155682Smarkm/* 2233294Sstas * Copyright (c) 1997-2004 Kungliga Tekniska H��gskolan 3233294Sstas * (Royal Institute of Technology, Stockholm, Sweden). 4233294Sstas * All rights reserved. 555682Smarkm * 6233294Sstas * Redistribution and use in source and binary forms, with or without 7233294Sstas * modification, are permitted provided that the following conditions 8233294Sstas * are met: 955682Smarkm * 10233294Sstas * 1. Redistributions of source code must retain the above copyright 11233294Sstas * notice, this list of conditions and the following disclaimer. 1255682Smarkm * 13233294Sstas * 2. Redistributions in binary form must reproduce the above copyright 14233294Sstas * notice, this list of conditions and the following disclaimer in the 15233294Sstas * documentation and/or other materials provided with the distribution. 1655682Smarkm * 17233294Sstas * 3. Neither the name of the Institute nor the names of its contributors 18233294Sstas * may be used to endorse or promote products derived from this software 19233294Sstas * without specific prior written permission. 2055682Smarkm * 21233294Sstas * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 22233294Sstas * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23233294Sstas * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24233294Sstas * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 25233294Sstas * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26233294Sstas * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27233294Sstas * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28233294Sstas * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29233294Sstas * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30233294Sstas * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31233294Sstas * SUCH DAMAGE. 3255682Smarkm */ 3355682Smarkm 3455682Smarkm#include "kadmin_locl.h" 3555682Smarkm 3672445Sassarstatic char *check_library = NULL; 3772445Sassarstatic char *check_function = NULL; 38178825Sdfrstatic getarg_strings policy_libraries = { 0, NULL }; 3955682Smarkmstatic char *config_file; 40233294Sstasstatic char sHDB[] = "HDB:"; 41233294Sstasstatic char *keytab_str = sHDB; 4255682Smarkmstatic int help_flag; 4355682Smarkmstatic int version_flag; 4455682Smarkmstatic int debug_flag; 4572445Sassarstatic char *port_str; 4655682Smarkmchar *realm; 4755682Smarkm 4855682Smarkmstatic struct getargs args[] = { 49233294Sstas { 50233294Sstas "config-file", 'c', arg_string, &config_file, 51233294Sstas "location of config file", "file" 5255682Smarkm }, 5355682Smarkm { 5455682Smarkm "keytab", 0, arg_string, &keytab_str, 5555682Smarkm "what keytab to use", "keytab" 5655682Smarkm }, 57233294Sstas { "realm", 'r', arg_string, &realm, 58233294Sstas "realm to use", "realm" 5955682Smarkm }, 6072445Sassar#ifdef HAVE_DLOPEN 61233294Sstas { "check-library", 0, arg_string, &check_library, 6272445Sassar "library to load password check function from", "library" }, 6372445Sassar { "check-function", 0, arg_string, &check_function, 6472445Sassar "password check function to load", "function" }, 65178825Sdfr { "policy-libraries", 0, arg_strings, &policy_libraries, 66178825Sdfr "password check function to load", "function" }, 6772445Sassar#endif 68233294Sstas { "debug", 'd', arg_flag, &debug_flag, 69233294Sstas "enable debugging", NULL 7055682Smarkm }, 71233294Sstas { "ports", 'p', arg_string, &port_str, 7272445Sassar "ports to listen to", "port" }, 73233294Sstas { "help", 'h', arg_flag, &help_flag, NULL, NULL }, 74233294Sstas { "version", 'v', arg_flag, &version_flag, NULL, NULL } 7555682Smarkm}; 7655682Smarkm 7755682Smarkmstatic int num_args = sizeof(args) / sizeof(args[0]); 7855682Smarkm 7955682Smarkmkrb5_context context; 8055682Smarkm 8155682Smarkmstatic void 8255682Smarkmusage(int ret) 8355682Smarkm{ 8455682Smarkm arg_printusage (args, num_args, NULL, ""); 8555682Smarkm exit (ret); 8655682Smarkm} 8755682Smarkm 8855682Smarkmint 8955682Smarkmmain(int argc, char **argv) 9055682Smarkm{ 9155682Smarkm krb5_error_code ret; 92178825Sdfr char **files; 93178825Sdfr int optidx = 0; 94233294Sstas int i; 95178825Sdfr krb5_log_facility *logfacility; 9655682Smarkm krb5_keytab keytab; 97233294Sstas krb5_socket_t sfd = rk_INVALID_SOCKET; 9855682Smarkm 9978527Sassar setprogname(argv[0]); 10055682Smarkm 10172445Sassar ret = krb5_init_context(&context); 10272445Sassar if (ret) 10372445Sassar errx (1, "krb5_init_context failed: %d", ret); 10455682Smarkm 105233294Sstas if (getarg(args, num_args, argc, argv, &optidx)) { 106178825Sdfr warnx("error at argument `%s'", argv[optidx]); 107233294Sstas usage(1); 108233294Sstas } 10955682Smarkm 11055682Smarkm if (help_flag) 11155682Smarkm usage (0); 11255682Smarkm 11355682Smarkm if (version_flag) { 11455682Smarkm print_version(NULL); 11555682Smarkm exit(0); 11655682Smarkm } 11755682Smarkm 118178825Sdfr argc -= optidx; 119178825Sdfr argv += optidx; 12055682Smarkm 121178825Sdfr if (config_file == NULL) { 122178825Sdfr asprintf(&config_file, "%s/kdc.conf", hdb_db_dir(context)); 123178825Sdfr if (config_file == NULL) 124178825Sdfr errx(1, "out of memory"); 125178825Sdfr } 126233294Sstas 127178825Sdfr ret = krb5_prepend_config_files_default(config_file, &files); 128178825Sdfr if (ret) 129178825Sdfr krb5_err(context, 1, ret, "getting configuration files"); 130233294Sstas 131178825Sdfr ret = krb5_set_config_files(context, files); 132178825Sdfr krb5_free_config_files(files); 133233294Sstas if(ret) 134178825Sdfr krb5_err(context, 1, ret, "reading configuration files"); 135233294Sstas 136178825Sdfr ret = krb5_openlog(context, "kadmind", &logfacility); 137178825Sdfr if (ret) 138178825Sdfr krb5_err(context, 1, ret, "krb5_openlog"); 139178825Sdfr ret = krb5_set_warn_dest(context, logfacility); 140178825Sdfr if (ret) 141178825Sdfr krb5_err(context, 1, ret, "krb5_set_warn_dest"); 142178825Sdfr 14355682Smarkm ret = krb5_kt_register(context, &hdb_kt_ops); 14455682Smarkm if(ret) 14555682Smarkm krb5_err(context, 1, ret, "krb5_kt_register"); 14655682Smarkm 14755682Smarkm ret = krb5_kt_resolve(context, keytab_str, &keytab); 14855682Smarkm if(ret) 14955682Smarkm krb5_err(context, 1, ret, "krb5_kt_resolve"); 15055682Smarkm 15172445Sassar kadm5_setup_passwd_quality_check (context, check_library, check_function); 15272445Sassar 153178825Sdfr for (i = 0; i < policy_libraries.num_strings; i++) { 154233294Sstas ret = kadm5_add_passwd_quality_verifier(context, 155178825Sdfr policy_libraries.strings[i]); 156178825Sdfr if (ret) 157178825Sdfr krb5_err(context, 1, ret, "kadm5_add_passwd_quality_verifier"); 158178825Sdfr } 159178825Sdfr ret = kadm5_add_passwd_quality_verifier(context, NULL); 160178825Sdfr if (ret) 161178825Sdfr krb5_err(context, 1, ret, "kadm5_add_passwd_quality_verifier"); 162178825Sdfr 163233294Sstas if(debug_flag) { 164233294Sstas int debug_port; 165233294Sstas 166233294Sstas if(port_str == NULL) 167233294Sstas debug_port = krb5_getportbyname (context, "kerberos-adm", 168233294Sstas "tcp", 749); 169233294Sstas else 170233294Sstas debug_port = htons(atoi(port_str)); 171233294Sstas mini_inetd(debug_port, &sfd); 172233294Sstas } else { 173233294Sstas#ifdef _WIN32 174233294Sstas pidfile(NULL); 175233294Sstas start_server(context, port_str); 176233294Sstas#else 17778527Sassar struct sockaddr_storage __ss; 17878527Sassar struct sockaddr *sa = (struct sockaddr *)&__ss; 17978527Sassar socklen_t sa_size = sizeof(__ss); 18078527Sassar 181233294Sstas /* 182233294Sstas * Check if we are running inside inetd or not, if not, start 183233294Sstas * our own server. 184233294Sstas */ 185233294Sstas 186233294Sstas if(roken_getsockname(STDIN_FILENO, sa, &sa_size) < 0 && 187233294Sstas rk_SOCK_ERRNO == ENOTSOCK) { 18872445Sassar pidfile(NULL); 189233294Sstas start_server(context, port_str); 19055682Smarkm } 191233294Sstas#endif /* _WIN32 */ 192233294Sstas sfd = STDIN_FILENO; 19355682Smarkm } 194233294Sstas 195233294Sstas if(realm) 196233294Sstas krb5_set_default_realm(context, realm); /* XXX */ 197233294Sstas 198233294Sstas kadmind_loop(context, keytab, sfd); 199233294Sstas 20055682Smarkm return 0; 20155682Smarkm} 202