/crypto/heimdal/kadmin/kadmind.c

https://bitbucket.org/freebsd/freebsd-head/ · C · 201 lines · 137 code · 28 blank · 36 comment · 24 complexity · 642591aa586fdafab9bca317e5b18b3f MD5 · raw file

  1. /*
  2. * Copyright (c) 1997-2004 Kungliga Tekniska Hรถgskolan
  3. * (Royal Institute of Technology, Stockholm, Sweden).
  4. * All rights reserved.
  5. *
  6. * Redistribution and use in source and binary forms, with or without
  7. * modification, are permitted provided that the following conditions
  8. * are met:
  9. *
  10. * 1. Redistributions of source code must retain the above copyright
  11. * notice, this list of conditions and the following disclaimer.
  12. *
  13. * 2. Redistributions in binary form must reproduce the above copyright
  14. * notice, this list of conditions and the following disclaimer in the
  15. * documentation and/or other materials provided with the distribution.
  16. *
  17. * 3. Neither the name of the Institute nor the names of its contributors
  18. * may be used to endorse or promote products derived from this software
  19. * without specific prior written permission.
  20. *
  21. * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
  22. * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  23. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  24. * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
  25. * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  26. * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  27. * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  28. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  29. * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  30. * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  31. * SUCH DAMAGE.
  32. */
  33. #include "kadmin_locl.h"
  34. static char *check_library = NULL;
  35. static char *check_function = NULL;
  36. static getarg_strings policy_libraries = { 0, NULL };
  37. static char *config_file;
  38. static char sHDB[] = "HDB:";
  39. static char *keytab_str = sHDB;
  40. static int help_flag;
  41. static int version_flag;
  42. static int debug_flag;
  43. static char *port_str;
  44. char *realm;
  45. static struct getargs args[] = {
  46. {
  47. "config-file", 'c', arg_string, &config_file,
  48. "location of config file", "file"
  49. },
  50. {
  51. "keytab", 0, arg_string, &keytab_str,
  52. "what keytab to use", "keytab"
  53. },
  54. { "realm", 'r', arg_string, &realm,
  55. "realm to use", "realm"
  56. },
  57. #ifdef HAVE_DLOPEN
  58. { "check-library", 0, arg_string, &check_library,
  59. "library to load password check function from", "library" },
  60. { "check-function", 0, arg_string, &check_function,
  61. "password check function to load", "function" },
  62. { "policy-libraries", 0, arg_strings, &policy_libraries,
  63. "password check function to load", "function" },
  64. #endif
  65. { "debug", 'd', arg_flag, &debug_flag,
  66. "enable debugging", NULL
  67. },
  68. { "ports", 'p', arg_string, &port_str,
  69. "ports to listen to", "port" },
  70. { "help", 'h', arg_flag, &help_flag, NULL, NULL },
  71. { "version", 'v', arg_flag, &version_flag, NULL, NULL }
  72. };
  73. static int num_args = sizeof(args) / sizeof(args[0]);
  74. krb5_context context;
  75. static void
  76. usage(int ret)
  77. {
  78. arg_printusage (args, num_args, NULL, "");
  79. exit (ret);
  80. }
  81. int
  82. main(int argc, char **argv)
  83. {
  84. krb5_error_code ret;
  85. char **files;
  86. int optidx = 0;
  87. int i;
  88. krb5_log_facility *logfacility;
  89. krb5_keytab keytab;
  90. krb5_socket_t sfd = rk_INVALID_SOCKET;
  91. setprogname(argv[0]);
  92. ret = krb5_init_context(&context);
  93. if (ret)
  94. errx (1, "krb5_init_context failed: %d", ret);
  95. if (getarg(args, num_args, argc, argv, &optidx)) {
  96. warnx("error at argument `%s'", argv[optidx]);
  97. usage(1);
  98. }
  99. if (help_flag)
  100. usage (0);
  101. if (version_flag) {
  102. print_version(NULL);
  103. exit(0);
  104. }
  105. argc -= optidx;
  106. argv += optidx;
  107. if (config_file == NULL) {
  108. asprintf(&config_file, "%s/kdc.conf", hdb_db_dir(context));
  109. if (config_file == NULL)
  110. errx(1, "out of memory");
  111. }
  112. ret = krb5_prepend_config_files_default(config_file, &files);
  113. if (ret)
  114. krb5_err(context, 1, ret, "getting configuration files");
  115. ret = krb5_set_config_files(context, files);
  116. krb5_free_config_files(files);
  117. if(ret)
  118. krb5_err(context, 1, ret, "reading configuration files");
  119. ret = krb5_openlog(context, "kadmind", &logfacility);
  120. if (ret)
  121. krb5_err(context, 1, ret, "krb5_openlog");
  122. ret = krb5_set_warn_dest(context, logfacility);
  123. if (ret)
  124. krb5_err(context, 1, ret, "krb5_set_warn_dest");
  125. ret = krb5_kt_register(context, &hdb_kt_ops);
  126. if(ret)
  127. krb5_err(context, 1, ret, "krb5_kt_register");
  128. ret = krb5_kt_resolve(context, keytab_str, &keytab);
  129. if(ret)
  130. krb5_err(context, 1, ret, "krb5_kt_resolve");
  131. kadm5_setup_passwd_quality_check (context, check_library, check_function);
  132. for (i = 0; i < policy_libraries.num_strings; i++) {
  133. ret = kadm5_add_passwd_quality_verifier(context,
  134. policy_libraries.strings[i]);
  135. if (ret)
  136. krb5_err(context, 1, ret, "kadm5_add_passwd_quality_verifier");
  137. }
  138. ret = kadm5_add_passwd_quality_verifier(context, NULL);
  139. if (ret)
  140. krb5_err(context, 1, ret, "kadm5_add_passwd_quality_verifier");
  141. if(debug_flag) {
  142. int debug_port;
  143. if(port_str == NULL)
  144. debug_port = krb5_getportbyname (context, "kerberos-adm",
  145. "tcp", 749);
  146. else
  147. debug_port = htons(atoi(port_str));
  148. mini_inetd(debug_port, &sfd);
  149. } else {
  150. #ifdef _WIN32
  151. pidfile(NULL);
  152. start_server(context, port_str);
  153. #else
  154. struct sockaddr_storage __ss;
  155. struct sockaddr *sa = (struct sockaddr *)&__ss;
  156. socklen_t sa_size = sizeof(__ss);
  157. /*
  158. * Check if we are running inside inetd or not, if not, start
  159. * our own server.
  160. */
  161. if(roken_getsockname(STDIN_FILENO, sa, &sa_size) < 0 &&
  162. rk_SOCK_ERRNO == ENOTSOCK) {
  163. pidfile(NULL);
  164. start_server(context, port_str);
  165. }
  166. #endif /* _WIN32 */
  167. sfd = STDIN_FILENO;
  168. }
  169. if(realm)
  170. krb5_set_default_realm(context, realm); /* XXX */
  171. kadmind_loop(context, keytab, sfd);
  172. return 0;
  173. }