kdb_incr_result_t *
iprop_get_updates_1_svc(kdb_last_t *arg, struct svc_req *rqstp)
{
static kdb_incr_result_t ret;
char *whoami = "iprop_get_updates_1";
int kret;
kadm5_server_handle_t handle = global_server_handle;
char *client_name = 0, *service_name = 0;
char obuf[256] = {0};
/* default return code */
ret.ret = UPDATE_ERROR;
DPRINT(("%s: start, last_sno=%lu\n", whoami,
(unsigned long) arg->last_sno));
if (!handle) {
krb5_klog_syslog(LOG_ERR,
_("%s: server handle is NULL"),
whoami);
goto out;
}
{
gss_buffer_desc client_desc, service_desc;
if (setup_gss_names(rqstp, &client_desc, &service_desc) < 0) {
krb5_klog_syslog(LOG_ERR,
_("%s: setup_gss_names failed"),
whoami);
goto out;
}
client_name = buf_to_string(&client_desc);
service_name = buf_to_string(&service_desc);
if (client_name == NULL || service_name == NULL) {
free(client_name);
free(service_name);
krb5_klog_syslog(LOG_ERR,
"%s: out of memory recording principal names",
whoami);
goto out;
}
}
DPRINT(("%s: clprinc=`%s'\n\tsvcprinc=`%s'\n",
whoami, client_name, service_name));
if (!kadm5int_acl_check(handle->context,
rqst2name(rqstp),
ACL_IPROP,
NULL,
NULL)) {
ret.ret = UPDATE_PERM_DENIED;
krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, whoami,
"<null>", client_name, service_name,
client_addr(rqstp));
goto out;
}
kret = ulog_get_entries(handle->context, *arg, &ret);
if (ret.ret == UPDATE_OK) {
(void) snprintf(obuf, sizeof (obuf),
_("%s; Incoming SerialNo=%lu; Outgoing SerialNo=%lu"),
replystr(ret.ret),
(unsigned long)arg->last_sno,
(unsigned long)ret.lastentry.last_sno);
} else {
(void) snprintf(obuf, sizeof (obuf),
_("%s; Incoming SerialNo=%lu; Outgoing SerialNo=N/A"),
replystr(ret.ret),
(unsigned long)arg->last_sno);
}
krb5_klog_syslog(LOG_NOTICE, LOG_DONE, whoami,
obuf,
((kret == 0) ? "success" : error_message(kret)),
client_name, service_name,
client_addr(rqstp));
out:
if (nofork)
debprret(whoami, ret.ret, ret.lastentry.last_sno);
free(client_name);
free(service_name);
return (&ret);
}
kdb_incr_result_t *
iprop_get_updates_1(kdb_last_t *arg, struct svc_req *rqstp)
{
static kdb_incr_result_t ret;
char *whoami = "iprop_get_updates_1";
int kret;
kadm5_server_handle_t handle = global_server_handle;
char *client_name = NULL, *service_name = NULL;
gss_name_t name = NULL;
OM_uint32 min_stat;
char obuf[256] = {0};
/* default return code */
ret.ret = UPDATE_ERROR;
DPRINT(("%s: start, last_sno=%u\n", whoami, (ulong_t)arg->last_sno));
if (!handle) {
krb5_klog_syslog(LOG_ERR,
gettext("%s: server handle is NULL"),
whoami);
goto out;
}
if (setup_gss_names(rqstp, &client_name, &service_name) < 0) {
krb5_klog_syslog(LOG_ERR,
gettext("%s: setup_gss_names failed"),
whoami);
goto out;
}
DPRINT(("%s: clprinc=`%s'\n\tsvcprinc=`%s'\n",
whoami, client_name, service_name));
if (!(name = get_clnt_name(rqstp))) {
krb5_klog_syslog(LOG_ERR,
gettext("%s: Couldn't obtain client's name"),
whoami);
goto out;
}
if (!kadm5int_acl_check(handle->context,
name,
ACL_IPROP,
NULL,
NULL)) {
ret.ret = UPDATE_PERM_DENIED;
audit_kadmind_unauth(rqstp->rq_xprt, l_port,
whoami,
"<null>", client_name);
krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, whoami,
"<null>", client_name, service_name,
client_addr(rqstp, abuf));
goto out;
}
kret = ulog_get_entries(handle->context, *arg, &ret);
if (ret.ret == UPDATE_OK) {
(void) snprintf(obuf, sizeof (obuf),
gettext("%s; Incoming SerialNo=%u; Outgoing SerialNo=%u"),
replystr(ret.ret),
(ulong_t)arg->last_sno,
(ulong_t)ret.lastentry.last_sno);
} else {
(void) snprintf(obuf, sizeof (obuf),
gettext("%s; Incoming SerialNo=%u; Outgoing SerialNo=N/A"),
replystr(ret.ret),
(ulong_t)arg->last_sno);
}
audit_kadmind_auth(rqstp->rq_xprt, l_port,
whoami,
obuf, client_name, kret);
krb5_klog_syslog(LOG_NOTICE, LOG_DONE, whoami,
obuf,
((kret == 0) ? "success" : error_message(kret)),
client_name, service_name,
client_addr(rqstp, abuf));
out:
if (nofork)
debprret(whoami, ret.ret, ret.lastentry.last_sno);
if (client_name)
free(client_name);
if (service_name)
free(service_name);
if (name)
gss_release_name(&min_stat, &name);
return (&ret);
}
