andersk Git - moira.git/blame_incremental

... / ...

Commit	Line	Data
	1	/* $Id$
	2	*
	3	* Handles the client side of the sending of authenticators to the moira server
	4	*
	5	* Copyright (C) 1987-1998 by the Massachusetts Institute of Technology
	6	* For copying and distribution information, please see the file
	7	* <mit-copyright.h>.
	8	*/
	9
	10	#include <mit-copyright.h>
	11	#include <moira.h>
	12	#include "mr_private.h"
	13
	14	#include <ctype.h>
	15	#include <stdio.h>
	16	#include <string.h>
	17
	18	#ifdef HAVE_KRB4
	19	#include <krb.h>
	20	#endif
	21	#include <krb5.h>
	22
	23	krb5_context context = NULL;
	24	krb5_auth_context auth_con = NULL;
	25
	26	RCSID("$Header$");
	27
	28	/* Authenticate this client with the Moira server. prog is the name of the
	29	* client program, and will be recorded in the database.
	30	*/
	31
	32	int mr_auth(char *prog)
	33	{
	34	#ifdef HAVE_KRB4
	35	int status;
	36	mr_params params, reply;
	37	char *args[2];
	38	int argl[2];
	39	char realm[REALM_SZ], host[BUFSIZ], *p;
	40	KTEXT_ST auth;
	41
	42	CHECK_CONNECTED;
	43
	44	if ((status = mr_host(host, sizeof(host) - 1)))
	45	return status;
	46
	47	strcpy(realm, krb_realmofhost(host));
	48	for (p = host; p && p != '.'; p++)
	49	{
	50	if (isupper(*p))
	51	p = tolower(p);
	52	}
	53	*p = '\0';
	54
	55	status = krb_mk_req(&auth, MOIRA_SNAME, host, realm, 0);
	56	if (status != KSUCCESS)
	57	{
	58	status += ERROR_TABLE_BASE_krb;
	59	return status;
	60	}
	61	params.u.mr_procno = MR_AUTH;
	62	params.mr_argc = 2;
	63	params.mr_argv = args;
	64	params.mr_argl = argl;
	65	params.mr_argv[0] = (char *)auth.dat;
	66	params.mr_argl[0] = auth.length;
	67	params.mr_argv[1] = prog;
	68	params.mr_argl[1] = strlen(prog) + 1;
	69
	70	if ((status = mr_do_call(&params, &reply)) == MR_SUCCESS)
	71	status = reply.u.mr_status;
	72
	73	mr_destroy_reply(reply);
	74
	75	return status;
	76	#else
	77	return MR_NO_KRB4;
	78	#endif
	79	}
	80
	81	int mr_proxy(char principal, char orig_authtype)
	82	{
	83	int status;
	84	mr_params params, reply;
	85	char *args[2];
	86
	87	CHECK_CONNECTED;
	88
	89	params.u.mr_procno = MR_PROXY;
	90	params.mr_argc = 2;
	91	params.mr_argv = args;
	92	params.mr_argv[0] = principal;
	93	params.mr_argv[1] = orig_authtype;
	94	params.mr_argl = NULL;
	95
	96	if ((status = mr_do_call(&params, &reply)) == MR_SUCCESS)
	97	status = reply.u.mr_status;
	98
	99	mr_destroy_reply(reply);
	100
	101	return status;
	102	}
	103
	104	int mr_krb5_auth(char *prog)
	105	{
	106	mr_params params, reply;
	107	char host[BUFSIZ], *p;
	108	char *args[2];
	109	int argl[2];
	110	krb5_ccache ccache = NULL;
	111	krb5_data auth;
	112	krb5_error_code problem = 0;
	113
	114	CHECK_CONNECTED;
	115
	116	memset(&auth, 0, sizeof(auth));
	117
	118	if ((problem = mr_host(host, sizeof(host) - 1)))
	119	return problem;
	120
	121	if (!context)
	122	{
	123	problem = krb5_init_context(&context);
	124	if (problem)
	125	goto out;
	126	}
	127
	128	problem = krb5_auth_con_init(context, &auth_con);
	129	if (problem)
	130	goto out;
	131
	132	problem = krb5_cc_default(context, &ccache);
	133	if (problem)
	134	goto out;
	135
	136	problem = krb5_mk_req(context, &auth_con, 0, MOIRA_SNAME, host, NULL,
	137	ccache, &auth);
	138	if (problem)
	139	goto out;
	140
	141	params.u.mr_procno = MR_KRB5_AUTH;
	142	params.mr_argc = 2;
	143	params.mr_argv = args;
	144	params.mr_argl = argl;
	145	params.mr_argv[0] = (char *)auth.data;
	146	params.mr_argl[0] = auth.length;
	147	params.mr_argv[1] = prog;
	148	params.mr_argl[1] = strlen(prog) + 1;
	149
	150	if ((problem = mr_do_call(&params, &reply)) == MR_SUCCESS)
	151	problem = reply.u.mr_status;
	152
	153	mr_destroy_reply(reply);
	154
	155	out:
	156	if (ccache)
	157	krb5_cc_close(context, ccache);
	158	krb5_free_data_contents(context, &auth);
	159	if (auth_con)
	160	krb5_auth_con_free(context, auth_con);
	161	auth_con = NULL;
	162
	163	return problem;
	164	}
	165