kadmin/kadmin.c

   1 /*
   2  * Copyright (c) 1997 Kungliga Tekniska Högskolan
   3  * (Royal Institute of Technology, Stockholm, Sweden).
   4  * All rights reserved.
   5  *
   6  * Redistribution and use in source and binary forms, with or without
   7  * modification, are permitted provided that the following conditions
   8  * are met:
   9  *
  10  * 1. Redistributions of source code must retain the above copyright
  11  *    notice, this list of conditions and the following disclaimer.
  12  *
  13  * 2. Redistributions in binary form must reproduce the above copyright
  14  *    notice, this list of conditions and the following disclaimer in the
  15  *    documentation and/or other materials provided with the distribution.
  16  *
  17  * 3. All advertising materials mentioning features or use of this software
  18  *    must display the following acknowledgement:
  19  *      This product includes software developed by Kungliga Tekniska
  20  *      Högskolan and its contributors.
  21  *
  22  * 4. Neither the name of the Institute nor the names of its contributors
  23  *    may be used to endorse or promote products derived from this software
  24  *    without specific prior written permission.
  25  *
  26  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
  27  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  28  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  29  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
  30  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  31  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  32  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  33  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  34  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  35  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  36  * SUCH DAMAGE.
  37  */
  38
  39 #include "kadmin_locl.h"
  40 #include <sl.h>
  41
  42 RCSID("$Id$");
  43
  44 static char *config_file;
  45 static char *keyfile;
  46 static int local_flag;
  47 static int help_flag;
  48 static int version_flag;
  49 static char *realm;
  50 static char *admin_server;
  51
  52 static struct getargs args[] = {
  53     {
  54         "config-file",  'c',    arg_string,     &config_file,
  55         "location of config file",      "file"
  56     },
  57     {
  58         "key-file",     'k',    arg_string, &keyfile,
  59         "location of master key file", "file"
  60     },
  61     {
  62         "realm",        'r',    arg_string,   &realm,
  63         "realm to use", "realm"
  64     },
  65     {
  66         "admin-server", 'a',    arg_string,   &admin_server,
  67         "server to contact", "host"
  68     },
  69     {   "local", 'l', arg_flag, &local_flag, "local admin mode" },
  70     {   "help",         'h',    arg_flag,   &help_flag },
  71     {   "version",      'v',    arg_flag,   &version_flag }
  72 };
  73
  74 static int num_args = sizeof(args) / sizeof(args[0]);
  75
  76 static SL_cmd commands[] = {
  77     /* commands that are only available with `-l' */
  78     { "dump",           dump, "dump [file]"},
  79     { "load",           load, "load file"},
  80     { "merge",          merge, "merge file"},
  81     { "init",           init, "init realm..."},
  82     /* common commands */
  83     { "add_new_key",    add_new_key,    "add_new_key principal"},
  84     { "ank"},
  85     { "cpw",            cpw_entry,      "cpw_entry principal..."},
  86     { "change_password"},
  87     { "passwd"},
  88     { "del_entry",      del_entry,      "del_entry principal..."},
  89     { "delete" },
  90     { "ext_keytab",     ext_keytab,     "ext_keytab principal..."},
  91     { "get_entry",      get_entry,      "get_entry principal"},
  92     { "rename",         rename_entry,   "rename source target"},
  93     { "modify",         mod_entry,      "modify principal" },
  94     { "privileges",     get_privs},
  95     { "list_principals",list_princs,    "list expression..." },
  96     { "help",           help, "help"},
  97     { "?"},
  98     { "exit",           exit_kadmin, "exit"},
  99     { NULL}
 100 };
 101
 102 krb5_context context;
 103 void *kadm_handle;
 104
 105 int
 106 help(int argc, char **argv)
 107 {
 108     sl_help(commands, argc, argv);
 109     return 0;
 110 }
 111
 112 int
 113 exit_kadmin (int argc, char **argv)
 114 {
 115     return 1;
 116 }
 117
 118 static void
 119 usage(int ret)
 120 {
 121     arg_printusage (args, num_args, "");
 122     exit (ret);
 123 }
 124
 125 int
 126 get_privs(int argc, char **argv)
 127 {
 128     u_int32_t privs;
 129     char str[128];
 130     kadm5_ret_t ret;
 131
 132     ret = kadm5_get_privs(kadm_handle, &privs);
 133     if(ret)
 134         krb5_warn(context, ret, "kadm5_get_privs");
 135     else{
 136         ret =_kadm5_privs_to_string(privs, str, sizeof(str));
 137         printf("%s\n", str);
 138     }
 139     return 0;
 140 }
 141
 142 int
 143 main(int argc, char **argv)
 144 {
 145     krb5_error_code ret;
 146     krb5_config_section *cf;
 147     kadm5_config_params conf;
 148     int optind = 0;
 149     int e;
 150     SL_cmd *cmd;
 151
 152     set_progname(argv[0]);
 153
 154     krb5_init_context(&context);
 155
 156     while((e = getarg(args, num_args, argc, argv, &optind)))
 157         warnx("error at argument `%s'", argv[optind]);
 158
 159     if (help_flag)
 160         usage (0);
 161
 162     if (version_flag)
 163         krb5_errx(context, 0, "%s", heimdal_version);
 164
 165     argc -= optind;
 166     argv += optind;
 167
 168     if (config_file == NULL)
 169         config_file = HDB_DB_DIR "/kdc.conf";
 170
 171     if(krb5_config_parse_file(config_file, &cf) == 0) {
 172         const char *p = krb5_config_get_string (cf, "kdc", "key-file", NULL);
 173         if (p)
 174             keyfile = strdup(p);
 175     }
 176
 177     memset(&conf, 0, sizeof(conf));
 178     if(realm) {
 179         krb5_set_default_realm(context, realm); /* XXX should be fixed
 180                                                    some other way */
 181         conf.realm = realm;
 182         conf.mask |= KADM5_CONFIG_REALM;
 183     }
 184
 185     conf.admin_server = admin_server;
 186     conf.mask |= KADM5_CONFIG_ADMIN_SERVER;
 187
 188     if(local_flag){
 189         ret = kadm5_s_init_with_password_ctx(context,
 190                                              KADM5_ADMIN_SERVICE,
 191                                              "password",
 192                                              KADM5_ADMIN_SERVICE,
 193                                              &conf, 0, 0,
 194                                              &kadm_handle);
 195         cmd = commands;
 196     } else {
 197         ret = kadm5_c_init_with_password_ctx(context,
 198                                              /* XXX these are not used */
 199                                              "client",
 200                                              "password",
 201                                              KADM5_ADMIN_SERVICE,
 202                                              &conf, 0, 0,
 203                                              &kadm_handle);
 204         cmd = commands + 4; /* XXX */
 205     }
 206
 207     if(ret)
 208         krb5_err(context, 1, ret, "kadm5_init_with_password");
 209     if (argc != 0)
 210         exit(sl_command(cmd, argc, argv));
 211
 212     ret = sl_loop(cmd, "kadmin> ") != 0;
 213     kadm5_destroy(kadm_handle);
 214     krb5_free_context(context);
 215     return ret;
 216 }