1/*
2 * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 *    notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 *    notice, this list of conditions and the following disclaimer in the
15 *    documentation and/or other materials provided with the distribution.
16 *
17 * 3. Neither the name of the Institute nor the names of its contributors
18 *    may be used to endorse or promote products derived from this software
19 *    without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34#include "kadm5_locl.h"
35
36RCSID("$Id$");
37
38
39static kadm5_ret_t
40kadm5_s_init_with_context(krb5_context context,
41			  const char *client_name,
42			  const char *service_name,
43			  kadm5_config_params *realm_params,
44			  unsigned long struct_version,
45			  unsigned long api_version,
46			  void **server_handle)
47{
48    kadm5_ret_t ret;
49    kadm5_server_context *ctx;
50    ret = _kadm5_s_init_context(&ctx, realm_params, context);
51    if(ret)
52	return ret;
53
54    assert(ctx->config.dbname != NULL);
55    assert(ctx->config.stash_file != NULL);
56    assert(ctx->config.acl_file != NULL);
57    assert(ctx->log_context.log_file != NULL);
58#ifndef NO_UNIX_SOCKETS
59    assert(ctx->log_context.socket_name.sun_path[0] != '\0');
60#else
61    assert(ctx->log_context.socket_info != NULL);
62#endif
63
64    ret = hdb_create(ctx->context, &ctx->db, ctx->config.dbname);
65    if(ret)
66	return ret;
67    ret = hdb_set_master_keyfile (ctx->context,
68				  ctx->db, ctx->config.stash_file);
69    if(ret)
70	return ret;
71
72    ctx->log_context.log_fd   = -1;
73
74#ifndef NO_UNIX_SOCKETS
75    ctx->log_context.socket_fd = socket (AF_UNIX, SOCK_DGRAM, 0);
76#else
77    ctx->log_context.socket_fd = socket (ctx->log_context.socket_info->ai_family,
78					 ctx->log_context.socket_info->ai_socktype,
79					 ctx->log_context.socket_info->ai_protocol);
80#endif
81    if (!rk_IS_BAD_SOCKET(ctx->log_context.socket_fd))
82	socket_set_nopipe(ctx->log_context.socket_fd, ctx->log_context.socket_fd);
83
84    ret = krb5_parse_name(ctx->context, client_name, &ctx->caller);
85    if(ret)
86	return ret;
87
88    ret = _kadm5_acl_init(ctx);
89    if(ret)
90	return ret;
91
92    *server_handle = ctx;
93    return 0;
94}
95
96kadm5_ret_t
97kadm5_s_init_with_password_ctx(krb5_context context,
98			       const char *client_name,
99			       const char *password,
100			       const char *service_name,
101			       kadm5_config_params *realm_params,
102			       unsigned long struct_version,
103			       unsigned long api_version,
104			       void **server_handle)
105{
106    return kadm5_s_init_with_context(context,
107				     client_name,
108				     service_name,
109				     realm_params,
110				     struct_version,
111				     api_version,
112				     server_handle);
113}
114
115kadm5_ret_t
116kadm5_s_init_with_password(const char *client_name,
117			   const char *password,
118			   const char *service_name,
119			   kadm5_config_params *realm_params,
120			   unsigned long struct_version,
121			   unsigned long api_version,
122			   void **server_handle)
123{
124    krb5_context context;
125    kadm5_ret_t ret;
126    kadm5_server_context *ctx;
127
128    ret = krb5_init_context(&context);
129    if (ret)
130	return ret;
131    ret = kadm5_s_init_with_password_ctx(context,
132					 client_name,
133					 password,
134					 service_name,
135					 realm_params,
136					 struct_version,
137					 api_version,
138					 server_handle);
139    if(ret){
140	krb5_free_context(context);
141	return ret;
142    }
143    ctx = *server_handle;
144    ctx->my_context = 1;
145    return 0;
146}
147
148kadm5_ret_t
149kadm5_s_init_with_skey_ctx(krb5_context context,
150			   const char *client_name,
151			   const char *keytab,
152			   const char *service_name,
153			   kadm5_config_params *realm_params,
154			   unsigned long struct_version,
155			   unsigned long api_version,
156			   void **server_handle)
157{
158    return kadm5_s_init_with_context(context,
159				     client_name,
160				     service_name,
161				     realm_params,
162				     struct_version,
163				     api_version,
164				     server_handle);
165}
166
167kadm5_ret_t
168kadm5_s_init_with_skey(const char *client_name,
169		       const char *keytab,
170		       const char *service_name,
171		       kadm5_config_params *realm_params,
172		       unsigned long struct_version,
173		       unsigned long api_version,
174		       void **server_handle)
175{
176    krb5_context context;
177    kadm5_ret_t ret;
178    kadm5_server_context *ctx;
179
180    ret = krb5_init_context(&context);
181    if (ret)
182	return ret;
183    ret = kadm5_s_init_with_skey_ctx(context,
184				     client_name,
185				     keytab,
186				     service_name,
187				     realm_params,
188				     struct_version,
189				     api_version,
190				     server_handle);
191    if(ret){
192	krb5_free_context(context);
193	return ret;
194    }
195    ctx = *server_handle;
196    ctx->my_context = 1;
197    return 0;
198}
199
200kadm5_ret_t
201kadm5_s_init_with_creds_ctx(krb5_context context,
202			    const char *client_name,
203			    krb5_ccache ccache,
204			    const char *service_name,
205			    kadm5_config_params *realm_params,
206			    unsigned long struct_version,
207			    unsigned long api_version,
208			    void **server_handle)
209{
210    return kadm5_s_init_with_context(context,
211				     client_name,
212				     service_name,
213				     realm_params,
214				     struct_version,
215				     api_version,
216				     server_handle);
217}
218
219kadm5_ret_t
220kadm5_s_init_with_creds(const char *client_name,
221			krb5_ccache ccache,
222			const char *service_name,
223			kadm5_config_params *realm_params,
224			unsigned long struct_version,
225			unsigned long api_version,
226			void **server_handle)
227{
228    krb5_context context;
229    kadm5_ret_t ret;
230    kadm5_server_context *ctx;
231
232    ret = krb5_init_context(&context);
233    if (ret)
234	return ret;
235    ret = kadm5_s_init_with_creds_ctx(context,
236				      client_name,
237				      ccache,
238				      service_name,
239				      realm_params,
240				      struct_version,
241				      api_version,
242				      server_handle);
243    if(ret){
244	krb5_free_context(context);
245	return ret;
246    }
247    ctx = *server_handle;
248    ctx->my_context = 1;
249    return 0;
250}
251