[moira.git] / update / auth_001.c

/*
 *	$Source$
 *	$Header$
 */

#ifndef lint
static char *rcsid_auth_001_c = "$Header$";
#endif	lint

#include <stdio.h>
#include <strings.h>
#include "gdb.h"
#include "smsu_int.h"
#include "kludge.h"
#include <krb.h>
#include <netinet/in.h>
#include <errno.h>

extern char buf[BUFSIZ];
extern int have_authorization;
extern struct sockaddr_in *client_address();
extern CONNECTION conn;
int code;
extern char *PrincipalHostname();
static char service[] = "rcmd";
static char master[] = "sms";
static char qmark[] = "???";

/*
 * authentication request auth_001:
 *
 * >>> (STRING) "auth_001"
 * <<< (int) 0
 * >>> (STRING) ticket
 * <<< (int) code
 *
 */

int
auth_001(str)
     char *str;
{
    STRING data;
    char host[BUFSIZ];
    AUTH_DAT ad;
    char realm[REALM_SZ];
    KTEXT_ST ticket_st;

    if (send_ok())
	lose("sending okay for authorization (auth_001)");
    code = receive_object(conn, (char *)&data, STRING_T);
    if (code) {
	code = connection_errno(conn);
	lose("awaiting Kerberos authenticators");
    }
    gethostname(host, BUFSIZ);
    ticket_st.mbz = 0;
    ticket_st.length = MAX_STRING_SIZE(data);
    bcopy(STRING_DATA(data), ticket_st.dat, MAX_STRING_SIZE(data));
    code = rd_ap_req(&ticket_st, service,
		     PrincipalHostname(host), 0,
		     &ad, "/etc/srvtab");
    if (code) {
	code = krb_err_frob(code);
	strcpy(ad.pname, qmark);
	strcpy(ad.pinst, qmark);
	strcpy(ad.prealm, qmark);
	goto auth_failed;
    }
    if (get_krbrlm(realm,0))
	realm[0] = '\0';
    code = EPERM;
    if (strcmp(master, ad.pname))
	goto auth_failed;
    if (ad.pinst[0] != '\0')
	goto auth_failed;
    if (strcmp(realm, ad.prealm))
	goto auth_failed;
    if (send_ok())
	lose("sending approval of authorization");
    have_authorization = 1;
    return(0);
auth_failed:
    sprintf(buf, "auth for %s.%s@%s failed: %s",
	    ad.pname, ad.pinst, ad.prealm, error_message(code));
    {
	register int rc;
	rc = send_object(conn, (char *)&code, INTEGER_T);
	code = rc;
    }
    if (code)
	lose("sending rejection of authenticator");
    return(EPERM);
}
Commit	Line	Data
de56407f	1	/*
	2	* $Source$
	3	* $Header$
	4	*/
	5
	6	#ifndef lint
	7	static char *rcsid_auth_001_c = "$Header$";
	8	#endif lint
	9
	10	#include <stdio.h>
	11	#include <strings.h>
	12	#include "gdb.h"
	13	#include "smsu_int.h"
	14	#include "kludge.h"
	15	#include <krb.h>
	16	#include <netinet/in.h>
	17	#include <errno.h>
	18
	19	extern char buf[BUFSIZ];
	20	extern int have_authorization;
	21	extern struct sockaddr_in *client_address();
	22	extern CONNECTION conn;
	23	int code;
	24	extern char *PrincipalHostname();
1c6164bb	25	static char service[] = "rcmd";
1c6164bb	26	static char master[] = "sms";
de56407f	27	static char qmark[] = "???";
	28
	29	/*
	30	* authentication request auth_001:
	31	*
	32	* >>> (STRING) "auth_001"
	33	* <<< (int) 0
	34	* >>> (STRING) ticket
	35	* <<< (int) code
	36	*
	37	*/
	38
	39	int
	40	auth_001(str)
	41	char *str;
	42	{
	43	STRING data;
	44	char host[BUFSIZ];
	45	AUTH_DAT ad;
	46	char realm[REALM_SZ];
	47	KTEXT_ST ticket_st;
	48
	49	if (send_ok())
	50	lose("sending okay for authorization (auth_001)");
	51	code = receive_object(conn, (char *)&data, STRING_T);
	52	if (code) {
	53	code = connection_errno(conn);
	54	lose("awaiting Kerberos authenticators");
	55	}
	56	gethostname(host, BUFSIZ);
	57	ticket_st.mbz = 0;
	58	ticket_st.length = MAX_STRING_SIZE(data);
	59	bcopy(STRING_DATA(data), ticket_st.dat, MAX_STRING_SIZE(data));
1c6164bb	60	code = rd_ap_req(&ticket_st, service,
de56407f	61	PrincipalHostname(host), 0,
	62	&ad, "/etc/srvtab");
	63	if (code) {
	64	code = krb_err_frob(code);
	65	strcpy(ad.pname, qmark);
	66	strcpy(ad.pinst, qmark);
	67	strcpy(ad.prealm, qmark);
	68	goto auth_failed;
	69	}
	70	if (get_krbrlm(realm,0))
	71	realm[0] = '\0';
	72	code = EPERM;
1c6164bb	73	if (strcmp(master, ad.pname))
de56407f	74	goto auth_failed;
	75	if (ad.pinst[0] != '\0')
	76	goto auth_failed;
	77	if (strcmp(realm, ad.prealm))
	78	goto auth_failed;
	79	if (send_ok())
	80	lose("sending approval of authorization");
	81	have_authorization = 1;
	82	return(0);
	83	auth_failed:
	84	sprintf(buf, "auth for %s.%s@%s failed: %s",
	85	ad.pname, ad.pinst, ad.prealm, error_message(code));
	86	{
	87	register int rc;
	88	rc = send_object(conn, (char *)&code, INTEGER_T);
	89	code = rc;
	90	}
	91	if (code)
	92	lose("sending rejection of authenticator");
	93	return(EPERM);
	94	}