1*0a6a1f1dSLionel Sambuc /* $NetBSD: init_c.c,v 1.1.1.2 2014/04/24 12:45:48 pettai Exp $ */
2ebfedea0SLionel Sambuc
3ebfedea0SLionel Sambuc /*
4ebfedea0SLionel Sambuc * Copyright (c) 1997 - 2006 Kungliga Tekniska Högskolan
5ebfedea0SLionel Sambuc * (Royal Institute of Technology, Stockholm, Sweden).
6ebfedea0SLionel Sambuc * All rights reserved.
7ebfedea0SLionel Sambuc *
8ebfedea0SLionel Sambuc * Redistribution and use in source and binary forms, with or without
9ebfedea0SLionel Sambuc * modification, are permitted provided that the following conditions
10ebfedea0SLionel Sambuc * are met:
11ebfedea0SLionel Sambuc *
12ebfedea0SLionel Sambuc * 1. Redistributions of source code must retain the above copyright
13ebfedea0SLionel Sambuc * notice, this list of conditions and the following disclaimer.
14ebfedea0SLionel Sambuc *
15ebfedea0SLionel Sambuc * 2. Redistributions in binary form must reproduce the above copyright
16ebfedea0SLionel Sambuc * notice, this list of conditions and the following disclaimer in the
17ebfedea0SLionel Sambuc * documentation and/or other materials provided with the distribution.
18ebfedea0SLionel Sambuc *
19ebfedea0SLionel Sambuc * 3. Neither the name of the Institute nor the names of its contributors
20ebfedea0SLionel Sambuc * may be used to endorse or promote products derived from this software
21ebfedea0SLionel Sambuc * without specific prior written permission.
22ebfedea0SLionel Sambuc *
23ebfedea0SLionel Sambuc * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
24ebfedea0SLionel Sambuc * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25ebfedea0SLionel Sambuc * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26ebfedea0SLionel Sambuc * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
27ebfedea0SLionel Sambuc * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28ebfedea0SLionel Sambuc * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29ebfedea0SLionel Sambuc * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30ebfedea0SLionel Sambuc * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31ebfedea0SLionel Sambuc * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32ebfedea0SLionel Sambuc * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33ebfedea0SLionel Sambuc * SUCH DAMAGE.
34ebfedea0SLionel Sambuc */
35ebfedea0SLionel Sambuc
36ebfedea0SLionel Sambuc #include "kadm5_locl.h"
37ebfedea0SLionel Sambuc #include <sys/types.h>
38ebfedea0SLionel Sambuc #ifdef HAVE_SYS_SOCKET_H
39ebfedea0SLionel Sambuc #include <sys/socket.h>
40ebfedea0SLionel Sambuc #endif
41ebfedea0SLionel Sambuc #ifdef HAVE_NETINET_IN_H
42ebfedea0SLionel Sambuc #include <netinet/in.h>
43ebfedea0SLionel Sambuc #endif
44ebfedea0SLionel Sambuc #ifdef HAVE_NETDB_H
45ebfedea0SLionel Sambuc #include <netdb.h>
46ebfedea0SLionel Sambuc #endif
47ebfedea0SLionel Sambuc
48*0a6a1f1dSLionel Sambuc __RCSID("NetBSD");
49ebfedea0SLionel Sambuc
50ebfedea0SLionel Sambuc static void
set_funcs(kadm5_client_context * c)51ebfedea0SLionel Sambuc set_funcs(kadm5_client_context *c)
52ebfedea0SLionel Sambuc {
53ebfedea0SLionel Sambuc #define SET(C, F) (C)->funcs.F = kadm5 ## _c_ ## F
54ebfedea0SLionel Sambuc SET(c, chpass_principal);
55ebfedea0SLionel Sambuc SET(c, chpass_principal_with_key);
56ebfedea0SLionel Sambuc SET(c, create_principal);
57ebfedea0SLionel Sambuc SET(c, delete_principal);
58ebfedea0SLionel Sambuc SET(c, destroy);
59ebfedea0SLionel Sambuc SET(c, flush);
60ebfedea0SLionel Sambuc SET(c, get_principal);
61ebfedea0SLionel Sambuc SET(c, get_principals);
62ebfedea0SLionel Sambuc SET(c, get_privs);
63ebfedea0SLionel Sambuc SET(c, modify_principal);
64ebfedea0SLionel Sambuc SET(c, randkey_principal);
65ebfedea0SLionel Sambuc SET(c, rename_principal);
66ebfedea0SLionel Sambuc }
67ebfedea0SLionel Sambuc
68ebfedea0SLionel Sambuc kadm5_ret_t
_kadm5_c_init_context(kadm5_client_context ** ctx,kadm5_config_params * params,krb5_context context)69ebfedea0SLionel Sambuc _kadm5_c_init_context(kadm5_client_context **ctx,
70ebfedea0SLionel Sambuc kadm5_config_params *params,
71ebfedea0SLionel Sambuc krb5_context context)
72ebfedea0SLionel Sambuc {
73ebfedea0SLionel Sambuc krb5_error_code ret;
74ebfedea0SLionel Sambuc char *colon;
75ebfedea0SLionel Sambuc
76ebfedea0SLionel Sambuc *ctx = malloc(sizeof(**ctx));
77ebfedea0SLionel Sambuc if(*ctx == NULL)
78ebfedea0SLionel Sambuc return ENOMEM;
79ebfedea0SLionel Sambuc memset(*ctx, 0, sizeof(**ctx));
80ebfedea0SLionel Sambuc krb5_add_et_list (context, initialize_kadm5_error_table_r);
81ebfedea0SLionel Sambuc set_funcs(*ctx);
82ebfedea0SLionel Sambuc (*ctx)->context = context;
83ebfedea0SLionel Sambuc if(params->mask & KADM5_CONFIG_REALM) {
84ebfedea0SLionel Sambuc ret = 0;
85ebfedea0SLionel Sambuc (*ctx)->realm = strdup(params->realm);
86ebfedea0SLionel Sambuc if ((*ctx)->realm == NULL)
87ebfedea0SLionel Sambuc ret = ENOMEM;
88ebfedea0SLionel Sambuc } else
89ebfedea0SLionel Sambuc ret = krb5_get_default_realm((*ctx)->context, &(*ctx)->realm);
90ebfedea0SLionel Sambuc if (ret) {
91ebfedea0SLionel Sambuc free(*ctx);
92ebfedea0SLionel Sambuc return ret;
93ebfedea0SLionel Sambuc }
94ebfedea0SLionel Sambuc if(params->mask & KADM5_CONFIG_ADMIN_SERVER)
95ebfedea0SLionel Sambuc (*ctx)->admin_server = strdup(params->admin_server);
96ebfedea0SLionel Sambuc else {
97ebfedea0SLionel Sambuc char **hostlist;
98ebfedea0SLionel Sambuc
99ebfedea0SLionel Sambuc ret = krb5_get_krb_admin_hst (context, &(*ctx)->realm, &hostlist);
100ebfedea0SLionel Sambuc if (ret) {
101ebfedea0SLionel Sambuc free((*ctx)->realm);
102ebfedea0SLionel Sambuc free(*ctx);
103ebfedea0SLionel Sambuc return ret;
104ebfedea0SLionel Sambuc }
105ebfedea0SLionel Sambuc (*ctx)->admin_server = strdup(*hostlist);
106ebfedea0SLionel Sambuc krb5_free_krbhst (context, hostlist);
107ebfedea0SLionel Sambuc }
108ebfedea0SLionel Sambuc
109ebfedea0SLionel Sambuc if ((*ctx)->admin_server == NULL) {
110ebfedea0SLionel Sambuc free((*ctx)->realm);
111ebfedea0SLionel Sambuc free(*ctx);
112ebfedea0SLionel Sambuc return ENOMEM;
113ebfedea0SLionel Sambuc }
114ebfedea0SLionel Sambuc colon = strchr ((*ctx)->admin_server, ':');
115ebfedea0SLionel Sambuc if (colon != NULL)
116ebfedea0SLionel Sambuc *colon++ = '\0';
117ebfedea0SLionel Sambuc
118ebfedea0SLionel Sambuc (*ctx)->kadmind_port = 0;
119ebfedea0SLionel Sambuc
120ebfedea0SLionel Sambuc if(params->mask & KADM5_CONFIG_KADMIND_PORT)
121ebfedea0SLionel Sambuc (*ctx)->kadmind_port = params->kadmind_port;
122ebfedea0SLionel Sambuc else if (colon != NULL) {
123ebfedea0SLionel Sambuc char *end;
124ebfedea0SLionel Sambuc
125ebfedea0SLionel Sambuc (*ctx)->kadmind_port = htons(strtol (colon, &end, 0));
126ebfedea0SLionel Sambuc }
127ebfedea0SLionel Sambuc if ((*ctx)->kadmind_port == 0)
128ebfedea0SLionel Sambuc (*ctx)->kadmind_port = krb5_getportbyname (context, "kerberos-adm",
129ebfedea0SLionel Sambuc "tcp", 749);
130ebfedea0SLionel Sambuc return 0;
131ebfedea0SLionel Sambuc }
132ebfedea0SLionel Sambuc
133ebfedea0SLionel Sambuc static krb5_error_code
get_kadm_ticket(krb5_context context,krb5_ccache id,krb5_principal client,const char * server_name)134ebfedea0SLionel Sambuc get_kadm_ticket(krb5_context context,
135ebfedea0SLionel Sambuc krb5_ccache id,
136ebfedea0SLionel Sambuc krb5_principal client,
137ebfedea0SLionel Sambuc const char *server_name)
138ebfedea0SLionel Sambuc {
139ebfedea0SLionel Sambuc krb5_error_code ret;
140ebfedea0SLionel Sambuc krb5_creds in, *out;
141ebfedea0SLionel Sambuc
142ebfedea0SLionel Sambuc memset(&in, 0, sizeof(in));
143ebfedea0SLionel Sambuc in.client = client;
144ebfedea0SLionel Sambuc ret = krb5_parse_name(context, server_name, &in.server);
145ebfedea0SLionel Sambuc if(ret)
146ebfedea0SLionel Sambuc return ret;
147ebfedea0SLionel Sambuc ret = krb5_get_credentials(context, 0, id, &in, &out);
148ebfedea0SLionel Sambuc if(ret == 0)
149ebfedea0SLionel Sambuc krb5_free_creds(context, out);
150ebfedea0SLionel Sambuc krb5_free_principal(context, in.server);
151ebfedea0SLionel Sambuc return ret;
152ebfedea0SLionel Sambuc }
153ebfedea0SLionel Sambuc
154ebfedea0SLionel Sambuc static krb5_error_code
get_new_cache(krb5_context context,krb5_principal client,const char * password,krb5_prompter_fct prompter,const char * keytab,const char * server_name,krb5_ccache * ret_cache)155ebfedea0SLionel Sambuc get_new_cache(krb5_context context,
156ebfedea0SLionel Sambuc krb5_principal client,
157ebfedea0SLionel Sambuc const char *password,
158ebfedea0SLionel Sambuc krb5_prompter_fct prompter,
159ebfedea0SLionel Sambuc const char *keytab,
160ebfedea0SLionel Sambuc const char *server_name,
161ebfedea0SLionel Sambuc krb5_ccache *ret_cache)
162ebfedea0SLionel Sambuc {
163ebfedea0SLionel Sambuc krb5_error_code ret;
164ebfedea0SLionel Sambuc krb5_creds cred;
165ebfedea0SLionel Sambuc krb5_get_init_creds_opt *opt;
166ebfedea0SLionel Sambuc krb5_ccache id;
167ebfedea0SLionel Sambuc
168ebfedea0SLionel Sambuc ret = krb5_get_init_creds_opt_alloc (context, &opt);
169ebfedea0SLionel Sambuc if (ret)
170ebfedea0SLionel Sambuc return ret;
171ebfedea0SLionel Sambuc
172ebfedea0SLionel Sambuc krb5_get_init_creds_opt_set_default_flags(context, "kadmin",
173ebfedea0SLionel Sambuc krb5_principal_get_realm(context,
174ebfedea0SLionel Sambuc client),
175ebfedea0SLionel Sambuc opt);
176ebfedea0SLionel Sambuc
177ebfedea0SLionel Sambuc
178ebfedea0SLionel Sambuc krb5_get_init_creds_opt_set_forwardable (opt, FALSE);
179ebfedea0SLionel Sambuc krb5_get_init_creds_opt_set_proxiable (opt, FALSE);
180ebfedea0SLionel Sambuc
181ebfedea0SLionel Sambuc if(password == NULL && prompter == NULL) {
182ebfedea0SLionel Sambuc krb5_keytab kt;
183ebfedea0SLionel Sambuc if(keytab == NULL)
184ebfedea0SLionel Sambuc ret = krb5_kt_default(context, &kt);
185ebfedea0SLionel Sambuc else
186ebfedea0SLionel Sambuc ret = krb5_kt_resolve(context, keytab, &kt);
187ebfedea0SLionel Sambuc if(ret) {
188ebfedea0SLionel Sambuc krb5_get_init_creds_opt_free(context, opt);
189ebfedea0SLionel Sambuc return ret;
190ebfedea0SLionel Sambuc }
191ebfedea0SLionel Sambuc ret = krb5_get_init_creds_keytab (context,
192ebfedea0SLionel Sambuc &cred,
193ebfedea0SLionel Sambuc client,
194ebfedea0SLionel Sambuc kt,
195ebfedea0SLionel Sambuc 0,
196ebfedea0SLionel Sambuc server_name,
197ebfedea0SLionel Sambuc opt);
198ebfedea0SLionel Sambuc krb5_kt_close(context, kt);
199ebfedea0SLionel Sambuc } else {
200ebfedea0SLionel Sambuc ret = krb5_get_init_creds_password (context,
201ebfedea0SLionel Sambuc &cred,
202ebfedea0SLionel Sambuc client,
203ebfedea0SLionel Sambuc password,
204ebfedea0SLionel Sambuc prompter,
205ebfedea0SLionel Sambuc NULL,
206ebfedea0SLionel Sambuc 0,
207ebfedea0SLionel Sambuc server_name,
208ebfedea0SLionel Sambuc opt);
209ebfedea0SLionel Sambuc }
210ebfedea0SLionel Sambuc krb5_get_init_creds_opt_free(context, opt);
211ebfedea0SLionel Sambuc switch(ret){
212ebfedea0SLionel Sambuc case 0:
213ebfedea0SLionel Sambuc break;
214ebfedea0SLionel Sambuc case KRB5_LIBOS_PWDINTR: /* don't print anything if it was just C-c:ed */
215ebfedea0SLionel Sambuc case KRB5KRB_AP_ERR_BAD_INTEGRITY:
216ebfedea0SLionel Sambuc case KRB5KRB_AP_ERR_MODIFIED:
217ebfedea0SLionel Sambuc return KADM5_BAD_PASSWORD;
218ebfedea0SLionel Sambuc default:
219ebfedea0SLionel Sambuc return ret;
220ebfedea0SLionel Sambuc }
221ebfedea0SLionel Sambuc ret = krb5_cc_new_unique(context, krb5_cc_type_memory, NULL, &id);
222ebfedea0SLionel Sambuc if(ret)
223ebfedea0SLionel Sambuc return ret;
224ebfedea0SLionel Sambuc ret = krb5_cc_initialize (context, id, cred.client);
225ebfedea0SLionel Sambuc if (ret)
226ebfedea0SLionel Sambuc return ret;
227ebfedea0SLionel Sambuc ret = krb5_cc_store_cred (context, id, &cred);
228ebfedea0SLionel Sambuc if (ret)
229ebfedea0SLionel Sambuc return ret;
230ebfedea0SLionel Sambuc krb5_free_cred_contents (context, &cred);
231ebfedea0SLionel Sambuc *ret_cache = id;
232ebfedea0SLionel Sambuc return 0;
233ebfedea0SLionel Sambuc }
234ebfedea0SLionel Sambuc
235ebfedea0SLionel Sambuc /*
236ebfedea0SLionel Sambuc * Check the credential cache `id´ to figure out what principal to use
237ebfedea0SLionel Sambuc * when talking to the kadmind. If there is a initial kadmin/admin@
238ebfedea0SLionel Sambuc * credential in the cache, use that client principal. Otherwise, use
239ebfedea0SLionel Sambuc * the client principals first component and add /admin to the
240ebfedea0SLionel Sambuc * principal.
241ebfedea0SLionel Sambuc */
242ebfedea0SLionel Sambuc
243ebfedea0SLionel Sambuc static krb5_error_code
get_cache_principal(krb5_context context,krb5_ccache * id,krb5_principal * client)244ebfedea0SLionel Sambuc get_cache_principal(krb5_context context,
245ebfedea0SLionel Sambuc krb5_ccache *id,
246ebfedea0SLionel Sambuc krb5_principal *client)
247ebfedea0SLionel Sambuc {
248ebfedea0SLionel Sambuc krb5_error_code ret;
249ebfedea0SLionel Sambuc const char *name, *inst;
250ebfedea0SLionel Sambuc krb5_principal p1, p2;
251ebfedea0SLionel Sambuc
252ebfedea0SLionel Sambuc ret = krb5_cc_default(context, id);
253ebfedea0SLionel Sambuc if(ret) {
254ebfedea0SLionel Sambuc *id = NULL;
255ebfedea0SLionel Sambuc return ret;
256ebfedea0SLionel Sambuc }
257ebfedea0SLionel Sambuc
258ebfedea0SLionel Sambuc ret = krb5_cc_get_principal(context, *id, &p1);
259ebfedea0SLionel Sambuc if(ret) {
260ebfedea0SLionel Sambuc krb5_cc_close(context, *id);
261ebfedea0SLionel Sambuc *id = NULL;
262ebfedea0SLionel Sambuc return ret;
263ebfedea0SLionel Sambuc }
264ebfedea0SLionel Sambuc
265ebfedea0SLionel Sambuc ret = krb5_make_principal(context, &p2, NULL,
266ebfedea0SLionel Sambuc "kadmin", "admin", NULL);
267ebfedea0SLionel Sambuc if (ret) {
268ebfedea0SLionel Sambuc krb5_cc_close(context, *id);
269ebfedea0SLionel Sambuc *id = NULL;
270ebfedea0SLionel Sambuc krb5_free_principal(context, p1);
271ebfedea0SLionel Sambuc return ret;
272ebfedea0SLionel Sambuc }
273ebfedea0SLionel Sambuc
274ebfedea0SLionel Sambuc {
275ebfedea0SLionel Sambuc krb5_creds in, *out;
276ebfedea0SLionel Sambuc krb5_kdc_flags flags;
277ebfedea0SLionel Sambuc
278ebfedea0SLionel Sambuc flags.i = 0;
279ebfedea0SLionel Sambuc memset(&in, 0, sizeof(in));
280ebfedea0SLionel Sambuc
281ebfedea0SLionel Sambuc in.client = p1;
282ebfedea0SLionel Sambuc in.server = p2;
283ebfedea0SLionel Sambuc
284ebfedea0SLionel Sambuc /* check for initial ticket kadmin/admin */
285ebfedea0SLionel Sambuc ret = krb5_get_credentials_with_flags(context, KRB5_GC_CACHED, flags,
286ebfedea0SLionel Sambuc *id, &in, &out);
287ebfedea0SLionel Sambuc krb5_free_principal(context, p2);
288ebfedea0SLionel Sambuc if (ret == 0) {
289ebfedea0SLionel Sambuc if (out->flags.b.initial) {
290ebfedea0SLionel Sambuc *client = p1;
291ebfedea0SLionel Sambuc krb5_free_creds(context, out);
292ebfedea0SLionel Sambuc return 0;
293ebfedea0SLionel Sambuc }
294ebfedea0SLionel Sambuc krb5_free_creds(context, out);
295ebfedea0SLionel Sambuc }
296ebfedea0SLionel Sambuc }
297ebfedea0SLionel Sambuc krb5_cc_close(context, *id);
298ebfedea0SLionel Sambuc *id = NULL;
299ebfedea0SLionel Sambuc
300ebfedea0SLionel Sambuc name = krb5_principal_get_comp_string(context, p1, 0);
301ebfedea0SLionel Sambuc inst = krb5_principal_get_comp_string(context, p1, 1);
302ebfedea0SLionel Sambuc if(inst == NULL || strcmp(inst, "admin") != 0) {
303ebfedea0SLionel Sambuc ret = krb5_make_principal(context, &p2, NULL, name, "admin", NULL);
304ebfedea0SLionel Sambuc krb5_free_principal(context, p1);
305ebfedea0SLionel Sambuc if(ret != 0)
306ebfedea0SLionel Sambuc return ret;
307ebfedea0SLionel Sambuc
308ebfedea0SLionel Sambuc *client = p2;
309ebfedea0SLionel Sambuc return 0;
310ebfedea0SLionel Sambuc }
311ebfedea0SLionel Sambuc
312ebfedea0SLionel Sambuc *client = p1;
313ebfedea0SLionel Sambuc
314ebfedea0SLionel Sambuc return 0;
315ebfedea0SLionel Sambuc }
316ebfedea0SLionel Sambuc
317ebfedea0SLionel Sambuc krb5_error_code
_kadm5_c_get_cred_cache(krb5_context context,const char * client_name,const char * server_name,const char * password,krb5_prompter_fct prompter,const char * keytab,krb5_ccache ccache,krb5_ccache * ret_cache)318ebfedea0SLionel Sambuc _kadm5_c_get_cred_cache(krb5_context context,
319ebfedea0SLionel Sambuc const char *client_name,
320ebfedea0SLionel Sambuc const char *server_name,
321ebfedea0SLionel Sambuc const char *password,
322ebfedea0SLionel Sambuc krb5_prompter_fct prompter,
323ebfedea0SLionel Sambuc const char *keytab,
324ebfedea0SLionel Sambuc krb5_ccache ccache,
325ebfedea0SLionel Sambuc krb5_ccache *ret_cache)
326ebfedea0SLionel Sambuc {
327ebfedea0SLionel Sambuc krb5_error_code ret;
328ebfedea0SLionel Sambuc krb5_ccache id = NULL;
329ebfedea0SLionel Sambuc krb5_principal default_client = NULL, client = NULL;
330ebfedea0SLionel Sambuc
331ebfedea0SLionel Sambuc /* treat empty password as NULL */
332ebfedea0SLionel Sambuc if(password && *password == '\0')
333ebfedea0SLionel Sambuc password = NULL;
334ebfedea0SLionel Sambuc if(server_name == NULL)
335ebfedea0SLionel Sambuc server_name = KADM5_ADMIN_SERVICE;
336ebfedea0SLionel Sambuc
337ebfedea0SLionel Sambuc if(client_name != NULL) {
338ebfedea0SLionel Sambuc ret = krb5_parse_name(context, client_name, &client);
339ebfedea0SLionel Sambuc if(ret)
340ebfedea0SLionel Sambuc return ret;
341ebfedea0SLionel Sambuc }
342ebfedea0SLionel Sambuc
343ebfedea0SLionel Sambuc if(ccache != NULL) {
344ebfedea0SLionel Sambuc id = ccache;
345ebfedea0SLionel Sambuc ret = krb5_cc_get_principal(context, id, &client);
346ebfedea0SLionel Sambuc if(ret)
347ebfedea0SLionel Sambuc return ret;
348ebfedea0SLionel Sambuc } else {
349ebfedea0SLionel Sambuc /* get principal from default cache, ok if this doesn't work */
350ebfedea0SLionel Sambuc
351ebfedea0SLionel Sambuc ret = get_cache_principal(context, &id, &default_client);
352ebfedea0SLionel Sambuc if (ret) {
353ebfedea0SLionel Sambuc /*
354ebfedea0SLionel Sambuc * No client was specified by the caller and we cannot
355ebfedea0SLionel Sambuc * determine the client from a credentials cache.
356ebfedea0SLionel Sambuc */
357ebfedea0SLionel Sambuc const char *user;
358ebfedea0SLionel Sambuc
359ebfedea0SLionel Sambuc user = get_default_username ();
360ebfedea0SLionel Sambuc
361ebfedea0SLionel Sambuc if(user == NULL) {
362ebfedea0SLionel Sambuc krb5_set_error_message(context, KADM5_FAILURE, "Unable to find local user name");
363ebfedea0SLionel Sambuc return KADM5_FAILURE;
364ebfedea0SLionel Sambuc }
365ebfedea0SLionel Sambuc ret = krb5_make_principal(context, &default_client,
366ebfedea0SLionel Sambuc NULL, user, "admin", NULL);
367ebfedea0SLionel Sambuc if(ret)
368ebfedea0SLionel Sambuc return ret;
369ebfedea0SLionel Sambuc }
370ebfedea0SLionel Sambuc }
371ebfedea0SLionel Sambuc
372ebfedea0SLionel Sambuc
373ebfedea0SLionel Sambuc /*
374ebfedea0SLionel Sambuc * No client was specified by the caller, but we have a client
375ebfedea0SLionel Sambuc * from the default credentials cache.
376ebfedea0SLionel Sambuc */
377ebfedea0SLionel Sambuc if (client == NULL && default_client != NULL)
378ebfedea0SLionel Sambuc client = default_client;
379ebfedea0SLionel Sambuc
380ebfedea0SLionel Sambuc
381ebfedea0SLionel Sambuc if(id && client && (default_client == NULL ||
382ebfedea0SLionel Sambuc krb5_principal_compare(context, client, default_client) != 0)) {
383ebfedea0SLionel Sambuc ret = get_kadm_ticket(context, id, client, server_name);
384ebfedea0SLionel Sambuc if(ret == 0) {
385ebfedea0SLionel Sambuc *ret_cache = id;
386ebfedea0SLionel Sambuc krb5_free_principal(context, default_client);
387ebfedea0SLionel Sambuc if (default_client != client)
388ebfedea0SLionel Sambuc krb5_free_principal(context, client);
389ebfedea0SLionel Sambuc return 0;
390ebfedea0SLionel Sambuc }
391ebfedea0SLionel Sambuc if(ccache != NULL)
392ebfedea0SLionel Sambuc /* couldn't get ticket from cache */
393ebfedea0SLionel Sambuc return -1;
394ebfedea0SLionel Sambuc }
395ebfedea0SLionel Sambuc /* get creds via AS request */
396ebfedea0SLionel Sambuc if(id && (id != ccache))
397ebfedea0SLionel Sambuc krb5_cc_close(context, id);
398ebfedea0SLionel Sambuc if (client != default_client)
399ebfedea0SLionel Sambuc krb5_free_principal(context, default_client);
400ebfedea0SLionel Sambuc
401ebfedea0SLionel Sambuc ret = get_new_cache(context, client, password, prompter, keytab,
402ebfedea0SLionel Sambuc server_name, ret_cache);
403ebfedea0SLionel Sambuc krb5_free_principal(context, client);
404ebfedea0SLionel Sambuc return ret;
405ebfedea0SLionel Sambuc }
406ebfedea0SLionel Sambuc
407ebfedea0SLionel Sambuc static kadm5_ret_t
kadm_connect(kadm5_client_context * ctx)408ebfedea0SLionel Sambuc kadm_connect(kadm5_client_context *ctx)
409ebfedea0SLionel Sambuc {
410ebfedea0SLionel Sambuc kadm5_ret_t ret;
411ebfedea0SLionel Sambuc krb5_principal server;
412ebfedea0SLionel Sambuc krb5_ccache cc;
413ebfedea0SLionel Sambuc rk_socket_t s = rk_INVALID_SOCKET;
414ebfedea0SLionel Sambuc struct addrinfo *ai, *a;
415ebfedea0SLionel Sambuc struct addrinfo hints;
416ebfedea0SLionel Sambuc int error;
417ebfedea0SLionel Sambuc char portstr[NI_MAXSERV];
418ebfedea0SLionel Sambuc char *hostname, *slash;
419ebfedea0SLionel Sambuc char *service_name;
420ebfedea0SLionel Sambuc krb5_context context = ctx->context;
421ebfedea0SLionel Sambuc
422ebfedea0SLionel Sambuc memset (&hints, 0, sizeof(hints));
423ebfedea0SLionel Sambuc hints.ai_socktype = SOCK_STREAM;
424ebfedea0SLionel Sambuc hints.ai_protocol = IPPROTO_TCP;
425ebfedea0SLionel Sambuc
426ebfedea0SLionel Sambuc snprintf (portstr, sizeof(portstr), "%u", ntohs(ctx->kadmind_port));
427ebfedea0SLionel Sambuc
428ebfedea0SLionel Sambuc hostname = ctx->admin_server;
429ebfedea0SLionel Sambuc slash = strchr (hostname, '/');
430ebfedea0SLionel Sambuc if (slash != NULL)
431ebfedea0SLionel Sambuc hostname = slash + 1;
432ebfedea0SLionel Sambuc
433ebfedea0SLionel Sambuc error = getaddrinfo (hostname, portstr, &hints, &ai);
434ebfedea0SLionel Sambuc if (error) {
435ebfedea0SLionel Sambuc krb5_clear_error_message(context);
436ebfedea0SLionel Sambuc return KADM5_BAD_SERVER_NAME;
437ebfedea0SLionel Sambuc }
438ebfedea0SLionel Sambuc
439ebfedea0SLionel Sambuc for (a = ai; a != NULL; a = a->ai_next) {
440ebfedea0SLionel Sambuc s = socket (a->ai_family, a->ai_socktype, a->ai_protocol);
441ebfedea0SLionel Sambuc if (s < 0)
442ebfedea0SLionel Sambuc continue;
443ebfedea0SLionel Sambuc if (connect (s, a->ai_addr, a->ai_addrlen) < 0) {
444ebfedea0SLionel Sambuc krb5_clear_error_message(context);
445ebfedea0SLionel Sambuc krb5_warn (context, errno, "connect(%s)", hostname);
446ebfedea0SLionel Sambuc rk_closesocket (s);
447ebfedea0SLionel Sambuc continue;
448ebfedea0SLionel Sambuc }
449ebfedea0SLionel Sambuc break;
450ebfedea0SLionel Sambuc }
451ebfedea0SLionel Sambuc if (a == NULL) {
452ebfedea0SLionel Sambuc freeaddrinfo (ai);
453ebfedea0SLionel Sambuc krb5_clear_error_message(context);
454ebfedea0SLionel Sambuc krb5_warnx (context, "failed to contact %s", hostname);
455ebfedea0SLionel Sambuc return KADM5_FAILURE;
456ebfedea0SLionel Sambuc }
457ebfedea0SLionel Sambuc ret = _kadm5_c_get_cred_cache(context,
458ebfedea0SLionel Sambuc ctx->client_name,
459ebfedea0SLionel Sambuc ctx->service_name,
460ebfedea0SLionel Sambuc NULL, ctx->prompter, ctx->keytab,
461ebfedea0SLionel Sambuc ctx->ccache, &cc);
462ebfedea0SLionel Sambuc
463ebfedea0SLionel Sambuc if(ret) {
464ebfedea0SLionel Sambuc freeaddrinfo (ai);
465ebfedea0SLionel Sambuc rk_closesocket(s);
466ebfedea0SLionel Sambuc return ret;
467ebfedea0SLionel Sambuc }
468ebfedea0SLionel Sambuc
469ebfedea0SLionel Sambuc if (ctx->realm)
470ebfedea0SLionel Sambuc asprintf(&service_name, "%s@%s", KADM5_ADMIN_SERVICE, ctx->realm);
471ebfedea0SLionel Sambuc else
472ebfedea0SLionel Sambuc asprintf(&service_name, "%s", KADM5_ADMIN_SERVICE);
473ebfedea0SLionel Sambuc
474ebfedea0SLionel Sambuc if (service_name == NULL) {
475ebfedea0SLionel Sambuc freeaddrinfo (ai);
476ebfedea0SLionel Sambuc rk_closesocket(s);
477ebfedea0SLionel Sambuc krb5_clear_error_message(context);
478ebfedea0SLionel Sambuc return ENOMEM;
479ebfedea0SLionel Sambuc }
480ebfedea0SLionel Sambuc
481ebfedea0SLionel Sambuc ret = krb5_parse_name(context, service_name, &server);
482ebfedea0SLionel Sambuc free(service_name);
483ebfedea0SLionel Sambuc if(ret) {
484ebfedea0SLionel Sambuc freeaddrinfo (ai);
485ebfedea0SLionel Sambuc if(ctx->ccache == NULL)
486ebfedea0SLionel Sambuc krb5_cc_close(context, cc);
487ebfedea0SLionel Sambuc rk_closesocket(s);
488ebfedea0SLionel Sambuc return ret;
489ebfedea0SLionel Sambuc }
490ebfedea0SLionel Sambuc ctx->ac = NULL;
491ebfedea0SLionel Sambuc
492ebfedea0SLionel Sambuc ret = krb5_sendauth(context, &ctx->ac, &s,
493ebfedea0SLionel Sambuc KADMIN_APPL_VERSION, NULL,
494ebfedea0SLionel Sambuc server, AP_OPTS_MUTUAL_REQUIRED,
495ebfedea0SLionel Sambuc NULL, NULL, cc, NULL, NULL, NULL);
496ebfedea0SLionel Sambuc if(ret == 0) {
497ebfedea0SLionel Sambuc krb5_data params;
498ebfedea0SLionel Sambuc kadm5_config_params p;
499ebfedea0SLionel Sambuc memset(&p, 0, sizeof(p));
500ebfedea0SLionel Sambuc if(ctx->realm) {
501ebfedea0SLionel Sambuc p.mask |= KADM5_CONFIG_REALM;
502ebfedea0SLionel Sambuc p.realm = ctx->realm;
503ebfedea0SLionel Sambuc }
504ebfedea0SLionel Sambuc ret = _kadm5_marshal_params(context, &p, ¶ms);
505ebfedea0SLionel Sambuc
506ebfedea0SLionel Sambuc ret = krb5_write_priv_message(context, ctx->ac, &s, ¶ms);
507ebfedea0SLionel Sambuc krb5_data_free(¶ms);
508ebfedea0SLionel Sambuc if(ret) {
509ebfedea0SLionel Sambuc freeaddrinfo (ai);
510ebfedea0SLionel Sambuc rk_closesocket(s);
511ebfedea0SLionel Sambuc if(ctx->ccache == NULL)
512ebfedea0SLionel Sambuc krb5_cc_close(context, cc);
513ebfedea0SLionel Sambuc return ret;
514ebfedea0SLionel Sambuc }
515ebfedea0SLionel Sambuc } else if(ret == KRB5_SENDAUTH_BADAPPLVERS) {
516ebfedea0SLionel Sambuc rk_closesocket(s);
517ebfedea0SLionel Sambuc
518ebfedea0SLionel Sambuc s = socket (a->ai_family, a->ai_socktype, a->ai_protocol);
519ebfedea0SLionel Sambuc if (s < 0) {
520ebfedea0SLionel Sambuc freeaddrinfo (ai);
521ebfedea0SLionel Sambuc krb5_clear_error_message(context);
522ebfedea0SLionel Sambuc return errno;
523ebfedea0SLionel Sambuc }
524ebfedea0SLionel Sambuc if (connect (s, a->ai_addr, a->ai_addrlen) < 0) {
525ebfedea0SLionel Sambuc rk_closesocket (s);
526ebfedea0SLionel Sambuc freeaddrinfo (ai);
527ebfedea0SLionel Sambuc krb5_clear_error_message(context);
528ebfedea0SLionel Sambuc return errno;
529ebfedea0SLionel Sambuc }
530ebfedea0SLionel Sambuc ret = krb5_sendauth(context, &ctx->ac, &s,
531ebfedea0SLionel Sambuc KADMIN_OLD_APPL_VERSION, NULL,
532ebfedea0SLionel Sambuc server, AP_OPTS_MUTUAL_REQUIRED,
533ebfedea0SLionel Sambuc NULL, NULL, cc, NULL, NULL, NULL);
534ebfedea0SLionel Sambuc }
535ebfedea0SLionel Sambuc freeaddrinfo (ai);
536ebfedea0SLionel Sambuc if(ret) {
537ebfedea0SLionel Sambuc rk_closesocket(s);
538ebfedea0SLionel Sambuc return ret;
539ebfedea0SLionel Sambuc }
540ebfedea0SLionel Sambuc
541ebfedea0SLionel Sambuc krb5_free_principal(context, server);
542ebfedea0SLionel Sambuc if(ctx->ccache == NULL)
543ebfedea0SLionel Sambuc krb5_cc_close(context, cc);
544ebfedea0SLionel Sambuc ctx->sock = s;
545ebfedea0SLionel Sambuc
546ebfedea0SLionel Sambuc return 0;
547ebfedea0SLionel Sambuc }
548ebfedea0SLionel Sambuc
549ebfedea0SLionel Sambuc kadm5_ret_t
_kadm5_connect(void * handle)550ebfedea0SLionel Sambuc _kadm5_connect(void *handle)
551ebfedea0SLionel Sambuc {
552ebfedea0SLionel Sambuc kadm5_client_context *ctx = handle;
553ebfedea0SLionel Sambuc if(ctx->sock == -1)
554ebfedea0SLionel Sambuc return kadm_connect(ctx);
555ebfedea0SLionel Sambuc return 0;
556ebfedea0SLionel Sambuc }
557ebfedea0SLionel Sambuc
558ebfedea0SLionel Sambuc static kadm5_ret_t
kadm5_c_init_with_context(krb5_context context,const char * client_name,const char * password,krb5_prompter_fct prompter,const char * keytab,krb5_ccache ccache,const char * service_name,kadm5_config_params * realm_params,unsigned long struct_version,unsigned long api_version,void ** server_handle)559ebfedea0SLionel Sambuc kadm5_c_init_with_context(krb5_context context,
560ebfedea0SLionel Sambuc const char *client_name,
561ebfedea0SLionel Sambuc const char *password,
562ebfedea0SLionel Sambuc krb5_prompter_fct prompter,
563ebfedea0SLionel Sambuc const char *keytab,
564ebfedea0SLionel Sambuc krb5_ccache ccache,
565ebfedea0SLionel Sambuc const char *service_name,
566ebfedea0SLionel Sambuc kadm5_config_params *realm_params,
567ebfedea0SLionel Sambuc unsigned long struct_version,
568ebfedea0SLionel Sambuc unsigned long api_version,
569ebfedea0SLionel Sambuc void **server_handle)
570ebfedea0SLionel Sambuc {
571ebfedea0SLionel Sambuc kadm5_ret_t ret;
572ebfedea0SLionel Sambuc kadm5_client_context *ctx;
573ebfedea0SLionel Sambuc krb5_ccache cc;
574ebfedea0SLionel Sambuc
575ebfedea0SLionel Sambuc ret = _kadm5_c_init_context(&ctx, realm_params, context);
576ebfedea0SLionel Sambuc if(ret)
577ebfedea0SLionel Sambuc return ret;
578ebfedea0SLionel Sambuc
579ebfedea0SLionel Sambuc if(password != NULL && *password != '\0') {
580ebfedea0SLionel Sambuc ret = _kadm5_c_get_cred_cache(context,
581ebfedea0SLionel Sambuc client_name,
582ebfedea0SLionel Sambuc service_name,
583ebfedea0SLionel Sambuc password, prompter, keytab, ccache, &cc);
584ebfedea0SLionel Sambuc if(ret)
585ebfedea0SLionel Sambuc return ret; /* XXX */
586ebfedea0SLionel Sambuc ccache = cc;
587ebfedea0SLionel Sambuc }
588ebfedea0SLionel Sambuc
589ebfedea0SLionel Sambuc
590ebfedea0SLionel Sambuc if (client_name != NULL)
591ebfedea0SLionel Sambuc ctx->client_name = strdup(client_name);
592ebfedea0SLionel Sambuc else
593ebfedea0SLionel Sambuc ctx->client_name = NULL;
594ebfedea0SLionel Sambuc if (service_name != NULL)
595ebfedea0SLionel Sambuc ctx->service_name = strdup(service_name);
596ebfedea0SLionel Sambuc else
597ebfedea0SLionel Sambuc ctx->service_name = NULL;
598ebfedea0SLionel Sambuc ctx->prompter = prompter;
599ebfedea0SLionel Sambuc ctx->keytab = keytab;
600ebfedea0SLionel Sambuc ctx->ccache = ccache;
601ebfedea0SLionel Sambuc /* maybe we should copy the params here */
602ebfedea0SLionel Sambuc ctx->sock = -1;
603ebfedea0SLionel Sambuc
604ebfedea0SLionel Sambuc *server_handle = ctx;
605ebfedea0SLionel Sambuc return 0;
606ebfedea0SLionel Sambuc }
607ebfedea0SLionel Sambuc
608ebfedea0SLionel Sambuc static kadm5_ret_t
init_context(const char * client_name,const char * password,krb5_prompter_fct prompter,const char * keytab,krb5_ccache ccache,const char * service_name,kadm5_config_params * realm_params,unsigned long struct_version,unsigned long api_version,void ** server_handle)609ebfedea0SLionel Sambuc init_context(const char *client_name,
610ebfedea0SLionel Sambuc const char *password,
611ebfedea0SLionel Sambuc krb5_prompter_fct prompter,
612ebfedea0SLionel Sambuc const char *keytab,
613ebfedea0SLionel Sambuc krb5_ccache ccache,
614ebfedea0SLionel Sambuc const char *service_name,
615ebfedea0SLionel Sambuc kadm5_config_params *realm_params,
616ebfedea0SLionel Sambuc unsigned long struct_version,
617ebfedea0SLionel Sambuc unsigned long api_version,
618ebfedea0SLionel Sambuc void **server_handle)
619ebfedea0SLionel Sambuc {
620ebfedea0SLionel Sambuc krb5_context context;
621ebfedea0SLionel Sambuc kadm5_ret_t ret;
622ebfedea0SLionel Sambuc kadm5_server_context *ctx;
623ebfedea0SLionel Sambuc
624ebfedea0SLionel Sambuc ret = krb5_init_context(&context);
625ebfedea0SLionel Sambuc if (ret)
626ebfedea0SLionel Sambuc return ret;
627ebfedea0SLionel Sambuc ret = kadm5_c_init_with_context(context,
628ebfedea0SLionel Sambuc client_name,
629ebfedea0SLionel Sambuc password,
630ebfedea0SLionel Sambuc prompter,
631ebfedea0SLionel Sambuc keytab,
632ebfedea0SLionel Sambuc ccache,
633ebfedea0SLionel Sambuc service_name,
634ebfedea0SLionel Sambuc realm_params,
635ebfedea0SLionel Sambuc struct_version,
636ebfedea0SLionel Sambuc api_version,
637ebfedea0SLionel Sambuc server_handle);
638ebfedea0SLionel Sambuc if(ret){
639ebfedea0SLionel Sambuc krb5_free_context(context);
640ebfedea0SLionel Sambuc return ret;
641ebfedea0SLionel Sambuc }
642ebfedea0SLionel Sambuc ctx = *server_handle;
643ebfedea0SLionel Sambuc ctx->my_context = 1;
644ebfedea0SLionel Sambuc return 0;
645ebfedea0SLionel Sambuc }
646ebfedea0SLionel Sambuc
647ebfedea0SLionel Sambuc kadm5_ret_t
kadm5_c_init_with_password_ctx(krb5_context context,const char * client_name,const char * password,const char * service_name,kadm5_config_params * realm_params,unsigned long struct_version,unsigned long api_version,void ** server_handle)648ebfedea0SLionel Sambuc kadm5_c_init_with_password_ctx(krb5_context context,
649ebfedea0SLionel Sambuc const char *client_name,
650ebfedea0SLionel Sambuc const char *password,
651ebfedea0SLionel Sambuc const char *service_name,
652ebfedea0SLionel Sambuc kadm5_config_params *realm_params,
653ebfedea0SLionel Sambuc unsigned long struct_version,
654ebfedea0SLionel Sambuc unsigned long api_version,
655ebfedea0SLionel Sambuc void **server_handle)
656ebfedea0SLionel Sambuc {
657ebfedea0SLionel Sambuc return kadm5_c_init_with_context(context,
658ebfedea0SLionel Sambuc client_name,
659ebfedea0SLionel Sambuc password,
660ebfedea0SLionel Sambuc krb5_prompter_posix,
661ebfedea0SLionel Sambuc NULL,
662ebfedea0SLionel Sambuc NULL,
663ebfedea0SLionel Sambuc service_name,
664ebfedea0SLionel Sambuc realm_params,
665ebfedea0SLionel Sambuc struct_version,
666ebfedea0SLionel Sambuc api_version,
667ebfedea0SLionel Sambuc server_handle);
668ebfedea0SLionel Sambuc }
669ebfedea0SLionel Sambuc
670ebfedea0SLionel Sambuc kadm5_ret_t
kadm5_c_init_with_password(const char * client_name,const char * password,const char * service_name,kadm5_config_params * realm_params,unsigned long struct_version,unsigned long api_version,void ** server_handle)671ebfedea0SLionel Sambuc kadm5_c_init_with_password(const char *client_name,
672ebfedea0SLionel Sambuc const char *password,
673ebfedea0SLionel Sambuc const char *service_name,
674ebfedea0SLionel Sambuc kadm5_config_params *realm_params,
675ebfedea0SLionel Sambuc unsigned long struct_version,
676ebfedea0SLionel Sambuc unsigned long api_version,
677ebfedea0SLionel Sambuc void **server_handle)
678ebfedea0SLionel Sambuc {
679ebfedea0SLionel Sambuc return init_context(client_name,
680ebfedea0SLionel Sambuc password,
681ebfedea0SLionel Sambuc krb5_prompter_posix,
682ebfedea0SLionel Sambuc NULL,
683ebfedea0SLionel Sambuc NULL,
684ebfedea0SLionel Sambuc service_name,
685ebfedea0SLionel Sambuc realm_params,
686ebfedea0SLionel Sambuc struct_version,
687ebfedea0SLionel Sambuc api_version,
688ebfedea0SLionel Sambuc server_handle);
689ebfedea0SLionel Sambuc }
690ebfedea0SLionel Sambuc
691ebfedea0SLionel Sambuc kadm5_ret_t
kadm5_c_init_with_skey_ctx(krb5_context context,const char * client_name,const char * keytab,const char * service_name,kadm5_config_params * realm_params,unsigned long struct_version,unsigned long api_version,void ** server_handle)692ebfedea0SLionel Sambuc kadm5_c_init_with_skey_ctx(krb5_context context,
693ebfedea0SLionel Sambuc const char *client_name,
694ebfedea0SLionel Sambuc const char *keytab,
695ebfedea0SLionel Sambuc const char *service_name,
696ebfedea0SLionel Sambuc kadm5_config_params *realm_params,
697ebfedea0SLionel Sambuc unsigned long struct_version,
698ebfedea0SLionel Sambuc unsigned long api_version,
699ebfedea0SLionel Sambuc void **server_handle)
700ebfedea0SLionel Sambuc {
701ebfedea0SLionel Sambuc return kadm5_c_init_with_context(context,
702ebfedea0SLionel Sambuc client_name,
703ebfedea0SLionel Sambuc NULL,
704ebfedea0SLionel Sambuc NULL,
705ebfedea0SLionel Sambuc keytab,
706ebfedea0SLionel Sambuc NULL,
707ebfedea0SLionel Sambuc service_name,
708ebfedea0SLionel Sambuc realm_params,
709ebfedea0SLionel Sambuc struct_version,
710ebfedea0SLionel Sambuc api_version,
711ebfedea0SLionel Sambuc server_handle);
712ebfedea0SLionel Sambuc }
713ebfedea0SLionel Sambuc
714ebfedea0SLionel Sambuc
715ebfedea0SLionel Sambuc kadm5_ret_t
kadm5_c_init_with_skey(const char * client_name,const char * keytab,const char * service_name,kadm5_config_params * realm_params,unsigned long struct_version,unsigned long api_version,void ** server_handle)716ebfedea0SLionel Sambuc kadm5_c_init_with_skey(const char *client_name,
717ebfedea0SLionel Sambuc const char *keytab,
718ebfedea0SLionel Sambuc const char *service_name,
719ebfedea0SLionel Sambuc kadm5_config_params *realm_params,
720ebfedea0SLionel Sambuc unsigned long struct_version,
721ebfedea0SLionel Sambuc unsigned long api_version,
722ebfedea0SLionel Sambuc void **server_handle)
723ebfedea0SLionel Sambuc {
724ebfedea0SLionel Sambuc return init_context(client_name,
725ebfedea0SLionel Sambuc NULL,
726ebfedea0SLionel Sambuc NULL,
727ebfedea0SLionel Sambuc keytab,
728ebfedea0SLionel Sambuc NULL,
729ebfedea0SLionel Sambuc service_name,
730ebfedea0SLionel Sambuc realm_params,
731ebfedea0SLionel Sambuc struct_version,
732ebfedea0SLionel Sambuc api_version,
733ebfedea0SLionel Sambuc server_handle);
734ebfedea0SLionel Sambuc }
735ebfedea0SLionel Sambuc
736ebfedea0SLionel Sambuc kadm5_ret_t
kadm5_c_init_with_creds_ctx(krb5_context context,const char * client_name,krb5_ccache ccache,const char * service_name,kadm5_config_params * realm_params,unsigned long struct_version,unsigned long api_version,void ** server_handle)737ebfedea0SLionel Sambuc kadm5_c_init_with_creds_ctx(krb5_context context,
738ebfedea0SLionel Sambuc const char *client_name,
739ebfedea0SLionel Sambuc krb5_ccache ccache,
740ebfedea0SLionel Sambuc const char *service_name,
741ebfedea0SLionel Sambuc kadm5_config_params *realm_params,
742ebfedea0SLionel Sambuc unsigned long struct_version,
743ebfedea0SLionel Sambuc unsigned long api_version,
744ebfedea0SLionel Sambuc void **server_handle)
745ebfedea0SLionel Sambuc {
746ebfedea0SLionel Sambuc return kadm5_c_init_with_context(context,
747ebfedea0SLionel Sambuc client_name,
748ebfedea0SLionel Sambuc NULL,
749ebfedea0SLionel Sambuc NULL,
750ebfedea0SLionel Sambuc NULL,
751ebfedea0SLionel Sambuc ccache,
752ebfedea0SLionel Sambuc service_name,
753ebfedea0SLionel Sambuc realm_params,
754ebfedea0SLionel Sambuc struct_version,
755ebfedea0SLionel Sambuc api_version,
756ebfedea0SLionel Sambuc server_handle);
757ebfedea0SLionel Sambuc }
758ebfedea0SLionel Sambuc
759ebfedea0SLionel Sambuc kadm5_ret_t
kadm5_c_init_with_creds(const char * client_name,krb5_ccache ccache,const char * service_name,kadm5_config_params * realm_params,unsigned long struct_version,unsigned long api_version,void ** server_handle)760ebfedea0SLionel Sambuc kadm5_c_init_with_creds(const char *client_name,
761ebfedea0SLionel Sambuc krb5_ccache ccache,
762ebfedea0SLionel Sambuc const char *service_name,
763ebfedea0SLionel Sambuc kadm5_config_params *realm_params,
764ebfedea0SLionel Sambuc unsigned long struct_version,
765ebfedea0SLionel Sambuc unsigned long api_version,
766ebfedea0SLionel Sambuc void **server_handle)
767ebfedea0SLionel Sambuc {
768ebfedea0SLionel Sambuc return init_context(client_name,
769ebfedea0SLionel Sambuc NULL,
770ebfedea0SLionel Sambuc NULL,
771ebfedea0SLionel Sambuc NULL,
772ebfedea0SLionel Sambuc ccache,
773ebfedea0SLionel Sambuc service_name,
774ebfedea0SLionel Sambuc realm_params,
775ebfedea0SLionel Sambuc struct_version,
776ebfedea0SLionel Sambuc api_version,
777ebfedea0SLionel Sambuc server_handle);
778ebfedea0SLionel Sambuc }
779ebfedea0SLionel Sambuc
780ebfedea0SLionel Sambuc #if 0
781ebfedea0SLionel Sambuc kadm5_ret_t
782ebfedea0SLionel Sambuc kadm5_init(char *client_name, char *pass,
783ebfedea0SLionel Sambuc char *service_name,
784ebfedea0SLionel Sambuc kadm5_config_params *realm_params,
785ebfedea0SLionel Sambuc unsigned long struct_version,
786ebfedea0SLionel Sambuc unsigned long api_version,
787ebfedea0SLionel Sambuc void **server_handle)
788ebfedea0SLionel Sambuc {
789ebfedea0SLionel Sambuc }
790ebfedea0SLionel Sambuc #endif
791ebfedea0SLionel Sambuc
792