1/* 2 * Copyright (c) 2007 Apple Inc. All rights reserved. 3 * 4 * @APPLE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. Please obtain a copy of the License at 10 * http://www.opensource.apple.com/apsl/ and read it before using this 11 * file. 12 * 13 * The Original Code and all software distributed under the License are 14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 18 * Please see the License for the specific language governing rights and 19 * limitations under the License. 20 * 21 * @APPLE_LICENSE_HEADER_END@ 22 */ 23 24#include <sys/cdefs.h> 25#include <arpa/inet.h> 26#include <bsm/libbsm.h> 27#include <asl.h> 28#include <ctype.h> 29#include <errno.h> 30#include <fcntl.h> 31#include <stdarg.h> 32#include <stdbool.h> 33#include <string.h> 34#include <unistd.h> 35#include <stdlib.h> 36#include <CoreFoundation/CoreFoundation.h> 37 38#include "LKDCHelper-main.h" 39#include "LKDCHelper.h" 40#include "lookupDSLocalKDC.h" 41#include "utils.h" 42 43/* MIG Generated file */ 44#include "LKDCHelperMessageServer.h" 45 46#include "LKDCHelper-lookup.h" 47 48kern_return_t 49do_LKDCHelperExit (__unused mach_port_t port, audit_token_t token) 50{ 51 if (!authorized(token)) 52 goto fin; 53 helplog(ASL_LEVEL_NOTICE, "Idle exit"); 54 exit(0); 55 56fin: 57 return KERN_SUCCESS; 58} 59 60kern_return_t 61do_LKDCDumpStatus (__unused mach_port_t port, int logLevel, audit_token_t token) 62{ 63 int error = 0; 64 int savedLogLevel; 65 66 LKDCLogEnter (); 67 68 if (!authorized(token)) 69 goto fin; 70 71 savedLogLevel = LKDCLogLevel; 72 LKDCLogLevel = logLevel; 73 74 LKDCDumpCacheStatus (); 75 76 LKDCLogLevel = savedLogLevel; 77 78fin: 79 LKDCLogExit (error); 80 return KERN_SUCCESS; 81} 82 83kern_return_t 84do_LKDCSetLogLevel (__unused mach_port_t port, int logLevel, audit_token_t token) 85{ 86 int error = 0; 87 88 LKDCLogEnter (); 89 90 if (!authorized(token)) 91 goto fin; 92 93 LKDCLogLevel = logLevel; 94 95fin: 96 LKDCLogExit (error); 97 return KERN_SUCCESS; 98} 99 100kern_return_t 101do_LKDCGetLocalRealm (__unused mach_port_t port, realmNameOut_t realm, int *err, audit_token_t token) 102{ 103 CFStringRef realmTmp = NULL; 104 static char *cachedLocalRealmString = NULL; 105 int error = 0; 106 107 LKDCLogEnter (); 108 109 realm[0] = '\0'; 110 111 if (NULL == cachedLocalRealmString) { 112 error = DSCopyLocalKDC (&realmTmp); 113 114 if (0 != error) { goto fin; } 115 116 __KRBCreateUTF8StringFromCFString (realmTmp, &cachedLocalRealmString); 117 } else { 118 LKDCLog ("Cached lookup"); 119 } 120 121 if (NULL != cachedLocalRealmString) { 122 LKDCLog ("LocalKDCRealm = %s", cachedLocalRealmString); 123 strlcpy (realm, cachedLocalRealmString, sizeof(realmNameOut_t)); 124 } 125 126fin: 127 update_idle_timer(); 128 129 *err = error; 130 LKDCLogExit (error); 131 132 return KERN_SUCCESS; 133} 134 135kern_return_t 136do_LKDCDiscoverRealm (__unused mach_port_t port, 137 hostnameIn_t hostname, 138 realmNameOut_t realm, 139 int *err, 140 audit_token_t token) 141{ 142 LKDCLocator *lkdc; 143 int error = 0; 144 145 LKDCLogEnter (); 146 147 realm[0] = '\0'; 148 149 if (!authorized(token)) { 150 error = kLKDCHelperNotAuthorized; 151 goto fin; 152 } 153 154 LKDCLog ("Looking up realm for %s", hostname); 155 156 error = LKDCRealmForHostname (hostname, &lkdc); 157 158 if (0 != error || NULL == lkdc->realmName) { 159 goto fin; 160 } 161 162 strlcpy (realm, lkdc->realmName, sizeof (realmNameOut_t)); 163 164fin: 165 update_idle_timer(); 166 167 *err = error; 168 LKDCLogExit (error); 169 170 return KERN_SUCCESS; 171} 172 173kern_return_t 174do_LKDCFindKDCForRealm (__unused mach_port_t port, 175 realmNameIn_t realm, 176 hostnameOut_t hostname, 177 int *kdcport, 178 int *err, 179 audit_token_t token) 180{ 181 LKDCLocator *lkdc; 182 int error = 0; 183 184 LKDCLogEnter (); 185 186 *kdcport = 0; 187 hostname[0] = '\0'; 188 189 if (!authorized(token)) { 190 error = kLKDCHelperNotAuthorized; 191 goto fin; 192 } 193 194 LKDCLog ("Looking up host for %s", realm); 195 196 error = LKDCHostnameForRealm (realm, &lkdc); 197 198 if (0 != error || NULL == lkdc->serviceHost) { 199 goto fin; 200 } 201 202 strlcpy (hostname, lkdc->serviceHost, sizeof (hostnameOut_t)); 203 *kdcport = lkdc->servicePort; 204 205fin: 206 update_idle_timer(); 207 208 *err = error; 209 LKDCLogExit (error); 210 211 return KERN_SUCCESS; 212} 213