kdb_incr_result_t * iprop_get_updates_1_svc(kdb_last_t *arg, struct svc_req *rqstp) { static kdb_incr_result_t ret; char *whoami = "iprop_get_updates_1"; int kret; kadm5_server_handle_t handle = global_server_handle; char *client_name = 0, *service_name = 0; char obuf[256] = {0}; /* default return code */ ret.ret = UPDATE_ERROR; DPRINT(("%s: start, last_sno=%lu\n", whoami, (unsigned long) arg->last_sno)); if (!handle) { krb5_klog_syslog(LOG_ERR, _("%s: server handle is NULL"), whoami); goto out; } { gss_buffer_desc client_desc, service_desc; if (setup_gss_names(rqstp, &client_desc, &service_desc) < 0) { krb5_klog_syslog(LOG_ERR, _("%s: setup_gss_names failed"), whoami); goto out; } client_name = buf_to_string(&client_desc); service_name = buf_to_string(&service_desc); if (client_name == NULL || service_name == NULL) { free(client_name); free(service_name); krb5_klog_syslog(LOG_ERR, "%s: out of memory recording principal names", whoami); goto out; } } DPRINT(("%s: clprinc=`%s'\n\tsvcprinc=`%s'\n", whoami, client_name, service_name)); if (!kadm5int_acl_check(handle->context, rqst2name(rqstp), ACL_IPROP, NULL, NULL)) { ret.ret = UPDATE_PERM_DENIED; krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, whoami, "<null>", client_name, service_name, client_addr(rqstp)); goto out; } kret = ulog_get_entries(handle->context, *arg, &ret); if (ret.ret == UPDATE_OK) { (void) snprintf(obuf, sizeof (obuf), _("%s; Incoming SerialNo=%lu; Outgoing SerialNo=%lu"), replystr(ret.ret), (unsigned long)arg->last_sno, (unsigned long)ret.lastentry.last_sno); } else { (void) snprintf(obuf, sizeof (obuf), _("%s; Incoming SerialNo=%lu; Outgoing SerialNo=N/A"), replystr(ret.ret), (unsigned long)arg->last_sno); } krb5_klog_syslog(LOG_NOTICE, LOG_DONE, whoami, obuf, ((kret == 0) ? "success" : error_message(kret)), client_name, service_name, client_addr(rqstp)); out: if (nofork) debprret(whoami, ret.ret, ret.lastentry.last_sno); free(client_name); free(service_name); return (&ret); }
kdb_incr_result_t * iprop_get_updates_1(kdb_last_t *arg, struct svc_req *rqstp) { static kdb_incr_result_t ret; char *whoami = "iprop_get_updates_1"; int kret; kadm5_server_handle_t handle = global_server_handle; char *client_name = NULL, *service_name = NULL; gss_name_t name = NULL; OM_uint32 min_stat; char obuf[256] = {0}; /* default return code */ ret.ret = UPDATE_ERROR; DPRINT(("%s: start, last_sno=%u\n", whoami, (ulong_t)arg->last_sno)); if (!handle) { krb5_klog_syslog(LOG_ERR, gettext("%s: server handle is NULL"), whoami); goto out; } if (setup_gss_names(rqstp, &client_name, &service_name) < 0) { krb5_klog_syslog(LOG_ERR, gettext("%s: setup_gss_names failed"), whoami); goto out; } DPRINT(("%s: clprinc=`%s'\n\tsvcprinc=`%s'\n", whoami, client_name, service_name)); if (!(name = get_clnt_name(rqstp))) { krb5_klog_syslog(LOG_ERR, gettext("%s: Couldn't obtain client's name"), whoami); goto out; } if (!kadm5int_acl_check(handle->context, name, ACL_IPROP, NULL, NULL)) { ret.ret = UPDATE_PERM_DENIED; audit_kadmind_unauth(rqstp->rq_xprt, l_port, whoami, "<null>", client_name); krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, whoami, "<null>", client_name, service_name, client_addr(rqstp, abuf)); goto out; } kret = ulog_get_entries(handle->context, *arg, &ret); if (ret.ret == UPDATE_OK) { (void) snprintf(obuf, sizeof (obuf), gettext("%s; Incoming SerialNo=%u; Outgoing SerialNo=%u"), replystr(ret.ret), (ulong_t)arg->last_sno, (ulong_t)ret.lastentry.last_sno); } else { (void) snprintf(obuf, sizeof (obuf), gettext("%s; Incoming SerialNo=%u; Outgoing SerialNo=N/A"), replystr(ret.ret), (ulong_t)arg->last_sno); } audit_kadmind_auth(rqstp->rq_xprt, l_port, whoami, obuf, client_name, kret); krb5_klog_syslog(LOG_NOTICE, LOG_DONE, whoami, obuf, ((kret == 0) ? "success" : error_message(kret)), client_name, service_name, client_addr(rqstp, abuf)); out: if (nofork) debprret(whoami, ret.ret, ret.lastentry.last_sno); if (client_name) free(client_name); if (service_name) free(service_name); if (name) gss_release_name(&min_stat, &name); return (&ret); }