kerberos/kerberosd_main.cc - mirrors/cros/chromiumos/platform2 - Git at Google

 // Copyright 2019 The Chromium OS Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #include <string>

 #include <base/logging.h>
 #include <base/run_loop.h>
 #include <base/strings/stringprintf.h>
 #include <brillo/syslog_logging.h>
 #include <libpasswordprovider/password_provider.h>
 #include "base/command_line.h"

 #include "kerberos/account_manager.h"
 #include "kerberos/error_strings.h"
 #include "kerberos/kerberos_daemon.h"
 #include "kerberos/kerberos_metrics.h"
 #include "kerberos/krb5_interface_impl.h"
 #include "kerberos/krb5_jail_wrapper.h"

 namespace kerberos {
 namespace {

 int AddAccount(AccountManager* mgr,
                const std::string& principal,
                const std::string& password) {
   constexpr char kKrb5ConfData[] = R"([libdefaults]
     default_tgs_enctypes = aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96
     default_tkt_enctypes = aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96
     permitted_enctypes = aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96)";

   ErrorType error = mgr->AddAccount(principal, false);
   CHECK_EQ(ERROR_NONE, error);
   error = mgr->SetConfig(principal, kKrb5ConfData);
   CHECK_EQ(ERROR_NONE, error);
   error = mgr->AcquireTgt(principal, password, false, false);
   LOG(ERROR) << "AcquireTgt -> " << GetErrorString(error);
   return error == ERROR_NONE ? 0 : 1;
 }

 int RemoveAccount(AccountManager* mgr, const std::string& principal) {
   ErrorType error = mgr->RemoveAccount(principal);
   return error == ERROR_NONE ? 0 : 1;
 }

 int ListAccounts(AccountManager* mgr) {
   std::vector<Account> accounts;
   ErrorType error = mgr->ListAccounts(&accounts);
   LOG(ERROR) << "ListAccounts -> " << GetErrorString(error);
   LOG(ERROR) << "Listing " << accounts.size() << " accounts";
   for (const auto& account : accounts) {
     LOG(INFO) << account.principal_name() << " conf=" << account.krb5conf()
               << " valid=" << account.tgt_validity_seconds()
               << " renewal=" << account.tgt_renewal_seconds();
   }
   return 0;
 }

 void OnFilesChanged(const std::string& principal_name) {}
 void OnTicketExpiring(const std::string& principal_name) {}

 int HandleCommandLine(int argc, char* argv[]) {
   base::MessageLoop loop_;
   char option = argv[1][0];
   const base::FilePath storage_dir("/tmp");
   KerberosMetrics metrics(storage_dir);
   AccountManager mgr(
       storage_dir, base::BindRepeating(&OnFilesChanged),
       base::BindRepeating(&OnTicketExpiring),
       std::make_unique<Krb5JailWrapper>(std::make_unique<Krb5InterfaceImpl>()),
       std::make_unique<password_provider::PasswordProvider>(), &metrics);

   switch (option) {
     case 'a':
       // Add account
       if (argc <= 3) {
         LOG(ERROR) << "AcquireTgt. Usage: kerberosd a <principal> <password>";
         return 1;
       }

       return AddAccount(&mgr, argv[2], argv[3]) || ListAccounts(&mgr);

     case 'r':
       // Remove accounts
       if (argc <= 2) {
         LOG(ERROR) << "RemoveAccount. Usage: kerberosd r <principal>";
         return 1;
       }
       return RemoveAccount(&mgr, argv[2]);

     case 'l':
       // List accounts
       if (argc <= 1) {
         LOG(ERROR) << "ListAccounts. Usage: kerberosd l";
         return 1;
       }
       return ListAccounts(&mgr);
   }

   LOG(ERROR) << "Unknown option '" << option << "'. Should be 'a' or 'l'.";
   return 1;
 }

 }  // namespace
 }  // namespace kerberos

 int main(int argc, char* argv[]) {
   base::CommandLine::Init(argc, argv);
   brillo::OpenLog("kerberosd", true /* log_pid */);
   brillo::InitLog(brillo::kLogToSyslog | brillo::kLogToStderrIfTty |
                   brillo::kLogToStderr);

   if (argc > 1 && strchr("arl", argv[1][0]))
     return kerberos::HandleCommandLine(argc, argv);

   // Run daemon.
   LOG(INFO) << "kerberosd starting";
   kerberos::KerberosDaemon daemon;
   int result = daemon.Run();
   LOG(INFO) << "kerberosd stopping with exit code " << result;

   return result;
 }
	// Copyright 2019 The Chromium OS Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#include <string>

	#include <base/logging.h>
	#include <base/run_loop.h>
	#include <base/strings/stringprintf.h>
	#include <brillo/syslog_logging.h>
	#include <libpasswordprovider/password_provider.h>
	#include "base/command_line.h"

	#include "kerberos/account_manager.h"
	#include "kerberos/error_strings.h"
	#include "kerberos/kerberos_daemon.h"
	#include "kerberos/kerberos_metrics.h"
	#include "kerberos/krb5_interface_impl.h"
	#include "kerberos/krb5_jail_wrapper.h"

	namespace kerberos {
	namespace {

	int AddAccount(AccountManager* mgr,
	const std::string& principal,
	const std::string& password) {
	constexpr char kKrb5ConfData[] = R"([libdefaults]
	default_tgs_enctypes = aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96
	default_tkt_enctypes = aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96
	permitted_enctypes = aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96)";

	ErrorType error = mgr->AddAccount(principal, false);
	CHECK_EQ(ERROR_NONE, error);
	error = mgr->SetConfig(principal, kKrb5ConfData);
	CHECK_EQ(ERROR_NONE, error);
	error = mgr->AcquireTgt(principal, password, false, false);
	LOG(ERROR) << "AcquireTgt -> " << GetErrorString(error);
	return error == ERROR_NONE ? 0 : 1;
	}

	int RemoveAccount(AccountManager* mgr, const std::string& principal) {
	ErrorType error = mgr->RemoveAccount(principal);
	return error == ERROR_NONE ? 0 : 1;
	}

	int ListAccounts(AccountManager* mgr) {
	std::vector<Account> accounts;
	ErrorType error = mgr->ListAccounts(&accounts);
	LOG(ERROR) << "ListAccounts -> " << GetErrorString(error);
	LOG(ERROR) << "Listing " << accounts.size() << " accounts";
	for (const auto& account : accounts) {
	LOG(INFO) << account.principal_name() << " conf=" << account.krb5conf()
	<< " valid=" << account.tgt_validity_seconds()
	<< " renewal=" << account.tgt_renewal_seconds();
	}
	return 0;
	}

	void OnFilesChanged(const std::string& principal_name) {}
	void OnTicketExpiring(const std::string& principal_name) {}

	int HandleCommandLine(int argc, char* argv[]) {
	base::MessageLoop loop_;
	char option = argv[1][0];
	const base::FilePath storage_dir("/tmp");
	KerberosMetrics metrics(storage_dir);
	AccountManager mgr(
	storage_dir, base::BindRepeating(&OnFilesChanged),
	base::BindRepeating(&OnTicketExpiring),
	std::make_unique<Krb5JailWrapper>(std::make_unique<Krb5InterfaceImpl>()),
	std::make_unique<password_provider::PasswordProvider>(), &metrics);

	switch (option) {
	case 'a':
	// Add account
	if (argc <= 3) {
	LOG(ERROR) << "AcquireTgt. Usage: kerberosd a <principal> <password>";
	return 1;
	}

	return AddAccount(&mgr, argv[2], argv[3]) \|\| ListAccounts(&mgr);

	case 'r':
	// Remove accounts
	if (argc <= 2) {
	LOG(ERROR) << "RemoveAccount. Usage: kerberosd r <principal>";
	return 1;
	}
	return RemoveAccount(&mgr, argv[2]);

	case 'l':
	// List accounts
	if (argc <= 1) {
	LOG(ERROR) << "ListAccounts. Usage: kerberosd l";
	return 1;
	}
	return ListAccounts(&mgr);
	}

	LOG(ERROR) << "Unknown option '" << option << "'. Should be 'a' or 'l'.";
	return 1;
	}

	} // namespace
	} // namespace kerberos

	int main(int argc, char* argv[]) {
	base::CommandLine::Init(argc, argv);
	brillo::OpenLog("kerberosd", true /* log_pid */);
	brillo::InitLog(brillo::kLogToSyslog \| brillo::kLogToStderrIfTty \|
	brillo::kLogToStderr);

	if (argc > 1 && strchr("arl", argv[1][0]))
	return kerberos::HandleCommandLine(argc, argv);

	// Run daemon.
	LOG(INFO) << "kerberosd starting";
	kerberos::KerberosDaemon daemon;
	int result = daemon.Run();
	LOG(INFO) << "kerberosd stopping with exit code " << result;

	return result;
	}