Merge from branch sun-iprop

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20465 dc483132-0cff-0310-8789-dd5450dbe970

5 files changed, 49 insertions, 5 deletions

diff --git a/src/lib/kadm5/srv/Makefile.in b/src/lib/kadm5/srv/Makefile.in
index 21628bd..9889c1e 100644
--- a/src/lib/kadm5/srv/Makefile.in
+++ b/src/lib/kadm5/srv/Makefile.in
@@ -12,8 +12,8 @@ DEFS=
 ##DOSLIBNAME = libkadm5srv.lib
 
 LIBBASE=kadm5srv
-LIBMAJOR=5
-LIBMINOR=1
+LIBMAJOR=6
+LIBMINOR=0
 STOBJLISTS=../OBJS.ST OBJS.ST
 
 SHLIB_EXPDEPS=\
@@ -191,10 +191,12 @@ server_init.so server_init.po $(OUTPRE)server_init.$(OBJEXT): \
   $(SRCTOP)/include/gssrpc/rename.h $(SRCTOP)/include/gssrpc/rpc.h \
   $(SRCTOP)/include/gssrpc/rpc_msg.h $(SRCTOP)/include/gssrpc/svc.h \
   $(SRCTOP)/include/gssrpc/svc_auth.h $(SRCTOP)/include/gssrpc/xdr.h \
+  $(SRCTOP)/include/iprop.h $(SRCTOP)/include/iprop_hdr.h \
   $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-int-pkinit.h \
   $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \
   $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \
-  $(SRCTOP)/include/kdb.h $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
+  $(SRCTOP)/include/kdb.h $(SRCTOP)/include/kdb_log.h \
+  $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \
   $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \
   $(SRCTOP)/include/socket-utils.h $(srcdir)/../../gssapi/generic/gssapiP_generic.h \
   $(srcdir)/../../gssapi/generic/gssapi_generic.h $(srcdir)/../../gssapi/krb5/gssapiP_krb5.h \
diff --git a/src/lib/kadm5/srv/libkadm5srv.exports b/src/lib/kadm5/srv/libkadm5srv.exports
index 23a4ee1..a4d2156 100644
--- a/src/lib/kadm5/srv/libkadm5srv.exports
+++ b/src/lib/kadm5/srv/libkadm5srv.exports
@@ -161,3 +161,4 @@ xdr_setkey3_arg
 xdr_setkey_arg
 xdr_setv4key_arg
 xdr_ui_4
+kadm5_init_iprop
diff --git a/src/lib/kadm5/srv/server_acl.c b/src/lib/kadm5/srv/server_acl.c
index bcfe35f..6cc9492 100644
--- a/src/lib/kadm5/srv/server_acl.c
+++ b/src/lib/kadm5/srv/server_acl.c
@@ -1,7 +1,7 @@
 /*
  * lib/kadm5/srv/server_acl.c
  *
- * Copyright 1995-2004, 2007 by the Massachusetts Institute of Technology.
+ * Copyright 1995-2004, 2007, 2008 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
  * Export of this software from the United States of America may
@@ -66,6 +66,7 @@ static const aop_t acl_op_table[] = {
     { 'c',	ACL_CHANGEPW },
     { 'i',	ACL_INQUIRE },
     { 'l',	ACL_LIST },
+    { 'p',	ACL_IPROP },
     { 's',	ACL_SETKEY },
     { 'x',	ACL_ALL_MASK },
     { '*',	ACL_ALL_MASK },
diff --git a/src/lib/kadm5/srv/server_acl.h b/src/lib/kadm5/srv/server_acl.h
index 5024730..b0ed0bf 100644
--- a/src/lib/kadm5/srv/server_acl.h
+++ b/src/lib/kadm5/srv/server_acl.h
@@ -1,7 +1,7 @@
 /*
  * lib/kadm5/srv/server_acl.h
  *
- * Copyright 1995-2004, 2007 by the Massachusetts Institute of Technology.
+ * Copyright 1995-2004, 2007, 2008 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
  * Export of this software from the United States of America may
@@ -58,6 +58,7 @@
 /* #define ACL_EXTRACT		64 */
 #define	ACL_LIST		128
 #define ACL_SETKEY		256
+#define ACL_IPROP		512
 #define	ACL_RENAME		(ACL_ADD+ACL_DELETE)
 
 #define	ACL_ALL_MASK		(ACL_ADD	| \
@@ -66,6 +67,7 @@
 				 ACL_CHANGEPW	| \
 				 ACL_INQUIRE	| \
 				 ACL_LIST	| \
+				 ACL_IPROP	| \
 				 ACL_SETKEY)
 
 typedef struct _restriction {
diff --git a/src/lib/kadm5/srv/server_init.c b/src/lib/kadm5/srv/server_init.c
index dbb7ff7..febf79b 100644
--- a/src/lib/kadm5/srv/server_init.c
+++ b/src/lib/kadm5/srv/server_init.c
@@ -4,6 +4,10 @@
  * $Id$
  * $Source$
  */
+/*
+ * Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
+ * Use is subject to license terms.
+ */
 
 #if !defined(lint) && !defined(__CODECENTER__)
 static char *rcsid = "$Header$";
@@ -16,8 +20,10 @@ static char *rcsid = "$Header$";
 #include "k5-int.h"		/* needed for gssapiP_krb5.h */
 #include <kadm5/admin.h>
 #include <krb5.h>
+#include <kdb_log.h>
 #include "server_internal.h"
 #include "osconf.h"
+#include "iprop_hdr.h"
 
 /*
  * Function check_handle
@@ -238,12 +244,26 @@ kadm5_ret_t kadm5_init(char *client_name, char *pass,
 			 KADM5_CONFIG_MAX_LIFE | KADM5_CONFIG_MAX_RLIFE | \
 			 KADM5_CONFIG_EXPIRATION | KADM5_CONFIG_ENCTYPES)
 
+#define IPROP_REQUIRED_PARAMS \
+			(KADM5_CONFIG_IPROP_ENABLED | \
+			 KADM5_CONFIG_IPROP_LOGFILE | \
+			 KADM5_CONFIG_IPROP_PORT)
+
      if ((handle->params.mask & REQUIRED_PARAMS) != REQUIRED_PARAMS) {
 	  krb5_free_context(handle->context);
 	  free_db_args(handle);
 	  free(handle);
 	  return KADM5_MISSING_CONF_PARAMS;
      }
+     if ((handle->params.mask & KADM5_CONFIG_IPROP_ENABLED) == KADM5_CONFIG_IPROP_ENABLED
+	 && handle->params.iprop_enabled) {
+	 if ((handle->params.mask & IPROP_REQUIRED_PARAMS) != IPROP_REQUIRED_PARAMS) {
+	     krb5_free_context(handle->context);
+	     free_db_args(handle);
+	     free(handle);
+	     return KADM5_MISSING_CONF_PARAMS;
+	 }
+     }
 
      ret = krb5_set_default_realm(handle->context, handle->params.realm);
      if (ret) {
@@ -430,3 +450,21 @@ krb5_error_code kadm5_init_krb5_context (krb5_context *ctx)
     }
     return krb5int_init_context_kdc(ctx);
 }
+
+krb5_error_code
+kadm5_init_iprop(void *handle, char **db_args)
+{
+	kadm5_server_handle_t iprop_h;
+	krb5_error_code retval;
+
+	iprop_h = handle;
+	if (iprop_h->params.iprop_enabled) {
+		ulog_set_role(iprop_h->context, IPROP_MASTER);
+		if ((retval = ulog_map(iprop_h->context,
+				       iprop_h->params.iprop_logfile,
+				       iprop_h->params.iprop_ulogsize,
+				       FKCOMMAND, db_args)) != 0)
+			return (retval);
+	}
+	return (0);
+}