xref: /freebsd/crypto/heimdal/kadmin/kadmind.c (revision 1e413cf93298b5b97441a21d9a50fdcd0ee9945e)
1 /*
2  * Copyright (c) 1997-2002 Kungliga Tekniska H�gskolan
3  * (Royal Institute of Technology, Stockholm, Sweden).
4  * All rights reserved.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  *
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  *
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  *
17  * 3. Neither the name of the Institute nor the names of its contributors
18  *    may be used to endorse or promote products derived from this software
19  *    without specific prior written permission.
20  *
21  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31  * SUCH DAMAGE.
32  */
33 
34 #include "kadmin_locl.h"
35 
36 RCSID("$Id: kadmind.c,v 1.28.2.1 2004/04/29 12:30:32 lha Exp $");
37 
38 static char *check_library  = NULL;
39 static char *check_function = NULL;
40 static char *config_file;
41 static char *keyfile;
42 static char *keytab_str = "HDB:";
43 static int help_flag;
44 static int version_flag;
45 static int debug_flag;
46 static char *port_str;
47 char *realm;
48 #ifdef KRB4
49 int do_kerberos4 = 0;
50 #endif
51 
52 static struct getargs args[] = {
53     {
54 	"config-file",	'c',	arg_string,	&config_file,
55 	"location of config file",	"file"
56     },
57     {
58 	"key-file",	'k',	arg_string, &keyfile,
59 	"location of master key file", "file"
60     },
61     {
62 	"keytab",	0,	arg_string, &keytab_str,
63 	"what keytab to use", "keytab"
64     },
65     {	"realm",	'r',	arg_string,   &realm,
66 	"realm to use", "realm"
67     },
68 #ifdef HAVE_DLOPEN
69     { "check-library", 0, arg_string, &check_library,
70       "library to load password check function from", "library" },
71     { "check-function", 0, arg_string, &check_function,
72       "password check function to load", "function" },
73 #endif
74     {	"debug",	'd',	arg_flag,   &debug_flag,
75 	"enable debugging"
76     },
77 #ifdef KRB4
78     {	"kerberos4", 0,		arg_flag,   &do_kerberos4,
79 	"don't respond to kerberos 4 requests"
80     },
81 #endif
82     {	"ports",	'p',	arg_string, &port_str,
83 	"ports to listen to", "port" },
84     {	"help",		'h',	arg_flag,   &help_flag },
85     {	"version",	'v',	arg_flag,   &version_flag }
86 };
87 
88 static int num_args = sizeof(args) / sizeof(args[0]);
89 
90 krb5_context context;
91 
92 static void
93 usage(int ret)
94 {
95     arg_printusage (args, num_args, NULL, "");
96     exit (ret);
97 }
98 
99 int
100 main(int argc, char **argv)
101 {
102     krb5_error_code ret;
103     krb5_config_section *cf;
104     int optind = 0;
105     int e;
106     krb5_log_facility *logf;
107     krb5_keytab keytab;
108 
109     setprogname(argv[0]);
110 
111     ret = krb5_init_context(&context);
112     if (ret)
113 	errx (1, "krb5_init_context failed: %d", ret);
114 
115     ret = krb5_openlog(context, "kadmind", &logf);
116     ret = krb5_set_warn_dest(context, logf);
117 
118     while((e = getarg(args, num_args, argc, argv, &optind)))
119 	warnx("error at argument `%s'", argv[optind]);
120 
121     if (help_flag)
122 	usage (0);
123 
124     if (version_flag) {
125 	print_version(NULL);
126 	exit(0);
127     }
128 
129     argc -= optind;
130     argv += optind;
131 
132     ret = krb5_kt_register(context, &hdb_kt_ops);
133     if(ret)
134 	krb5_err(context, 1, ret, "krb5_kt_register");
135 
136     if (config_file == NULL)
137 	config_file = HDB_DB_DIR "/kdc.conf";
138 
139     if(krb5_config_parse_file(context, config_file, &cf) == 0) {
140 	const char *p = krb5_config_get_string (context, cf,
141 						"kdc", "key-file", NULL);
142 	if (p)
143 	    keyfile = strdup(p);
144     }
145 
146     ret = krb5_kt_resolve(context, keytab_str, &keytab);
147     if(ret)
148 	krb5_err(context, 1, ret, "krb5_kt_resolve");
149 
150     kadm5_setup_passwd_quality_check (context, check_library, check_function);
151 
152     {
153 	int fd = 0;
154 	struct sockaddr_storage __ss;
155 	struct sockaddr *sa = (struct sockaddr *)&__ss;
156 	socklen_t sa_size = sizeof(__ss);
157 	krb5_auth_context ac = NULL;
158 	int debug_port;
159 
160 	if(debug_flag) {
161 	    if(port_str == NULL)
162 		debug_port = krb5_getportbyname (context, "kerberos-adm",
163 						 "tcp", 749);
164 	    else
165 		debug_port = htons(atoi(port_str));
166 	    mini_inetd(debug_port);
167 	} else if(roken_getsockname(STDIN_FILENO, sa, &sa_size) < 0 &&
168 		   errno == ENOTSOCK) {
169 	    parse_ports(context, port_str ? port_str : "+");
170 	    pidfile(NULL);
171 	    start_server(context);
172 	}
173 	if(realm)
174 	    krb5_set_default_realm(context, realm); /* XXX */
175 	kadmind_loop(context, ac, keytab, fd);
176     }
177     return 0;
178 }
179