1 /*
2  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
3  * Use is subject to license terms.
4  */
5 
6 
7 /*
8  * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
9  *
10  *	Openvision retains the copyright to derivative works of
11  *	this source code.  Do *NOT* create a derivative of this
12  *	source code before consulting with your legal department.
13  *	Do *NOT* integrate *ANY* of this source code into another
14  *	product before consulting with your legal department.
15  *
16  *	For further information, read the top-level Openvision
17  *	copyright which is contained in the top-level MIT Kerberos
18  *	copyright.
19  *
20  * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
21  *
22  */
23 
24 
25 /*
26  * Copyright 1993 OpenVision Technologies, Inc., All Rights Reserved.
27  *
28  */
29 
30 #include <kadm5/admin.h>
31 #include <stdio.h>
32 #include <rpc/rpc.h>    /* SUNWresync 121 XXX */
33 #include <gssapi_krb5.h> /* for gss_nt_krb5_name */
34 #include <syslog.h>
35 #ifdef HAVE_MEMORY_H
36 #include <memory.h>
37 #endif
38 #include <rpc/rpcsec_gss.h>
39 #include <kadm5/kadm_rpc.h>
40 #include <krb5.h>
41 #include <libintl.h>
42 #include <krb5/adm_proto.h>
43 #ifdef HAVE_ARPA_INET_H
44 #include <arpa/inet.h>
45 #endif
46 #include "misc.h"
47 #include "kadm5/server_internal.h"
48 
49 extern void *global_server_handle;
50 
51 void log_badauth(OM_uint32 major, OM_uint32 minor,
52 		 struct sockaddr_in *addr, char *data);
53 /*
54  * Function: kadm_1
55  *
56  * Purpose: RPC proccessing procedure.
57  *	    originally generated from rpcgen
58  *
59  * Arguments:
60  *	rqstp		    (input) rpc request structure
61  *	transp		    (input) rpc transport structure
62  *	(input/output)
63  * 	<return value>
64  *
65  * Requires:
66  * Effects:
67  * Modifies:
68  */
69 
kadm_1(rqstp,transp)70 void kadm_1(rqstp, transp)
71    struct svc_req *rqstp;
72    register SVCXPRT *transp;
73 {
74      union {
75 	  cprinc_arg create_principal_2_arg;
76 	  dprinc_arg delete_principal_2_arg;
77 	  mprinc_arg modify_principal_2_arg;
78 	  rprinc_arg rename_principal_2_arg;
79 	  gprinc_arg get_principal_2_arg;
80 	  chpass_arg chpass_principal_2_arg;
81 	  chrand_arg chrand_principal_2_arg;
82 	  cpol_arg create_policy_2_arg;
83 	  dpol_arg delete_policy_2_arg;
84 	  mpol_arg modify_policy_2_arg;
85 	  gpol_arg get_policy_2_arg;
86 	  setkey_arg setkey_principal_2_arg;
87 	  setv4key_arg setv4key_principal_2_arg;
88 	  cprinc3_arg create_principal3_2_arg;
89 	  chpass3_arg chpass_principal3_2_arg;
90 	  chrand3_arg chrand_principal3_2_arg;
91 	  setkey3_arg setkey_principal3_2_arg;
92      } argument;
93      char *result;
94      bool_t (*xdr_argument)(), (*xdr_result)();
95      char *(*local)();
96 
97      if (rqstp->rq_cred.oa_flavor != RPCSEC_GSS) {
98 		krb5_klog_syslog(LOG_ERR,
99 		    gettext("Authentication attempt failed: invalid "
100 			"RPC authentication flavor %d"),
101 		 rqstp->rq_cred.oa_flavor);
102 	  svcerr_weakauth(transp);
103 	  return;
104      }
105 
106      switch (rqstp->rq_proc) {
107      case NULLPROC:
108 	  (void) svc_sendreply(transp, xdr_void, (char *)NULL);
109 	  return;
110 
111      case CREATE_PRINCIPAL:
112 	  xdr_argument = xdr_cprinc_arg;
113 	  xdr_result = xdr_generic_ret;
114 	  local = (char *(*)()) create_principal_2_svc;
115 	  break;
116 
117      case DELETE_PRINCIPAL:
118 	  xdr_argument = xdr_dprinc_arg;
119 	  xdr_result = xdr_generic_ret;
120 	  local = (char *(*)()) delete_principal_2_svc;
121 	  break;
122 
123      case MODIFY_PRINCIPAL:
124 	  xdr_argument = xdr_mprinc_arg;
125 	  xdr_result = xdr_generic_ret;
126 	  local = (char *(*)()) modify_principal_2_svc;
127 	  break;
128 
129      case RENAME_PRINCIPAL:
130 	  xdr_argument = xdr_rprinc_arg;
131 	  xdr_result = xdr_generic_ret;
132 	  local = (char *(*)()) rename_principal_2_svc;
133 	  break;
134 
135      case GET_PRINCIPAL:
136 	  xdr_argument = xdr_gprinc_arg;
137 	  xdr_result = xdr_gprinc_ret;
138 	  local = (char *(*)()) get_principal_2_svc;
139 	  break;
140 
141      case GET_PRINCS:
142 	  xdr_argument = xdr_gprincs_arg;
143 	  xdr_result = xdr_gprincs_ret;
144 	  local = (char *(*)()) get_princs_2_svc;
145 	  break;
146 
147      case CHPASS_PRINCIPAL:
148 	  xdr_argument = xdr_chpass_arg;
149 	  xdr_result = xdr_generic_ret;
150 	  local = (char *(*)()) chpass_principal_2_svc;
151 	  break;
152 
153 #ifdef SUNWOFF
154      case SETV4KEY_PRINCIPAL:
155 	  xdr_argument = xdr_setv4key_arg;
156 	  xdr_result = xdr_generic_ret;
157 	  local = (char *(*)()) setv4key_principal_2_svc;
158 	  break;
159 #endif
160 
161      case SETKEY_PRINCIPAL:
162 	  xdr_argument = xdr_setkey_arg;
163 	  xdr_result = xdr_generic_ret;
164 	  local = (char *(*)()) setkey_principal_2_svc;
165 	  break;
166 
167      case CHRAND_PRINCIPAL:
168 	  xdr_argument = xdr_chrand_arg;
169 	  xdr_result = xdr_chrand_ret;
170 	  local = (char *(*)()) chrand_principal_2_svc;
171 	  break;
172 
173      case CREATE_POLICY:
174 	  xdr_argument = xdr_cpol_arg;
175 	  xdr_result = xdr_generic_ret;
176 	  local = (char *(*)()) create_policy_2_svc;
177 	  break;
178 
179      case DELETE_POLICY:
180 	  xdr_argument = xdr_dpol_arg;
181 	  xdr_result = xdr_generic_ret;
182 	  local = (char *(*)()) delete_policy_2_svc;
183 	  break;
184 
185      case MODIFY_POLICY:
186 	  xdr_argument = xdr_mpol_arg;
187 	  xdr_result = xdr_generic_ret;
188 	  local = (char *(*)()) modify_policy_2_svc;
189 	  break;
190 
191      case GET_POLICY:
192 	  xdr_argument = xdr_gpol_arg;
193 	  xdr_result = xdr_gpol_ret;
194 	  local = (char *(*)()) get_policy_2_svc;
195 	  break;
196 
197      case GET_POLS:
198 	  xdr_argument = xdr_gpols_arg;
199 	  xdr_result = xdr_gpols_ret;
200 	  local = (char *(*)()) get_pols_2_svc;
201 	  break;
202 
203      case GET_PRIVS:
204 	  xdr_argument = xdr_u_int;
205 	  xdr_result = xdr_getprivs_ret;
206 	  local = (char *(*)()) get_privs_2_svc;
207 	  break;
208 
209      case INIT:
210 	  xdr_argument = xdr_u_int;
211 	  xdr_result = xdr_generic_ret;
212 	  local = (char *(*)()) init_2_svc;
213 	  break;
214 
215      case CREATE_PRINCIPAL3:
216 	  xdr_argument = xdr_cprinc3_arg;
217 	  xdr_result = xdr_generic_ret;
218 	  local = (char *(*)()) create_principal3_2_svc;
219 	  break;
220 
221      case CHPASS_PRINCIPAL3:
222 	  xdr_argument = xdr_chpass3_arg;
223 	  xdr_result = xdr_generic_ret;
224 	  local = (char *(*)()) chpass_principal3_2_svc;
225 	  break;
226 
227      case CHRAND_PRINCIPAL3:
228 	  xdr_argument = xdr_chrand3_arg;
229 	  xdr_result = xdr_chrand_ret;
230 	  local = (char *(*)()) chrand_principal3_2_svc;
231 	  break;
232 
233      case SETKEY_PRINCIPAL3:
234 	  xdr_argument = xdr_setkey3_arg;
235 	  xdr_result = xdr_generic_ret;
236 	  local = (char *(*)()) setkey_principal3_2_svc;
237 	  break;
238 
239      default:
240 	  krb5_klog_syslog(LOG_ERR,
241 		    gettext("Invalid KADM5 procedure number: %d"),
242 		 rqstp->rq_proc);
243 	  svcerr_noproc(transp);
244 	  return;
245      }
246      memset((char *)&argument, 0, sizeof(argument));
247      if (!svc_getargs(transp, xdr_argument, (char *) &argument)) {
248 	  svcerr_decode(transp);
249 	  return;
250      }
251      result = (*local)(&argument, rqstp);
252      if (result != NULL && !svc_sendreply(transp, xdr_result, (char *) result)) {
253 		krb5_klog_syslog(LOG_ERR,
254 		    gettext("WARNING! Unable to send function results, "
255 			    "continuing."));
256 	  svcerr_systemerr(transp);
257      }
258      if (!svc_freeargs(transp, xdr_argument, (char *) &argument)) {
259 	  krb5_klog_syslog(LOG_ERR,
260 		    gettext("WARNING! Unable to free arguments, "
261 			"continuing."));
262      }
263      return;
264 }
265