154925bf6Swillf 
254925bf6Swillf /*
354925bf6Swillf  * kadmin/ldap_util/kdb5_ldap_policy.c
454925bf6Swillf  */
554925bf6Swillf 
6*dd9ccd46S /*
7*dd9ccd46S  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
8*dd9ccd46S  * Use is subject to license terms.
9*dd9ccd46S  */
10*dd9ccd46S 
1154925bf6Swillf /* Copyright (c) 2004-2005, Novell, Inc.
1254925bf6Swillf  * All rights reserved.
1354925bf6Swillf  *
1454925bf6Swillf  * Redistribution and use in source and binary forms, with or without
1554925bf6Swillf  * modification, are permitted provided that the following conditions are met:
1654925bf6Swillf  *
1754925bf6Swillf  *   * Redistributions of source code must retain the above copyright notice,
1854925bf6Swillf  *       this list of conditions and the following disclaimer.
1954925bf6Swillf  *   * Redistributions in binary form must reproduce the above copyright
2054925bf6Swillf  *       notice, this list of conditions and the following disclaimer in the
2154925bf6Swillf  *       documentation and/or other materials provided with the distribution.
2254925bf6Swillf  *   * The copyright holder's name is not used to endorse or promote products
2354925bf6Swillf  *       derived from this software without specific prior written permission.
2454925bf6Swillf  *
2554925bf6Swillf  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
2654925bf6Swillf  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
2754925bf6Swillf  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
2854925bf6Swillf  * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
2954925bf6Swillf  * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
3054925bf6Swillf  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
3154925bf6Swillf  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
3254925bf6Swillf  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
3354925bf6Swillf  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
3454925bf6Swillf  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
3554925bf6Swillf  * POSSIBILITY OF SUCH DAMAGE.
3654925bf6Swillf  */
3754925bf6Swillf 
3854925bf6Swillf /*
3954925bf6Swillf  * Create / Delete / Modify / View / List policy objects.
4054925bf6Swillf  */
4154925bf6Swillf 
4254925bf6Swillf #include <stdio.h>
4354925bf6Swillf #include <time.h>
4454925bf6Swillf #include <k5-int.h>
4554925bf6Swillf #include <kadm5/admin.h>
4654925bf6Swillf #include <libintl.h>
4754925bf6Swillf #include <locale.h>
4854925bf6Swillf #include "kdb5_ldap_util.h"
4954925bf6Swillf #include "kdb5_ldap_list.h"
5054925bf6Swillf #include "ldap_tkt_policy.h"
5154925bf6Swillf extern time_t get_date(char *); /* kadmin/cli/getdate.o */
5254925bf6Swillf 
5354925bf6Swillf static void print_policy_params(krb5_ldap_policy_params *policyparams, int mask);
5454925bf6Swillf static char *strdur(time_t duration);
5554925bf6Swillf 
5654925bf6Swillf extern char *yes;
5754925bf6Swillf extern kadm5_config_params global_params;
58*dd9ccd46S 
init_ldap_realm(int argc,char * argv[])5954925bf6Swillf static krb5_error_code init_ldap_realm (int argc, char *argv[]) {
6054925bf6Swillf     /* This operation is being performed in the context of a realm. So,
6154925bf6Swillf      * initialize the realm */
6254925bf6Swillf     int mask = 0;
6354925bf6Swillf     krb5_error_code retval = 0;
6454925bf6Swillf     kdb5_dal_handle *dal_handle = NULL;
6554925bf6Swillf     krb5_ldap_context *ldap_context=NULL;
6654925bf6Swillf 
6754925bf6Swillf     dal_handle = (kdb5_dal_handle *) util_context->db_context;
6854925bf6Swillf     ldap_context = (krb5_ldap_context *) dal_handle->db_context;
6954925bf6Swillf     if (!ldap_context) {
7054925bf6Swillf         retval = EINVAL;
7154925bf6Swillf         goto cleanup;
7254925bf6Swillf     }
7354925bf6Swillf 
7454925bf6Swillf     if (ldap_context->krbcontainer == NULL) {
7554925bf6Swillf         retval = krb5_ldap_read_krbcontainer_params (util_context,
7654925bf6Swillf                 &(ldap_context->krbcontainer));
7754925bf6Swillf         if (retval != 0) {
78*dd9ccd46S 	    /* Solaris Kerberos */
79*dd9ccd46S             com_err(progname, retval, gettext("while reading kerberos container information"));
8054925bf6Swillf             goto cleanup;
8154925bf6Swillf         }
8254925bf6Swillf     }
8354925bf6Swillf 
8454925bf6Swillf     if (ldap_context->lrparams == NULL) {
8554925bf6Swillf         retval = krb5_ldap_read_realm_params(util_context,
8654925bf6Swillf                 global_params.realm,
8754925bf6Swillf                 &(ldap_context->lrparams),
8854925bf6Swillf                 &mask);
8954925bf6Swillf 
9054925bf6Swillf         if (retval != 0) {
9154925bf6Swillf             goto cleanup;
9254925bf6Swillf         }
9354925bf6Swillf     }
9454925bf6Swillf cleanup:
9554925bf6Swillf     return retval;
9654925bf6Swillf }
9754925bf6Swillf 
9854925bf6Swillf /*
99