[moira.git] / lib / mr_auth.c

/* $Id$
 *
 * Handles the client side of the sending of authenticators to the moira server
 *
 * Copyright (C) 1987-1998 by the Massachusetts Institute of Technology
 * For copying and distribution information, please see the file
 * <mit-copyright.h>.
 */

#include <mit-copyright.h>
#include <moira.h>
#include "mr_private.h"

#include <ctype.h>
#include <stdio.h>
#include <string.h>

#include <krb.h>
#include <krb5.h>

krb5_context context = NULL;
krb5_auth_context auth_con = NULL;

RCSID("$Header$");

/* Authenticate this client with the Moira server.  prog is the name of the
 * client program, and will be recorded in the database.
 */

int mr_auth(char *prog)
{
  int status;
  mr_params params, reply;
  char *args[2];
  int argl[2];
  char realm[REALM_SZ], host[BUFSIZ], *p;
  KTEXT_ST auth;

  CHECK_CONNECTED;

  if ((status = mr_host(host, sizeof(host) - 1)))
    return status;

  strcpy(realm, krb_realmofhost(host));
  for (p = host; *p && *p != '.'; p++)
    {
      if (isupper(*p))
	*p = tolower(*p);
    }
  *p = '\0';

  status = krb_mk_req(&auth, MOIRA_SNAME, host, realm, 0);
  if (status != KSUCCESS)
    {
      status += ERROR_TABLE_BASE_krb;
      return status;
    }
  params.u.mr_procno = MR_AUTH;
  params.mr_argc = 2;
  params.mr_argv = args;
  params.mr_argl = argl;
  params.mr_argv[0] = (char *)auth.dat;
  params.mr_argl[0] = auth.length;
  params.mr_argv[1] = prog;
  params.mr_argl[1] = strlen(prog) + 1;

  if ((status = mr_do_call(&params, &reply)) == MR_SUCCESS)
    status = reply.u.mr_status;

  mr_destroy_reply(reply);

  return status;
}

int mr_proxy(char *principal, char *orig_authtype)
{
  int status;
  mr_params params, reply;
  char *args[2];

  params.u.mr_procno = MR_PROXY;
  params.mr_argc = 2;
  params.mr_argv = args;
  params.mr_argv[0] = principal;
  params.mr_argv[1] = orig_authtype;
  params.mr_argl = NULL;

  if ((status = mr_do_call(&params, &reply)) == MR_SUCCESS)
    status = reply.u.mr_status;

  mr_destroy_reply(reply);

  return status;
}

int mr_krb5_auth(char *prog)
{
  mr_params params, reply;
  char host[BUFSIZ], *p;
  char *args[2];
  int argl[2];
  krb5_ccache ccache = NULL;
  krb5_data auth;
  krb5_error_code problem = 0;

  CHECK_CONNECTED;

  memset(&auth, 0, sizeof(auth));

  if ((problem = mr_host(host, sizeof(host) - 1)))
    return problem;

  if (!context)
    {
      problem = krb5_init_context(&context);
      if (problem)
	goto out;
    }

  problem = krb5_auth_con_init(context, &auth_con);
  if (problem)
    goto out;

  problem = krb5_cc_default(context, &ccache);
  if (problem)
    goto out;

  problem = krb5_mk_req(context, &auth_con, NULL, MOIRA_SNAME, host, NULL, 
		       ccache, &auth);
  if (problem)
    goto out;

  params.u.mr_procno = MR_KRB5_AUTH;
  params.mr_argc = 2;
  params.mr_argv = args;
  params.mr_argl = argl;
  params.mr_argv[0] = (char *)auth.data;
  params.mr_argl[0] = auth.length;
  params.mr_argv[1] = prog;
  params.mr_argl[1] = strlen(prog) + 1;

  if ((problem = mr_do_call(&params, &reply)) == MR_SUCCESS)
    problem = reply.u.mr_status;

  mr_destroy_reply(reply);

 out:
  if (ccache)
    krb5_cc_close(context, ccache);
  krb5_free_data_contents(context, &auth);
  if (auth_con)
    krb5_auth_con_free(context, auth_con);
  auth_con = NULL;

  return problem;
}
Commit	Line	Data
fa59b86f	1	/* $Id$
e2a67c78	2	*
7ac48069	3	* Handles the client side of the sending of authenticators to the moira server
e2a67c78	4	*
7ac48069	5	* Copyright (C) 1987-1998 by the Massachusetts Institute of Technology
	6	* For copying and distribution information, please see the file
	7	* <mit-copyright.h>.
e2a67c78	8	*/
e2a67c78	9
babbc197	10	#include <mit-copyright.h>
7ac48069	11	#include <moira.h>
8defc06b	12	#include "mr_private.h"
7ac48069	13
713cf9c9	14	#include <ctype.h>
85330553	15	#include <stdio.h>
8fd777cf	16	#include <string.h>
20e1c093	17
7ac48069	18	#include <krb.h>
991417e4	19	#include <krb5.h>
	20
	21	krb5_context context = NULL;
	22	krb5_auth_context auth_con = NULL;
7ac48069	23
	24	RCSID("$Header$");
	25
59ec8dae	26	/* Authenticate this client with the Moira server. prog is the name of the
6e20c6e8	27	* client program, and will be recorded in the database.
	28	*/
	29
5eaef520	30	int mr_auth(char *prog)
e2a67c78	31	{
44d12d58	32	int status;
85330553	33	mr_params params, reply;
5eaef520	34	char *args[2];
	35	int argl[2];
	36	char realm[REALM_SZ], host[BUFSIZ], *p;
5eaef520	37	KTEXT_ST auth;
83e80378	38
5eaef520	39	CHECK_CONNECTED;
11cf0ee5	40
5eaef520	41	if ((status = mr_host(host, sizeof(host) - 1)))
	42	return status;
	43
7ac48069	44	strcpy(realm, krb_realmofhost(host));
5eaef520	45	for (p = host; p && p != '.'; p++)
5eaef520	46	{
713cf9c9	47	if (isupper(*p))
713cf9c9	48	p = tolower(p);
5eaef520	49	}
5eaef520	50	*p = '\0';
11cf0ee5	51
5eaef520	52	status = krb_mk_req(&auth, MOIRA_SNAME, host, realm, 0);
	53	if (status != KSUCCESS)
	54	{
	55	status += ERROR_TABLE_BASE_krb;
	56	return status;
	57	}
85330553	58	params.u.mr_procno = MR_AUTH;
	59	params.mr_argc = 2;
	60	params.mr_argv = args;
	61	params.mr_argl = argl;
	62	params.mr_argv[0] = (char *)auth.dat;
	63	params.mr_argl[0] = auth.length;
	64	params.mr_argv[1] = prog;
	65	params.mr_argl[1] = strlen(prog) + 1;
e2a67c78	66
85330553	67	if ((status = mr_do_call(&params, &reply)) == MR_SUCCESS)
85330553	68	status = reply.u.mr_status;
83e80378	69
5eaef520	70	mr_destroy_reply(reply);
	71
	72	return status;
e2a67c78	73	}
ea16b46d	74
	75	int mr_proxy(char principal, char orig_authtype)
	76	{
	77	int status;
	78	mr_params params, reply;
	79	char *args[2];
	80
	81	params.u.mr_procno = MR_PROXY;
	82	params.mr_argc = 2;
	83	params.mr_argv = args;
	84	params.mr_argv[0] = principal;
	85	params.mr_argv[1] = orig_authtype;
	86	params.mr_argl = NULL;
	87
	88	if ((status = mr_do_call(&params, &reply)) == MR_SUCCESS)
	89	status = reply.u.mr_status;
	90
	91	mr_destroy_reply(reply);
	92
	93	return status;
	94	}
991417e4	95
	96	int mr_krb5_auth(char *prog)
	97	{
	98	mr_params params, reply;
	99	char host[BUFSIZ], *p;
	100	char *args[2];
	101	int argl[2];
	102	krb5_ccache ccache = NULL;
	103	krb5_data auth;
	104	krb5_error_code problem = 0;
	105
	106	CHECK_CONNECTED;
	107
	108	memset(&auth, 0, sizeof(auth));
	109
	110	if ((problem = mr_host(host, sizeof(host) - 1)))
	111	return problem;
	112
991417e4	113	if (!context)
	114	{
	115	problem = krb5_init_context(&context);
	116	if (problem)
	117	goto out;
	118	}
	119
	120	problem = krb5_auth_con_init(context, &auth_con);
	121	if (problem)
	122	goto out;
	123
	124	problem = krb5_cc_default(context, &ccache);
	125	if (problem)
	126	goto out;
	127
	128	problem = krb5_mk_req(context, &auth_con, NULL, MOIRA_SNAME, host, NULL,
	129	ccache, &auth);
	130	if (problem)
	131	goto out;
	132
	133	params.u.mr_procno = MR_KRB5_AUTH;
	134	params.mr_argc = 2;
	135	params.mr_argv = args;
	136	params.mr_argl = argl;
	137	params.mr_argv[0] = (char *)auth.data;
	138	params.mr_argl[0] = auth.length;
	139	params.mr_argv[1] = prog;
	140	params.mr_argl[1] = strlen(prog) + 1;
	141
	142	if ((problem = mr_do_call(&params, &reply)) == MR_SUCCESS)
	143	problem = reply.u.mr_status;
	144
	145	mr_destroy_reply(reply);
	146
	147	out:
	148	if (ccache)
	149	krb5_cc_close(context, ccache);
	150	krb5_free_data_contents(context, &auth);
	151	if (auth_con)
	152	krb5_auth_con_free(context, auth_con);
	153	auth_con = NULL;
	154
	155	return problem;
	156	}
	157