sssd_krb5_locator_plugin.c revision 4a6a5421113ab662a665c62ed6a24b61a5a36950
6b26240dca29e026900a83d51c75ca230a072a16Thiemo Wiedemeyer Sumit Bose <sbose@redhat.com>
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer Copyright (C) 2009 Red Hat
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer This program is free software; you can redistribute it and/or modify
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer it under the terms of the GNU General Public License as published by
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer the Free Software Foundation; either version 3 of the License, or
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer (at your option) any later version.
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer This program is distributed in the hope that it will be useful,
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer but WITHOUT ANY WARRANTY; without even the implied warranty of
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer GNU General Public License for more details.
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer You should have received a copy of the GNU General Public License
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer along with this program. If not, see <http://www.gnu.org/licenses/>.
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer#define SSSD_KRB5_LOCATOR_DEBUG "SSSD_KRB5_LOCATOR_DEBUG"
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyerstatic int get_krb5info(const char *realm, struct sssd_ctx *ctx,
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer PLUGIN_DEBUG(("Unsupported service [%d].\n", svc));
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer ret = snprintf(krb5info_name, len, name_tmpl, realm);
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer PLUGIN_DEBUG(("open failed [%d][%s].\n", errno, strerror(errno)));
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer while (len != 0 && (ret = read(fd, p, len)) != 0) {
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer if (errno == EINTR || errno == EAGAIN) continue;
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer PLUGIN_DEBUG(("read failed [%d][%s].\n", errno, strerror(errno)));
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer PLUGIN_DEBUG(("Content of krb5info file [%s] is [%d] or larger.\n",
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer PLUGIN_DEBUG(("Found [%s] in [%s].\n", buf, krb5info_name));
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer PLUGIN_DEBUG(("strtol failed on [%s]: [%d][%s], "
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer "assuming default.\n", port_str, ret, strerror(ret)));
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer PLUGIN_DEBUG(("Found additional characters [%s] in port number "
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer "[%s], assuming default.\n", endptr, port_str));
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer PLUGIN_DEBUG(("Illegal port number [%d], assuming default.\n",
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer PLUGIN_DEBUG(("Illegal port number [%s], assuming default.\n",
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer PLUGIN_DEBUG(("Unsupported service [%d].\n", svc));
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyerkrb5_error_code sssd_krb5_locator_init(krb5_context context,
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer if (ctx == NULL) return KRB5_PLUGIN_NO_HANDLE;
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer PLUGIN_DEBUG(("sssd_krb5_locator_init called\n"));
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyervoid sssd_krb5_locator_close(void *private_data)
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer PLUGIN_DEBUG(("sssd_krb5_locator_close called\n"));
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyerkrb5_error_code sssd_krb5_locator_lookup(void *private_data,
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer int (*cbfunc)(void *, int, struct sockaddr *),
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer if (private_data == NULL) return KRB5_PLUGIN_NO_HANDLE;
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer if (ctx->sssd_realm == NULL || strcmp(ctx->sssd_realm, realm) != 0) {
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer ret = get_krb5info(realm, ctx, locate_service_kdc);
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer if (svc == locate_service_kadmin || svc == locate_service_kpasswd ||
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer ret = get_krb5info(realm, ctx, locate_service_kpasswd);
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer PLUGIN_DEBUG(("reading kpasswd address failed, "
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer "using kdc address.\n"));
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer ctx->kpasswd_addr = strdup(ctx->kdc_addr);
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer PLUGIN_DEBUG(("sssd_realm[%s] requested realm[%s] family[%d] socktype[%d] "
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer "locate_service[%d]\n", ctx->sssd_realm, realm, family,
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer port = ctx->kdc_port ? ctx->kdc_port : DEFAULT_KERBEROS_PORT;
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer port = ctx->kpasswd_port ? ctx->kpasswd_port : DEFAULT_KPASSWD_PORT;
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer ret = snprintf(port_str, PORT_STR_SIZE-1, "%u", port);
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer if (ret < 0 || ret >= (PORT_STR_SIZE-1)) {
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer memset(&ai_hints, 0, sizeof(struct addrinfo));
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer ai_hints.ai_flags = AI_NUMERICHOST|AI_NUMERICSERV;
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer ret = getaddrinfo(addr, port_str, &ai_hints, &ai);
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer PLUGIN_DEBUG(("getaddrinfo failed [%d][%s].\n", ret,
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer PLUGIN_DEBUG(("getaddrinfo failed [%d][%s].\n", errno,
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer PLUGIN_DEBUG(("addr[%s:%s] family[%d] socktype[%d]\n", addr, port_str,
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer if ((family == AF_UNSPEC || ai->ai_family == family) &&
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer ret = cbfunc(cbdata, socktype, ai->ai_addr);
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyerconst krb5plugin_service_locate_ftable service_locator = {
53e76316f409f6b1b57ed3d2e5cb9cfe1cb511e5Thiemo Wiedemeyer 0, /* version */