]>
Commit | Line | Data |
---|---|---|
7ac48069 | 1 | /* $Id$ |
2 | * | |
3 | * Copyright (C) 1988-1998 by the Massachusetts Institute of Technology. | |
4 | * For copying and distribution information, please see the file | |
5 | * <mit-copyright.h>. | |
de56407f | 6 | */ |
de56407f | 7 | |
546bc43b | 8 | #include <mit-copyright.h> |
7ac48069 | 9 | #include <moira.h> |
10 | ||
de56407f | 11 | #include <sys/stat.h> |
7ac48069 | 12 | |
13 | #include <stdio.h> | |
a6e20de8 | 14 | #include <string.h> |
7ac48069 | 15 | |
16 | #include <krb.h> | |
991417e4 | 17 | #include <krb5.h> |
5c87ce34 | 18 | #include <update.h> |
7ac48069 | 19 | |
20 | RCSID("$Header$"); | |
de56407f | 21 | |
de56407f | 22 | static char realm[REALM_SZ]; |
b95ec814 | 23 | static char master[INST_SZ] = "sms"; |
24 | static char service[ANAME_SZ] = "rcmd"; | |
85330553 | 25 | des_cblock session; |
991417e4 | 26 | krb5_context context = NULL; |
de56407f | 27 | |
85330553 | 28 | static int get_mr_tgt(void); |
de56407f | 29 | |
991417e4 | 30 | int get_mr_krb5_update_ticket(char *host, krb5_data auth) |
31 | { | |
32 | krb5_auth_context auth_con = NULL; | |
33 | krb5_ccache ccache = NULL; | |
34 | krb5_error_code code; | |
35 | ||
36 | code = krb5_init_context(&context); | |
37 | if (code) | |
38 | goto out; | |
39 | ||
40 | code = krb5_auth_con_init(context, &auth_con); | |
41 | if (code) | |
42 | goto out; | |
43 | ||
44 | code = krb5_cc_default(context, &ccache); | |
45 | if (code) | |
46 | goto out; | |
47 | ||
548fc1f0 | 48 | code = krb5_mk_req(context, &auth_con, 0, "host", host, NULL, ccache, |
991417e4 | 49 | &auth); |
50 | ||
51 | out: | |
52 | if (ccache) | |
53 | krb5_cc_close(context, ccache); | |
54 | if (auth_con) | |
55 | krb5_auth_con_free(context, auth_con); | |
56 | return code; | |
57 | } | |
58 | ||
5eaef520 | 59 | int get_mr_update_ticket(char *host, KTEXT ticket) |
de56407f | 60 | { |
85330553 | 61 | int code, pass; |
5eaef520 | 62 | char phost[BUFSIZ]; |
63 | CREDENTIALS cr; | |
de56407f | 64 | |
5eaef520 | 65 | pass = 1; |
85330553 | 66 | if (krb_get_lrealm(realm, 1)) |
67 | strcpy(realm, KRB_REALM); | |
5eaef520 | 68 | strcpy(phost, (char *)krb_get_phost(host)); |
85330553 | 69 | |
5eaef520 | 70 | try_it: |
71 | code = krb_mk_req(ticket, service, phost, realm, (long)0); | |
72 | if (code) | |
73 | { | |
74 | if (pass == 1) | |
75 | { | |
76 | /* maybe we're taking too long? */ | |
77 | if ((code = get_mr_tgt())) | |
78 | { | |
79 | com_err(whoami, code, "can't get Kerberos TGT"); | |
80 | return code; | |
81 | } | |
82 | pass++; | |
83 | goto try_it; | |
84 | } | |
85 | code += ERROR_TABLE_BASE_krb; | |
86 | com_err(whoami, code, "in krb_mk_req"); | |
87 | } | |
88 | else | |
89 | { | |
90 | code = krb_get_cred(service, phost, realm, &cr); | |
91 | if (code) | |
92 | code += ERROR_TABLE_BASE_krb; | |
93 | memcpy(session, cr.session, sizeof(session)); | |
94 | } | |
95 | return code; | |
de56407f | 96 | } |
97 | ||
85330553 | 98 | static int get_mr_tgt(void) |
de56407f | 99 | { |
44d12d58 | 100 | int code; |
5eaef520 | 101 | char linst[INST_SZ], kinst[INST_SZ]; |
b95ec814 | 102 | |
5eaef520 | 103 | linst[0] = '\0'; |
104 | strcpy(kinst, "krbtgt"); | |
105 | code = krb_get_svc_in_tkt(master, linst, realm, kinst, realm, | |
91519120 | 106 | DEFAULT_TKT_LIFE, KEYFILE); |
5eaef520 | 107 | if (!code) |
108 | return 0; | |
109 | else | |
110 | return code + ERROR_TABLE_BASE_krb; | |
de56407f | 111 | } |