[moira.git] / server / mr_sauth.c

/*
 *	$Source$
 *	$Author$
 *	$Header$
 *
 *	Copyright (C) 1987 by the Massachusetts Institute of Technology
 *	For copying and distribution information, please see the file
 *	<mit-copyright.h>.
 *
 */

#ifndef lint
static char *rcsid_sms_sauth_c = "$Header$";
#endif lint

#include <mit-copyright.h>
#include <strings.h>
#include "sms_server.h"
#include <krb_et.h>

extern char buf1[];
extern char *whoami;
extern char *malloc();

char *kname_unparse();

/*
 * Handle a SMS_AUTH RPC request.
 *
 * argv[0] is a kerberos authenticator.  Decompose it, and if
 * successful, store the name the user authenticated to in 
 * cl->cl_name.
 */

void
do_auth(cl)
	client *cl;
{
	KTEXT_ST auth;
	AUTH_DAT ad;
	int status, ok;
	char buf[REALM_SZ+INST_SZ+ANAME_SZ];
	
	auth.length = cl->args->sms_argl[0];
	bcopy(cl->args->sms_argv[0], (char *)auth.dat, auth.length);
	auth.mbz = 0;
	
	if ((status = krb_rd_req (&auth, "sms", "sms", cl->haddr.sin_addr,
				 &ad, "")) != 0) {
		status += ERROR_TABLE_BASE_krb;
		cl->reply.sms_status = status;
		if (log_flags & LOG_RES)
			com_err(whoami, status, "(authentication failed)");
		return;
	}

	bcopy(ad.pname, cl->kname.name, ANAME_SZ);
	bcopy(ad.pinst, cl->kname.inst, INST_SZ);
	bcopy(ad.prealm, cl->kname.realm, REALM_SZ);
	strcpy(cl->clname, kname_unparse(ad.pname, ad.pinst, ad.prealm));

	if (ad.pinst[0] == 0 && !strcmp(ad.prealm, krb_realm))
	  ok = 1;
	else
	  ok = 0;
	/* this is in a separate function because it accesses the database */
	set_krb_mapping(cl->clname, ad.pname, ok,
			&cl->client_id, &cl->users_id);

	if (cl->args->sms_version_no == SMS_VERSION_2) {
	    bcopy(cl->args->sms_argv[1], cl->entity, 8);
	    cl->entity[8] = 0;
	} else {
	    strcpy(cl->entity, "???");
	}
	bzero(&ad, sizeof(ad));	/* Clean up session key, etc. */

	if (log_flags & LOG_RES)
	    com_err(whoami, 0, "Auth to %s using %s, uid %d cid %d",
		    cl->clname, cl->entity, cl->users_id, cl->client_id);
	if (cl->users_id == 0)
	  cl->reply.sms_status = SMS_USER_AUTH;
}


/* Turn a principal, instance, realm triple into a single non-ambiguous 
 * string.  This is the inverse of kname_parse().  It returns a pointer
 * to a static buffer, or NULL on error.
 */

char *kname_unparse(p, i, r)
char *p;
char *i;
char *r;
{
    static char name[MAX_K_NAME_SZ];
    char *s;

    s = name;
    if (!p || strlen(p) > ANAME_SZ)
      return(NULL);
    while (*p) {
	switch (*p) {
	case '@':
	    *s++ = '\\';
	    *s++ = '@';
	    break;
	case '.':
	    *s++ = '\\';
	    *s++ = '.';
	    break;
	case '\\':
	    *s++ = '\\';
	    *s++ = '\\';
	    break;
	default:
	    *s++ = *p;
	}
	p++;
    }
    if (i && *i) {
	if (strlen(i) > INST_SZ)
	  return(NULL);
	*s++ = '.';
	while (*i) {
	    switch (*i) {
	    case '@':
		*s++ = '\\';
		*s++ = '@';
		break;
	    case '.':
		*s++ = '\\';
		*s++ = '.';
		break;
	    case '\\':
		*s++ = '\\';
		*s++ = '\\';
		break;
	    default:
		*s++ = *i;
	    }
	    i++;
	}
    }
    *s++ = '@';
    if (!r || strlen(r) > REALM_SZ)
      return(NULL);
    while (*r) {
	switch (*r) {
	case '@':
	    *s++ = '\\';
	    *s++ = '@';
	    break;
	case '\\':
	    *s++ = '\\';
	    *s++ = '\\';
	    break;
	default:
	    *s++ = *r;
	}
	r++;
    }
    *s = '\0';
    return(&name[0]);
}
Commit	Line	Data
a3cf6921	1	/*
	2	* $Source$
	3	* $Author$
	4	* $Header$
	5	*
	6	* Copyright (C) 1987 by the Massachusetts Institute of Technology
c801de4c	7	* For copying and distribution information, please see the file
c801de4c	8	* <mit-copyright.h>.
a3cf6921	9	*
a3cf6921	10	*/
	11
	12	#ifndef lint
	13	static char *rcsid_sms_sauth_c = "$Header$";
	14	#endif lint
	15
c801de4c	16	#include <mit-copyright.h>
a3cf6921	17	#include <strings.h>
a3cf6921	18	#include "sms_server.h"
40165bd0	19	#include <krb_et.h>
a3cf6921	20
	21	extern char buf1[];
	22	extern char *whoami;
	23	extern char *malloc();
	24
c1665e6d	25	char *kname_unparse();
c1665e6d	26
a3cf6921	27	/*
	28	* Handle a SMS_AUTH RPC request.
	29	*
	30	* argv[0] is a kerberos authenticator. Decompose it, and if
	31	* successful, store the name the user authenticated to in
	32	* cl->cl_name.
	33	*/
	34
	35	void
	36	do_auth(cl)
	37	client *cl;
	38	{
	39	KTEXT_ST auth;
	40	AUTH_DAT ad;
c1665e6d	41	int status, ok;
a3cf6921	42	char buf[REALM_SZ+INST_SZ+ANAME_SZ];
23e476e8	43
a3cf6921	44	auth.length = cl->args->sms_argl[0];
	45	bcopy(cl->args->sms_argv[0], (char *)auth.dat, auth.length);
	46	auth.mbz = 0;
	47
90021a6f	48	if ((status = krb_rd_req (&auth, "sms", "sms", cl->haddr.sin_addr,
40165bd0	49	&ad, "")) != 0) {
40165bd0	50	status += ERROR_TABLE_BASE_krb;
a3cf6921	51	cl->reply.sms_status = status;
060e9c63	52	if (log_flags & LOG_RES)
060e9c63	53	com_err(whoami, status, "(authentication failed)");
a3cf6921	54	return;
a3cf6921	55	}
c1665e6d	56
8a36ddfe	57	bcopy(ad.pname, cl->kname.name, ANAME_SZ);
	58	bcopy(ad.pinst, cl->kname.inst, INST_SZ);
	59	bcopy(ad.prealm, cl->kname.realm, REALM_SZ);
c1665e6d	60	strcpy(cl->clname, kname_unparse(ad.pname, ad.pinst, ad.prealm));
90021a6f	61
c1665e6d	62	if (ad.pinst[0] == 0 && !strcmp(ad.prealm, krb_realm))
	63	ok = 1;
	64	else
	65	ok = 0;
	66	/* this is in a separate function because it accesses the database */
	67	set_krb_mapping(cl->clname, ad.pname, ok,
	68	&cl->client_id, &cl->users_id);
90021a6f	69
90021a6f	70	if (cl->args->sms_version_no == SMS_VERSION_2) {
c1665e6d	71	bcopy(cl->args->sms_argv[1], cl->entity, 8);
c1665e6d	72	cl->entity[8] = 0;
90021a6f	73	} else {
c1665e6d	74	strcpy(cl->entity, "???");
060e9c63	75	}
c0d41186	76	bzero(&ad, sizeof(ad)); /* Clean up session key, etc. */
90021a6f	77
90021a6f	78	if (log_flags & LOG_RES)
c1665e6d	79	com_err(whoami, 0, "Auth to %s using %s, uid %d cid %d",
c1665e6d	80	cl->clname, cl->entity, cl->users_id, cl->client_id);
054523f7	81	if (cl->users_id == 0)
054523f7	82	cl->reply.sms_status = SMS_USER_AUTH;
a3cf6921	83	}
c1665e6d	84
	85
	86	/* Turn a principal, instance, realm triple into a single non-ambiguous
	87	* string. This is the inverse of kname_parse(). It returns a pointer
	88	* to a static buffer, or NULL on error.
	89	*/
	90
	91	char *kname_unparse(p, i, r)
	92	char *p;
	93	char *i;
	94	char *r;
	95	{
	96	static char name[MAX_K_NAME_SZ];
	97	char *s;
	98
	99	s = name;
	100	if (!p \|\| strlen(p) > ANAME_SZ)
	101	return(NULL);
	102	while (*p) {
	103	switch (*p) {
	104	case '@':
	105	*s++ = '\\';
	106	*s++ = '@';
	107	break;
	108	case '.':
	109	*s++ = '\\';
	110	*s++ = '.';
	111	break;
	112	case '\\':
	113	*s++ = '\\';
	114	*s++ = '\\';
	115	break;
	116	default:
	117	s++ = p;
	118	}
	119	p++;
	120	}
	121	if (i && *i) {
	122	if (strlen(i) > INST_SZ)
	123	return(NULL);
	124	*s++ = '.';
	125	while (*i) {
	126	switch (*i) {
	127	case '@':
	128	*s++ = '\\';
	129	*s++ = '@';
	130	break;
	131	case '.':
	132	*s++ = '\\';
	133	*s++ = '.';
	134	break;
	135	case '\\':
	136	*s++ = '\\';
	137	*s++ = '\\';
	138	break;
	139	default:
	140	s++ = i;
	141	}
	142	i++;
	143	}
	144	}
	145	*s++ = '@';
	146	if (!r \|\| strlen(r) > REALM_SZ)
	147	return(NULL);
148	while (*r) {
149	switch (*r) {
150	case '@':
151	*s++ = '\\';
152	*s++ = '@';
153	break;
154	case '\\':
155	*s++ = '\\';
156	*s++ = '\\';
157	break;
158	default:
159	s++ = r;
160	}
161	r++;
162	}
163	*s = '\0';
164	return(&name[0]);
165	}