[moira.git] / update / ticket.c

/* $Id$
 *
 * Copyright (C) 1988-1998 by the Massachusetts Institute of Technology.
 * For copying and distribution information, please see the file
 * <mit-copyright.h>.
 */

#include <mit-copyright.h>
#include <moira.h>

#include <sys/stat.h>

#include <stdio.h>
#include <string.h>

#include <krb.h>
#include <krb5.h>
#include <update.h>

RCSID("$Header$");

static char realm[REALM_SZ];
static char master[INST_SZ] = "sms";
static char service[ANAME_SZ] = "rcmd";
des_cblock session;
krb5_context context = NULL;

static int get_mr_tgt(void);

int get_mr_krb5_update_ticket(char *host, krb5_data auth)
{
  krb5_auth_context auth_con = NULL;
  krb5_ccache ccache = NULL;
  krb5_error_code code;

  code = krb5_init_context(&context);
  if (code)
    goto out;

  code = krb5_auth_con_init(context, &auth_con);
  if (code)
    goto out;

  code = krb5_cc_default(context, &ccache);
  if (code)
    goto out;

  code = krb5_mk_req(context, &auth_con, 0, "host", host, NULL, ccache,
		     &auth);

 out:
  if (ccache)
    krb5_cc_close(context, ccache);
  if (auth_con)
    krb5_auth_con_free(context, auth_con);
  return code;
}

int get_mr_update_ticket(char *host, KTEXT ticket)
{
  int code, pass;
  char phost[BUFSIZ];
  CREDENTIALS cr;

  pass = 1;
  if (krb_get_lrealm(realm, 1))
    strcpy(realm, KRB_REALM);
  strcpy(phost, (char *)krb_get_phost(host));

try_it:
  code = krb_mk_req(ticket, service, phost, realm, (long)0);
  if (code)
    {
      if (pass == 1)
	{
	  /* maybe we're taking too long? */
	  if ((code = get_mr_tgt()))
	    {
	      com_err(whoami, code, "can't get Kerberos TGT");
	      return code;
	    }
	  pass++;
	  goto try_it;
	}
      code += ERROR_TABLE_BASE_krb;
      com_err(whoami, code, "in krb_mk_req");
    }
  else
    {
      code = krb_get_cred(service, phost, realm, &cr);
      if (code)
	code += ERROR_TABLE_BASE_krb;
      memcpy(session, cr.session, sizeof(session));
    }
  return code;
}

static int get_mr_tgt(void)
{
  int code;
  char linst[INST_SZ], kinst[INST_SZ];

  linst[0] = '\0';
  strcpy(kinst, "krbtgt");
  code = krb_get_svc_in_tkt(master, linst, realm, kinst, realm,
			    DEFAULT_TKT_LIFE, KEYFILE);
  if (!code)
    return 0;
  else
    return code + ERROR_TABLE_BASE_krb;
}
Commit	Line	Data
7ac48069	1	/* $Id$
	2	*
	3	* Copyright (C) 1988-1998 by the Massachusetts Institute of Technology.
	4	* For copying and distribution information, please see the file
	5	* <mit-copyright.h>.
de56407f	6	*/
de56407f	7
546bc43b	8	#include <mit-copyright.h>
7ac48069	9	#include <moira.h>
7ac48069	10
de56407f	11	#include <sys/stat.h>
7ac48069	12
7ac48069	13	#include <stdio.h>
a6e20de8	14	#include <string.h>
7ac48069	15
7ac48069	16	#include <krb.h>
991417e4	17	#include <krb5.h>
5c87ce34	18	#include <update.h>
7ac48069	19
7ac48069	20	RCSID("$Header$");
de56407f	21
de56407f	22	static char realm[REALM_SZ];
b95ec814	23	static char master[INST_SZ] = "sms";
b95ec814	24	static char service[ANAME_SZ] = "rcmd";
85330553	25	des_cblock session;
991417e4	26	krb5_context context = NULL;
de56407f	27
85330553	28	static int get_mr_tgt(void);
de56407f	29
991417e4	30	int get_mr_krb5_update_ticket(char *host, krb5_data auth)
	31	{
	32	krb5_auth_context auth_con = NULL;
	33	krb5_ccache ccache = NULL;
	34	krb5_error_code code;
	35
	36	code = krb5_init_context(&context);
	37	if (code)
	38	goto out;
	39
	40	code = krb5_auth_con_init(context, &auth_con);
	41	if (code)
	42	goto out;
	43
	44	code = krb5_cc_default(context, &ccache);
	45	if (code)
	46	goto out;
	47
548fc1f0	48	code = krb5_mk_req(context, &auth_con, 0, "host", host, NULL, ccache,
991417e4	49	&auth);
	50
	51	out:
	52	if (ccache)
	53	krb5_cc_close(context, ccache);
	54	if (auth_con)
	55	krb5_auth_con_free(context, auth_con);
	56	return code;
	57	}
	58
5eaef520	59	int get_mr_update_ticket(char *host, KTEXT ticket)
de56407f	60	{
85330553	61	int code, pass;
5eaef520	62	char phost[BUFSIZ];
5eaef520	63	CREDENTIALS cr;
de56407f	64
5eaef520	65	pass = 1;
85330553	66	if (krb_get_lrealm(realm, 1))
85330553	67	strcpy(realm, KRB_REALM);
5eaef520	68	strcpy(phost, (char *)krb_get_phost(host));
85330553	69
5eaef520	70	try_it:
	71	code = krb_mk_req(ticket, service, phost, realm, (long)0);
	72	if (code)
	73	{
	74	if (pass == 1)
	75	{
	76	/* maybe we're taking too long? */
	77	if ((code = get_mr_tgt()))
	78	{
	79	com_err(whoami, code, "can't get Kerberos TGT");
	80	return code;
	81	}
	82	pass++;
	83	goto try_it;
	84	}
	85	code += ERROR_TABLE_BASE_krb;
	86	com_err(whoami, code, "in krb_mk_req");
	87	}
	88	else
	89	{
	90	code = krb_get_cred(service, phost, realm, &cr);
	91	if (code)
	92	code += ERROR_TABLE_BASE_krb;
	93	memcpy(session, cr.session, sizeof(session));
	94	}
	95	return code;
de56407f	96	}
de56407f	97
85330553	98	static int get_mr_tgt(void)
de56407f	99	{
44d12d58	100	int code;
5eaef520	101	char linst[INST_SZ], kinst[INST_SZ];
b95ec814	102
5eaef520	103	linst[0] = '\0';
	104	strcpy(kinst, "krbtgt");
	105	code = krb_get_svc_in_tkt(master, linst, realm, kinst, realm,
91519120	106	DEFAULT_TKT_LIFE, KEYFILE);
5eaef520	107	if (!code)
	108	return 0;
	109	else
	110	return code + ERROR_TABLE_BASE_krb;
de56407f	111	}