]>
Commit | Line | Data |
---|---|---|
de56407f | 1 | /* |
2 | * $Source$ | |
3 | * $Header$ | |
4 | */ | |
5 | ||
6 | #ifndef lint | |
7 | static char *rcsid_auth_001_c = "$Header$"; | |
8 | #endif lint | |
9 | ||
10 | #include <stdio.h> | |
11 | #include <strings.h> | |
12 | #include "gdb.h" | |
13 | #include "smsu_int.h" | |
14 | #include "kludge.h" | |
15 | #include <krb.h> | |
16 | #include <netinet/in.h> | |
17 | #include <errno.h> | |
18 | ||
19 | extern char buf[BUFSIZ]; | |
20 | extern int have_authorization; | |
21 | extern struct sockaddr_in *client_address(); | |
22 | extern CONNECTION conn; | |
23 | int code; | |
24 | extern char *PrincipalHostname(); | |
1c6164bb | 25 | static char service[] = "rcmd"; |
26 | static char master[] = "sms"; | |
de56407f | 27 | static char qmark[] = "???"; |
28 | ||
29 | /* | |
30 | * authentication request auth_001: | |
31 | * | |
32 | * >>> (STRING) "auth_001" | |
33 | * <<< (int) 0 | |
34 | * >>> (STRING) ticket | |
35 | * <<< (int) code | |
36 | * | |
37 | */ | |
38 | ||
39 | int | |
40 | auth_001(str) | |
41 | char *str; | |
42 | { | |
43 | STRING data; | |
44 | char host[BUFSIZ]; | |
45 | AUTH_DAT ad; | |
46 | char realm[REALM_SZ]; | |
47 | KTEXT_ST ticket_st; | |
48 | ||
49 | if (send_ok()) | |
50 | lose("sending okay for authorization (auth_001)"); | |
51 | code = receive_object(conn, (char *)&data, STRING_T); | |
52 | if (code) { | |
53 | code = connection_errno(conn); | |
54 | lose("awaiting Kerberos authenticators"); | |
55 | } | |
56 | gethostname(host, BUFSIZ); | |
57 | ticket_st.mbz = 0; | |
58 | ticket_st.length = MAX_STRING_SIZE(data); | |
59 | bcopy(STRING_DATA(data), ticket_st.dat, MAX_STRING_SIZE(data)); | |
1c6164bb | 60 | code = rd_ap_req(&ticket_st, service, |
de56407f | 61 | PrincipalHostname(host), 0, |
62 | &ad, "/etc/srvtab"); | |
63 | if (code) { | |
64 | code = krb_err_frob(code); | |
65 | strcpy(ad.pname, qmark); | |
66 | strcpy(ad.pinst, qmark); | |
67 | strcpy(ad.prealm, qmark); | |
68 | goto auth_failed; | |
69 | } | |
70 | if (get_krbrlm(realm,0)) | |
71 | realm[0] = '\0'; | |
72 | code = EPERM; | |
1c6164bb | 73 | if (strcmp(master, ad.pname)) |
de56407f | 74 | goto auth_failed; |
75 | if (ad.pinst[0] != '\0') | |
76 | goto auth_failed; | |
77 | if (strcmp(realm, ad.prealm)) | |
78 | goto auth_failed; | |
79 | if (send_ok()) | |
80 | lose("sending approval of authorization"); | |
81 | have_authorization = 1; | |
82 | return(0); | |
83 | auth_failed: | |
84 | sprintf(buf, "auth for %s.%s@%s failed: %s", | |
85 | ad.pname, ad.pinst, ad.prealm, error_message(code)); | |
86 | { | |
87 | register int rc; | |
88 | rc = send_object(conn, (char *)&code, INTEGER_T); | |
89 | code = rc; | |
90 | } | |
91 | if (code) | |
92 | lose("sending rejection of authenticator"); | |
93 | return(EPERM); | |
94 | } |