Assuming field 'inputs_num' is <= 2
468 {
469 error (0, 0, _("too many arguments")dcgettext (((void*)0), "too many arguments", 5));
470 usage (EXIT_FAILURE1);
471 }
472
473 if (rc == 0 || args.help_given)
7
Assuming 'rc' is not equal to 0
8
Assuming field 'help_given' is 0
9
Taking false branch
474 usage (EXIT_SUCCESS0);
475
476 rc = shisa_init_with_paths (&dbh, args.configuration_file_arg);
477 if (rc != SHISA_OK)
10
Assuming 'rc' is equal to SHISA_OK
11
Taking false branch
478 error (EXIT_FAILURE1, 0, _("Initialization failed:\n%s")dcgettext (((void*)0), "Initialization failed:\n%s", 5),
479 shisa_strerror (rc));
480
481 rc = shisa_cfg (dbh, args.library_options_arg);
482 if (rc != SHISA_OK)
12
Assuming 'rc' is equal to SHISA_OK
13
Taking false branch
483 error (EXIT_FAILURE1, 0, _("Could not read library options `%s':\n%s")dcgettext (((void*)0), "Could not read library options `%s':\n%s"
, 5)
,
484 args.library_options_arg, shisa_strerror (rc));
485
486 rc = shishi_init (&sh);
487 if (rc != SHISHI_OK)
14
Assuming 'rc' is equal to SHISHI_OK
15
Taking false branch
488 error (EXIT_FAILURE1, 0, _("Shishi initialization failed:\n%s")dcgettext (((void*)0), "Shishi initialization failed:\n%s", 5
)
,
489 shishi_strerror (rc));
490
491 rc = shishi_cfg_clientkdcetype_set (sh, args.encryption_type_arg);
492 if (rc != SHISHI_OK)
16
Assuming 'rc' is equal to SHISHI_OK
493 error (EXIT_FAILURE1, 0, _("Could not set encryption type `%s':\n%s")dcgettext (((void*)0), "Could not set encryption type `%s':\n%s"
, 5)
,
494 args.encryption_type_arg, shishi_strerror (rc));
495
496 if ((args.inputs_num < 2 && (args.modify_given ||
17
Assuming field 'inputs_num' is >= 2
497 args.key_add_given ||
498 args.key_remove_given)) ||
499 (args.inputs_num
17.1
Field 'inputs_num' is >= 1
< 1 && (args.remove_given)))
500 {
501 error (0, 0, _("too few arguments")dcgettext (((void*)0), "too few arguments", 5));
502 usage (EXIT_FAILURE1);
503 }
504
505 if (args.inputs_num
17.2
Field 'inputs_num' is > 0
> 0)
18
Taking true branch
506 realm = args.inputs[0];
507 if (args.inputs_num
18.1
Field 'inputs_num' is > 1
> 1)
19
Taking true branch
508 principal = args.inputs[1];
509
510 memset (&ph, 0, sizeof (ph));
511 memset (&key, 0, sizeof (key));
512 apply_options (realm, principal, &ph, &key);
513
514 if (args.list_given || args.dump_given)
20
Assuming field 'list_given' is 0
21
Assuming field 'dump_given' is 0
22
Taking false branch
515 rc = dumplist ();
516 else if (args.remove_given)
23
Assuming field 'remove_given' is 0
517 delete (realm, principal);
518 else if (args.add_given && (args.inputs_num == 1 || args.inputs_num == 2))
24
Assuming field 'add_given' is not equal to 0
25
Assuming field 'inputs_num' is not equal to 1
26
Assuming field 'inputs_num' is not equal to 2
27
Taking false branch
519 add (realm, principal, &ph, &key);
520 else if (args.add_given
27.1
Field 'add_given' is not equal to 0
)
28
Taking true branch
521 {
522 char *host;
523 char *tmp;
524 Shisa_key key2;
525
526 /* This is mostly meant for 'make install', as it set up the
527 default realm, and write a host key to stdout, which can be
528 redirected into $prefix/etc/shishi/shishi.keys. */
529
530 realm = shishi_realm_default (sh);
531
532 printf (_("Adding default realm `%s'...\n")dcgettext (((void*)0), "Adding default realm `%s'...\n", 5), realm);
533 add (realm, NULL((void*)0), NULL((void*)0), NULL((void*)0));
29
Passing null pointer value via 4th parameter 'key'
30
Calling 'add'
534
535 tmp = xasprintf ("krbtgt/%s", realm);
536 add (realm, tmp, &ph, &key);
537 free (tmp);
538
539 host = xgethostname ();
540 tmp = xasprintf ("host/%s", host);
541 free (host);
542
543 memset (&key2, 0, sizeof (key2));
544 apply_options (realm, tmp, NULL((void*)0), &key2);
545 args.keys_given = 1;
546
547 add (realm, tmp, &ph, &key2);
548 free (tmp);
549 }
550 else if (args.modify_given)
551 {
552 printf (_("Modifying principal `%s@%s'...\n")dcgettext (((void*)0), "Modifying principal `%s@%s'...\n", 5), principal, realm);
553
554 rc = shisa_principal_update (dbh, realm, principal, &ph);
555 if (rc != SHISA_OK)
556 error (EXIT_FAILURE1, 0, "shisa_principal_update (%d):\n%s",
557 rc, shisa_strerror (rc));
558
559 printf (_("Modifying principal `%s@%s'...done\n")dcgettext (((void*)0), "Modifying principal `%s@%s'...done\n"
, 5)
, principal, realm);
560 }
561 else if (args.key_add_given)
562 {
563 printf (_("Adding key to `%s@%s'...\n")dcgettext (((void*)0), "Adding key to `%s@%s'...\n", 5), principal, realm);
564
565 rc = shisa_key_add (dbh, realm, principal, &key);
566 if (rc != SHISA_OK)
567 error (EXIT_FAILURE1, 0, "shisa_key_add (%d):\n%s",
568 rc, shisa_strerror (rc));
569
570 if (args.keys_given)
571 printdbkey (realm, principal, &key);
572
573 printf (_("Adding key to `%s@%s'...done\n")dcgettext (((void*)0), "Adding key to `%s@%s'...done\n", 5), principal, realm);
574 }
575 else if (args.key_remove_given)
576 {
577 printf (_("Removing key from `%s@%s'...\n")dcgettext (((void*)0), "Removing key from `%s@%s'...\n", 5), principal, realm);
578
579 if (!args.password_given)
580 {
581 key.keylen = 0;
582 key.password = NULL((void*)0);
583 }
584
585 rc = shisa_key_remove (dbh, realm, principal, &key);
586 if (rc != SHISA_OK)
587 error (EXIT_FAILURE1, 0, "shisa_key_remove (%d):\n%s",
588 rc, shisa_strerror (rc));
589
590 printf (_("Removing key from `%s@%s'...done\n")dcgettext (((void*)0), "Removing key from `%s@%s'...done\n", 5
)
, principal, realm);
591 }
592
593 shisa_done (dbh);
594 shishi_done (sh);
595
596 return EXIT_SUCCESS0;
597}