Kludge for use with SMS>

[moira.git] / reg_svr / reg_svr.c

/*
 *      $Source$
 *      $Author$
 *      $Header$
 *
 *      Copyright (C) 1987 by the Massachusetts Institute of Technology
 *
 *      Server for user registration with SMS and Kerberos.
 *
 *      This program is a client of the SMS server and the Kerberos
 *      admin_server, and is a server for the userreg program.
 * 
 *      $Log$
 *      Revision 1.2  1987-08-22 18:39:45  wesommer
 *      User registration server.
 *
 * Revision 1.1  87/07/31  15:48:13  wesommer
 * Initial revision
 * 
 */

#ifndef lint
static char *rcsid_reg_svr_c = "$Header$";
#endif lint

#include <stdio.h>
#include <sys/types.h>
#include <sys/file.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <netdb.h>
#include <des.h>
#include <errno.h>
#include <ctype.h>
#include "ureg_err.h"
#include "ureg_proto.h"
#include "../../include/sms.h"
#include "admin_server.h"
#include "admin_err.h" 
#include <strings.h>

extern void abort();
extern char *strdup();
extern char *malloc();
extern int krb_err_base;
extern char admin_errmsg[];

long now;
#define STAMP { time (&now); printf(ctime(&now)); }
                       
struct msg {
    u_long version;
    u_long request;
    char *first;
    char *last;
    char *sealed;
    int sealed_len;
};

static char retval[BUFSIZ];

main()
{
    struct sockaddr_in sin;
    struct servent *sp;
    int s;
    int status;
    int addrlen, len;
    char buf[BUFSIZ];
    extern int errno;
    u_long seqno;
    struct msg message;
    extern char *whoami;

    setlinebuf(stderr);
    whoami = "reg_svr";
    
    init_ureg_err_tbl();
    
    status = sms_connect();
    if (status != 0) {
        com_err("reg_svr", status, " on connect");
        exit(1);
    }
    status = sms_auth();
    if (status != 0) {
        com_err("reg_svr", status, " on auth");
        exit(1);
    }
    
    sp = getservbyname("sms_ureg", "udp");
    if (sp == NULL) {
        fprintf(stderr, "Unknown service sms_ureg/udp\n");
        exit(1);
    }
    s = socket(AF_INET, SOCK_DGRAM, 0);
    if (s < 0) {
        perror("socket");
        exit(1);
    }
    bzero((char *)&sin, sizeof(sin));

    sin.sin_family = AF_INET;
    sin.sin_port = sp->s_port;
    sin.sin_addr.s_addr = INADDR_ANY;

    if (bind(s, &sin, sizeof(sin)) < 0) {
        perror("bind");
        exit(1);
    }
    
    for (;;) {
        addrlen = sizeof(sin);
        bzero(retval, BUFSIZ);
        len = recvfrom(s, buf, BUFSIZ, 0, &sin, &addrlen);
        if (len < 0) {
            perror("recvfrom");
            if (errno == EINTR) continue;
            
            exit(1);
        }
        /* Parse a request packet */
        status = parse_pkt(buf, len, &seqno, &message);
        if (status != 0) {
            len = BUFSIZ;
            format_pkt(buf, &len, seqno, status, (char *)NULL);
            (void) sendto(s, buf, len, 0, &sin, addrlen);
            continue;
        }
        /* do action */
        switch((int)message.request) {
        case UREG_VERIFY_USER:
            status = verify_user(&message);
            break;
        case UREG_RESERVE_LOGIN:
            status = reserve_user(&message);
            break;
        case UREG_SET_PASSWORD:
            status = set_password(&message);
            break;
            
        default:
            status = UREG_UNKNOWN_REQUEST;
            break;
        }
        len = BUFSIZ;
        format_pkt(buf, &len, seqno, status, retval);
        
        sendto(s, buf, len, 0, &sin, addrlen);
    }
}

int got_one;
int reg_status;
char *mit_id;
char *reg_misc;
int reg_misc_len;
int user_id;

#define min(a,b) ((a)>(b)?(b):(a))
    
int validate_idno(message, db_mit_id, first, last)
    struct msg *message;
    char *db_mit_id;
    char *first, *last;
{
    C_Block key;
    Key_schedule sched;
    static char decrypt[BUFSIZ];
    char recrypt[14];
    static char hashid[14];
    char idnumber[BUFSIZ];
    char *temp;
    int len;

    int i;
#ifdef notdef
    for (i = 0; i < message->sealed_len; i++) {
        printf("%02x ", (unsigned char)message->sealed[i]);
    }
    printf("\n");
#endif notdef
    mit_id = 0;
    
    string_to_key(db_mit_id, key);
    key_sched(key, sched);
    pcbc_encrypt(message->sealed, decrypt, message->sealed_len, sched, key, 0);

#ifdef notdef
    for (i = 0; i < message->sealed_len; i++) {
        printf("%02x ", (unsigned char)decrypt[i]);
    }
    printf("\n");
    for (i = 0; i < message->sealed_len; i++) {
        if (isprint(decrypt[i])) 
            printf("%c  ", (unsigned char)decrypt[i]);
        else printf(".  ");
    }
    printf("\n");
#endif notdef
    (void) strncpy(idnumber, decrypt, message->sealed_len);
    temp = decrypt + strlen(idnumber) + 1;
    len = message->sealed_len - (temp - decrypt);
    
    (void) strncpy(hashid, temp, min(len, 14));
    temp += strlen(hashid) + 1;
    len = message->sealed_len - (temp - decrypt);

    if (strcmp(hashid, db_mit_id)) return 1;
    encrypt_mitid(recrypt, idnumber, first, last);
    if (strcmp(recrypt, db_mit_id)) return 1;

    reg_misc = temp;
    reg_misc_len = len;
    mit_id = hashid;
    return 0;
}

static int status_in_db;

vfy_callbk(argc, argv, p_message)
    int argc;                   /* Should sanity check this.. */
    char **argv;
    char *p_message;
{
    struct msg *message = (struct msg *)p_message;
    char *db_mit_id;
    char *firstname, *lastname;
    int status;
    
#ifdef debug
    printf("Callback: %s %s %s\n", argv[8], argv[5], argv[4]);
#endif debug
    if (got_one) return 0;
    reg_status = 0;
    
    db_mit_id = argv[8];
    firstname = argv[5];
    lastname = argv[4];

    status = validate_idno(message, db_mit_id, firstname, lastname);
    if (status) return 0; /* Nope; decryption failed */

    status_in_db = atoi(argv[7]);
    reg_status = status_in_db;    

    if (status_in_db != 0) {
        (void) strcpy(retval, argv[0]);
    }
    user_id = atoi(argv[1]);
    got_one = 1;
    return 0;
}    

encrypt_mitid(buf, idnumber, first, last)
    char *buf, *idnumber, *first, *last;
{
    char salt[3];
    extern char *crypt();
    
#define _tolower(c) ((c)|0x60)

    salt[0] = _tolower(last[0]);
    salt[1] = _tolower(first[0]);
    salt[2] = 0;
    
    (void) strcpy(buf, crypt(&idnumber[2], salt));
}

int verify_user(message)
    struct msg *message;

{
    char *argv[3];
    int status;
    
    printf("verify_user\n");
    argv[0] = "get_user_by_first_and_last";
    argv[1] = message->first;
    argv[2] = message->last;
    got_one = 0;
    
    status = sms_query_internal(3, argv, vfy_callbk, (char *)message);
    
    if (status == SMS_NO_MATCH) status = UREG_USER_NOT_FOUND;
    if (!got_one && !status)
        status = UREG_USER_NOT_FOUND;
    
    if (status != 0) goto punt;

    if (reg_status == 1) status = UREG_ALREADY_REGISTERED;
    if (reg_status == 2) status = UREG_NO_PASSWD_YET;
    
punt:
    return status;
}

reserve_user(message)
    struct msg *message;
{
    char *argv[3];
    int status;
    int i;
    char *login;
    char uid_buf[20];
    
    STAMP;
    printf("reserve_user\n");

    argv[0] = "gufl";           /* get_user_by_first_and_last */
    argv[1] = message->first;
    argv[2] = message->last;
    got_one = 0;
    
    status = sms_query_internal(3, argv, vfy_callbk, (char *)message);

    STAMP;
    
    if (status == SMS_NO_MATCH) status = UREG_USER_NOT_FOUND;
    if (!got_one && !status)
        status = UREG_USER_NOT_FOUND;

    if (status != 0) goto punt;
    if (reg_status != 0) {
        status = UREG_ALREADY_REGISTERED;
        goto punt;
    }
    /*
     * He's made it past this phase already.
     */
    if (status_in_db == 2) {
        status = 0;
        goto punt;
    }
    /* Sanity check requested login name. */
    printf("reg_misc_len = %d\n", reg_misc_len);

    for (i = 0; i < reg_misc_len && reg_misc[i]; i++) {
        if (!islower(reg_misc[i])) {
            status = UREG_INVALID_UNAME;
            goto punt;
        }
    }
    if (i < 3 || i > 8) {
        status = UREG_INVALID_UNAME;
        goto punt;
    }
    login = reg_misc;
    
    /* Send request to kerberos admin_server for login name */
    /* get keys */
    printf("get_svc_in_tkt\n");
    status = get_svc_in_tkt("register", "kerberos", "ATHENA.MIT.EDU",
                            "changepw", "kerberos",
                            1, "/etc/srvtab");
    if (status) {
            status += krb_err_base;
            goto punt;
    }
    STAMP;
    
    printf("admin_call\n");
    /* send set password request to kerberos admin_server */
    (void) sprintf(uid_buf, "%013d", user_id); /* 13 chars of placebo */
                                               /* for backwards-compat. */
    
    status = admin_call(ADMIN_ADD_NEW_KEY_ATTR, login, "", 
                        "", uid_buf);

    if (status) {
            if (status == ADMIN_SERVER_ERROR) {
                    printf("Server error: %s\n", admin_errmsg);
                    
                    if (strcmp(admin_errmsg,
                                "Principal already in kerberos database.") ==0)
                            status = UREG_LOGIN_USED;
            }
            goto punt;
    }

    dest_tkt();
    /* If valid: */
    STAMP;
    
    /* Set login name */
    status = set_login(login, mit_id);
    if (status) {
        com_err("set_login", status, 0);
        goto punt;
    }
    /* choose post office */
    STAMP;
    
    status = choose_pobox(login);
    if (status) {
        com_err("choose_pobox", status, 0);
        goto punt;
    }
    /* set quota entry, create filsys */
    STAMP;
    
    status = alloc_filsys(login, SMS_FS_STUDENT, 0, 0);
    if (status) {
        com_err("alloc_filsys", status, 0);
        goto punt;
    }
    /* create group */
    STAMP;
    
    status = create_group(login);
    if (status) {
        com_err("create_group", status, 0);
        goto punt;
    }
    /* set filsys and status in SMS database */
    STAMP;
    
    status = set_status_filsys(reg_misc, mit_id);
    if (status) {
        com_err("set_filsys", status, 0);
        goto punt;
    }
punt:
    dest_tkt();
    STAMP;
    printf("reserve_user returning %s\n", error_message(status));
    return status;
}

set_password(message)
    struct msg *message;
{
    char *argv[3];
    int status;
    
    printf("set_password\n");

    /* validate that user is who he claims to be */

    argv[0] = "get_user_by_first_and_last";
    argv[1] = message->first;
    argv[2] = message->last;
    got_one = 0;
    
    status = sms_query_internal(3, argv, vfy_callbk, (char *)message);
    
    if (status == SMS_NO_MATCH) status = UREG_USER_NOT_FOUND;
    if (!got_one && !status)
        status = UREG_USER_NOT_FOUND;
    
    if (status != 0) goto punt;

    /* validate that state is equal to '2' (login, but no password) */

    if (reg_status != 2) {
        status = UREG_NO_LOGIN_YET;
        goto punt;
    }

    printf("password for %s would be set to %s\n", retval ,reg_misc);

    /* get keys */
    status = get_svc_in_tkt("register", "kerberos", "ATHENA.MIT.EDU",
                            "changepw", "kerberos",
                            1, "/etc/srvtab");
    if (status) {
            status += krb_err_base;
            goto punt;
    }
    /* send set password request to kerberos admin_server */
    status = admin_call(ADMIN_SET_KDC_PASSWORD, retval, "", 
                        reg_misc, "BBBBBBBBBBBBB");

    if (status) goto punt;
    dest_tkt();
    
    status = set_final_status(retval, mit_id);

    /* reflect reply to client */
punt:
    dest_tkt();
    return status;
}

parse_pkt(buf, len, seqnop, messagep)
    char *buf;
    int len;
    u_long *seqnop;
    struct msg *messagep;
{
    if (len < 4) return UREG_BROKEN_PACKET;
    bcopy(buf, (char *)&messagep->version, sizeof(long));
    messagep->version = ntohl(messagep->version);
    if (messagep->version != 1) return UREG_WRONG_VERSION;
    
    buf += 4;
    len -= 4;

    if (len < 4) return UREG_BROKEN_PACKET;
    bcopy(buf, (char *)seqnop, sizeof(long));

    buf += 4;
    len -= 4;
    
    if (len < 4) return UREG_BROKEN_PACKET;
    bcopy(buf, (char *)(&messagep->request), sizeof(long));
    messagep->request = ntohl(messagep->request);
    buf += 4;
    len -= 4;
    
    messagep->first = buf;

    for (; *buf && len > 0; --len, ++buf) continue;
    if (len <= 0) return UREG_BROKEN_PACKET;

    buf++, len--;

    messagep->last = buf;

    for (; *buf && len > 0; --len, ++buf) continue;
    if (len <= 0) return UREG_BROKEN_PACKET;
    
    buf++, len--;

    if (len <= 0) return UREG_BROKEN_PACKET;
    
    messagep->sealed = buf;
    messagep->sealed_len = len;
    
    return 0;
}

format_pkt(buf, lenp, seqno, status, message)
    char *buf;
    int *lenp;
    u_long seqno;
    int status;
    char *message;
{
    u_long vers = htonl((u_long)1);
    status = htonl((u_long)status);
    
    bcopy((char *)&vers, buf, sizeof(long));
    bcopy((char *)&seqno, buf+sizeof(long), sizeof(long));
    bcopy((char *)&status, buf+ 2*sizeof(long), sizeof(long));
    *lenp = sizeof(long) * 3;
    (void) strcpy(buf+3*sizeof(long), message);
    (*lenp) += strlen(message);
}

store_user(argc, argv, argp)
    int argc;
    char **argv;
    char *argp;
{
    char **retv = (char **) argp;
    int i;
    
    for (i = 0; i < argc; i++) {
        if (retv[i]) {
            free(retv[i]);
            retv[i]=0;
        }
        retv[i] = strdup(argv[i]);
    }
    return 0;
}
    

/*
 * Set login name of user with "idnumber" to be "username"
 */

set_login(username, idnumber)
    char *username;
    char *idnumber;
{
    char *argv[2];
    int status, i;
    char *retv[13];
    
    argv[0] = "get_user_by_mitid";
    argv[1] = idnumber;

    for (i=0; i<13; i++) {
        retv[i] = 0;
    }

    status = sms_query_internal(2, argv, store_user, (char *)(retv+1));
    if (status) return status;

    retv[0] = retv[1];
    retv[1] = username;
    if (retv[4]) free(retv[4]);
    retv[4] = "null";           /* No such filesystem */
    
    printf("Update_user(%s, %s)\n", retv[0], retv[1]);
    
    status = sms_query("update_user", 12, retv, abort, 0);
    retv[1] = 0;
    retv[4] = 0;
    
    for (i=1; i<12; i++) {
        if (retv[i]) free(retv[i]);
        retv[i] = 0;
    }
    
    return status;
}    

/*
 * Set the status and filsys of user with username "uname" and filesys filsys.
 */

set_status_filsys(username, idnumber)
    char *username;
    char *idnumber;
{
    char *argv[2];
    int status, i;
    char *retv[13];
    
    argv[0] = "get_user_by_mitid";
    argv[1] = idnumber;

    for (i=0; i<13; i++) {
        retv[i] = 0;
    }

    status = sms_query_internal(2, argv, store_user, (char *)(retv+1));
    if (status) return status;

    retv[0] = retv[1];

    free(retv[4]);
    retv[4] = username;

    free(retv[8]);
    retv[8] = "2";
    
    printf("Update_user(%s, %s)\n", retv[0], retv[1]);
    
    status = sms_query("update_user", 12, retv, abort, 0);
    retv[4] = 0;
    retv[8] = 0;
    for (i=1; i<12; i++) {
        if (retv[i]) free(retv[i]);
        retv[i] = 0;
    }
    return status;
}    
/*
 * Set the status and filsys of user with username "uname" and filesys filsys.
 */

set_final_status(username, idnumber)
    char *username;
    char *idnumber;
{
    char *argv[2];
    int status, i;
    char *retv[13];
    
    argv[0] = "get_user_by_mitid";
    argv[1] = idnumber;

    for (i=0; i<13; i++) {
        retv[i] = 0;
    }

    status = sms_query_internal(2, argv, store_user, (char *)(retv+1));
    if (status) return status;

    retv[0] = retv[1];

    free(retv[8]);
    retv[8] = "1";
    
    printf("Update_user(%s, %s)\n", retv[0], retv[1]);
    
    status = sms_query("update_user", 12, retv, abort, 0);
    retv[8] = 0;
    for (i=1; i<12; i++) {
        if (retv[i]) free(retv[i]);
        retv[i] = 0;
    }
    return status;
}    

create_group(login)
    char *login;
{
    int status;
    static char *cr[] = {
        "add_user_group",
        0,
    };
    
    cr[1] = login;
    
    return sms_query_internal(2, cr, abort, 0);
}    
/*
 * Local Variables:
 * mode: c
 * c-indent-level: 4
 * c-continued-statement-offset: 4
 * c-brace-offset: -4
 * c-argdecl-indent: 4
 * c-label-offset: -4
 * End:
 */
char *get_krbhst(a1, a2)
        char *a1;
        char *a2;
{
        strcpy(a1, "ICARUS.MIT.EDU");
        return 0;
}

char *get_krbrlm(a1)
        char *a1;
{
        strcpy(a1, "ATHENA.MIT.EDU");
        return 0;
}