2  * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan
46 RCSID("$Id$");
51 #define SET(C, F) (C)->funcs.F = kadm5 ## _c_ ## F  in set_funcs()
80     (*ctx)->context = context;  in _kadm5_c_init_context()
81     if(params->mask & KADM5_CONFIG_REALM) {  in _kadm5_c_init_context()
83 	(*ctx)->realm = strdup(params->realm);  in _kadm5_c_init_context()
84 	if ((*ctx)->realm == NULL)  in _kadm5_c_init_context()
87 	ret = krb5_get_default_realm((*ctx)->context, &(*ctx)->realm);  in _kadm5_c_init_context()
92     if(params->mask & KADM5_CONFIG_ADMIN_SERVER)  in _kadm5_c_init_context()
93 	(*ctx)->admin_server = strdup(params->admin_server);  in _kadm5_c_init_context()
97 	ret = krb5_get_krb_admin_hst (context, &(*ctx)->realm, &hostlist);  in _kadm5_c_init_context()
99 	    free((*ctx)->realm);  in _kadm5_c_init_context()
103 	(*ctx)->admin_server = strdup(*hostlist);  in _kadm5_c_init_context()
107     if ((*ctx)->admin_server == NULL) {  in _kadm5_c_init_context()
108 	free((*ctx)->realm);  in _kadm5_c_init_context()
112     colon = strchr ((*ctx)->admin_server, ':');  in _kadm5_c_init_context()
116     (*ctx)->kadmind_port = 0;  in _kadm5_c_init_context()
118     if(params->mask & KADM5_CONFIG_KADMIND_PORT)  in _kadm5_c_init_context()
119 	(*ctx)->kadmind_port = params->kadmind_port;  in _kadm5_c_init_context()
123 	(*ctx)->kadmind_port = htons(strtol (colon, &end, 0));  in _kadm5_c_init_context()
125     if ((*ctx)->kadmind_port == 0)  in _kadm5_c_init_context()
126 	(*ctx)->kadmind_port = krb5_getportbyname (context, "kerberos-adm",  in _kadm5_c_init_context()
133 		krb5_ccache id,  in get_kadm_ticket()  argument
134 		krb5_principal client,  in get_kadm_ticket()  argument
141     in.client = client;  in get_kadm_ticket()
145     ret = krb5_get_credentials(context, 0, id, &in, &out);  in get_kadm_ticket()
154 	      krb5_principal client,  in get_new_cache()  argument
164     krb5_ccache id;  in get_new_cache()  local
172 								       client),  in get_new_cache()
191 					  client,  in get_new_cache()
200 					    client,  in get_new_cache()
212     case KRB5_LIBOS_PWDINTR:	/* don't print anything if it was just C-c:ed */  in get_new_cache()
219     ret = krb5_cc_new_unique(context, krb5_cc_type_memory, NULL, &id);  in get_new_cache()
222     ret = krb5_cc_initialize (context, id, cred.client);  in get_new_cache()
225     ret = krb5_cc_store_cred (context, id, &cred);  in get_new_cache()
229     *ret_cache = id;  in get_new_cache()
234  * Check the credential cache `id´ to figure out what principal to use
236  * credential in the cache, use that client principal. Otherwise, use
237  * the client principals first component and add /admin to the
243 		    krb5_ccache *id,  in get_cache_principal()  argument
244 		    krb5_principal *client)  in get_cache_principal()  argument
250     ret = krb5_cc_default(context, id);  in get_cache_principal()
252 	*id = NULL;  in get_cache_principal()
256     ret = krb5_cc_get_principal(context, *id, &p1);  in get_cache_principal()
258 	krb5_cc_close(context, *id);  in get_cache_principal()
259 	*id = NULL;  in get_cache_principal()
266 	krb5_cc_close(context, *id);  in get_cache_principal()
267 	*id = NULL;  in get_cache_principal()
279 	in.client = p1;  in get_cache_principal()
284 					      *id, &in, &out);  in get_cache_principal()
287 	    if (out->flags.b.initial) {  in get_cache_principal()
288 		*client = p1;  in get_cache_principal()
295     krb5_cc_close(context, *id);  in get_cache_principal()
296     *id = NULL;  in get_cache_principal()
306 	*client = p2;  in get_cache_principal()
310     *client = p1;  in get_cache_principal()
326     krb5_ccache id = NULL;  in _kadm5_c_get_cred_cache()  local
327     krb5_principal default_client = NULL, client = NULL;  in _kadm5_c_get_cred_cache()  local
336 	ret = krb5_parse_name(context, client_name, &client);  in _kadm5_c_get_cred_cache()
342 	id = ccache;  in _kadm5_c_get_cred_cache()
343 	ret = krb5_cc_get_principal(context, id, &client);  in _kadm5_c_get_cred_cache()
349 	ret = get_cache_principal(context, &id, &default_client);  in _kadm5_c_get_cred_cache()
352 	     * No client was specified by the caller and we cannot  in _kadm5_c_get_cred_cache()
353 	     * determine the client from a credentials cache.  in _kadm5_c_get_cred_cache()
372      * No client was specified by the caller, but we have a client  in _kadm5_c_get_cred_cache()
375     if (client == NULL && default_client != NULL)  in _kadm5_c_get_cred_cache()
376 	client = default_client;  in _kadm5_c_get_cred_cache()
379     if(id && client && (default_client == NULL ||  in _kadm5_c_get_cred_cache()
380 	      krb5_principal_compare(context, client, default_client) != 0)) {  in _kadm5_c_get_cred_cache()
381 	ret = get_kadm_ticket(context, id, client, server_name);  in _kadm5_c_get_cred_cache()
383 	    *ret_cache = id;  in _kadm5_c_get_cred_cache()
385 	    if (default_client != client)  in _kadm5_c_get_cred_cache()
386 		krb5_free_principal(context, client);  in _kadm5_c_get_cred_cache()
391 	    return -1;  in _kadm5_c_get_cred_cache()
394     if(id && (id != ccache))  in _kadm5_c_get_cred_cache()
395 	krb5_cc_close(context, id);  in _kadm5_c_get_cred_cache()
396     if (client != default_client)  in _kadm5_c_get_cred_cache()
399     ret = get_new_cache(context, client, password, prompter, keytab,  in _kadm5_c_get_cred_cache()
401     krb5_free_principal(context, client);  in _kadm5_c_get_cred_cache()
418     krb5_context context = ctx->context;  in kadm_connect()
424     snprintf (portstr, sizeof(portstr), "%u", ntohs(ctx->kadmind_port));  in kadm_connect()
426     hostname = ctx->admin_server;  in kadm_connect()
437     for (a = ai; a != NULL; a = a->ai_next) {  in kadm_connect()
438 	s = socket (a->ai_family, a->ai_socktype, a->ai_protocol);  in kadm_connect()
441 	if (connect (s, a->ai_addr, a->ai_addrlen) < 0) {  in kadm_connect()
456 				  ctx->client_name,  in kadm_connect()
457 				  ctx->service_name,  in kadm_connect()
458 				  NULL, ctx->prompter, ctx->keytab,  in kadm_connect()
459 				  ctx->ccache, &cc);  in kadm_connect()
467     if (ctx->realm)  in kadm_connect()
468 	asprintf(&service_name, "%s@%s", KADM5_ADMIN_SERVICE, ctx->realm);  in kadm_connect()
483 	if(ctx->ccache == NULL)  in kadm_connect()
488     ctx->ac = NULL;  in kadm_connect()
490     ret = krb5_sendauth(context, &ctx->ac, &s,  in kadm_connect()
498 	if(ctx->realm) {  in kadm_connect()
500 	    p.realm = ctx->realm;  in kadm_connect()
504 	ret = krb5_write_priv_message(context, ctx->ac, &s, &params);  in kadm_connect()
509 	    if(ctx->ccache == NULL)  in kadm_connect()
516 	s = socket (a->ai_family, a->ai_socktype, a->ai_protocol);  in kadm_connect()
522 	if (connect (s, a->ai_addr, a->ai_addrlen) < 0) {  in kadm_connect()
528 	ret = krb5_sendauth(context, &ctx->ac, &s,  in kadm_connect()
540     if(ctx->ccache == NULL)  in kadm_connect()
542     ctx->sock = s;  in kadm_connect()
551     if(ctx->sock == -1)  in _kadm5_connect()
589 	ctx->client_name = strdup(client_name);  in kadm5_c_init_with_context()
591 	ctx->client_name = NULL;  in kadm5_c_init_with_context()
593 	ctx->service_name = strdup(service_name);  in kadm5_c_init_with_context()
595 	ctx->service_name = NULL;  in kadm5_c_init_with_context()
596     ctx->prompter = prompter;  in kadm5_c_init_with_context()
597     ctx->keytab = keytab;  in kadm5_c_init_with_context()
598     ctx->ccache = ccache;  in kadm5_c_init_with_context()
600     ctx->sock = -1;  in kadm5_c_init_with_context()
641     ctx->my_context = 1;  in init_context()