config.c revision 55682
1/* 2 * Copyright (c) 1997-1999 Kungliga Tekniska H�gskolan 3 * (Royal Institute of Technology, Stockholm, Sweden). 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * 3. Neither the name of the Institute nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34#include "kdc_locl.h" 35#include <getarg.h> 36#include <parse_bytes.h> 37 38RCSID("$Id: config.c,v 1.28 1999/12/02 17:04:58 joda Exp $"); 39 40static char *config_file; 41int require_preauth = -1; 42char *keyfile; 43static char *max_request_str; 44size_t max_request; 45time_t kdc_warn_pwexpire; 46struct dbinfo *databases; 47HDB **db; 48int num_db; 49char *port_str; 50int enable_http = -1; 51krb5_boolean encode_as_rep_as_tgs_rep; /* bug compatibility */ 52 53krb5_boolean check_ticket_addresses; 54krb5_boolean allow_null_ticket_addresses; 55 56#ifdef KRB4 57char *v4_realm; 58#endif 59#ifdef KASERVER 60krb5_boolean enable_kaserver = -1; 61#endif 62 63static int help_flag; 64static int version_flag; 65 66static struct getargs args[] = { 67 { 68 "config-file", 'c', arg_string, &config_file, 69 "location of config file", "file" 70 }, 71 { 72 "require-preauth", 'p', arg_negative_flag, &require_preauth, 73 "don't require pa-data in as-reqs" 74 }, 75 { 76 "key-file", 'k', arg_string, &keyfile, 77 "location of master key file", "file" 78 }, 79 { 80 "max-request", 0, arg_string, &max_request, 81 "max size for a kdc-request", "size" 82 }, 83#if 0 84 { 85 "database", 'd', arg_string, &databases, 86 "location of database", "database" 87 }, 88#endif 89 { "enable-http", 'H', arg_flag, &enable_http, "turn on HTTP support" }, 90#ifdef KRB4 91 { 92 "v4-realm", 'r', arg_string, &v4_realm, 93 "realm to serve v4-requests for" 94 }, 95#endif 96#ifdef KASERVER 97 { 98 "kaserver", 'K', arg_negative_flag, &enable_kaserver, 99 "turn off kaserver support" 100 }, 101#endif 102 { "ports", 'P', arg_string, &port_str, 103 "ports to listen to" 104 }, 105 { "help", 'h', arg_flag, &help_flag }, 106 { "version", 'v', arg_flag, &version_flag } 107}; 108 109static int num_args = sizeof(args) / sizeof(args[0]); 110 111static void 112usage(int ret) 113{ 114 arg_printusage (args, num_args, NULL, ""); 115 exit (ret); 116} 117 118static void 119get_dbinfo(krb5_config_section *cf) 120{ 121 krb5_config_binding *top_binding = NULL; 122 krb5_config_binding *db_binding; 123 krb5_config_binding *default_binding = NULL; 124 struct dbinfo *di, **dt; 125 const char *default_dbname = HDB_DEFAULT_DB; 126 const char *default_mkey = HDB_DB_DIR "/m-key"; 127 const char *p; 128 129 databases = NULL; 130 dt = &databases; 131 while((db_binding = (krb5_config_binding *) 132 krb5_config_get_next(context, cf, &top_binding, 133 krb5_config_list, 134 "kdc", 135 "database", 136 NULL))) { 137 p = krb5_config_get_string(context, db_binding, "realm", NULL); 138 if(p == NULL) { 139 if(default_binding) { 140 krb5_warnx(context, "WARNING: more than one realm-less " 141 "database specification"); 142 krb5_warnx(context, "WARNING: using the first encountered"); 143 } else 144 default_binding = db_binding; 145 continue; 146 } 147 di = calloc(1, sizeof(*di)); 148 di->realm = strdup(p); 149 p = krb5_config_get_string(context, db_binding, "dbname", NULL); 150 if(p) 151 di->dbname = strdup(p); 152 p = krb5_config_get_string(context, db_binding, "mkey_file", NULL); 153 if(p) 154 di->mkey_file = strdup(p); 155 *dt = di; 156 dt = &di->next; 157 } 158 if(default_binding) { 159 di = calloc(1, sizeof(*di)); 160 p = krb5_config_get_string(context, default_binding, "dbname", NULL); 161 if(p) { 162 di->dbname = strdup(p); 163 default_dbname = p; 164 } 165 p = krb5_config_get_string(context, default_binding, "mkey_file", NULL); 166 if(p) { 167 di->mkey_file = strdup(p); 168 default_mkey = p; 169 } 170 *dt = di; 171 dt = &di->next; 172 } else { 173 di = calloc(1, sizeof(*di)); 174 di->dbname = strdup(default_dbname); 175 di->mkey_file = strdup(default_mkey); 176 *dt = di; 177 dt = &di->next; 178 } 179 for(di = databases; di; di = di->next) { 180 if(di->dbname == NULL) 181 di->dbname = strdup(default_dbname); 182 if(di->mkey_file == NULL) { 183 p = strrchr(di->dbname, '.'); 184 if(p == NULL || strchr(p, '/') != NULL) 185 asprintf(&di->mkey_file, "%s.mkey", di->dbname); 186 else 187 asprintf(&di->mkey_file, "%.*s.mkey", 188 (int)(p - di->dbname), di->dbname); 189 } 190 } 191} 192 193void 194configure(int argc, char **argv) 195{ 196 krb5_config_section *cf = NULL; 197 int optind = 0; 198 int e; 199 const char *p; 200 201 while((e = getarg(args, num_args, argc, argv, &optind))) 202 warnx("error at argument `%s'", argv[optind]); 203 204 if(help_flag) 205 usage (0); 206 207 if (version_flag) { 208 print_version(NULL); 209 exit(0); 210 } 211 212 argc -= optind; 213 argv += optind; 214 215 if (argc != 0) 216 usage(1); 217 218 if(config_file == NULL) 219 config_file = HDB_DB_DIR "/kdc.conf"; 220 221 if(krb5_config_parse_file(config_file, &cf)) 222 cf = NULL; 223 224 if(keyfile == NULL){ 225 p = krb5_config_get_string (context, cf, 226 "kdc", 227 "key-file", 228 NULL); 229 if(p) 230 keyfile = strdup(p); 231 } 232 233 234 get_dbinfo(cf); 235 236 if(max_request_str){ 237 max_request = parse_bytes(max_request_str, NULL); 238 } 239 240 if(max_request == 0){ 241 p = krb5_config_get_string (context, 242 cf, 243 "kdc", 244 "max-request", 245 NULL); 246 if(p) 247 max_request = parse_bytes(p, NULL); 248 } 249 250 if(require_preauth == -1) 251 require_preauth = krb5_config_get_bool(context, cf, "kdc", 252 "require-preauth", NULL); 253 254 if(port_str == NULL){ 255 p = krb5_config_get_string(context, cf, "kdc", "ports", NULL); 256 if (p != NULL) 257 port_str = strdup(p); 258 } 259 if(enable_http == -1) 260 enable_http = krb5_config_get_bool(context, cf, "kdc", 261 "enable-http", NULL); 262 check_ticket_addresses = 263 krb5_config_get_bool(context, cf, "kdc", 264 "check-ticket-addresses", NULL); 265 allow_null_ticket_addresses = 266 krb5_config_get_bool(context, cf, "kdc", 267 "allow-null-ticket-addresses", NULL); 268#ifdef KRB4 269 if(v4_realm == NULL){ 270 p = krb5_config_get_string (context, cf, 271 "kdc", 272 "v4-realm", 273 NULL); 274 if(p) 275 v4_realm = strdup(p); 276 } 277#endif 278#ifdef KASERVER 279 if (enable_kaserver == -1) 280 enable_kaserver = krb5_config_get_bool_default(context, cf, TRUE, 281 "kdc", 282 "enable-kaserver", 283 NULL); 284#endif 285 286 encode_as_rep_as_tgs_rep = krb5_config_get_bool(context, cf, "kdc", 287 "encode_as_rep_as_tgs_rep", 288 NULL); 289 290 kdc_warn_pwexpire = krb5_config_get_time (context, cf, 291 "kdc", 292 "kdc_warn_pwexpire", 293 NULL); 294 kdc_openlog(cf); 295 if(cf) 296 krb5_config_file_free (context, cf); 297 if(max_request == 0) 298 max_request = 64 * 1024; 299 if(require_preauth == -1) 300 require_preauth = 1; 301 if (port_str == NULL) 302 port_str = "+"; 303#ifdef KRB4 304 if(v4_realm == NULL){ 305 v4_realm = malloc(40); /* REALM_SZ */ 306 krb_get_lrealm(v4_realm, 1); 307 } 308#endif 309} 310