1 /*
2 * Copyright 2003 Sun Microsystems, Inc. All rights reserved.
3 * Use is subject to license terms.
4 */
5
6 #pragma ident "@(#)alt_prof.c 1.13 04/09/08 SMI"
7
8 /*
9 * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
10 *
11 * Openvision retains the copyright to derivative works of
12 * this source code. Do *NOT* create a derivative of this
13 * source code before consulting with your legal department.
14 * Do *NOT* integrate *ANY* of this source code into another
15 * product before consulting with your legal department.
16 *
17 * For further information, read the top-level Openvision
18 * copyright which is contained in the top-level MIT Kerberos
19 * copyright.
20 *
21 * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
22 *
23 */
24
25
26 /*
39 * without fee is hereby granted, provided that the above copyright
40 * notice appear in all copies and that both that copyright notice and
41 * this permission notice appear in supporting documentation, and that
42 * the name of M.I.T. not be used in advertising or publicity pertaining
43 * to distribution of the software without specific, written prior
44 * permission. M.I.T. makes no representations about the suitability of
45 * this software for any purpose. It is provided "as is" without express
46 * or implied warranty.
47 *
48 */
49
50 /*
51 * alt_prof.c - Implement alternate profile file handling.
52 */
53 #include <k5-int.h>
54 #include <kadm5/admin.h>
55 #include <adm_proto.h>
56 #include <stdio.h>
57 #include <ctype.h>
58 #include <os-proto.h>
59
60 krb5_error_code kadm5_free_config_params();
61
62 #define DEFAULT_ENCTYPE_LIST \
63 "aes256-cts-hmac-sha1-96:normal " \
64 "aes128-cts-hmac-sha1-96:normal " \
65 "des3-cbc-hmac-sha1-kd:normal " \
66 "arcfour-hmac-md5:normal " \
67 "des-cbc-md5:normal " \
68 "des-cbc-crc:normal"
69
70 /*
71 * krb5_aprof_init() - Initialize alternate profile context.
72 *
73 * Parameters:
74 * fname - default file name of the profile.
75 * envname - environment variable name which can override fname.
76 * acontextp - Pointer to opaque context for alternate profile.
77 *
78 * Returns:
802 params.kpasswd_port = params_in->kpasswd_port;
803 /*
804 * If kpasswd_port is not explicitly defined,
805 * determine the port to use based on the protocol.
806 * The alternative protocol uses a different port
807 * than the standard admind port.
808 */
809 else if (params.kpasswd_protocol == KRB5_CHGPWD_RPCSEC) {
810 params.kpasswd_port = DEFAULT_KADM5_PORT;
811 } else {
812 /*
813 * When using the Horowitz/IETF protocol for
814 * password changing, the default port is 464
815 * (officially recognized by IANA).
816 */
817 params.kpasswd_port = DEFAULT_KPASSWD_PORT;
818 }
819 params.mask |= KADM5_CONFIG_KPASSWD_PORT;
820 }
821
822 *params_out = params;
823
824 cleanup:
825 if (aprofile)
826 krb5_aprof_finish(aprofile);
827 if (kret) {
828 (void) kadm5_free_config_params(context, ¶ms);
829 params_out->mask = 0;
830 }
831 #ifdef KRB5_DNS_LOOKUP
832 if (dns_realm.data)
833 free(dns_realm.data);
834 #endif /* KRB5_DNS_LOOKUP */
835
836 return (kret);
837 }
838 /*
839 * kadm5_free_config_params() - Free data allocated by above.
840 */
841 /*ARGSUSED*/
|
1 /*
2 * Copyright 2004 Sun Microsystems, Inc. All rights reserved.
3 * Use is subject to license terms.
4 */
5
6 #pragma ident "@(#)alt_prof.c 1.12 04/03/19 SMI"
7
8 /*
9 * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
10 *
11 * Openvision retains the copyright to derivative works of
12 * this source code. Do *NOT* create a derivative of this
13 * source code before consulting with your legal department.
14 * Do *NOT* integrate *ANY* of this source code into another
15 * product before consulting with your legal department.
16 *
17 * For further information, read the top-level Openvision
18 * copyright which is contained in the top-level MIT Kerberos
19 * copyright.
20 *
21 * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
22 *
23 */
24
25
26 /*
39 * without fee is hereby granted, provided that the above copyright
40 * notice appear in all copies and that both that copyright notice and
41 * this permission notice appear in supporting documentation, and that
42 * the name of M.I.T. not be used in advertising or publicity pertaining
43 * to distribution of the software without specific, written prior
44 * permission. M.I.T. makes no representations about the suitability of
45 * this software for any purpose. It is provided "as is" without express
46 * or implied warranty.
47 *
48 */
49
50 /*
51 * alt_prof.c - Implement alternate profile file handling.
52 */
53 #include <k5-int.h>
54 #include <kadm5/admin.h>
55 #include <adm_proto.h>
56 #include <stdio.h>
57 #include <ctype.h>
58 #include <os-proto.h>
59 #include <kdb/kdb_log.h>
60
61 krb5_error_code kadm5_free_config_params();
62
63 #define DEFAULT_ENCTYPE_LIST \
64 "aes256-cts-hmac-sha1-96:normal " \
65 "aes128-cts-hmac-sha1-96:normal " \
66 "des3-cbc-hmac-sha1-kd:normal " \
67 "arcfour-hmac-md5:normal " \
68 "des-cbc-md5:normal " \
69 "des-cbc-crc:normal"
70
71 /*
72 * krb5_aprof_init() - Initialize alternate profile context.
73 *
74 * Parameters:
75 * fname - default file name of the profile.
76 * envname - environment variable name which can override fname.
77 * acontextp - Pointer to opaque context for alternate profile.
78 *
79 * Returns:
803 params.kpasswd_port = params_in->kpasswd_port;
804 /*
805 * If kpasswd_port is not explicitly defined,
806 * determine the port to use based on the protocol.
807 * The alternative protocol uses a different port
808 * than the standard admind port.
809 */
810 else if (params.kpasswd_protocol == KRB5_CHGPWD_RPCSEC) {
811 params.kpasswd_port = DEFAULT_KADM5_PORT;
812 } else {
813 /*
814 * When using the Horowitz/IETF protocol for
815 * password changing, the default port is 464
816 * (officially recognized by IANA).
817 */
818 params.kpasswd_port = DEFAULT_KPASSWD_PORT;
819 }
820 params.mask |= KADM5_CONFIG_KPASSWD_PORT;
821 }
822
823 hierarchy[2] = "sunw_dbprop_enable";
824
825 params.iprop_enabled = FALSE;
826 params.mask |= KADM5_CONFIG_IPROP_ENABLED;
827
828 if (params_in->mask & KADM5_CONFIG_IPROP_ENABLED) {
829 params.mask |= KADM5_CONFIG_IPROP_ENABLED;
830 params.iprop_enabled = params_in->iprop_enabled;
831 } else {
832 if (aprofile && !krb5_aprof_get_string(aprofile, hierarchy,
833 TRUE, &svalue)) {
834 if (strncasecmp(svalue, "Y", 1) == 0)
835 params.iprop_enabled = TRUE;
836 if (strncasecmp(svalue, "true", 4) == 0)
837 params.iprop_enabled = TRUE;
838 params.mask |= KADM5_CONFIG_IPROP_ENABLED;
839 krb5_xfree(svalue);
840 }
841 }
842
843 hierarchy[2] = "sunw_dbprop_master_ulogsize";
844
845 params.iprop_ulogsize = DEF_ULOGENTRIES;
846 params.mask |= KADM5_CONFIG_ULOG_SIZE;
847
848 if (params_in->mask & KADM5_CONFIG_ULOG_SIZE) {
849 params.mask |= KADM5_CONFIG_ULOG_SIZE;
850 params.iprop_ulogsize = params_in->iprop_ulogsize;
851 } else {
852 if (aprofile && !krb5_aprof_get_int32(aprofile, hierarchy,
853 TRUE, &ivalue)) {
854 if (ivalue > MAX_ULOGENTRIES)
855 params.iprop_ulogsize = MAX_ULOGENTRIES;
856 else if (ivalue <= 0)
857 params.iprop_ulogsize = DEF_ULOGENTRIES;
858 else
859 params.iprop_ulogsize = ivalue;
860 params.mask |= KADM5_CONFIG_ULOG_SIZE;
861 }
862 }
863
864 hierarchy[2] = "sunw_dbprop_slave_poll";
865
866 params.iprop_polltime = "2m";
867 params.mask |= KADM5_CONFIG_POLL_TIME;
868
869 if (params_in->mask & KADM5_CONFIG_POLL_TIME) {
870 params.iprop_polltime = strdup(params_in->iprop_polltime);
871 if (params.iprop_polltime)
872 params.mask |= KADM5_CONFIG_POLL_TIME;
873 } else {
874 if (aprofile && !krb5_aprof_get_string(aprofile, hierarchy,
875 TRUE, &svalue)) {
876 params.iprop_polltime = strdup(svalue);
877 params.mask |= KADM5_CONFIG_POLL_TIME;
878 krb5_xfree(svalue);
879 }
880 }
881
882 *params_out = params;
883
884 cleanup:
885 if (aprofile)
886 krb5_aprof_finish(aprofile);
887 if (kret) {
888 (void) kadm5_free_config_params(context, ¶ms);
889 params_out->mask = 0;
890 }
891 #ifdef KRB5_DNS_LOOKUP
892 if (dns_realm.data)
893 free(dns_realm.data);
894 #endif /* KRB5_DNS_LOOKUP */
895
896 return (kret);
897 }
898 /*
899 * kadm5_free_config_params() - Free data allocated by above.
900 */
901 /*ARGSUSED*/
|