]> andersk Git - moira.git/blame - lib/mr_auth.c
unacl some filesys get queries.
[moira.git] / lib / mr_auth.c
CommitLineData
fa59b86f 1/* $Id$
e2a67c78 2 *
7ac48069 3 * Handles the client side of the sending of authenticators to the moira server
e2a67c78 4 *
7ac48069 5 * Copyright (C) 1987-1998 by the Massachusetts Institute of Technology
6 * For copying and distribution information, please see the file
7 * <mit-copyright.h>.
e2a67c78 8 */
9
babbc197 10#include <mit-copyright.h>
7ac48069 11#include <moira.h>
8defc06b 12#include "mr_private.h"
7ac48069 13
713cf9c9 14#include <ctype.h>
85330553 15#include <stdio.h>
8fd777cf 16#include <string.h>
20e1c093 17
7ac48069 18#include <krb.h>
991417e4 19#include <krb5.h>
20
21krb5_context context = NULL;
22krb5_auth_context auth_con = NULL;
7ac48069 23
24RCSID("$Header$");
25
59ec8dae 26/* Authenticate this client with the Moira server. prog is the name of the
6e20c6e8 27 * client program, and will be recorded in the database.
28 */
29
5eaef520 30int mr_auth(char *prog)
e2a67c78 31{
44d12d58 32 int status;
85330553 33 mr_params params, reply;
5eaef520 34 char *args[2];
35 int argl[2];
36 char realm[REALM_SZ], host[BUFSIZ], *p;
5eaef520 37 KTEXT_ST auth;
83e80378 38
5eaef520 39 CHECK_CONNECTED;
11cf0ee5 40
5eaef520 41 if ((status = mr_host(host, sizeof(host) - 1)))
42 return status;
43
7ac48069 44 strcpy(realm, krb_realmofhost(host));
5eaef520 45 for (p = host; *p && *p != '.'; p++)
46 {
713cf9c9 47 if (isupper(*p))
48 *p = tolower(*p);
5eaef520 49 }
50 *p = '\0';
11cf0ee5 51
5eaef520 52 status = krb_mk_req(&auth, MOIRA_SNAME, host, realm, 0);
53 if (status != KSUCCESS)
54 {
55 status += ERROR_TABLE_BASE_krb;
56 return status;
57 }
85330553 58 params.u.mr_procno = MR_AUTH;
59 params.mr_argc = 2;
60 params.mr_argv = args;
61 params.mr_argl = argl;
62 params.mr_argv[0] = (char *)auth.dat;
63 params.mr_argl[0] = auth.length;
64 params.mr_argv[1] = prog;
65 params.mr_argl[1] = strlen(prog) + 1;
e2a67c78 66
85330553 67 if ((status = mr_do_call(&params, &reply)) == MR_SUCCESS)
68 status = reply.u.mr_status;
83e80378 69
5eaef520 70 mr_destroy_reply(reply);
71
72 return status;
e2a67c78 73}
ea16b46d 74
75int mr_proxy(char *principal, char *orig_authtype)
76{
77 int status;
78 mr_params params, reply;
79 char *args[2];
80
81 params.u.mr_procno = MR_PROXY;
82 params.mr_argc = 2;
83 params.mr_argv = args;
84 params.mr_argv[0] = principal;
85 params.mr_argv[1] = orig_authtype;
86 params.mr_argl = NULL;
87
88 if ((status = mr_do_call(&params, &reply)) == MR_SUCCESS)
89 status = reply.u.mr_status;
90
91 mr_destroy_reply(reply);
92
93 return status;
94}
991417e4 95
96int mr_krb5_auth(char *prog)
97{
98 mr_params params, reply;
99 char host[BUFSIZ], *p;
100 char *args[2];
101 int argl[2];
102 krb5_ccache ccache = NULL;
103 krb5_data auth;
104 krb5_error_code problem = 0;
105
106 CHECK_CONNECTED;
107
108 memset(&auth, 0, sizeof(auth));
109
110 if ((problem = mr_host(host, sizeof(host) - 1)))
111 return problem;
112
991417e4 113 if (!context)
114 {
115 problem = krb5_init_context(&context);
116 if (problem)
117 goto out;
118 }
119
120 problem = krb5_auth_con_init(context, &auth_con);
121 if (problem)
122 goto out;
123
124 problem = krb5_cc_default(context, &ccache);
125 if (problem)
126 goto out;
127
128 problem = krb5_mk_req(context, &auth_con, NULL, MOIRA_SNAME, host, NULL,
129 ccache, &auth);
130 if (problem)
131 goto out;
132
133 params.u.mr_procno = MR_KRB5_AUTH;
134 params.mr_argc = 2;
135 params.mr_argv = args;
136 params.mr_argl = argl;
137 params.mr_argv[0] = (char *)auth.data;
138 params.mr_argl[0] = auth.length;
139 params.mr_argv[1] = prog;
140 params.mr_argl[1] = strlen(prog) + 1;
141
142 if ((problem = mr_do_call(&params, &reply)) == MR_SUCCESS)
143 problem = reply.u.mr_status;
144
145 mr_destroy_reply(reply);
146
147 out:
148 if (ccache)
149 krb5_cc_close(context, ccache);
150 krb5_free_data_contents(context, &auth);
151 if (auth_con)
152 krb5_auth_con_free(context, auth_con);
153 auth_con = NULL;
154
155 return problem;
156}
157
This page took 0.124579 seconds and 5 git commands to generate.