From 089b5381630f015cf2e81e8509fa7025eadb4060 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Fri, 3 Jun 2005 14:32:10 +0000
Subject: r7241: The KDC almost links...

Using current lorikeet/heimdal, and with the KDC module enabled (it is
disabled by default), I almost get the KDC to link.

(To enable the KDC for testing, comment out the only line in
smbd/config.m4, and add 'kdc' to the 'server services' line in
smb.conf).
(This used to be commit 26cd4b4f68a370390e08263067402c6c70e49ec8)
---
 source4/kdc/kdc.c | 66 ++++++++++++++++++++++++++++++++++++++++++++++++++-----
 1 file changed, 61 insertions(+), 5 deletions(-)

(limited to 'source4/kdc/kdc.c')

diff --git a/source4/kdc/kdc.c b/source4/kdc/kdc.c
index ae8605467a..8f87852aa7 100644
--- a/source4/kdc/kdc.c
+++ b/source4/kdc/kdc.c
@@ -26,10 +26,10 @@
 #include "lib/events/events.h"
 #include "lib/socket/socket.h"
 #include "kdc/kdc.h"
-
+#include "system/network.h"
 
 /*
-  handle fd events on a cldap_socket
+  handle fd events on a KDC socket
 */
 static void kdc_socket_handler(struct event_context *ev, struct fd_event *fde,
 			       uint16_t flags, void *private)
@@ -37,15 +37,17 @@ static void kdc_socket_handler(struct event_context *ev, struct fd_event *fde,
 	NTSTATUS status;
 	struct kdc_socket *kdc_socket = talloc_get_type(private, struct kdc_socket);
 	if (flags & EVENT_FD_WRITE) {
-		/* this should not happen */
+		/* not sure on write events yet */
 	} else if (flags & EVENT_FD_READ) {
 		TALLOC_CTX *tmp_ctx = talloc_new(kdc_socket);
 		DATA_BLOB blob = data_blob_talloc(tmp_ctx, NULL, 64 * 1024);
+		krb5_data reply;
 		size_t nread;
 		const char *src_addr;
 		int src_port;
+		struct sockaddr_in src_sock_addr;
+		struct ipv4_addr addr;
 
-		DEBUG(0, ("incoming!\n"));
 
 		status = socket_recvfrom(kdc_socket->sock, blob.data, blob.length, &nread, 0,
 					 &src_addr, &src_port);
@@ -58,8 +60,33 @@ static void kdc_socket_handler(struct event_context *ev, struct fd_event *fde,
 		
 		DEBUG(2,("Received krb5 packet of length %d from %s:%d\n", 
 			 blob.length, src_addr, src_port));
-		
 
+		/* TODO:  This really should be in a utility function somewhere */
+		ZERO_STRUCT(src_sock_addr);
+#ifdef HAVE_SOCK_SIN_LEN
+		src_sock_addr.sin_len         = sizeof(src_sock_addr);
+#endif
+		addr                     = interpret_addr2(src_addr);
+		src_sock_addr.sin_addr.s_addr = addr.addr;
+		src_sock_addr.sin_port        = htons(src_port);
+		src_sock_addr.sin_family      = PF_INET;
+
+		/* Call krb5 */
+		if (krb5_kdc_process_krb5_request(kdc_socket->kdc->krb5_context, 
+						  kdc_socket->kdc->config,
+						  blob.data, blob.length, 
+						  &reply,
+						  src_addr,
+						  &src_sock_addr) != -1) {
+			size_t sendlen = reply.length;
+			DATA_BLOB reply_blob;
+			reply_blob.data = reply.data;
+			reply_blob.length = reply.length;
+			socket_sendto(kdc_socket->sock, &reply_blob, &sendlen, 0,
+				      src_addr, src_port);
+			krb5_data_free(&reply);
+		}
+		talloc_free(tmp_ctx);
 	}
 }
 
@@ -88,6 +115,8 @@ static NTSTATUS kdc_add_socket(struct kdc_server *kdc, const char *address)
 				       socket_get_fd(kdc_socket->sock), 0,
 				       kdc_socket_handler, kdc_socket);
 
+	EVENT_FD_READABLE(kdc_socket->fde);
+
 	status = socket_listen(kdc_socket->sock, address, lp_krb5_port(), 0, 0);
 	if (!NT_STATUS_IS_OK(status)) {
 		DEBUG(0,("Failed to bind to %s:%d - %s\n", 
@@ -136,6 +165,7 @@ static void kdc_task_init(struct task_server *task)
 {
 	struct kdc_server *kdc;
 	NTSTATUS status;
+	krb5_error_code ret;
 
 	if (iface_count() == 0) {
 		task_terminate(task, "kdc: no network interfaces configured");
@@ -158,7 +188,33 @@ static void kdc_task_init(struct task_server *task)
 	}
 	krb5_kdc_default_config(kdc->config);
 
+	initialize_krb5_error_table();
+
+	ret = krb5_init_context(&kdc->krb5_context);
+	if (ret) {
+		DEBUG(1,("kdc_task_init: krb5_init_context failed (%s)\n", 
+			 error_message(ret)));
+		task_terminate(task, "kdc: krb5_init_context failed");
+		return; 
+	}
+
 	/* TODO: Fill in the hdb and logging details */
+	kdc_openlog(kdc->krb5_context, kdc->config);
+	
+	kdc->config->db = talloc(kdc->config, struct HDB *);
+	if (!kdc->config->db) {
+		task_terminate(task, "kdc: out of memory");
+		return;
+	}
+	kdc->config->num_db = 1;
+		
+	ret = hdb_ldb_create(kdc->krb5_context, &kdc->config->db[0], lp_sam_url());
+	if (ret != 0) {
+		DEBUG(1, ("kdc_task_init: hdb_ldb_create fails: %s\n", 
+			  smb_get_krb5_error_message(kdc->krb5_context, ret, kdc))); 
+		task_terminate(task, "kdc: hdb_ldb_create failed");
+		return; 
+	}
 
 	/* start listening on the configured network interfaces */
 	status = kdc_startup_interfaces(kdc);
-- 
cgit