kadmind.c revision 72445
1/* 2 * Copyright (c) 1997-2000 Kungliga Tekniska H�gskolan 3 * (Royal Institute of Technology, Stockholm, Sweden). 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * 3. Neither the name of the Institute nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34#include "kadmin_locl.h" 35 36RCSID("$Id: kadmind.c,v 1.24 2000/12/31 07:45:23 assar Exp $"); 37 38static char *check_library = NULL; 39static char *check_function = NULL; 40static char *config_file; 41static char *keyfile; 42static char *keytab_str = "HDB:"; 43static int help_flag; 44static int version_flag; 45static int debug_flag; 46static char *port_str; 47char *realm; 48 49static struct getargs args[] = { 50 { 51 "config-file", 'c', arg_string, &config_file, 52 "location of config file", "file" 53 }, 54 { 55 "key-file", 'k', arg_string, &keyfile, 56 "location of master key file", "file" 57 }, 58 { 59 "keytab", 0, arg_string, &keytab_str, 60 "what keytab to use", "keytab" 61 }, 62 { "realm", 'r', arg_string, &realm, 63 "realm to use", "realm" 64 }, 65#ifdef HAVE_DLOPEN 66 { "check-library", 0, arg_string, &check_library, 67 "library to load password check function from", "library" }, 68 { "check-function", 0, arg_string, &check_function, 69 "password check function to load", "function" }, 70#endif 71 { "debug", 'd', arg_flag, &debug_flag, 72 "enable debugging" 73 }, 74 { "ports", 'p', arg_string, &port_str, 75 "ports to listen to", "port" }, 76 { "help", 'h', arg_flag, &help_flag }, 77 { "version", 'v', arg_flag, &version_flag } 78}; 79 80static int num_args = sizeof(args) / sizeof(args[0]); 81 82krb5_context context; 83 84static void 85usage(int ret) 86{ 87 arg_printusage (args, num_args, NULL, ""); 88 exit (ret); 89} 90 91int 92main(int argc, char **argv) 93{ 94 krb5_error_code ret; 95 krb5_config_section *cf; 96 int optind = 0; 97 int e; 98 krb5_log_facility *logf; 99 krb5_keytab keytab; 100 101 set_progname(argv[0]); 102 103 ret = krb5_init_context(&context); 104 if (ret) 105 errx (1, "krb5_init_context failed: %d", ret); 106 107 ret = krb5_openlog(context, "kadmind", &logf); 108 ret = krb5_set_warn_dest(context, logf); 109 110 while((e = getarg(args, num_args, argc, argv, &optind))) 111 warnx("error at argument `%s'", argv[optind]); 112 113 if (help_flag) 114 usage (0); 115 116 if (version_flag) { 117 print_version(NULL); 118 exit(0); 119 } 120 121 argc -= optind; 122 argv += optind; 123 124 ret = krb5_kt_register(context, &hdb_kt_ops); 125 if(ret) 126 krb5_err(context, 1, ret, "krb5_kt_register"); 127 128 if (config_file == NULL) 129 config_file = HDB_DB_DIR "/kdc.conf"; 130 131 if(krb5_config_parse_file(config_file, &cf) == 0) { 132 const char *p = krb5_config_get_string (context, cf, 133 "kdc", "key-file", NULL); 134 if (p) 135 keyfile = strdup(p); 136 } 137 138 ret = krb5_kt_resolve(context, keytab_str, &keytab); 139 if(ret) 140 krb5_err(context, 1, ret, "krb5_kt_resolve"); 141 142 kadm5_setup_passwd_quality_check (context, check_library, check_function); 143 144 { 145 int fd = 0; 146 struct sockaddr sa; 147 socklen_t sa_size; 148 krb5_auth_context ac = NULL; 149 int debug_port; 150 sa_size = sizeof(sa); 151 if(debug_flag) { 152 if(port_str == NULL) 153 debug_port = krb5_getportbyname (context, "kerberos-adm", 154 "tcp", 749); 155 else 156 debug_port = htons(atoi(port_str)); 157 mini_inetd(debug_port); 158 } else if(roken_getsockname(STDIN_FILENO, &sa, &sa_size) < 0 && 159 errno == ENOTSOCK) { 160 parse_ports(context, port_str ? port_str : "+"); 161 pidfile(NULL); 162 start_server(context); 163 } 164 if(realm) 165 krb5_set_default_realm(context, realm); /* XXX */ 166 kadmind_loop(context, ac, keytab, fd); 167 } 168 return 0; 169} 170