1 /*
2  * Copyright (c) 2001, 2010, Oracle and/or its affiliates. All rights reserved.
3  */
4 
5 
6 /*
7  * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
8  *
9  *	Openvision retains the copyright to derivative works of
10  *	this source code.  Do *NOT* create a derivative of this
11  *	source code before consulting with your legal department.
12  *	Do *NOT* integrate *ANY* of this source code into another
13  *	product before consulting with your legal department.
14  *
15  *	For further information, read the top-level Openvision
16  *	copyright which is contained in the top-level MIT Kerberos
17  *	copyright.
18  *
19  * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
20  *
21  */
22 
23 
24 /*
25  * Copyright 1993 OpenVision Technologies, Inc., All Rights Reserved
26  *
27  */
28 
29 #include <kadm5/admin.h>
30 #include <gssapi/gssapi.h>
31 #include <gssapi_krb5.h>   /* for gss_nt_krb5_name */
32 #include <kadm5/kadm_rpc.h>
33 #include <kadm5/server_internal.h>
34 #include <kadm5/srv/server_acl.h>
35 #include <security/pam_appl.h>
36 
37 #include <syslog.h>
38 #include <arpa/inet.h>  /* inet_ntoa */
39 #include <krb5/adm_proto.h>  /* krb5_klog_syslog */
40 #include <libintl.h>
41 #include <krb5.h>
42 #include "misc.h"
43 
44 #define LOG_UNAUTH  gettext("Unauthorized request: %s, %s, " \
45 			    "client=%s, service=%s, addr=%s")
46 #define	LOG_DONE   gettext("Request: %s, %s, %s, client=%s, " \
47 			    "service=%s, addr=%s")
48 
49 extern gss_name_t 			gss_changepw_name;
50 extern gss_name_t			gss_oldchangepw_name;
51 extern void *				global_server_handle;
52 extern short l_port;
53 
54 char buf[33];
55 
56 #define CHANGEPW_SERVICE(rqstp) \
57 	(cmp_gss_names_rel_1(acceptor_name(rqstp), gss_changepw_name) |\
58 	 (gss_oldchangepw_name && \
59 	  cmp_gss_names_rel_1(acceptor_name(rqstp), \
60 			gss_oldchangepw_name)))
61 
62 
63 static int gss_to_krb5_name(kadm5_server_handle_t handle,
64 		     gss_name_t gss_name, krb5_principal *princ);
65 
66 static int gss_name_to_string(gss_name_t gss_name, gss_buffer_desc *str);
67 
68 static gss_name_t acceptor_name(struct svc_req * rqstp);
69 
70 kadm5_ret_t
71 kadm5_get_priv(void *server_handle,
72     long *privs, gss_name_t clnt);
73 
74 gss_name_t
get_clnt_name(struct svc_req * rqstp)75 get_clnt_name(struct svc_req * rqstp)
76 {
77 	OM_uint32 maj_stat, min_stat;
78 	gss_name_t name;
79 	rpc_gss_rawcred_t *raw_cred;
80 	void *cookie;
81 	gss_buffer_desc name_buff;
82 
83 	rpc_gss_getcred(rqstp, &raw_cred, NULL, &cookie);
84 	name_buff.value = raw_cred->client_principal->name;
85 	name_buff.length = raw_cred->client_principal->len;
86 	maj_stat = gss_import_name(&min_stat, &name_buff,
87 	    (gss_OID) GSS_C_NT_EXPORT_NAME, &name);
88 	if (maj_stat != GSS_S_COMPLETE) {
89 		return (NULL);
90 	}
91 	return (name);
92 }
93 
94 char *
client_addr(struct svc_req * req,char * buf)95 client_addr(struct svc_req * req, char *buf)
96 {
97 	struct sockaddr *ca;
98 	u_char *b;
99 	char *frontspace = " ";
100 
101 	/*
102 	 * Convert the caller's IP address to a dotted string
103 	 */
104 	ca = (struct sockaddr *)
105 	    svc_getrpccaller(req->rq_xprt)->buf;
106 
107 	if (ca->sa_family == AF_INET) {
108 		b = (u_char *) & ((struct sockaddr_in *) ca)->sin_addr;
109 		(void) sprintf(buf, "%s(%d.%d.%d.%d) ", frontspace,
110 		    b[0] & 0xFF, b[1] & 0xFF, b[2] & 0xFF, b[3] & 0xFF);
111 	} else {
112 		/*
113 		 * No IP address to print. If there was a host name
114 		 * printed, then we print a space.
115 		 */
116 		(void) sprintf(buf, frontspace);
117 	}
118 
119 	return (buf);
120 }
121 
cmp_gss_names(gss_name_t n1,gss_name_t n2)122 static int cmp_gss_names(gss_name_t n1, gss_name_t n2)
123 {
124    OM_uint32 emaj, emin;
125    int equal;
126 
127    if (GSS_ERROR(emaj = gss_compare_name(&emin, n1, n2, &equal)))
128       return(0);
129 
130    return(equal);
131 }
132 
133 /* Does a comparison of the names and then releases the first entity */
134 /* For use above in CHANGEPW_SERVICE */
cmp_gss_names_rel_1(gss_name_t n1,gss_name_t n2)135 static int cmp_gss_names_rel_1(gss_name_t n1, gss_name_t n2)
136 {
137    OM_uint32 min_stat;
138    int ret;
139 
140    ret = cmp_gss_names(n1, n2);
141    if (n1) (void) gss_release_name(&min_stat, &n1);
142    return ret;
143 }
144 
145 /*
146  * Function check_handle
147  *
148  * Purpose: Check a server handle and return a com_err code if it is
149  * invalid or 0 if it is valid.
150  *
151  * Arguments:
152  *
153  * 	handle		The server handle.
154  */
155 
check_handle(void * handle)156 static int check_handle(void *handle)
157 {
158      CHECK_HANDLE(handle);
159      return 0;
160 }
161 
162 /*
163  * Function: new_server_handle
164  *
165  * Purpose: Constructs a server handle suitable for passing into the
166  * server library API functions, by folding the client's API version
167  * and calling principal into the server handle returned by
168  * kadm5_init.
169  *
170  * Arguments:
171  * 	api_version	(input) The API version specified by the client
172  * 	rqstp		(input) The RPC request
173  * 	handle		(output) The returned handle
174  *	<return value>	(output) An error code, or 0 if no error occurred
175  *
176  * Effects:
177  * 	Returns a pointer to allocated storage containing the server
178  * 	handle.  If an error occurs, then no allocated storage is
179  *	returned, and the return value of the function will be a
180  * 	non-zero com_err code.
181  *
182  *      The allocated storage for the handle should be freed with
183  * 	free_server_handle (see below) when it is no longer needed.
184  */
185 
new_server_handle(krb5_ui_4 api_version,struct svc_req * rqstp,kadm5_server_handle_t * out_handle)186 static kadm5_ret_t new_server_handle(krb5_ui_4 api_version,
187 					  struct svc_req *rqstp,
188 					  kadm5_server_handle_t
189 					  *out_handle)
190 {
191      kadm5_server_handle_t handle;
192 	gss_name_t name;
193 	OM_uint32 min_stat;
194 
195      if (! (handle = (kadm5_server_handle_t)
196 	    malloc(sizeof(*handle))))
197 	  return ENOMEM;
198 
199      *handle = *(kadm5_server_handle_t)global_server_handle;
200      handle->api_version = api_version;
201 
202      if (!(name = get_clnt_name(rqstp))) {
203 	  free(handle);
204 	  return KADM5_FAILURE;
205      }
206     if (! gss_to_krb5_name(handle, name, &handle->current_caller)) {
207 	  free(handle);
208 		gss_release_name(&min_stat, &name);
209 	  return KADM5_FAILURE;
210 	}
211 	gss_release_name(&min_stat, &name);
212 
213      *out_handle = handle;
214      return 0;
215 }
216 
217 /*
218  * Function: free_server_handle
219  *
220  * Purpose: Free handle memory allocated by new_server_handle
221  *
222  * Arguments:
223  * 	handle		(input/output) The handle to free
224  */
free_server_handle(kadm5_server_handle_t handle)225 static void free_server_handle(kadm5_server_handle_t handle)
226 {
227      krb5_free_principal(handle->context, handle->current_caller);
228      free(handle);
229 }
230 
231 /*
232  * Function: setup_gss_names
233  *
234  * Purpose: Create printable representations of the client and server
235  * names.
236  *
237  * Arguments:
238  * 	rqstp		(r) the RPC request
239  * 	client_name	(w) pointer to client_name string
240  * 	server_name	(w) pointer to server_name string
241  *
242  * Effects:
243  *
244  * Unparses the client and server names into client_name and
245  * server_name, both of which must be freed by the caller.  Returns 0
246  * on success and -1 on failure. On failure client_name and server_name
247  * will point to null.
248  */
249 /* SUNW14resync */
setup_gss_names(struct svc_req * rqstp,char ** client_name,char ** server_name)250 int setup_gss_names(struct svc_req *rqstp,
251     char **client_name, char **server_name)
252 {
253      OM_uint32 maj_stat, min_stat;
254 	rpc_gss_rawcred_t *raw_cred;
255 	gss_buffer_desc name_buf;
256 	char *tmp, *val;
257 	size_t len;
258 	gss_name_t name;
259 
260 	*client_name = NULL;
261 
262 	rpc_gss_getcred(rqstp, &raw_cred, NULL, NULL);
263 
264 	/* Return a copy of the service principal from the raw_cred */
265 	*server_name = strdup(raw_cred->svc_principal);
266 
267 	if (*server_name == NULL)
268 		return (-1);
269 
270 	if (!(name = get_clnt_name(rqstp))) {
271 		free(*server_name);
272 		*server_name = NULL;
273 		return (-1);
274 	}
275 	maj_stat = gss_display_name(&min_stat, name, &name_buf, NULL);
276 	if (maj_stat != GSS_S_COMPLETE) {
277 		free(*server_name);
278 		gss_release_name(&min_stat, &name);
279 		*server_name = NULL;
280 		return (-1);
281 	}
282 	gss_release_name(&min_stat, &name);
283 
284 	/*
285 	 * Allocate space to copy the client principal. We allocate an
286 	 * extra byte to make the string null terminated if we need to.
287 	 */
288 
289 	val = name_buf.value;
290 	len = name_buf.length + (val[name_buf.length - 1] != '\0');
291 
292 	/* len is the length including the null terminating byte. */
293 
294 	tmp = malloc(len);
295 	if (tmp) {
296 		memcpy(tmp, val, len - 1);
297 		tmp[len - 1] = '\0';
298 	} else {
299 		free(*server_name);
300 		*server_name = NULL;
301 	}
302 
303 	/* Were done with the GSS buffer */
304 	(void) gss_release_buffer(&min_stat, &name_buf);
305 
306 	*client_name = tmp;
307 
308 	return (tmp ? 0 : -1);
309 }
310 
acceptor_name(struct svc_req * rqstp)311 static gss_name_t acceptor_name(struct svc_req * rqstp)
312 {
313      OM_uint32 maj_stat, min_stat;
314      gss_name_t name;
315      rpc_gss_rawcred_t *raw_cred;
316      void *cookie;
317      gss_buffer_desc name_buff;
318 
319 	rpc_gss_getcred(rqstp, &raw_cred, NULL, &cookie);
320 	name_buff.value = raw_cred->svc_principal;
321 	name_buff.length = strlen(raw_cred->svc_principal);
322 	maj_stat = gss_import_name(&min_stat, &name_buff,
323 	    (gss_OID) gss_nt_krb5_name, &name);
324 	if (maj_stat != GSS_S_COMPLETE) {
325 		gss_release_buffer(&min_stat, &name_buff);
326 		return (NULL);
327 	}
328 	maj_stat = gss_display_name(&min_stat, name, &name_buff, NULL);
329     if (maj_stat != GSS_S_COMPLETE) {
330 		gss_release_buffer(&min_stat, &name_buff);
331 	  return (NULL);
332 	}
333 	gss_release_buffer(&min_stat, &name_buff);
334 
335      return name;
336 }
337 
cmp_gss_krb5_name(kadm5_server_handle_t handle,gss_name_t gss_name,krb5_principal princ)338 static int cmp_gss_krb5_name(kadm5_server_handle_t handle,
339 		      gss_name_t gss_name, krb5_principal princ)
340 {
341      krb5_principal princ2;
342      int status;
343 
344      if (! gss_to_krb5_name(handle, gss_name, &princ2))
345 	  return 0;
346      status = krb5_principal_compare(handle->context, princ, princ2);
347      krb5_free_principal(handle->context, princ2);
348      return status;
349 }
350 
351 
352 /*
353  * This routine primarily validates the username and password
354  * of the principal to be created, if a prior acl check for
355  * the 'u' privilege succeeds. Validation is done using
356  * the PAM `k5migrate' service. k5migrate normally stacks
357  * pam_unix_auth.so and pam_unix_account.so in its auth and
358  * account stacks respectively.
359  *
360  * Returns 1 (true), if validation is successful,
361  * else returns 0 (false).
362  */
verify_pam_pw(char * userdata,char * pwd)363 int verify_pam_pw(char *userdata, char *pwd) {
364 	pam_handle_t *pamh;
365 	int err = 0;
366 	int result = 1;
367 	char *user = NULL;
368 	char *ptr = NULL;
369 
370 	ptr = strchr(userdata, '@');
371 	if (ptr != NULL) {
372 		user = (char *)malloc(ptr - userdata + 1);
373 		(void) strlcpy(user, userdata, (ptr - userdata) + 1);
374 	} else {
375 		user = (char *)strdup(userdata);
376 	}
377 
378 	err = pam_start("k5migrate", user, NULL, &pamh);
379 	if (err != PAM_SUCCESS) {
380 		syslog(LOG_ERR, "verify_pam_pw: pam_start() failed, %s\n",
381 				pam_strerror(pamh, err));
382 		if (user)
383 			free(user);
384 		return (0);
385 	}
386 	if (user)
387 		free(user);
388 
389 	err = pam_set_item(pamh, PAM_AUTHTOK, (void *)pwd);
390 	if (err != PAM_SUCCESS) {
391 		syslog(LOG_ERR, "verify_pam_pw: pam_set_item() failed, %s\n",
392 				pam_strerror(pamh, err));
393 		(void) pam_end(pamh, err);
394 		return (0);
395 	}
396 
397 	err = pam_authenticate(pamh, PAM_SILENT);
398 	if (err != PAM_SUCCESS) {
399 		syslog(LOG_ERR, "verify_pam_pw: pam_authenticate() "
400 				"failed, %s\n", pam_strerror(pamh, err));
401 		(void) pam_end(pamh, err);
402 		return (0);
403 	}
404 
405 	err = pam_acct_mgmt(pamh, PAM_SILENT);
406 	if (err != PAM_SUCCESS) {
407 		syslog(LOG_ERR, "verify_pam_pw: pam_acct_mgmt() failed, %s\n",
408 				pam_strerror(pamh, err));
409 		(void) pam_end(pamh, err);
410 		return (0);
411 	}
412 
413 	(void) pam_end(pamh, PAM_SUCCESS);
414 	return (result);
415 }
416 
gss_to_krb5_name(kadm5_server_handle_t handle,gss_name_t gss_name,krb5_principal * princ)417 static int gss_to_krb5_name(kadm5_server_handle_t handle,
418 		     gss_name_t gss_name, krb5_principal *princ)
419 {
420      OM_uint32 status, minor_stat;
421      gss_buffer_desc gss_str;
422      gss_OID gss_type;
423      int success;
424 
425      status = gss_display_name(&minor_stat, gss_name, &gss_str, &gss_type);
426      if ((status != GSS_S_COMPLETE) || (!g_OID_equal(gss_type, gss_nt_krb5_name)))
427 	  return 0;
428      success = (krb5_parse_name(handle->context, gss_str.value, princ) == 0);
429      gss_release_buffer(&minor_stat, &gss_str);
430      return success;
431 }
432 
433 static int
gss_name_to_string(gss_name_t gss_name,gss_buffer_desc * str)434 gss_name_to_string(gss_name_t gss_name, gss_buffer_desc *str)
435 {
436      OM_uint32 status, minor_stat;
437      gss_OID gss_type;
438 
439      status = gss_display_name(&minor_stat, gss_name, str, &gss_type);
440      if ((status != GSS_S_COMPLETE) || (gss_type != gss_nt_krb5_name))
441 	  return 1;
442      return 0;
443 }
444 
445 static int
log_unauth(char * op,char * target,char * client,char * server,char * addr)446 log_unauth(
447     char *op,
448     char *target,
449     char *client,
450     char *server,
451     char *addr)
452 {
453     size_t tlen, clen, slen;
454     char *tdots, *cdots, *sdots;
455 
456     tlen = strlen(target);
457     trunc_name(&tlen, &tdots);
458     clen = strlen(client);
459     trunc_name(&clen, &cdots);
460     slen = strlen(server);
461     trunc_name(&slen, &sdots);
462 
463     return krb5_klog_syslog(LOG_NOTICE,
464 			    "Unauthorized request: %s, %.*s%s, "
465 			    "client=%.*s%s, service=%.*s%s, addr=%s",
466 			    op, tlen, target, tdots,
467 			    clen, client, cdots,
468 			    slen, server, sdots,
469 			    addr);
470 }
471 
472 static int
log_done(char * op,char * target,const char * errmsg,char * client,char * server,char * addr)473 log_done(
474     char *op,
475     char *target,
476     const char *errmsg,
477     char *client,
478     char *server,
479     char *addr)
480 {
481     size_t tlen, clen, slen;
482     char *tdots, *cdots, *sdots;
483 
484     tlen = strlen(target);
485     trunc_name(&tlen, &tdots);
486     clen = strlen(client);
487     trunc_name(&clen, &cdots);
488     slen = strlen(server);
489     trunc_name(&slen, &sdots);
490 
491     return krb5_klog_syslog(LOG_NOTICE,
492 			    "Request: %s, %.*s%s, %s, "
493 			    "client=%.*s%s, service=%.*s%s, addr=%s",
494 			    op, tlen, target, tdots, errmsg,
495 			    clen, client, cdots,
496 			    slen, server, sdots,
497 			    addr);
498 }
499 
500 generic_ret *
create_principal_2_svc(cprinc_arg * arg,struct svc_req * rqstp)501 create_principal_2_svc(cprinc_arg *arg, struct svc_req *rqstp)
502 {
503     static generic_ret		ret;
504     char			*prime_arg = NULL;
505     char *client_name = NULL, *service_name = NULL;
506     int policy_migrate = 0;
507 
508     OM_uint32			minor_stat;
509     kadm5_server_handle_t	handle;
510     kadm5_ret_t retval;
511     restriction_t		*rp;
512     const char			*errmsg = NULL;
513     gss_name_t name = NULL;
514 
515     xdr_free(xdr_generic_ret, (char *) &ret);
516 
517     if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
518 	 return &ret;
519 
520     if ((ret.code = check_handle((void *)handle)))
521 		goto error;
522     ret.api_version = handle->api_version;
523 
524     if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
525 	 ret.code = KADM5_FAILURE;
526 	goto error;
527     }
528     if (krb5_unparse_name(handle->context, arg->rec.principal, &prime_arg)) {
529 	 ret.code = KADM5_BAD_PRINCIPAL;
530 	 goto error;
531     }
532 	if (!(name = get_clnt_name(rqstp))) {
533 		ret.code = KADM5_FAILURE;
534 		goto error;
535 	}
536 
537 	if (kadm5int_acl_check(handle->context, name, ACL_MIGRATE,
538 	    arg->rec.principal, &rp) &&
539 	    verify_pam_pw(prime_arg, arg->passwd)) {
540 		policy_migrate = 1;
541 	}
542 
543     if (CHANGEPW_SERVICE(rqstp)
544 	|| (!kadm5int_acl_check(handle->context, name, ACL_ADD,
545 			arg->rec.principal, &rp) &&
546 		!(policy_migrate))
547 	|| kadm5int_acl_impose_restrictions(handle->context,
548 				   &arg->rec, &arg->mask, rp)) {
549 	 ret.code = KADM5_AUTH_ADD;
550 
551 		audit_kadmind_unauth(rqstp->rq_xprt, l_port,
552 				    "kadm5_create_principal",
553 				    prime_arg, client_name);
554 	 log_unauth("kadm5_create_principal", prime_arg,
555 		client_name, service_name, client_addr(rqstp, buf));
556     } else {
557 	ret.code = kadm5_create_principal((void *)handle,
558 						&arg->rec, arg->mask,
559 						arg->passwd);
560 	/* Solaris Kerberos */
561 	if( ret.code != 0 )
562 	     errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
563 
564 	audit_kadmind_auth(rqstp->rq_xprt, l_port,
565 				"kadm5_create_principal",
566 				prime_arg, client_name, ret.code);
567 	log_done("kadm5_create_principal", prime_arg,
568 	    errmsg ? errmsg : "success",
569 	    client_name, service_name, client_addr(rqstp, buf));
570 
571 	if (errmsg != NULL)
572 		krb5_free_error_message(handle ? handle->context : NULL, errmsg);
573 
574 	if (policy_migrate && (ret.code == 0)) {
575 		arg->rec.policy = strdup("default");
576 		if ((arg->mask & KADM5_PW_EXPIRATION)) {
577 			arg->mask = 0;
578 			arg->mask |= KADM5_POLICY;
579 			arg->mask |= KADM5_PW_EXPIRATION;
580 		} else {
581 			arg->mask = 0;
582 			arg->mask |= KADM5_POLICY;
583 		}
584 
585 		retval = kadm5_modify_principal((void *)handle,
586 				&arg->rec, arg->mask);
587 		log_done("kadm5_modify_principal",
588 			prime_arg, ((retval == 0) ? "success" :
589 			error_message(retval)), client_name,
590 			service_name, client_addr(rqstp, buf));
591 	}
592     }
593 
594 error:
595     if (name)
596     	gss_release_name(&minor_stat, &name);
597     free_server_handle(handle);
598     if (prime_arg)
599     	free(prime_arg);
600     if (client_name)
601     	free(client_name);
602     if (service_name)
603     	free(service_name);
604     return (&ret);
605 }
606 
607 generic_ret *
create_principal3_2_svc(cprinc3_arg * arg,struct svc_req * rqstp)608 create_principal3_2_svc(cprinc3_arg *arg, struct svc_req *rqstp)
609 {
610     static generic_ret		ret;
611     char			*prime_arg = NULL;
612     char			*client_name = NULL, *service_name = NULL;
613     int				policy_migrate = 0;
614 
615     OM_uint32			minor_stat;
616     kadm5_server_handle_t	handle;
617     kadm5_ret_t			retval;
618     restriction_t		*rp;
619     const char                        *errmsg = NULL;
620     gss_name_t			name = NULL;
621 
622     xdr_free(xdr_generic_ret, (char *) &ret);
623 
624     if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
625 	 return &ret;
626 
627     if ((ret.code = check_handle((void *)handle)))
628 	goto error;
629     ret.api_version = handle->api_version;
630 
631     if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
632 	 ret.code = KADM5_FAILURE;
633 	goto error;
634     }
635     if (krb5_unparse_name(handle->context, arg->rec.principal, &prime_arg)) {
636 	 ret.code = KADM5_BAD_PRINCIPAL;
637 	goto error;
638     }
639     if (!(name = get_clnt_name(rqstp))) {
640 	ret.code = KADM5_FAILURE;
641 	goto error;
642     }
643 
644     if (kadm5int_acl_check(handle->context, name, ACL_MIGRATE,
645 		arg->rec.principal, &rp) &&
646 		verify_pam_pw(prime_arg, arg->passwd)) {
647 	policy_migrate = 1;
648     }
649 
650     if (CHANGEPW_SERVICE(rqstp)
651 	|| (!kadm5int_acl_check(handle->context, name, ACL_ADD,
652 			arg->rec.principal, &rp) &&
653 	    !(policy_migrate))
654 	|| kadm5int_acl_impose_restrictions(handle->context,
655 				   &arg->rec, &arg->mask, rp)) {
656 	 ret.code = KADM5_AUTH_ADD;
657 	 log_unauth("kadm5_create_principal", prime_arg,
658 		    client_name, service_name, client_addr(rqstp, buf));
659     } else {
660 	 ret.code = kadm5_create_principal_3((void *)handle,
661 					     &arg->rec, arg->mask,
662 					     arg->n_ks_tuple,
663 					     arg->ks_tuple,
664 					     arg->passwd);
665 	/* Solaris Kerberos */
666 	 if( ret.code != 0 )
667 	     errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
668 
669 	 log_done("kadm5_create_principal", prime_arg,
670 		  errmsg ? errmsg : "success",
671 		  client_name, service_name, client_addr(rqstp, buf));
672 
673 	  if (errmsg != NULL)
674 		krb5_free_error_message(handle ? handle->context : NULL, errmsg);
675 
676 	 if (policy_migrate && (ret.code == 0)) {
677 	 	arg->rec.policy = strdup("default");
678 	 	if ((arg->mask & KADM5_PW_EXPIRATION)) {
679 	 		arg->mask = 0;
680 	 		arg->mask |= KADM5_POLICY;
681 	 		arg->mask |= KADM5_PW_EXPIRATION;
682 	 	} else {
683 	 		arg->mask = 0;
684 	 		arg->mask |= KADM5_POLICY;
685 	 	}
686 
687 		retval = kadm5_modify_principal((void *)handle,
688 					   &arg->rec, arg->mask);
689 		log_done("kadm5_modify_principal", prime_arg,
690 			((retval == 0) ? "success" : error_message(retval)),
691 			client_name, service_name, client_addr(rqstp, buf));
692 	 }
693     }
694 
695 error:
696     if (name)
697     	gss_release_name(&minor_stat, &name);
698     free_server_handle(handle);
699     if (client_name)
700     	free(client_name);
701     if (service_name)
702     	free(service_name);
703     if (prime_arg)
704     	free(prime_arg);
705     return &ret;
706 }
707 
708 generic_ret *
delete_principal_2_svc(dprinc_arg * arg,struct svc_req * rqstp)709 delete_principal_2_svc(dprinc_arg *arg, struct svc_req *rqstp)
710 {
711     static generic_ret		    ret;
712     char			    *prime_arg = NULL;
713     char *client_name = NULL, *service_name = NULL;
714     OM_uint32			    min_stat;
715     kadm5_server_handle_t	    handle;
716     const char                            *errmsg = NULL;
717 
718     gss_name_t name = NULL;
719 
720 
721     xdr_free(xdr_generic_ret, (char *) &ret);
722 
723     if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
724 	 return &ret;
725 
726     if ((ret.code = check_handle((void *)handle)))
727 		goto error;
728     ret.api_version = handle->api_version;
729 
730     if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
731 	 ret.code = KADM5_FAILURE;
732 		goto error;
733     }
734     if (krb5_unparse_name(handle->context, arg->princ, &prime_arg)) {
735 	 ret.code = KADM5_BAD_PRINCIPAL;
736 		goto error;
737     }
738 	if (!(name = get_clnt_name(rqstp))) {
739 		ret.code = KADM5_FAILURE;
740 		goto error;
741 	}
742 
743     if (CHANGEPW_SERVICE(rqstp)
744 	|| !kadm5int_acl_check(handle->context, name, ACL_DELETE,
745 		      arg->princ, NULL)) {
746 	 ret.code = KADM5_AUTH_DELETE;
747 
748 		audit_kadmind_unauth(rqstp->rq_xprt, l_port,
749 				    "kadm5_delete_principal",
750 				    prime_arg, client_name);
751 	 log_unauth("kadm5_delete_principal", prime_arg, client_name,
752 			service_name, client_addr(rqstp, buf));
753     } else {
754 	 ret.code = kadm5_delete_principal((void *)handle, arg->princ);
755 	/* Solaris Kerberos */
756 	 if( ret.code != 0 )
757 	     errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
758 
759 		audit_kadmind_auth(rqstp->rq_xprt, l_port,
760 				"kadm5_delete_principal",
761 				prime_arg, client_name, ret.code);
762 	 log_done("kadm5_delete_principal", prime_arg,
763 		  errmsg ? errmsg : "success",
764 		  client_name, service_name, client_addr(rqstp, buf));
765 
766 	  if (errmsg != NULL)
767 		krb5_free_error_message(handle ? handle->context : NULL, errmsg);
768 
769     }
770 
771 error:
772     if (name)
773     	gss_release_name(&min_stat, &name);
774     if (prime_arg)
775     	free(prime_arg);
776     free_server_handle(handle);
777     if (client_name)
778     	free(client_name);
779     if (service_name)
780     	free(service_name);
781     return &ret;
782 }
783 
784 generic_ret *
modify_principal_2_svc(mprinc_arg * arg,struct svc_req * rqstp)785 modify_principal_2_svc(mprinc_arg *arg, struct svc_req *rqstp)
786 {
787     static generic_ret		    ret;
788     char *prime_arg = NULL;
789     char *client_name = NULL, *service_name = NULL;
790     OM_uint32 min_stat;
791     kadm5_server_handle_t handle;
792     restriction_t *rp;
793     gss_name_t name = NULL;
794     const char                            *errmsg = NULL;
795 
796     xdr_free(xdr_generic_ret, (char *) &ret);
797 
798     if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
799 	 return &ret;
800 
801     if ((ret.code = check_handle((void *)handle)))
802 		goto error;
803    if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
804 	 ret.code = KADM5_FAILURE;
805 		goto error;
806     }
807     if (krb5_unparse_name(handle->context, arg->rec.principal, &prime_arg)) {
808 	 ret.code = KADM5_BAD_PRINCIPAL;
809 	 goto error;
810     }
811 	if (!(name = get_clnt_name(rqstp))) {
812 		ret.code = KADM5_FAILURE;
813 		goto error;
814 	}
815 
816     if (CHANGEPW_SERVICE(rqstp)
817 	|| !kadm5int_acl_check(handle->context, name, ACL_MODIFY,
818 		      arg->rec.principal, &rp)
819 	|| kadm5int_acl_impose_restrictions(handle->context,
820 				   &arg->rec, &arg->mask, rp)) {
821 	 ret.code = KADM5_AUTH_MODIFY;
822 
823 		audit_kadmind_unauth(rqstp->rq_xprt, l_port,
824 				    "kadm5_modify_principal",
825 				    prime_arg, client_name);
826 	 log_unauth("kadm5_modify_principal", prime_arg, client_name,
827 		    service_name, client_addr(rqstp, buf));
828     } else {
829 	 ret.code = kadm5_modify_principal((void *)handle, &arg->rec,
830 						arg->mask);
831 	/* Solaris Kerberos */
832 	 if( ret.code != 0 )
833 	     errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
834 
835 		audit_kadmind_auth(rqstp->rq_xprt, l_port,
836 				"kadm5_modify_principal",
837 				prime_arg, client_name, ret.code);
838 	 log_done("kadm5_modify_principal", prime_arg,
839 		  errmsg ? errmsg : "success",
840 		  client_name, service_name, client_addr(rqstp, buf));
841 
842 	  if (errmsg != NULL)
843 		krb5_free_error_message(handle ? handle->context : NULL, errmsg);
844     }
845 
846 error:
847     if (name)
848     	gss_release_name(&min_stat, &name);
849     free_server_handle(handle);
850     if (prime_arg)
851     	free(prime_arg);
852     if (client_name)
853     	free(client_name);
854     if (service_name)
855     	free(service_name);
856     return &ret;
857 }
858 
859 generic_ret *
rename_principal_2_svc(rprinc_arg * arg,struct svc_req * rqstp)860 rename_principal_2_svc(rprinc_arg *arg, struct svc_req *rqstp)
861 {
862     static generic_ret		ret;
863     char			*prime_arg1 = NULL, *prime_arg2 = NULL;
864     char prime_arg[BUFSIZ];
865     char *client_name = NULL, *service_name = NULL;
866     OM_uint32 min_stat;
867     kadm5_server_handle_t handle;
868     restriction_t *rp;
869     const char                        *errmsg = NULL;
870     gss_name_t name = NULL;
871     size_t tlen1, tlen2, clen, slen;
872     char *tdots1, *tdots2, *cdots, *sdots;
873 
874     xdr_free(xdr_generic_ret, (char *) &ret);
875 
876     if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
877 	 return &ret;
878 
879     if ((ret.code = check_handle((void *)handle)))
880 	 goto error;
881     if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
882 	 ret.code = KADM5_FAILURE;
883 	 goto error;
884     }
885     if (krb5_unparse_name(handle->context, arg->src, &prime_arg1) ||
886         krb5_unparse_name(handle->context, arg->dest, &prime_arg2)) {
887 	 ret.code = KADM5_BAD_PRINCIPAL;
888 	 goto error;
889     }
890     tlen1 = strlen(prime_arg1);
891     trunc_name(&tlen1, &tdots1);
892     tlen2 = strlen(prime_arg2);
893     trunc_name(&tlen2, &tdots2);
894     clen = strlen(client_name);
895     trunc_name(&clen, &cdots);
896     slen = strlen(service_name);
897     trunc_name(&slen, &sdots);
898 
899     (void) snprintf(prime_arg, sizeof (prime_arg), "%.*s%s to %.*s*s",
900 	tlen1, prime_arg1, tdots1,
901 	tlen2, prime_arg2, tdots2);
902     ret.code = KADM5_OK;
903 
904 	if (!(name = get_clnt_name(rqstp))) {
905 		ret.code = KADM5_FAILURE;
906 		goto error;
907 	}
908 
909     if (! CHANGEPW_SERVICE(rqstp)) {
910 	 if (!kadm5int_acl_check(handle->context, name,
911 			ACL_DELETE, arg->src, NULL))
912 	      ret.code = KADM5_AUTH_DELETE;
913 	 /* any restrictions at all on the ADD kills the RENAME */
914 	 if (!kadm5int_acl_check(handle->context, name,
915 			ACL_ADD, arg->dest, &rp)) {
916 	      if (ret.code == KADM5_AUTH_DELETE)
917 		   ret.code = KADM5_AUTH_INSUFFICIENT;
918 	      else
919 		   ret.code = KADM5_AUTH_ADD;
920 	 }
921     } else
922 	 ret.code = KADM5_AUTH_INSUFFICIENT;
923     if (ret.code != KADM5_OK) {
924 
925 		audit_kadmind_unauth(rqstp->rq_xprt, l_port,
926 				    "kadm5_rename_principal",
927 				    prime_arg, client_name);
928 		krb5_klog_syslog(LOG_NOTICE,
929 		    "Unauthorized request: kadm5_rename_principal, "
930 		    "%.*s%s to %.*s%s, "
931 		    "client=%.*s%s, service=%.*s%s, addr=%s",
932 		    tlen1, prime_arg1, tdots1,
933 		    tlen2, prime_arg2, tdots2,
934 		    clen, client_name, cdots,
935 		    slen, service_name, sdots,
936 		    client_addr(rqstp, buf));
937     } else {
938 	 ret.code = kadm5_rename_principal((void *)handle, arg->src,
939 						arg->dest);
940 	/* Solaris Kerberos */
941 	 if( ret.code != 0 )
942 	     errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
943 
944 		audit_kadmind_auth(rqstp->rq_xprt, l_port,
945 				"kadm5_rename_principal",
946 				prime_arg, client_name, ret.code);
947 	 krb5_klog_syslog(LOG_NOTICE,
948 			  "Request: kadm5_rename_principal, "
949 			  "%.*s%s to %.*s%s, %s, "
950 			  "client=%.*s%s, service=%.*s%s, addr=%s",
951 			  tlen1, prime_arg1, tdots1,
952 			  tlen2, prime_arg2, tdots2,
953 			  errmsg ? errmsg : "success",
954 			  clen, client_name, cdots,
955 			  slen, service_name, sdots,
956 			  client_addr(rqstp, buf));
957 
958 	  if (errmsg != NULL)
959 		krb5_free_error_message(handle ? handle->context : NULL, errmsg);
960     }
961 
962 error:
963     if (name)
964     	gss_release_name(&min_stat, &name);
965     free_server_handle(handle);
966     if (prime_arg1)
967     	free(prime_arg1);
968     if (prime_arg2)
969     	free(prime_arg2);
970     if (client_name)
971     	free(client_name);
972     if (service_name)
973     	free(service_name);
974     return &ret;
975 }
976 
977 gprinc_ret *
get_principal_2_svc(gprinc_arg * arg,struct svc_req * rqstp)978 get_principal_2_svc(gprinc_arg *arg, struct svc_req *rqstp)
979 {
980     static gprinc_ret		    ret;
981     kadm5_principal_ent_t_v1	    e;
982     char			    *prime_arg = NULL, *funcname;
983     char *client_name = NULL, *service_name = NULL;
984     OM_uint32			    min_stat;
985     kadm5_server_handle_t	    handle;
986     const char                            *errmsg = NULL;
987     gss_name_t name = NULL;
988 
989     xdr_free(xdr_gprinc_ret, (char *) &ret);
990 
991     if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
992 	 return &ret;
993 
994     if ((ret.code = check_handle((void *)handle)))
995 		goto error;
996     ret.api_version = handle->api_version;
997 
998     funcname = handle->api_version == KADM5_API_VERSION_1 ?
999 	 "kadm5_get_principal (V1)" : "kadm5_get_principal";
1000 
1001     if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
1002 	 ret.code = KADM5_FAILURE;
1003 		goto error;
1004     }
1005     if (krb5_unparse_name(handle->context, arg->princ, &prime_arg)) {
1006 	 ret.code = KADM5_BAD_PRINCIPAL;
1007 		goto error;
1008     }
1009 	if (!(name = get_clnt_name(rqstp))) {
1010 		ret.code = KADM5_FAILURE;
1011 		goto error;
1012 	}
1013 
1014     if (! cmp_gss_krb5_name(handle, name, arg->princ) &&
1015 	(CHANGEPW_SERVICE(rqstp) || !kadm5int_acl_check(handle->context,
1016 					       name,
1017 					       ACL_INQUIRE,
1018 					       arg->princ,
1019 					       NULL))) {
1020 	 ret.code = KADM5_AUTH_GET;
1021 
1022 		audit_kadmind_unauth(rqstp->rq_xprt, l_port,
1023 				    funcname,
1024 				    prime_arg, client_name);
1025 	 log_unauth(funcname, prime_arg, client_name, service_name,
1026 		    client_addr(rqstp, buf));
1027     } else {
1028 	 if (handle->api_version == KADM5_API_VERSION_1) {
1029 	      ret.code  = kadm5_get_principal_v1((void *)handle,
1030 						 arg->princ, &e);
1031 	      if(ret.code == KADM5_OK) {
1032 		   memcpy(&ret.rec, e, sizeof(kadm5_principal_ent_rec_v1));
1033 		   free(e);
1034 	      }
1035 	 } else {
1036 	      ret.code  = kadm5_get_principal((void *)handle,
1037 					      arg->princ, &ret.rec,
1038 					      arg->mask);
1039 	 }
1040 
1041 	/* Solaris Kerberos */
1042 	 if( ret.code != 0 )
1043 	     errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
1044 
1045 		audit_kadmind_auth(rqstp->rq_xprt, l_port,
1046 				funcname,
1047 				prime_arg, client_name, ret.code);
1048 	 log_done(funcname, prime_arg, errmsg ? errmsg : "success",
1049 		  client_name, service_name, client_addr(rqstp, buf));
1050 
1051 	  if (errmsg != NULL)
1052 		krb5_free_error_message(handle ? handle->context : NULL, errmsg);
1053     }
1054 
1055 error:
1056 	if (name)
1057     	gss_release_name(&min_stat, &name);
1058     free_server_handle(handle);
1059     if (prime_arg)
1060     	free(prime_arg);
1061     if (client_name)
1062     	free(client_name);
1063     if (service_name)
1064     	free(service_name);
1065     return &ret;
1066 }
1067 
1068 gprincs_ret *
get_princs_2_svc(gprincs_arg * arg,struct svc_req * rqstp)1069 get_princs_2_svc(gprincs_arg *arg, struct svc_req *rqstp)
1070 {
1071     static gprincs_ret		    ret;
1072     char			    *prime_arg = NULL;
1073     char *client_name = NULL, *service_name = NULL;
1074     OM_uint32			    min_stat;
1075     kadm5_server_handle_t handle;
1076     gss_name_t name = NULL;
1077     const char                            *errmsg = NULL;
1078 
1079     xdr_free(xdr_gprincs_ret, (char *) &ret);
1080 
1081     if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
1082 	 return &ret;
1083 
1084     if ((ret.code = check_handle((void *)handle)))
1085 		goto error;
1086     ret.api_version = handle->api_version;
1087 
1088     if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
1089 	 ret.code = KADM5_FAILURE;
1090 		goto error;
1091     }
1092     prime_arg = arg->exp;
1093     if (prime_arg == NULL)
1094 	 prime_arg = "*";
1095 
1096 	if (!(name = get_clnt_name(rqstp))) {
1097 		ret.code = KADM5_FAILURE;
1098 		goto error;
1099 	}
1100 
1101     if (CHANGEPW_SERVICE(rqstp) || !kadm5int_acl_check(handle->context,
1102 					      name,
1103 					      ACL_LIST,
1104 					      NULL,
1105 					      NULL)) {
1106 	 ret.code = KADM5_AUTH_LIST;
1107 
1108 		audit_kadmind_unauth(rqstp->rq_xprt, l_port,
1109 				    "kadm5_get_principals",
1110 				    prime_arg, client_name);
1111 	 log_unauth("kadm5_get_principals", prime_arg, client_name,
1112 		    service_name, client_addr(rqstp, buf));
1113     } else {
1114 	 ret.code  = kadm5_get_principals((void *)handle,
1115 					       arg->exp, &ret.princs,
1116 					       &ret.count);
1117 	/* Solaris Kerberos */
1118 	 if( ret.code != 0 )
1119 	     errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
1120 
1121 		audit_kadmind_auth(rqstp->rq_xprt, l_port,
1122 				"kadm5_get_principals",
1123 				prime_arg, client_name, ret.code);
1124 	 log_done("kadm5_get_principals", prime_arg,
1125 		  errmsg ? errmsg : "success",
1126 		  client_name, service_name, client_addr(rqstp, buf));
1127 
1128 	  if (errmsg != NULL)
1129 		krb5_free_error_message(handle ? handle->context : NULL, errmsg);
1130 	}
1131 
1132 error:
1133 	if (name)
1134 		gss_release_name(&min_stat, &name);
1135 	free_server_handle(handle);
1136 	if (client_name)
1137 		free(client_name);
1138 	if (service_name)
1139 		free(service_name);
1140 	return (&ret);
1141 }
1142 
1143 generic_ret *
chpass_principal_2_svc(chpass_arg * arg,struct svc_req * rqstp)1144 chpass_principal_2_svc(chpass_arg *arg, struct svc_req *rqstp)
1145 {
1146     static generic_ret		    ret;
1147     char			    *prime_arg = NULL;
1148     char *client_name = NULL, *service_name = NULL;
1149     OM_uint32 min_stat;
1150     kadm5_server_handle_t	    handle;
1151     const char                            *errmsg = NULL;
1152     gss_name_t name = NULL;
1153 
1154     xdr_free(xdr_generic_ret, (char *) &ret);
1155 
1156     if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
1157 	 return &ret;
1158 
1159     if ((ret.code = check_handle((void *)handle)))
1160 		goto error;
1161     ret.api_version = handle->api_version;
1162 
1163     if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
1164 	 ret.code = KADM5_FAILURE;
1165 		goto error;
1166     }
1167     if (krb5_unparse_name(handle->context, arg->princ, &prime_arg)) {
1168 	 ret.code = KADM5_BAD_PRINCIPAL;
1169 		goto error;
1170 	}
1171 	if (!(name = get_clnt_name(rqstp))) {
1172 		ret.code = KADM5_FAILURE;
1173 		goto error;
1174 	}
1175 
1176     if (cmp_gss_krb5_name(handle, name, arg->princ)) {
1177 	 ret.code = chpass_principal_wrapper_3((void *)handle, arg->princ,
1178 					       FALSE, 0, NULL, arg->pass);
1179     } else if (!(CHANGEPW_SERVICE(rqstp)) &&
1180 	       kadm5int_acl_check(handle->context, name,
1181 			 ACL_CHANGEPW, arg->princ, NULL)) {
1182 	 ret.code = kadm5_chpass_principal((void *)handle, arg->princ,
1183 						arg->pass);
1184     } else {
1185 		audit_kadmind_unauth(rqstp->rq_xprt, l_port,
1186 				    "kadm5_chpass_principal",
1187 				    prime_arg, client_name);
1188 	 log_unauth("kadm5_chpass_principal", prime_arg, client_name,
1189 		    service_name, client_addr(rqstp, buf));
1190 	 ret.code = KADM5_AUTH_CHANGEPW;
1191     }
1192 
1193     if(ret.code != KADM5_AUTH_CHANGEPW) {
1194 	/* Solaris Kerberos */
1195 	 if( ret.code != 0 )
1196 	     errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
1197 
1198 		audit_kadmind_auth(rqstp->rq_xprt, l_port,
1199 				"kadm5_chpass_principal",
1200 				prime_arg, client_name, ret.code);
1201 	log_done("kadm5_chpass_principal", prime_arg,
1202 		 errmsg ? errmsg : "success",
1203 		 client_name, service_name, client_addr(rqstp, buf));
1204 
1205 	  if (errmsg != NULL)
1206 		krb5_free_error_message(handle ? handle->context : NULL, errmsg);
1207     }
1208 
1209 error:
1210 	if (name)
1211 		gss_release_name(&min_stat, &name);
1212 	free_server_handle(handle);
1213 	if (prime_arg)
1214 		free(prime_arg);
1215 	if (client_name)
1216 		free(client_name);
1217 	if (service_name)
1218 		free(service_name);
1219 	return (&ret);
1220 }
1221 
1222 generic_ret *
chpass_principal3_2_svc(chpass3_arg * arg,struct svc_req * rqstp)1223 chpass_principal3_2_svc(chpass3_arg *arg, struct svc_req *rqstp)
1224 {
1225     static generic_ret		    ret;
1226     char			    *prime_arg = NULL;
1227     char       			    *client_name = NULL,
1228 				    *service_name = NULL;
1229     OM_uint32			    min_stat;
1230     kadm5_server_handle_t	    handle;
1231     const char                            *errmsg = NULL;
1232     gss_name_t name = NULL;
1233 
1234     xdr_free(xdr_generic_ret, (char *) &ret);
1235 
1236     if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
1237 	 return &ret;
1238 
1239     if ((ret.code = check_handle((void *)handle)))
1240 	goto error;
1241     ret.api_version = handle->api_version;
1242 
1243     if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
1244 	 ret.code = KADM5_FAILURE;
1245 	goto error;
1246     }
1247     if (krb5_unparse_name(handle->context, arg->princ, &prime_arg)) {
1248 	 ret.code = KADM5_BAD_PRINCIPAL;
1249 	goto error;
1250     }
1251     if (!(name = get_clnt_name(rqstp))) {
1252 	ret.code = KADM5_FAILURE;
1253 	goto error;
1254     }
1255 
1256     if (cmp_gss_krb5_name(handle, name, arg->princ)) {
1257 	 ret.code = chpass_principal_wrapper_3((void *)handle, arg->princ,
1258 					       arg->keepold,
1259 					       arg->n_ks_tuple,
1260 					       arg->ks_tuple,
1261 					       arg->pass);
1262     } else if (!(CHANGEPW_SERVICE(rqstp)) &&
1263 	       kadm5int_acl_check(handle->context, name,
1264 			 ACL_CHANGEPW, arg->princ, NULL)) {
1265 	 ret.code = kadm5_chpass_principal_3((void *)handle, arg->princ,
1266 					     arg->keepold,
1267 					     arg->n_ks_tuple,
1268 					     arg->ks_tuple,
1269 					     arg->pass);
1270     } else {
1271 	 log_unauth("kadm5_chpass_principal", prime_arg,
1272 		client_name, service_name, client_addr(rqstp, buf));
1273 	 ret.code = KADM5_AUTH_CHANGEPW;
1274     }
1275 
1276     if(ret.code != KADM5_AUTH_CHANGEPW) {
1277 	/* Solaris Kerberos */
1278 	if( ret.code != 0 )
1279 	     errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
1280 
1281 	log_done("kadm5_chpass_principal", prime_arg,
1282 		errmsg ? errmsg : "success",
1283 		client_name, service_name, client_addr(rqstp, buf));
1284 
1285 	  if (errmsg != NULL)
1286 		krb5_free_error_message(handle ? handle->context : NULL, errmsg);
1287     }
1288 
1289 error:
1290     if (name)
1291     	gss_release_name(&min_stat, &name);
1292     free_server_handle(handle);
1293     if (client_name)
1294     	free(client_name);
1295     if (service_name)
1296     	free(service_name);
1297     if (prime_arg)
1298     	free(prime_arg);
1299     return (&ret);
1300 }
1301 
1302 #ifdef SUNWOFF
1303 generic_ret *
setv4key_principal_2_svc(setv4key_arg * arg,struct svc_req * rqstp)1304 setv4key_principal_2_svc(setv4key_arg *arg, struct svc_req *rqstp)
1305 {
1306     static generic_ret		    ret;
1307     char			    *prime_arg = NULL;
1308     char 			    *client_name = NULL,
1309 				    *service_name = NULL;
1310     OM_uint32			    min_stat;
1311     kadm5_server_handle_t	    handle;
1312     const char                            *errmsg = NULL;
1313     gss_name_t name = NULL;
1314 
1315     xdr_free(xdr_generic_ret, (char *) &ret);
1316 
1317     if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
1318 	 return &ret;
1319 
1320     if ((ret.code = check_handle((void *)handle)))
1321 	goto error;
1322     ret.api_version = handle->api_version;
1323 
1324     if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
1325 	 ret.code = KADM5_FAILURE;
1326 	goto error;
1327     }
1328     if (krb5_unparse_name(handle->context, arg->princ, &prime_arg)) {
1329 	 ret.code = KADM5_BAD_PRINCIPAL;
1330 	goto error;
1331     }
1332     if (!(name = get_clnt_name(rqstp))) {
1333 	ret.code = KADM5_FAILURE;
1334 	goto error;
1335     }
1336 
1337     if (!(CHANGEPW_SERVICE(rqstp)) &&
1338 	       kadm5int_acl_check(handle->context, name,
1339 			 ACL_SETKEY, arg->princ, NULL)) {
1340 	 ret.code = kadm5_setv4key_principal((void *)handle, arg->princ,
1341 					     arg->keyblock);
1342     } else {
1343 	 log_unauth("kadm5_setv4key_principal", prime_arg,
1344 		client_name, service_name, client_addr(rqstp, buf));
1345 	 ret.code = KADM5_AUTH_SETKEY;
1346     }
1347 
1348     if(ret.code != KADM5_AUTH_SETKEY) {
1349 	/* Solaris Kerberos */
1350 	if( ret.code != 0 )
1351 	     errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
1352 
1353 	log_done("kadm5_setv4key_principal", prime_arg,
1354 		 errmsg ? errmsg : "success",
1355 		 client_name, service_name, client_addr(rqstp, buf));
1356 
1357 	  if (errmsg != NULL)
1358 		krb5_free_error_message(handle ? handle->context : NULL, errmsg);
1359     }
1360 
1361 error:
1362     if (name)
1363 	gss_release_name(&min_stat, &name);
1364     free_server_handle(handle);
1365     if (client_name)
1366 	free(client_name);
1367     if (service_name)
1368 	free(service_name);
1369     if (prime_arg)
1370 	free(prime_arg);
1371     return (&ret);
1372 }
1373 #endif
1374 
1375 generic_ret *
setkey_principal_2_svc(setkey_arg * arg,struct svc_req * rqstp)1376 setkey_principal_2_svc(setkey_arg *arg, struct svc_req *rqstp)
1377 {
1378     static generic_ret		    ret;
1379     char			    *prime_arg;
1380     char			    *client_name,
1381 				    *service_name;
1382     OM_uint32			    min_stat;
1383     kadm5_server_handle_t	    handle;
1384     const char                            *errmsg = NULL;
1385     gss_name_t name;
1386 
1387     xdr_free(xdr_generic_ret, (char *) &ret);
1388 
1389     if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
1390 	 return &ret;
1391 
1392     if ((ret.code = check_handle((void *)handle)))
1393 	goto error;
1394     ret.api_version = handle->api_version;
1395 
1396     if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
1397 	 ret.code = KADM5_FAILURE;
1398 	goto error;
1399     }
1400     if (krb5_unparse_name(handle->context, arg->princ, &prime_arg)) {
1401 	 ret.code = KADM5_BAD_PRINCIPAL;
1402 	goto error;
1403     }
1404     if (!(name = get_clnt_name(rqstp))) {
1405 	 ret.code = KADM5_FAILURE;
1406 	goto error;
1407     }
1408 
1409     if (!(CHANGEPW_SERVICE(rqstp)) &&
1410 	       kadm5int_acl_check(handle->context, name, ACL_SETKEY, arg->princ, NULL)) {
1411 	 ret.code = kadm5_setkey_principal((void *)handle, arg->princ,
1412 					   arg->keyblocks, arg->n_keys);
1413     } else {
1414 	 log_unauth("kadm5_setkey_principal", prime_arg,
1415 		client_name, service_name, client_addr(rqstp, buf));
1416 	 ret.code = KADM5_AUTH_SETKEY;
1417     }
1418 
1419     if(ret.code != KADM5_AUTH_SETKEY) {
1420 	/* Solaris Kerberos */
1421 	if( ret.code != 0 )
1422 	    errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
1423 
1424 	log_done("kadm5_setkey_principal", prime_arg,
1425 		 errmsg ? errmsg : "success",
1426 		 client_name, service_name, client_addr(rqstp, buf));
1427 
1428 	  if (errmsg != NULL)
1429 		krb5_free_error_message(handle ? handle->context : NULL, errmsg);
1430     }
1431 
1432 error:
1433     if (name)
1434 	gss_release_name(&min_stat, &name);
1435     free_server_handle(handle);
1436     if (client_name)
1437     	free(client_name);
1438     if (service_name)
1439     	free(service_name);
1440     if (prime_arg)
1441     	free(prime_arg);
1442     return (&ret);
1443 }
1444 
1445 generic_ret *
setkey_principal3_2_svc(setkey3_arg * arg,struct svc_req * rqstp)1446 setkey_principal3_2_svc(setkey3_arg *arg, struct svc_req *rqstp)
1447 {
1448     static generic_ret		    ret;
1449     char			    *prime_arg = NULL;
1450     char			    *client_name = NULL,
1451 				    *service_name = NULL;
1452     OM_uint32			    min_stat;
1453     kadm5_server_handle_t	    handle;
1454     const char                            *errmsg = NULL;
1455     gss_name_t name = NULL;
1456 
1457     xdr_free(xdr_generic_ret, (char *) &ret);
1458 
1459     if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
1460 	 return &ret;
1461 
1462     if ((ret.code = check_handle((void *)handle)))
1463 	goto error;
1464     ret.api_version = handle->api_version;
1465 
1466     if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
1467 	 ret.code = KADM5_FAILURE;
1468 	goto error;
1469     }
1470     if (krb5_unparse_name(handle->context, arg->princ, &prime_arg)) {
1471 	 ret.code = KADM5_BAD_PRINCIPAL;
1472 	goto error;
1473     }
1474     if (!(name = get_clnt_name(rqstp))) {
1475 	 ret.code = KADM5_FAILURE;
1476 	goto error;
1477     }
1478 
1479     if (!(CHANGEPW_SERVICE(rqstp)) &&
1480 	       kadm5int_acl_check(handle->context, name,
1481 			 ACL_SETKEY, arg->princ, NULL)) {
1482 	 ret.code = kadm5_setkey_principal_3((void *)handle, arg->princ,
1483 					     arg->keepold,
1484 					     arg->n_ks_tuple,
1485 					     arg->ks_tuple,
1486 					     arg->keyblocks, arg->n_keys);
1487     } else {
1488 	 log_unauth("kadm5_setkey_principal", prime_arg,
1489 		client_name, service_name, client_addr(rqstp, buf));
1490 	 ret.code = KADM5_AUTH_SETKEY;
1491     }
1492 
1493     if(ret.code != KADM5_AUTH_SETKEY) {
1494 	/* Solaris Kerberos */
1495 	if( ret.code != 0 )
1496 	    errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
1497 
1498 	log_done("kadm5_setkey_principal", prime_arg,
1499 		 errmsg ? errmsg : "success",
1500 		 client_name, service_name, client_addr(rqstp, buf));
1501 
1502 	  if (errmsg != NULL)
1503 		krb5_free_error_message(handle ? handle->context : NULL, errmsg);
1504     }
1505 
1506 error:
1507     if (name)
1508 	gss_release_name(&min_stat, &name);
1509     free_server_handle(handle);
1510     if (client_name)
1511 	free(client_name);
1512     if (service_name)
1513     	free(service_name);
1514     if (prime_arg)
1515     	free(prime_arg);
1516     return &ret;
1517 }
1518 
1519 chrand_ret *
chrand_principal_2_svc(chrand_arg * arg,struct svc_req * rqstp)1520 chrand_principal_2_svc(chrand_arg *arg, struct svc_req *rqstp)
1521 {
1522     static chrand_ret		ret;
1523     krb5_keyblock		*k;
1524     int				nkeys;
1525     char			*prime_arg = NULL, *funcname;
1526     char *client_name = NULL, *service_name = NULL;
1527     OM_uint32			min_stat;
1528     kadm5_server_handle_t	handle;
1529     const char                        *errmsg = NULL;
1530     gss_name_t name = NULL;
1531 
1532     xdr_free(xdr_chrand_ret, (char *) &ret);
1533 
1534     if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
1535 	 return &ret;
1536 
1537     if ((ret.code = check_handle((void *)handle)))
1538 		goto error;
1539 
1540     ret.api_version = handle->api_version;
1541 
1542     funcname = handle->api_version == KADM5_API_VERSION_1 ?
1543 	 "kadm5_randkey_principal (V1)" : "kadm5_randkey_principal";
1544 
1545     if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
1546 	 ret.code = KADM5_FAILURE;
1547 		goto error;
1548     }
1549     if (krb5_unparse_name(handle->context, arg->princ, &prime_arg)) {
1550 	 ret.code = KADM5_BAD_PRINCIPAL;
1551 		goto error;
1552     }
1553 	if (!(name = get_clnt_name(rqstp))) {
1554 		ret.code = KADM5_FAILURE;
1555 		goto error;
1556 	}
1557 
1558     if (cmp_gss_krb5_name(handle, name, arg->princ)) {
1559 	 ret.code = randkey_principal_wrapper((void *)handle, arg->princ, &k,
1560 						&nkeys);
1561     } else if (!(CHANGEPW_SERVICE(rqstp)) &&
1562 	       kadm5int_acl_check(handle->context, name,
1563 			 ACL_CHANGEPW, arg->princ, NULL)) {
1564 	 ret.code = kadm5_randkey_principal((void *)handle, arg->princ,
1565 					    &k, &nkeys);
1566     } else {
1567 		audit_kadmind_unauth(rqstp->rq_xprt, l_port,
1568 				    funcname, prime_arg, client_name);
1569 	 log_unauth(funcname, prime_arg,
1570 		client_name, service_name, client_addr(rqstp, buf));
1571 	 ret.code = KADM5_AUTH_CHANGEPW;
1572     }
1573 
1574     if(ret.code == KADM5_OK) {
1575 	 if (handle->api_version == KADM5_API_VERSION_1) {
1576 	      krb5_copy_keyblock_contents(handle->context, k, &ret.key);
1577 	      krb5_free_keyblock(handle->context, k);
1578 	 } else {
1579 	      ret.keys = k;
1580 	      ret.n_keys = nkeys;
1581 	 }
1582     }
1583 
1584     if(ret.code != KADM5_AUTH_CHANGEPW) {
1585 	/* Solaris Kerberos */
1586 	if( ret.code != 0 )
1587 	    errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
1588 
1589 		audit_kadmind_auth(rqstp->rq_xprt, l_port,
1590 				funcname, prime_arg, client_name, ret.code);
1591 	log_done(funcname, prime_arg, errmsg ? errmsg : "success",
1592 		 client_name, service_name, client_addr(rqstp, buf));
1593 
1594 	  if (errmsg != NULL)
1595 		krb5_free_error_message(handle ? handle->context : NULL, errmsg);
1596     }
1597 
1598 error:
1599 	if (name)
1600 		gss_release_name(&min_stat, &name);
1601 	free_server_handle(handle);
1602 	if (prime_arg)
1603     	free(prime_arg);
1604     if (client_name)
1605     	free(client_name);
1606     if (service_name)
1607     	free(service_name);
1608     return &ret;
1609 }
1610 
1611 chrand_ret *
chrand_principal3_2_svc(chrand3_arg * arg,struct svc_req * rqstp)1612 chrand_principal3_2_svc(chrand3_arg *arg, struct svc_req *rqstp)
1613 {
1614     static chrand_ret		ret;
1615     krb5_keyblock		*k;
1616     int				nkeys;
1617     char			*prime_arg = NULL, *funcname;
1618     char			*client_name = NULL,
1619 	    			*service_name = NULL;
1620     OM_uint32			min_stat;
1621     kadm5_server_handle_t	handle;
1622     const char                        *errmsg = NULL;
1623     gss_name_t name = NULL;
1624 
1625     xdr_free(xdr_chrand_ret, (char *) &ret);
1626 
1627     if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
1628 	 return &ret;
1629 
1630     if ((ret.code = check_handle((void *)handle)))
1631 	goto error;
1632     ret.api_version = handle->api_version;
1633 
1634     funcname = handle->api_version == KADM5_API_VERSION_1 ?
1635 	 "kadm5_randkey_principal (V1)" : "kadm5_randkey_principal";
1636 
1637     if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
1638 	ret.code = KADM5_FAILURE;
1639 	goto error;
1640     }
1641     if (krb5_unparse_name(handle->context, arg->princ, &prime_arg)) {
1642 	 ret.code = KADM5_BAD_PRINCIPAL;
1643 	goto error;
1644     }
1645     if (!(name = get_clnt_name(rqstp))) {
1646 	ret.code = KADM5_FAILURE;
1647 	goto error;
1648     }
1649 
1650     if (cmp_gss_krb5_name(handle, name, arg->princ)) {
1651 	 ret.code = randkey_principal_wrapper_3((void *)handle, arg->princ,
1652 						arg->keepold,
1653 						arg->n_ks_tuple,
1654 						arg->ks_tuple,
1655 						&k, &nkeys);
1656     } else if (!(CHANGEPW_SERVICE(rqstp)) &&
1657 	       kadm5int_acl_check(handle->context, name,
1658 			 ACL_CHANGEPW, arg->princ, NULL)) {
1659 	 ret.code = kadm5_randkey_principal_3((void *)handle, arg->princ,
1660 					      arg->keepold,
1661 					      arg->n_ks_tuple,
1662 					      arg->ks_tuple,
1663 					      &k, &nkeys);
1664     } else {
1665 	 log_unauth(funcname, prime_arg,
1666 		client_name, service_name, client_addr(rqstp, buf));
1667 	 ret.code = KADM5_AUTH_CHANGEPW;
1668     }
1669 
1670     if(ret.code == KADM5_OK) {
1671 	 if (handle->api_version == KADM5_API_VERSION_1) {
1672 	      krb5_copy_keyblock_contents(handle->context, k, &ret.key);
1673 	      krb5_free_keyblock(handle->context, k);
1674 	 } else {
1675 	      ret.keys = k;
1676 	      ret.n_keys = nkeys;
1677 	 }
1678     }
1679 
1680     if(ret.code != KADM5_AUTH_CHANGEPW) {
1681 	/* Solaris Kerberos */
1682 	if( ret.code != 0 )
1683 	    errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
1684 
1685 	log_done(funcname, prime_arg, errmsg ? errmsg : "success",
1686 		 client_name, service_name, client_addr(rqstp, buf));
1687 
1688 	if (errmsg != NULL)
1689 		krb5_free_error_message(handle ? handle->context : NULL, errmsg);
1690     }
1691 
1692 error:
1693     if (name)
1694 	gss_release_name(&min_stat, &name);
1695     free_server_handle(handle);
1696     if (client_name)
1697 	free(client_name);
1698     if (service_name)
1699 	free(service_name);
1700     if (prime_arg)
1701 	free(prime_arg);
1702     return (&ret);
1703 }
1704 
1705 generic_ret *
create_policy_2_svc(cpol_arg * arg,struct svc_req * rqstp)1706 create_policy_2_svc(cpol_arg *arg, struct svc_req *rqstp)
1707 {
1708     static generic_ret		    ret;
1709     char			    *prime_arg = NULL;
1710     char *client_name = NULL, *service_name = NULL;
1711     OM_uint32			    min_stat;
1712     kadm5_server_handle_t	    handle;
1713     const char                            *errmsg = NULL;
1714     gss_name_t name = NULL;
1715 
1716     xdr_free(xdr_generic_ret, (char *) &ret);
1717 
1718     if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
1719 	 return &ret;
1720 
1721     if ((ret.code = check_handle((void *)handle)))
1722 		goto error;
1723 
1724     ret.api_version = handle->api_version;
1725 
1726     if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
1727 	 ret.code = KADM5_FAILURE;
1728 		goto error;
1729     }
1730     prime_arg = arg->rec.policy;
1731 
1732 	if (!(name = get_clnt_name(rqstp))) {
1733 		ret.code = KADM5_FAILURE;
1734 		goto error;
1735 	}
1736 
1737     if (CHANGEPW_SERVICE(rqstp) || !kadm5int_acl_check(handle->context,
1738 					      name,
1739 					      ACL_ADD, NULL, NULL)) {
1740 	 ret.code = KADM5_AUTH_ADD;
1741 
1742 		audit_kadmind_unauth(rqstp->rq_xprt, l_port,
1743 				    "kadm5_create_policy",
1744 				    prime_arg, client_name);
1745 	 log_unauth("kadm5_create_policy", prime_arg,
1746 		 client_name, service_name, client_addr(rqstp, buf));
1747 
1748     } else {
1749 	 ret.code = kadm5_create_policy((void *)handle, &arg->rec,
1750 					     arg->mask);
1751 	/* Solaris Kerberos */
1752 	 if( ret.code != 0 )
1753 	     errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
1754 
1755 		audit_kadmind_auth(rqstp->rq_xprt, l_port,
1756 				"kadm5_create_policy",
1757 				prime_arg, client_name, ret.code);
1758 	 log_done("kadm5_create_policy",
1759 		  ((prime_arg == NULL) ? "(null)" : prime_arg),
1760 		  errmsg ? errmsg : "success",
1761 		  client_name, service_name, client_addr(rqstp, buf));
1762 
1763 	  if (errmsg != NULL)
1764 		krb5_free_error_message(handle ? handle->context : NULL, errmsg);
1765     }
1766 
1767 error:
1768 	if (name)
1769 		gss_release_name(&min_stat, &name);
1770     free_server_handle(handle);
1771     if (client_name)
1772     	free(client_name);
1773     if (service_name)
1774     	free(service_name);
1775     return &ret;
1776 }
1777 
1778 generic_ret *
delete_policy_2_svc(dpol_arg * arg,struct svc_req * rqstp)1779 delete_policy_2_svc(dpol_arg *arg, struct svc_req *rqstp)
1780 {
1781     static generic_ret		    ret;
1782     char			    *prime_arg = NULL;
1783     char *client_name = NULL, *service_name = NULL;
1784     OM_uint32			    min_stat;
1785     kadm5_server_handle_t	    handle;
1786     const char                            *errmsg = NULL;
1787     gss_name_t name = NULL;
1788 
1789     xdr_free(xdr_generic_ret, (char *) &ret);
1790 
1791     if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
1792 	 return &ret;
1793 
1794     if ((ret.code = check_handle((void *)handle)))
1795 		goto error;
1796     ret.api_version = handle->api_version;
1797 
1798     if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
1799 	 ret.code = KADM5_FAILURE;
1800 		goto error;
1801     }
1802     prime_arg = arg->name;
1803 
1804 	if (!(name = get_clnt_name(rqstp))) {
1805 		ret.code = KADM5_FAILURE;
1806 		goto error;
1807 	}
1808 
1809     if (CHANGEPW_SERVICE(rqstp) || !kadm5int_acl_check(handle->context,
1810 						name,
1811 					      ACL_DELETE, NULL, NULL)) {
1812 
1813 		audit_kadmind_unauth(rqstp->rq_xprt, l_port,
1814 				    "kadm5_delete_policy",
1815 				    prime_arg, client_name);
1816 	 log_unauth("kadm5_delete_policy", prime_arg,
1817 		client_name, service_name, client_addr(rqstp, buf));
1818 	 ret.code = KADM5_AUTH_DELETE;
1819     } else {
1820 	 ret.code = kadm5_delete_policy((void *)handle, arg->name);
1821 	/* Solaris Kerberos */
1822 	 if( ret.code != 0 )
1823 	     errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
1824 
1825 		audit_kadmind_auth(rqstp->rq_xprt, l_port,
1826 				"kadm5_delete_policy",
1827 				prime_arg, client_name, ret.code);
1828 	 log_done("kadm5_delete_policy",
1829 		  ((prime_arg == NULL) ? "(null)" : prime_arg),
1830 		 errmsg ? errmsg : "success",
1831 		  client_name, service_name, client_addr(rqstp, buf));
1832 
1833 	 if (errmsg != NULL)
1834 		krb5_free_error_message(handle ? handle->context : NULL, errmsg);
1835     }
1836 
1837 error:
1838 	if (name)
1839 		gss_release_name(&min_stat, &name);
1840     free_server_handle(handle);
1841     if (client_name)
1842     free(client_name);
1843     if (service_name)
1844     free(service_name);
1845     return &ret;
1846 }
1847 
1848 generic_ret *
modify_policy_2_svc(mpol_arg * arg,struct svc_req * rqstp)1849 modify_policy_2_svc(mpol_arg *arg, struct svc_req *rqstp)
1850 {
1851     static generic_ret		    ret;
1852     char			    *prime_arg = NULL;
1853     char *client_name = NULL, *service_name = NULL;
1854     OM_uint32 min_stat;
1855     kadm5_server_handle_t	    handle;
1856     const char                            *errmsg = NULL;
1857     gss_name_t name = NULL;
1858 
1859     xdr_free(xdr_generic_ret, (char *) &ret);
1860 
1861     if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
1862 	 return &ret;
1863 
1864     if ((ret.code = check_handle((void *)handle)))
1865 		goto error;
1866     ret.api_version = handle->api_version;
1867 
1868     if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
1869 	 ret.code = KADM5_FAILURE;
1870 		goto error;
1871     }
1872     prime_arg = arg->rec.policy;
1873 
1874     if (!(name = get_clnt_name(rqstp))) {
1875 	 ret.code = KADM5_FAILURE;
1876 		goto error;
1877     }
1878 
1879     if (CHANGEPW_SERVICE(rqstp) || !kadm5int_acl_check(handle->context,
1880 						name,
1881 					      ACL_MODIFY, NULL, NULL)) {
1882 
1883 		audit_kadmind_unauth(rqstp->rq_xprt, l_port,
1884 				    "kadm5_modify_policy",
1885 				    prime_arg, client_name);
1886 	 log_unauth("kadm5_modify_policy", prime_arg,
1887 		client_name, service_name, client_addr(rqstp, buf));
1888 	 ret.code = KADM5_AUTH_MODIFY;
1889     } else {
1890 	 ret.code = kadm5_modify_policy((void *)handle, &arg->rec,
1891 					     arg->mask);
1892 	/* Solaris Kerberos */
1893 	 if( ret.code != 0 )
1894 	     errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
1895 
1896 		audit_kadmind_auth(rqstp->rq_xprt, l_port,
1897 				"kadm5_modify_policy",
1898 				prime_arg, client_name, ret.code);
1899 	 log_done("kadm5_modify_policy",
1900 		  ((prime_arg == NULL) ? "(null)" : prime_arg),
1901 		  errmsg ? errmsg : "success",
1902 		  client_name, service_name, client_addr(rqstp, buf));
1903 
1904 	  if (errmsg != NULL)
1905 		krb5_free_error_message(handle ? handle->context : NULL, errmsg);
1906     }
1907 
1908 error:
1909 	if (name)
1910 		gss_release_name(&min_stat, &name);
1911 	free_server_handle(handle);
1912 	if (client_name)
1913 		free(client_name);
1914 	if (service_name)
1915 		free(service_name);
1916 	return (&ret);
1917 }
1918 
1919 gpol_ret *
get_policy_2_svc(gpol_arg * arg,struct svc_req * rqstp)1920 get_policy_2_svc(gpol_arg *arg, struct svc_req *rqstp)
1921 {
1922     static gpol_ret		ret;
1923     kadm5_ret_t		ret2;
1924     char *prime_arg = NULL, *funcname;
1925     char *client_name = NULL, *service_name = NULL;
1926     OM_uint32 min_stat;
1927     kadm5_policy_ent_t	e;
1928     kadm5_principal_ent_rec	caller_ent;
1929     krb5_principal caller;
1930     kadm5_server_handle_t	handle;
1931     const char                        *errmsg = NULL;
1932   gss_name_t name = NULL;
1933 
1934     xdr_free(xdr_gpol_ret, (char *) &ret);
1935 
1936     if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
1937 	 return &ret;
1938 
1939     if ((ret.code = check_handle((void *) handle)))
1940 		goto error;
1941 
1942     ret.api_version = handle->api_version;
1943 
1944     funcname = handle->api_version == KADM5_API_VERSION_1 ?
1945 	 "kadm5_get_policy (V1)" : "kadm5_get_policy";
1946 
1947     if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
1948 	 ret.code = KADM5_FAILURE;
1949 		goto error;
1950     }
1951     prime_arg = arg->name;
1952 	ret.code = KADM5_AUTH_GET;
1953 
1954 	if (!(name = get_clnt_name(rqstp))) {
1955 		ret.code = KADM5_FAILURE;
1956 		goto error;
1957 	}
1958 
1959     if (!CHANGEPW_SERVICE(rqstp) && kadm5int_acl_check(handle->context,
1960 						name,
1961 						ACL_INQUIRE, NULL, NULL))
1962 		ret.code = KADM5_OK;
1963 	else {
1964 		ret.code = kadm5_get_principal(handle->lhandle,
1965 		    handle->current_caller,
1966 		    &caller_ent,
1967 		    KADM5_PRINCIPAL_NORMAL_MASK);
1968 		if (ret.code == KADM5_OK) {
1969 			if (caller_ent.aux_attributes & KADM5_POLICY &&
1970 			    strcmp(caller_ent.policy, arg->name) == 0) {
1971 		   ret.code = KADM5_OK;
1972 	      } else ret.code = KADM5_AUTH_GET;
1973 	      ret2 = kadm5_free_principal_ent(handle->lhandle,
1974 					      &caller_ent);
1975 	      ret.code = ret.code ? ret.code : ret2;
1976 	 }
1977     }
1978 
1979     if (ret.code == KADM5_OK) {
1980 	 if (handle->api_version == KADM5_API_VERSION_1) {
1981 	      ret.code  = kadm5_get_policy_v1((void *)handle, arg->name, &e);
1982 	      if(ret.code == KADM5_OK) {
1983 		   memcpy(&ret.rec, e, sizeof(kadm5_policy_ent_rec));
1984 		   free(e);
1985 	      }
1986 	 } else {
1987 	      ret.code = kadm5_get_policy((void *)handle, arg->name,
1988 					  &ret.rec);
1989 	 }
1990 
1991 	/* Solaris Kerberos */
1992 	 if( ret.code != 0 )
1993 	     errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
1994 
1995 		audit_kadmind_auth(rqstp->rq_xprt, l_port,
1996 				funcname, prime_arg, client_name, ret.code);
1997 	 log_done(funcname,
1998 		  ((prime_arg == NULL) ? "(null)" : prime_arg),
1999 		  errmsg ? errmsg : "success",
2000 		  client_name, service_name, client_addr(rqstp, buf));
2001 
2002 	 if (errmsg != NULL)
2003 		krb5_free_error_message(handle ? handle->context : NULL, errmsg);
2004 
2005     } else {
2006 		audit_kadmind_unauth(rqstp->rq_xprt, l_port,
2007 				    funcname, prime_arg, client_name);
2008 	 log_unauth(funcname, prime_arg,
2009 		    client_name, service_name, client_addr(rqstp, buf));
2010     }
2011 
2012 error:
2013 	if (name)
2014 		gss_release_name(&min_stat, &name);
2015 	free_server_handle(handle);
2016 	if (client_name)
2017 		free(client_name);
2018 	if (service_name)
2019 		free(service_name);
2020 	return (&ret);
2021 
2022 }
2023 
2024 gpols_ret *
get_pols_2_svc(gpols_arg * arg,struct svc_req * rqstp)2025 get_pols_2_svc(gpols_arg *arg, struct svc_req *rqstp)
2026 {
2027     static gpols_ret		    ret;
2028     char			    *prime_arg = NULL;
2029     char *client_name = NULL, *service_name = NULL;
2030     OM_uint32 min_stat;
2031     kadm5_server_handle_t handle;
2032     const char                            *errmsg = NULL;
2033     gss_name_t name = NULL;
2034 
2035     xdr_free(xdr_gpols_ret, (char *) &ret);
2036 
2037     if ((ret.code = new_server_handle(arg->api_version, rqstp, &handle)))
2038 	 return &ret;
2039 
2040     if ((ret.code = check_handle((void *)handle)))
2041 		goto error;
2042 
2043     ret.api_version = handle->api_version;
2044 
2045     if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
2046 	 ret.code = KADM5_FAILURE;
2047 	goto error;
2048     }
2049     prime_arg = arg->exp;
2050     if (prime_arg == NULL)
2051 	 prime_arg = "*";
2052 
2053 	if (!(name = get_clnt_name(rqstp))) {
2054 		ret.code = KADM5_FAILURE;
2055 		goto error;
2056 	}
2057 
2058     if (CHANGEPW_SERVICE(rqstp) || !kadm5int_acl_check(handle->context,
2059 					      name,
2060 					      ACL_LIST, NULL, NULL)) {
2061 	 ret.code = KADM5_AUTH_LIST;
2062 
2063 		audit_kadmind_unauth(rqstp->rq_xprt, l_port,
2064 				    "kadm5_get_policies",
2065 				    prime_arg, client_name);
2066 	 log_unauth("kadm5_get_policies", prime_arg,
2067 		    client_name, service_name, client_addr(rqstp, buf));
2068     } else {
2069 	 ret.code  = kadm5_get_policies((void *)handle,
2070 					       arg->exp, &ret.pols,
2071 					       &ret.count);
2072 	/* Solaris Kerberos */
2073 	 if( ret.code != 0 )
2074 	     errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
2075 
2076 		audit_kadmind_auth(rqstp->rq_xprt, l_port,
2077 				"kadm5_get_policies",
2078 				prime_arg, client_name, ret.code);
2079 	 log_done("kadm5_get_policies", prime_arg,
2080 		  errmsg ? errmsg : "success",
2081 		  client_name, service_name, client_addr(rqstp, buf));
2082 
2083 	  if (errmsg != NULL)
2084 		krb5_free_error_message(handle ? handle->context : NULL, errmsg);
2085     }
2086 
2087 error:
2088 	if (name)
2089 		gss_release_name(&min_stat, &name);
2090 	free_server_handle(handle);
2091 	if (client_name)
2092 		free(client_name);
2093 	if (service_name)
2094 		free(service_name);
2095 	return (&ret);
2096 }
2097 
get_privs_2_svc(krb5_ui_4 * arg,struct svc_req * rqstp)2098 getprivs_ret * get_privs_2_svc(krb5_ui_4 *arg, struct svc_req *rqstp)
2099 {
2100      static getprivs_ret	    ret;
2101      char *client_name = NULL, *service_name = NULL;
2102      OM_uint32 min_stat;
2103      kadm5_server_handle_t handle;
2104      const char                           *errmsg = NULL;
2105      gss_name_t name = NULL;
2106 
2107      xdr_free(xdr_getprivs_ret, (char *) &ret);
2108 
2109      if ((ret.code = new_server_handle(*arg, rqstp, &handle)))
2110 	  return &ret;
2111 
2112      if ((ret.code = check_handle((void *)handle)))
2113 		goto error;
2114 
2115      ret.api_version = handle->api_version;
2116 
2117      if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
2118 	  ret.code = KADM5_FAILURE;
2119 	  goto error;
2120      }
2121 	if (!(name = get_clnt_name(rqstp))) {
2122 		ret.code = KADM5_FAILURE;
2123 		goto error;
2124 	}
2125 
2126 	ret.code = __kadm5_get_priv((void *) handle, &ret.privs, name);
2127 	/* Solaris Kerberos */
2128      if( ret.code != 0 )
2129 	 errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code);
2130 
2131 	audit_kadmind_auth(rqstp->rq_xprt, l_port,
2132 			"kadm5_get_privs", NULL, client_name,
2133 			ret.code);
2134 	log_done("kadm5_get_privs", client_name,
2135 	    errmsg ? errmsg : "success",
2136 	    client_name, service_name, client_addr(rqstp, buf));
2137 
2138 	if (errmsg != NULL)
2139 		krb5_free_error_message(handle ? handle->context : NULL, errmsg);
2140 
2141 error:
2142 	if (name)
2143 		gss_release_name(&min_stat, &name);
2144 	free_server_handle(handle);
2145 	if (client_name)
2146 		free(client_name);
2147 	if (service_name)
2148 		free(service_name);
2149 	return (&ret);
2150 }
2151 
init_2_svc(krb5_ui_4 * arg,struct svc_req * rqstp)2152 generic_ret *init_2_svc(krb5_ui_4 *arg, struct svc_req *rqstp)
2153 {
2154      static generic_ret		ret;
2155      char *client_name, *service_name;
2156      kadm5_server_handle_t handle;
2157      const char                       *errmsg = NULL;
2158      size_t clen, slen;
2159      char *cdots, *sdots;
2160 
2161      xdr_free(xdr_generic_ret, (char *) &ret);
2162 
2163      if ((ret.code = new_server_handle(*arg, rqstp, &handle)))
2164 	  return &ret;
2165      if (! (ret.code = check_handle((void *)handle))) {
2166 	 ret.api_version = handle->api_version;
2167      }
2168 
2169      free_server_handle(handle);
2170 
2171      if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
2172 	  ret.code = KADM5_FAILURE;
2173 	  return &ret;
2174      }
2175 
2176 	/* Solaris Kerberos */
2177      if (ret.code != 0)
2178 	 errmsg = krb5_get_error_message(NULL, ret.code);
2179 
2180 	audit_kadmind_auth(rqstp->rq_xprt, l_port,
2181 			(ret.api_version == KADM5_API_VERSION_1 ?
2182 			"kadm5_init (V1)" : "kadm5_init"),
2183 			NULL, client_name, ret.code);
2184 
2185      clen = strlen(client_name);
2186      trunc_name(&clen, &cdots);
2187      slen = strlen(service_name);
2188      trunc_name(&slen, &sdots);
2189      krb5_klog_syslog(LOG_NOTICE, "Request: %s, %.*s%s, %s, "
2190 		      "client=%.*s%s, service=%.*s%s, addr=%s, flavor=%d",
2191 		      (ret.api_version == KADM5_API_VERSION_1 ?
2192 		       "kadm5_init (V1)" : "kadm5_init"),
2193 		      clen, client_name, cdots,
2194 		      errmsg ? errmsg : "success",
2195 		      clen, client_name, cdots,
2196 		      slen, service_name, sdots,
2197 		      client_addr(rqstp, buf),
2198 		      rqstp->rq_cred.oa_flavor);
2199 	if (errmsg != NULL)
2200 		krb5_free_error_message(NULL, errmsg);
2201 	free(client_name);
2202 	free(service_name);
2203 
2204 	return (&ret);
2205 }
2206