1113595Snectar/* 2113595Snectar * Copyright (c) 1997 - 2002 Kungliga Tekniska H��gskolan 3113595Snectar * (Royal Institute of Technology, Stockholm, Sweden). 4113595Snectar * All rights reserved. 5113595Snectar * 6113595Snectar * Redistribution and use in source and binary forms, with or without 7113595Snectar * modification, are permitted provided that the following conditions 8113595Snectar * are met: 9113595Snectar * 10113595Snectar * 1. Redistributions of source code must retain the above copyright 11113595Snectar * notice, this list of conditions and the following disclaimer. 12113595Snectar * 13113595Snectar * 2. Redistributions in binary form must reproduce the above copyright 14113595Snectar * notice, this list of conditions and the following disclaimer in the 15113595Snectar * documentation and/or other materials provided with the distribution. 16113595Snectar * 17113595Snectar * 3. Neither the name of the Institute nor the names of its contributors 18113595Snectar * may be used to endorse or promote products derived from this software 19113595Snectar * without specific prior written permission. 20113595Snectar * 21113595Snectar * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 22113595Snectar * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23113595Snectar * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24113595Snectar * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 25113595Snectar * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26113595Snectar * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27113595Snectar * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28113595Snectar * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29113595Snectar * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30113595Snectar * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31113595Snectar * SUCH DAMAGE. 32113595Snectar */ 33113595Snectar 34113595Snectar#include "kadm5_locl.h" 35113595Snectar 36113595SnectarRCSID("$Id$"); 37113595Snectar 38113595Snectarstatic void 39113595Snectarset_funcs(kadm5_server_context *c) 40113595Snectar{ 41113595Snectar#define SET(C, F) (C)->funcs.F = kadm5_s_ ## F 42113595Snectar SET(c, chpass_principal); 43113595Snectar SET(c, chpass_principal_with_key); 44113595Snectar SET(c, create_principal); 45113595Snectar SET(c, delete_principal); 46113595Snectar SET(c, destroy); 47113595Snectar SET(c, flush); 48113595Snectar SET(c, get_principal); 49124289Snectar SET(c, get_principals); 50124289Snectar SET(c, get_privs); 51124289Snectar SET(c, modify_principal); 52113595Snectar SET(c, randkey_principal); 53113595Snectar SET(c, rename_principal); 54113595Snectar} 55113595Snectar 56113595Snectar#ifndef NO_UNIX_SOCKETS 57113595Snectar 58static void 59set_socket_name(krb5_context context, struct sockaddr_un *un) 60{ 61 const char *fn = kadm5_log_signal_socket(context); 62 63 memset(un, 0, sizeof(*un)); 64 un->sun_family = AF_UNIX; 65 strlcpy (un->sun_path, fn, sizeof(un->sun_path)); 66 67} 68#else 69 70static void 71set_socket_info(krb5_context context, struct addrinfo **info) 72{ 73 kadm5_log_signal_socket_info(context, 0, info); 74} 75 76#endif 77 78static kadm5_ret_t 79find_db_spec(kadm5_server_context *ctx) 80{ 81 krb5_context context = ctx->context; 82 struct hdb_dbinfo *info, *d; 83 krb5_error_code ret; 84 85 if (ctx->config.realm) { 86 /* fetch the databases */ 87 ret = hdb_get_dbinfo(context, &info); 88 if (ret) 89 return ret; 90 91 d = NULL; 92 while ((d = hdb_dbinfo_get_next(info, d)) != NULL) { 93 const char *p = hdb_dbinfo_get_realm(context, d); 94 95 /* match default (realm-less) */ 96 if(p != NULL && strcmp(ctx->config.realm, p) != 0) 97 continue; 98 99 p = hdb_dbinfo_get_dbname(context, d); 100 if (p) 101 ctx->config.dbname = strdup(p); 102 103 p = hdb_dbinfo_get_acl_file(context, d); 104 if (p) 105 ctx->config.acl_file = strdup(p); 106 107 p = hdb_dbinfo_get_mkey_file(context, d); 108 if (p) 109 ctx->config.stash_file = strdup(p); 110 111 p = hdb_dbinfo_get_log_file(context, d); 112 if (p) 113 ctx->log_context.log_file = strdup(p); 114 break; 115 } 116 hdb_free_dbinfo(context, &info); 117 } 118 119 /* If any of the values was unset, pick up the default value */ 120 121 if (ctx->config.dbname == NULL) 122 ctx->config.dbname = strdup(hdb_default_db(context)); 123 if (ctx->config.acl_file == NULL) 124 asprintf(&ctx->config.acl_file, "%s/kadmind.acl", hdb_db_dir(context)); 125 if (ctx->config.stash_file == NULL) 126 asprintf(&ctx->config.stash_file, "%s/m-key", hdb_db_dir(context)); 127 if (ctx->log_context.log_file == NULL) 128 asprintf(&ctx->log_context.log_file, "%s/log", hdb_db_dir(context)); 129 130#ifndef NO_UNIX_SOCKETS 131 set_socket_name(context, &ctx->log_context.socket_name); 132#else 133 set_socket_info(context, &ctx->log_context.socket_info); 134#endif 135 136 return 0; 137} 138 139kadm5_ret_t 140_kadm5_s_init_context(kadm5_server_context **ctx, 141 kadm5_config_params *params, 142 krb5_context context) 143{ 144 *ctx = malloc(sizeof(**ctx)); 145 if(*ctx == NULL) 146 return ENOMEM; 147 memset(*ctx, 0, sizeof(**ctx)); 148 set_funcs(*ctx); 149 (*ctx)->context = context; 150 krb5_add_et_list (context, initialize_kadm5_error_table_r); 151#define is_set(M) (params && params->mask & KADM5_CONFIG_ ## M) 152 if(is_set(REALM)) 153 (*ctx)->config.realm = strdup(params->realm); 154 else 155 krb5_get_default_realm(context, &(*ctx)->config.realm); 156 if(is_set(DBNAME)) 157 (*ctx)->config.dbname = strdup(params->dbname); 158 if(is_set(ACL_FILE)) 159 (*ctx)->config.acl_file = strdup(params->acl_file); 160 if(is_set(STASH_FILE)) 161 (*ctx)->config.stash_file = strdup(params->stash_file); 162 163 find_db_spec(*ctx); 164 165 /* PROFILE can't be specified for now */ 166 /* KADMIND_PORT is supposed to be used on the server also, 167 but this doesn't make sense */ 168 /* ADMIN_SERVER is client only */ 169 /* ADNAME is not used at all (as far as I can tell) */ 170 /* ADB_LOCKFILE ditto */ 171 /* DICT_FILE */ 172 /* ADMIN_KEYTAB */ 173 /* MKEY_FROM_KEYBOARD is not supported */ 174 /* MKEY_NAME neither */ 175 /* ENCTYPE */ 176 /* MAX_LIFE */ 177 /* MAX_RLIFE */ 178 /* EXPIRATION */ 179 /* FLAGS */ 180 /* ENCTYPES */ 181 182 return 0; 183} 184 185HDB * 186_kadm5_s_get_db(void *server_handle) 187{ 188 kadm5_server_context *context = server_handle; 189 return context->db; 190} 191