17c478bd9Sstevel@tonic-gate /*
2159d09a2SMark Phalan * Copyright 2008 Sun Microsystems, Inc. All rights reserved.
37c478bd9Sstevel@tonic-gate * Use is subject to license terms.
47c478bd9Sstevel@tonic-gate */
57c478bd9Sstevel@tonic-gate
67c478bd9Sstevel@tonic-gate
77c478bd9Sstevel@tonic-gate /*
87c478bd9Sstevel@tonic-gate * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
97c478bd9Sstevel@tonic-gate *
107c478bd9Sstevel@tonic-gate * Openvision retains the copyright to derivative works of
117c478bd9Sstevel@tonic-gate * this source code. Do *NOT* create a derivative of this
127c478bd9Sstevel@tonic-gate * source code before consulting with your legal department.
137c478bd9Sstevel@tonic-gate * Do *NOT* integrate *ANY* of this source code into another
147c478bd9Sstevel@tonic-gate * product before consulting with your legal department.
157c478bd9Sstevel@tonic-gate *
167c478bd9Sstevel@tonic-gate * For further information, read the top-level Openvision
177c478bd9Sstevel@tonic-gate * copyright which is contained in the top-level MIT Kerberos
187c478bd9Sstevel@tonic-gate * copyright.
197c478bd9Sstevel@tonic-gate *
207c478bd9Sstevel@tonic-gate * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
217c478bd9Sstevel@tonic-gate *
227c478bd9Sstevel@tonic-gate */
237c478bd9Sstevel@tonic-gate
247c478bd9Sstevel@tonic-gate
257c478bd9Sstevel@tonic-gate /*
267c478bd9Sstevel@tonic-gate * Copyright 1993 OpenVision Technologies, Inc., All Rights Reserved.
277c478bd9Sstevel@tonic-gate *
287c478bd9Sstevel@tonic-gate */
297c478bd9Sstevel@tonic-gate
30159d09a2SMark Phalan #include <kadm5/admin.h>
317c478bd9Sstevel@tonic-gate #include <stdio.h>
327c478bd9Sstevel@tonic-gate #include <rpc/rpc.h> /* SUNWresync 121 XXX */
3356a424ccSmp #include <gssapi_krb5.h> /* for gss_nt_krb5_name */
347c478bd9Sstevel@tonic-gate #include <syslog.h>
3556a424ccSmp #ifdef HAVE_MEMORY_H
367c478bd9Sstevel@tonic-gate #include <memory.h>
3756a424ccSmp #endif
387c478bd9Sstevel@tonic-gate #include <rpc/rpcsec_gss.h>
397c478bd9Sstevel@tonic-gate #include <kadm5/kadm_rpc.h>
407c478bd9Sstevel@tonic-gate #include <krb5.h>
417c478bd9Sstevel@tonic-gate #include <libintl.h>
4256a424ccSmp #include <krb5/adm_proto.h>
4356a424ccSmp #ifdef HAVE_ARPA_INET_H
4456a424ccSmp #include <arpa/inet.h>
4556a424ccSmp #endif
4656a424ccSmp #include "misc.h"
4756a424ccSmp #include "kadm5/server_internal.h"
4856a424ccSmp
4956a424ccSmp extern void *global_server_handle;
507c478bd9Sstevel@tonic-gate
5156a424ccSmp void log_badauth(OM_uint32 major, OM_uint32 minor,
5256a424ccSmp struct sockaddr_in *addr, char *data);
537c478bd9Sstevel@tonic-gate /*
547c478bd9Sstevel@tonic-gate * Function: kadm_1
55*55fea89dSDan Cross *
567c478bd9Sstevel@tonic-gate * Purpose: RPC proccessing procedure.
577c478bd9Sstevel@tonic-gate * originally generated from rpcgen
587c478bd9Sstevel@tonic-gate *
597c478bd9Sstevel@tonic-gate * Arguments:
607c478bd9Sstevel@tonic-gate * rqstp (input) rpc request structure
617c478bd9Sstevel@tonic-gate * transp (input) rpc transport structure
627c478bd9Sstevel@tonic-gate * (input/output)
637c478bd9Sstevel@tonic-gate * <return value>
647c478bd9Sstevel@tonic-gate *
657c478bd9Sstevel@tonic-gate * Requires:
667c478bd9Sstevel@tonic-gate * Effects:
677c478bd9Sstevel@tonic-gate * Modifies:
687c478bd9Sstevel@tonic-gate */
697c478bd9Sstevel@tonic-gate
kadm_1(rqstp,transp)7056a424ccSmp void kadm_1(rqstp, transp)
717c478bd9Sstevel@tonic-gate struct svc_req *rqstp;
727c478bd9Sstevel@tonic-gate register SVCXPRT *transp;
737c478bd9Sstevel@tonic-gate {
747c478bd9Sstevel@tonic-gate union {
75159d09a2SMark Phalan cprinc_arg create_principal_2_arg;
76159d09a2SMark Phalan dprinc_arg delete_principal_2_arg;
77159d09a2SMark Phalan mprinc_arg modify_principal_2_arg;
78159d09a2SMark Phalan rprinc_arg rename_principal_2_arg;
79159d09a2SMark Phalan gprinc_arg get_principal_2_arg;
80159d09a2SMark Phalan chpass_arg chpass_principal_2_arg;
81159d09a2SMark Phalan chrand_arg chrand_principal_2_arg;
82159d09a2SMark Phalan cpol_arg create_policy_2_arg;
83159d09a2SMark Phalan dpol_arg delete_policy_2_arg;
84159d09a2SMark Phalan mpol_arg modify_policy_2_arg;
85159d09a2SMark Phalan gpol_arg get_policy_2_arg;
86159d09a2SMark Phalan setkey_arg setkey_principal_2_arg;
87159d09a2SMark Phalan setv4key_arg setv4key_principal_2_arg;
88159d09a2SMark Phalan cprinc3_arg create_principal3_2_arg;
89159d09a2SMark Phalan chpass3_arg chpass_principal3_2_arg;
90159d09a2SMark Phalan chrand3_arg chrand_principal3_2_arg;
91159d09a2SMark Phalan setkey3_arg setkey_principal3_2_arg;
927c478bd9Sstevel@tonic-gate } argument;
937c478bd9Sstevel@tonic-gate char *result;
947c478bd9Sstevel@tonic-gate bool_t (*xdr_argument)(), (*xdr_result)();
957c478bd9Sstevel@tonic-gate char *(*local)();
967c478bd9Sstevel@tonic-gate
9756a424ccSmp if (rqstp->rq_cred.oa_flavor != RPCSEC_GSS) {
987c478bd9Sstevel@tonic-gate krb5_klog_syslog(LOG_ERR,
997c478bd9Sstevel@tonic-gate gettext("Authentication attempt failed: invalid "
1007c478bd9Sstevel@tonic-gate "RPC authentication flavor %d"),
1017c478bd9Sstevel@tonic-gate rqstp->rq_cred.oa_flavor);
1027c478bd9Sstevel@tonic-gate svcerr_weakauth(transp);
1037c478bd9Sstevel@tonic-gate return;
1047c478bd9Sstevel@tonic-gate }
105*55fea89dSDan Cross
1067c478bd9Sstevel@tonic-gate switch (rqstp->rq_proc) {
1077c478bd9Sstevel@tonic-gate case NULLPROC:
1087c478bd9Sstevel@tonic-gate (void) svc_sendreply(transp, xdr_void, (char *)NULL);
1097c478bd9Sstevel@tonic-gate return;
110*55fea89dSDan Cross
1117c478bd9Sstevel@tonic-gate case CREATE_PRINCIPAL:
1127c478bd9Sstevel@tonic-gate xdr_argument = xdr_cprinc_arg;
1137c478bd9Sstevel@tonic-gate xdr_result = xdr_generic_ret;
114159d09a2SMark Phalan local = (char *(*)()) create_principal_2_svc;
1157c478bd9Sstevel@tonic-gate break;
116*55fea89dSDan Cross
1177c478bd9Sstevel@tonic-gate case DELETE_PRINCIPAL:
1187c478bd9Sstevel@tonic-gate xdr_argument = xdr_dprinc_arg;
1197c478bd9Sstevel@tonic-gate xdr_result = xdr_generic_ret;
120159d09a2SMark Phalan local = (char *(*)()) delete_principal_2_svc;
1217c478bd9Sstevel@tonic-gate break;
122*55fea89dSDan Cross
1237c478bd9Sstevel@tonic-gate case MODIFY_PRINCIPAL:
1247c478bd9Sstevel@tonic-gate xdr_argument = xdr_mprinc_arg;
1257c478bd9Sstevel@tonic-gate xdr_result = xdr_generic_ret;
126159d09a2SMark Phalan local = (char *(*)()) modify_principal_2_svc;
1277c478bd9Sstevel@tonic-gate break;
128*55fea89dSDan Cross
1297c478bd9Sstevel@tonic-gate case RENAME_PRINCIPAL:
1307c478bd9Sstevel@tonic-gate xdr_argument = xdr_rprinc_arg;
1317c478bd9Sstevel@tonic-gate xdr_result = xdr_generic_ret;
132159d09a2SMark Phalan local = (char *(*)()) rename_principal_2_svc;
1337c478bd9Sstevel@tonic-gate break;
134*55fea89dSDan Cross
1357c478bd9Sstevel@tonic-gate case GET_PRINCIPAL:
1367c478bd9Sstevel@tonic-gate xdr_argument = xdr_gprinc_arg;
1377c478bd9Sstevel@tonic-gate xdr_result = xdr_gprinc_ret;
138159d09a2SMark Phalan local = (char *(*)()) get_principal_2_svc;
1397c478bd9Sstevel@tonic-gate break;
1407c478bd9Sstevel@tonic-gate
1417c478bd9Sstevel@tonic-gate case GET_PRINCS:
1427c478bd9Sstevel@tonic-gate xdr_argument = xdr_gprincs_arg;
1437c478bd9Sstevel@tonic-gate xdr_result = xdr_gprincs_ret;
144159d09a2SMark Phalan local = (char *(*)()) get_princs_2_svc;
1457c478bd9Sstevel@tonic-gate break;
146*55fea89dSDan Cross
1477c478bd9Sstevel@tonic-gate case CHPASS_PRINCIPAL:
1487c478bd9Sstevel@tonic-gate xdr_argument = xdr_chpass_arg;
1497c478bd9Sstevel@tonic-gate xdr_result = xdr_generic_ret;
150159d09a2SMark Phalan local = (char *(*)()) chpass_principal_2_svc;
1517c478bd9Sstevel@tonic-gate break;
1527c478bd9Sstevel@tonic-gate
1537c478bd9Sstevel@tonic-gate #ifdef SUNWOFF
1547c478bd9Sstevel@tonic-gate case SETV4KEY_PRINCIPAL:
1557c478bd9Sstevel@tonic-gate xdr_argument = xdr_setv4key_arg;
1567c478bd9Sstevel@tonic-gate xdr_result = xdr_generic_ret;
157159d09a2SMark Phalan local = (char *(*)()) setv4key_principal_2_svc;
1587c478bd9Sstevel@tonic-gate break;
1597c478bd9Sstevel@tonic-gate #endif
1607c478bd9Sstevel@tonic-gate
1617c478bd9Sstevel@tonic-gate case SETKEY_PRINCIPAL:
1627c478bd9Sstevel@tonic-gate xdr_argument = xdr_setkey_arg;
1637c478bd9Sstevel@tonic-gate xdr_result = xdr_generic_ret;
164159d09a2SMark Phalan local = (char *(*)()) setkey_principal_2_svc;
1657c478bd9Sstevel@tonic-gate break;
166*55fea89dSDan Cross
1677c478bd9Sstevel@tonic-gate case CHRAND_PRINCIPAL:
1687c478bd9Sstevel@tonic-gate xdr_argument = xdr_chrand_arg;
1697c478bd9Sstevel@tonic-gate xdr_result = xdr_chrand_ret;
170159d09a2SMark Phalan local = (char *(*)()) chrand_principal_2_svc;
1717c478bd9Sstevel@tonic-gate break;
172*55fea89dSDan Cross
1737c478bd9Sstevel@tonic-gate case CREATE_POLICY:
1747c478bd9Sstevel@tonic-gate xdr_argument = xdr_cpol_arg;
1757c478bd9Sstevel@tonic-gate xdr_result = xdr_generic_ret;
176159d09a2SMark Phalan local = (char *(*)()) create_policy_2_svc;
1777c478bd9Sstevel@tonic-gate break;
178*55fea89dSDan Cross
1797c478bd9Sstevel@tonic-gate case DELETE_POLICY:
1807c478bd9Sstevel@tonic-gate xdr_argument = xdr_dpol_arg;
1817c478bd9Sstevel@tonic-gate xdr_result = xdr_generic_ret;
182159d09a2SMark Phalan local = (char *(*)()) delete_policy_2_svc;
1837c478bd9Sstevel@tonic-gate break;
184*55fea89dSDan Cross
1857c478bd9Sstevel@tonic-gate case MODIFY_POLICY:
1867c478bd9Sstevel@tonic-gate xdr_argument = xdr_mpol_arg;
1877c478bd9Sstevel@tonic-gate xdr_result = xdr_generic_ret;
188159d09a2SMark Phalan local = (char *(*)()) modify_policy_2_svc;
1897c478bd9Sstevel@tonic-gate break;
190*55fea89dSDan Cross
1917c478bd9Sstevel@tonic-gate case GET_POLICY:
1927c478bd9Sstevel@tonic-gate xdr_argument = xdr_gpol_arg;
1937c478bd9Sstevel@tonic-gate xdr_result = xdr_gpol_ret;
194159d09a2SMark Phalan local = (char *(*)()) get_policy_2_svc;
1957c478bd9Sstevel@tonic-gate break;
1967c478bd9Sstevel@tonic-gate
1977c478bd9Sstevel@tonic-gate case GET_POLS:
1987c478bd9Sstevel@tonic-gate xdr_argument = xdr_gpols_arg;
1997c478bd9Sstevel@tonic-gate xdr_result = xdr_gpols_ret;
200159d09a2SMark Phalan local = (char *(*)()) get_pols_2_svc;
2017c478bd9Sstevel@tonic-gate break;
202*55fea89dSDan Cross
2037c478bd9Sstevel@tonic-gate case GET_PRIVS:
20456a424ccSmp xdr_argument = xdr_u_int;
2057c478bd9Sstevel@tonic-gate xdr_result = xdr_getprivs_ret;
206159d09a2SMark Phalan local = (char *(*)()) get_privs_2_svc;
2077c478bd9Sstevel@tonic-gate break;
2087c478bd9Sstevel@tonic-gate
2097c478bd9Sstevel@tonic-gate case INIT:
21056a424ccSmp xdr_argument = xdr_u_int;
2117c478bd9Sstevel@tonic-gate xdr_result = xdr_generic_ret;
212159d09a2SMark Phalan local = (char *(*)()) init_2_svc;
2137c478bd9Sstevel@tonic-gate break;
2147c478bd9Sstevel@tonic-gate
2157c478bd9Sstevel@tonic-gate case CREATE_PRINCIPAL3:
2167c478bd9Sstevel@tonic-gate xdr_argument = xdr_cprinc3_arg;
2177c478bd9Sstevel@tonic-gate xdr_result = xdr_generic_ret;
218159d09a2SMark Phalan local = (char *(*)()) create_principal3_2_svc;
2197c478bd9Sstevel@tonic-gate break;
2207c478bd9Sstevel@tonic-gate
2217c478bd9Sstevel@tonic-gate case CHPASS_PRINCIPAL3:
2227c478bd9Sstevel@tonic-gate xdr_argument = xdr_chpass3_arg;
2237c478bd9Sstevel@tonic-gate xdr_result = xdr_generic_ret;
224159d09a2SMark Phalan local = (char *(*)()) chpass_principal3_2_svc;
2257c478bd9Sstevel@tonic-gate break;
2267c478bd9Sstevel@tonic-gate
2277c478bd9Sstevel@tonic-gate case CHRAND_PRINCIPAL3:
2287c478bd9Sstevel@tonic-gate xdr_argument = xdr_chrand3_arg;
2297c478bd9Sstevel@tonic-gate xdr_result = xdr_chrand_ret;
230159d09a2SMark Phalan local = (char *(*)()) chrand_principal3_2_svc;
2317c478bd9Sstevel@tonic-gate break;
2327c478bd9Sstevel@tonic-gate
2337c478bd9Sstevel@tonic-gate case SETKEY_PRINCIPAL3:
2347c478bd9Sstevel@tonic-gate xdr_argument = xdr_setkey3_arg;
2357c478bd9Sstevel@tonic-gate xdr_result = xdr_generic_ret;
236159d09a2SMark Phalan local = (char *(*)()) setkey_principal3_2_svc;
2377c478bd9Sstevel@tonic-gate break;
2387c478bd9Sstevel@tonic-gate
2397c478bd9Sstevel@tonic-gate default:
24056a424ccSmp krb5_klog_syslog(LOG_ERR,
2417c478bd9Sstevel@tonic-gate gettext("Invalid KADM5 procedure number: %d"),
2427c478bd9Sstevel@tonic-gate rqstp->rq_proc);
2437c478bd9Sstevel@tonic-gate svcerr_noproc(transp);
2447c478bd9Sstevel@tonic-gate return;
2457c478bd9Sstevel@tonic-gate }
2467c478bd9Sstevel@tonic-gate memset((char *)&argument, 0, sizeof(argument));
24756a424ccSmp if (!svc_getargs(transp, xdr_argument, (char *) &argument)) {
2487c478bd9Sstevel@tonic-gate svcerr_decode(transp);
2497c478bd9Sstevel@tonic-gate return;
2507c478bd9Sstevel@tonic-gate }
2517c478bd9Sstevel@tonic-gate result = (*local)(&argument, rqstp);
25256a424ccSmp if (result != NULL && !svc_sendreply(transp, xdr_result, (char *) result)) {
2537c478bd9Sstevel@tonic-gate krb5_klog_syslog(LOG_ERR,
2547c478bd9Sstevel@tonic-gate gettext("WARNING! Unable to send function results, "
2557c478bd9Sstevel@tonic-gate "continuing."));
2567c478bd9Sstevel@tonic-gate svcerr_systemerr(transp);
2577c478bd9Sstevel@tonic-gate }
25856a424ccSmp if (!svc_freeargs(transp, xdr_argument, (char *) &argument)) {
25956a424ccSmp krb5_klog_syslog(LOG_ERR,
2607c478bd9Sstevel@tonic-gate gettext("WARNING! Unable to free arguments, "
2617c478bd9Sstevel@tonic-gate "continuing."));
2627c478bd9Sstevel@tonic-gate }
26356a424ccSmp return;
2647c478bd9Sstevel@tonic-gate }
265