1/*
2 * Copyright (c) 2007 Apple Inc. All rights reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24#include <sys/cdefs.h>
25#include <arpa/inet.h>
26#include <bsm/libbsm.h>
27#include <asl.h>
28#include <ctype.h>
29#include <errno.h>
30#include <fcntl.h>
31#include <stdarg.h>
32#include <stdbool.h>
33#include <string.h>
34#include <unistd.h>
35#include <stdlib.h>
36#include <CoreFoundation/CoreFoundation.h>
37
38#include "LKDCHelper-main.h"
39#include "LKDCHelper.h"
40#include "lookupDSLocalKDC.h"
41#include "utils.h"
42
43/* MIG Generated file */
44#include "LKDCHelperMessageServer.h"
45
46#include "LKDCHelper-lookup.h"
47
48kern_return_t
49do_LKDCHelperExit (__unused mach_port_t port, audit_token_t token)
50{
51	if (!authorized(token))
52		goto fin;
53	helplog(ASL_LEVEL_NOTICE, "Idle exit");
54	exit(0);
55
56fin:
57	return KERN_SUCCESS;
58}
59
60kern_return_t
61do_LKDCDumpStatus (__unused mach_port_t port, int logLevel, audit_token_t token)
62{
63	int				error = 0;
64	int				savedLogLevel;
65
66	LKDCLogEnter ();
67
68	if (!authorized(token))
69		goto fin;
70
71	savedLogLevel = LKDCLogLevel;
72	LKDCLogLevel = logLevel;
73
74	LKDCDumpCacheStatus ();
75
76	LKDCLogLevel = savedLogLevel;
77
78fin:
79	LKDCLogExit (error);
80	return KERN_SUCCESS;
81}
82
83kern_return_t
84do_LKDCSetLogLevel (__unused mach_port_t port, int logLevel, audit_token_t token)
85{
86	int				error = 0;
87
88	LKDCLogEnter ();
89
90	if (!authorized(token))
91		goto fin;
92
93	LKDCLogLevel = logLevel;
94
95fin:
96	LKDCLogExit (error);
97	return KERN_SUCCESS;
98}
99
100kern_return_t
101do_LKDCGetLocalRealm (__unused mach_port_t port, realmNameOut_t realm, int *err, audit_token_t token)
102{
103	CFStringRef		realmTmp = NULL;
104	static char		*cachedLocalRealmString = NULL;
105	int				error = 0;
106
107	LKDCLogEnter ();
108
109	realm[0] = '\0';
110
111	if (NULL == cachedLocalRealmString) {
112		error = DSCopyLocalKDC (&realmTmp);
113
114		if (0 != error) { goto fin; }
115
116		__KRBCreateUTF8StringFromCFString (realmTmp, &cachedLocalRealmString);
117	} else {
118		LKDCLog ("Cached lookup");
119	}
120
121	if (NULL != cachedLocalRealmString) {
122		LKDCLog ("LocalKDCRealm = %s", cachedLocalRealmString);
123		strlcpy (realm, cachedLocalRealmString, sizeof(realmNameOut_t));
124	}
125
126fin:
127	update_idle_timer();
128
129	*err = error;
130	LKDCLogExit (error);
131
132	return KERN_SUCCESS;
133}
134
135kern_return_t
136do_LKDCDiscoverRealm (__unused mach_port_t port,
137					  hostnameIn_t hostname,
138					  realmNameOut_t realm,
139					  int *err,
140					  audit_token_t token)
141{
142	LKDCLocator    *lkdc;
143	int				error = 0;
144
145	LKDCLogEnter ();
146
147	realm[0] = '\0';
148
149	if (!authorized(token)) {
150		error = kLKDCHelperNotAuthorized;
151		goto fin;
152	}
153
154	LKDCLog ("Looking up realm for %s", hostname);
155
156	error = LKDCRealmForHostname (hostname, &lkdc);
157
158	if (0 != error || NULL == lkdc->realmName) {
159		goto fin;
160	}
161
162	strlcpy (realm, lkdc->realmName, sizeof (realmNameOut_t));
163
164fin:
165	update_idle_timer();
166
167	*err = error;
168	LKDCLogExit (error);
169
170	return KERN_SUCCESS;
171}
172
173kern_return_t
174do_LKDCFindKDCForRealm (__unused mach_port_t port,
175						realmNameIn_t realm,
176						hostnameOut_t hostname,
177						int *kdcport,
178						int *err,
179						audit_token_t token)
180{
181	LKDCLocator    *lkdc;
182	int				error = 0;
183
184	LKDCLogEnter ();
185
186	*kdcport = 0;
187	hostname[0] = '\0';
188
189	if (!authorized(token)) {
190		error = kLKDCHelperNotAuthorized;
191		goto fin;
192	}
193
194	LKDCLog ("Looking up host for %s", realm);
195
196	error = LKDCHostnameForRealm (realm, &lkdc);
197
198	if (0 != error || NULL == lkdc->serviceHost) {
199		goto fin;
200	}
201
202	strlcpy (hostname, lkdc->serviceHost, sizeof (hostnameOut_t));
203	*kdcport = lkdc->servicePort;
204
205fin:
206	update_idle_timer();
207
208	*err = error;
209	LKDCLogExit (error);
210
211	return KERN_SUCCESS;
212}
213