1178825Sdfr/* 2233294Sstas * Copyright (c) 2007 Kungliga Tekniska H��gskolan 3233294Sstas * (Royal Institute of Technology, Stockholm, Sweden). 4233294Sstas * All rights reserved. 5178825Sdfr * 6233294Sstas * Redistribution and use in source and binary forms, with or without 7233294Sstas * modification, are permitted provided that the following conditions 8233294Sstas * are met: 9178825Sdfr * 10233294Sstas * 1. Redistributions of source code must retain the above copyright 11233294Sstas * notice, this list of conditions and the following disclaimer. 12178825Sdfr * 13233294Sstas * 2. Redistributions in binary form must reproduce the above copyright 14233294Sstas * notice, this list of conditions and the following disclaimer in the 15233294Sstas * documentation and/or other materials provided with the distribution. 16178825Sdfr * 17233294Sstas * 3. Neither the name of the Institute nor the names of its contributors 18233294Sstas * may be used to endorse or promote products derived from this software 19233294Sstas * without specific prior written permission. 20178825Sdfr * 21233294Sstas * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 22233294Sstas * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23233294Sstas * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24233294Sstas * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 25233294Sstas * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26233294Sstas * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27233294Sstas * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28233294Sstas * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29233294Sstas * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30233294Sstas * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31233294Sstas * SUCH DAMAGE. 32178825Sdfr */ 33178825Sdfr 34178825Sdfr#include "kdc_locl.h" 35178825Sdfr 36178825Sdfrstatic int version_flag; 37178825Sdfrstatic int help_flag; 38178825Sdfr 39178825Sdfrstruct getargs args[] = { 40178825Sdfr { "version", 0, arg_flag, &version_flag }, 41178825Sdfr { "help", 'h', arg_flag, &help_flag } 42178825Sdfr}; 43178825Sdfr 44178825Sdfrconst static int num_args = sizeof(args) / sizeof(args[0]); 45178825Sdfr 46178825Sdfrstatic void 47178825Sdfrusage(int ret) 48178825Sdfr{ 49178825Sdfr arg_printusage (args, num_args, NULL, "kdc-request-log-file"); 50178825Sdfr exit (ret); 51178825Sdfr} 52178825Sdfr 53178825Sdfrint 54178825Sdfrmain(int argc, char **argv) 55178825Sdfr{ 56178825Sdfr krb5_error_code ret; 57178825Sdfr krb5_context context; 58178825Sdfr krb5_kdc_configuration *config; 59178825Sdfr krb5_storage *sp; 60178825Sdfr int fd, optidx = 0; 61178825Sdfr 62178825Sdfr setprogname(argv[0]); 63233294Sstas 64178825Sdfr if(getarg(args, num_args, argc, argv, &optidx)) 65178825Sdfr usage(1); 66178825Sdfr 67178825Sdfr if(help_flag) 68178825Sdfr usage(0); 69233294Sstas 70178825Sdfr if(version_flag){ 71178825Sdfr print_version(NULL); 72178825Sdfr exit(0); 73178825Sdfr } 74178825Sdfr 75178825Sdfr ret = krb5_init_context(&context); 76178825Sdfr if (ret) 77178825Sdfr errx (1, "krb5_init_context failed to parse configuration file"); 78178825Sdfr 79178825Sdfr ret = krb5_kdc_get_config(context, &config); 80178825Sdfr if (ret) 81178825Sdfr krb5_err(context, 1, ret, "krb5_kdc_default_config"); 82178825Sdfr 83233294Sstas kdc_openlog(context, "kdc-replay", config); 84178825Sdfr 85178825Sdfr ret = krb5_kdc_set_dbinfo(context, config); 86178825Sdfr if (ret) 87178825Sdfr krb5_err(context, 1, ret, "krb5_kdc_set_dbinfo"); 88178825Sdfr 89233294Sstas#ifdef PKINIT 90233294Sstas if (config->enable_pkinit) { 91233294Sstas if (config->pkinit_kdc_identity == NULL) 92233294Sstas krb5_errx(context, 1, "pkinit enabled but no identity"); 93233294Sstas 94233294Sstas if (config->pkinit_kdc_anchors == NULL) 95233294Sstas krb5_errx(context, 1, "pkinit enabled but no X509 anchors"); 96233294Sstas 97233294Sstas krb5_kdc_pk_initialize(context, config, 98233294Sstas config->pkinit_kdc_identity, 99233294Sstas config->pkinit_kdc_anchors, 100233294Sstas config->pkinit_kdc_cert_pool, 101233294Sstas config->pkinit_kdc_revoke); 102233294Sstas 103233294Sstas } 104233294Sstas#endif /* PKINIT */ 105233294Sstas 106178825Sdfr if (argc != 2) 107178825Sdfr errx(1, "argc != 2"); 108178825Sdfr 109178825Sdfr printf("kdc replay\n"); 110178825Sdfr 111178825Sdfr fd = open(argv[1], O_RDONLY); 112178825Sdfr if (fd < 0) 113178825Sdfr err(1, "open: %s", argv[1]); 114178825Sdfr 115178825Sdfr sp = krb5_storage_from_fd(fd); 116178825Sdfr if (sp == NULL) 117178825Sdfr krb5_errx(context, 1, "krb5_storage_from_fd"); 118178825Sdfr 119178825Sdfr while(1) { 120178825Sdfr struct sockaddr_storage sa; 121178825Sdfr krb5_socklen_t salen = sizeof(sa); 122178825Sdfr struct timeval tv; 123178825Sdfr krb5_address a; 124178825Sdfr krb5_data d, r; 125178825Sdfr uint32_t t, clty, tag; 126178825Sdfr char astr[80]; 127178825Sdfr 128178825Sdfr ret = krb5_ret_uint32(sp, &t); 129178825Sdfr if (ret == HEIM_ERR_EOF) 130178825Sdfr break; 131178825Sdfr else if (ret) 132178825Sdfr krb5_errx(context, 1, "krb5_ret_uint32(version)"); 133178825Sdfr if (t != 1) 134178825Sdfr krb5_errx(context, 1, "version not 1"); 135178825Sdfr ret = krb5_ret_uint32(sp, &t); 136178825Sdfr if (ret) 137178825Sdfr krb5_errx(context, 1, "krb5_ret_uint32(time)"); 138178825Sdfr ret = krb5_ret_address(sp, &a); 139178825Sdfr if (ret) 140178825Sdfr krb5_errx(context, 1, "krb5_ret_address"); 141178825Sdfr ret = krb5_ret_data(sp, &d); 142178825Sdfr if (ret) 143178825Sdfr krb5_errx(context, 1, "krb5_ret_data"); 144178825Sdfr ret = krb5_ret_uint32(sp, &clty); 145178825Sdfr if (ret) 146178825Sdfr krb5_errx(context, 1, "krb5_ret_uint32(class|type)"); 147178825Sdfr ret = krb5_ret_uint32(sp, &tag); 148178825Sdfr if (ret) 149178825Sdfr krb5_errx(context, 1, "krb5_ret_uint32(tag)"); 150178825Sdfr 151178825Sdfr 152178825Sdfr ret = krb5_addr2sockaddr (context, &a, (struct sockaddr *)&sa, 153178825Sdfr &salen, 88); 154178825Sdfr if (ret == KRB5_PROG_ATYPE_NOSUPP) 155178825Sdfr goto out; 156178825Sdfr else if (ret) 157178825Sdfr krb5_err(context, 1, ret, "krb5_addr2sockaddr"); 158178825Sdfr 159178825Sdfr ret = krb5_print_address(&a, astr, sizeof(astr), NULL); 160178825Sdfr if (ret) 161178825Sdfr krb5_err(context, 1, ret, "krb5_print_address"); 162178825Sdfr 163233294Sstas printf("processing request from %s, %lu bytes\n", 164178825Sdfr astr, (unsigned long)d.length); 165178825Sdfr 166178825Sdfr r.length = 0; 167178825Sdfr r.data = NULL; 168178825Sdfr 169178825Sdfr tv.tv_sec = t; 170178825Sdfr tv.tv_usec = 0; 171178825Sdfr 172178825Sdfr krb5_kdc_update_time(&tv); 173178825Sdfr krb5_set_real_time(context, tv.tv_sec, 0); 174178825Sdfr 175178825Sdfr ret = krb5_kdc_process_request(context, config, d.data, d.length, 176178825Sdfr &r, NULL, astr, 177178825Sdfr (struct sockaddr *)&sa, 0); 178178825Sdfr if (ret) 179178825Sdfr krb5_err(context, 1, ret, "krb5_kdc_process_request"); 180178825Sdfr 181178825Sdfr if (r.length) { 182178825Sdfr Der_class cl; 183178825Sdfr Der_type ty; 184178825Sdfr unsigned int tag2; 185178825Sdfr ret = der_get_tag (r.data, r.length, 186178825Sdfr &cl, &ty, &tag2, NULL); 187178825Sdfr if (MAKE_TAG(cl, ty, 0) != clty) 188178825Sdfr krb5_errx(context, 1, "class|type mismatch: %d != %d", 189178825Sdfr (int)MAKE_TAG(cl, ty, 0), (int)clty); 190178825Sdfr if (tag != tag2) 191178825Sdfr krb5_errx(context, 1, "tag mismatch"); 192178825Sdfr 193178825Sdfr krb5_data_free(&r); 194178825Sdfr } else { 195178825Sdfr if (clty != 0xffffffff) 196178825Sdfr krb5_errx(context, 1, "clty not invalid"); 197178825Sdfr if (tag != 0xffffffff) 198178825Sdfr krb5_errx(context, 1, "tag not invalid"); 199178825Sdfr } 200178825Sdfr 201178825Sdfr out: 202178825Sdfr krb5_data_free(&d); 203178825Sdfr krb5_free_address(context, &a); 204178825Sdfr } 205178825Sdfr 206178825Sdfr krb5_storage_free(sp); 207178825Sdfr krb5_free_context(context); 208178825Sdfr 209178825Sdfr printf("done\n"); 210178825Sdfr 211178825Sdfr return 0; 212178825Sdfr} 213