* $Header$
*
* Copyright (C) 1987 by the Massachusetts Institute of Technology
+ * For copying and distribution information, please see the file
+ * <mit-copyright.h>.
*
* Utility functions for communication with the Kerberos admin_server
*
* Original version written by Jeffery I. Schiller, January 1987
* Completely gutted and rewritten by Bill Sommerfeld, August 1987
*
- * $Log$
- * Revision 1.2 1987-08-22 17:13:59 wesommer
- * Make admin_errmsg external rather than static.
- * Crock up KDC host.
- *
- * Revision 1.1 87/08/07 13:50:37 wesommer
- * Initial revision
- *
*/
#ifndef lint
static char *rcsid_admin_call_c = "$Header$";
#endif lint
+#include <mit-copyright.h>
#include <sys/errno.h>
#include <sys/types.h>
#include <sys/time.h>
#include <netdb.h>
#include <strings.h>
+#include <ctype.h>
#include <stdio.h>
-#define KERB_HOST "icarus"
#include "admin_err.h"
#include "admin_server.h"
#include "prot.h"
#include "krb.h"
+#include "krb_et.h"
-extern int krb_err_base; /* Offset between com_err and kerberos codes */
extern int errno; /* System call error numbers */
extern long gethostid();
static int my_addr_len; /* size of above address. */
static char krbrlm[REALM_SZ]; /* Local kerberos realm */
+static char krbhost[BUFSIZ]; /* Name of server for local realm */
char admin_errmsg[BUFSIZ]; /* Server error message */
/*
if (!inited) {
struct hostent *hp; /* host to talk to */
struct servent *sp; /* service to talk to */
- int on = 1; /* ioctl argument */
-
- init_kadm_err_tbl();
- if (status = get_krbrlm(krbrlm, 1)) {
- status += krb_err_base;
+
+ initialize_kadm_error_table();
+ if (status = krb_get_lrealm(krbrlm, 1)) {
+ status += ERROR_TABLE_BASE_krb;
goto punt;
}
* Locate server.
*/
- hp = gethostbyname(KERB_HOST);
+ if (status = krb_get_krbhst(krbhost, krbrlm, 1)) {
+ status += ERROR_TABLE_BASE_krb;
+ goto punt;
+ }
+ hp = gethostbyname(krbhost);
if (!hp) {
status = ADMIN_UNKNOWN_HOST;
goto punt;
bcopy((char *)hp->h_addr, (char *)&admin_addr.sin_addr, hp->h_length);
admin_addr.sin_port = sp->s_port;
- /*
- * Set up socket.
+ /* lowercase & truncate hostname becuase it will be used as an
+ * instance name.
*/
-
- admin_fd = socket(hp->h_addrtype, SOCK_DGRAM, 0);
- if (admin_fd < 0) {
- status = errno;
- goto punt;
+ {
+ char *s;
+ for (s = krbhost; *s && *s != '.'; s++)
+ if (isupper(*s))
+ *s = tolower(*s);
+ *s = 0;
}
-
- bzero((char *)&my_addr, sizeof(my_addr));
-
- my_addr.sin_family = admin_addr.sin_family;
- my_addr.sin_addr.s_addr = gethostid();
-
- if (bind(admin_fd, &my_addr, sizeof(my_addr)) < 0) {
- status = errno;
- goto punt;
- }
-
- my_addr_len = sizeof(my_addr);
-
- if (getsockname(admin_fd, (struct sockaddr *)&my_addr,
- &my_addr_len) < 0) {
- status = errno;
- goto punt;
- }
-
- if (ioctl(admin_fd, FIONBIO, (char *)&on) < 0) {
- status = errno;
- goto punt;
- }
-
inited = 1;
}
return 0;
struct sockaddr rec_addr; /* Address we got reply from */
int rec_addr_len; /* Length of that address */
+ int on = 1; /* ioctl argument */
+
if (!inited) {
status = admin_call_init();
* find our session key.
*/
- if (status = get_credentials("changepw", "kerberos", krbrlm, &cred)) {
- status += krb_err_base;
+ if (status = krb_get_cred("changepw", krbhost, krbrlm, &cred)) {
+ status += ERROR_TABLE_BASE_krb;
goto bad;
}
goto bad;
}
+ /*
+ * Set up socket.
+ */
+
+ admin_fd = socket(admin_addr.sin_family, SOCK_DGRAM, 0);
+ if (admin_fd < 0) {
+ status = errno;
+ goto bad;
+ }
+
+ bzero((char *)&my_addr, sizeof(my_addr));
+
+ my_addr.sin_family = admin_addr.sin_family;
+ my_addr.sin_addr.s_addr = gethostid();
+
+ if (bind(admin_fd, &my_addr, sizeof(my_addr)) < 0) {
+ status = errno;
+ goto bad;
+ }
+
+ my_addr_len = sizeof(my_addr);
+
+ if (getsockname(admin_fd, (struct sockaddr *)&my_addr,
+ &my_addr_len) < 0) {
+ status = errno;
+ goto bad;
+ }
+
+ if (ioctl(admin_fd, FIONBIO, (char *)&on) < 0) {
+ status = errno;
+ goto bad;
+ }
+
/*
* Encrypt the message using the session key.
* Since this contains passwords, it must be kept from prying eyes.
*/
- sealed_len = mk_private_msg(pvt_buf, sealed_buf, pvt_len,
+ sealed_len = krb_mk_priv(pvt_buf, sealed_buf, pvt_len,
sess_sched, sess_key, &my_addr,
&admin_addr);
if (sealed_len < 0) {
* and know who we are.
*/
- if (status = mk_ap_req(&authent, "changepw", "kerberos", krbrlm,
+ if (status = krb_mk_req(&authent, "changepw", krbhost, krbrlm,
checksum)) {
- status += krb_err_base;
+ status += ERROR_TABLE_BASE_krb;
goto bad;
}
goto bad;
}
}
- status = rd_private_msg(reply.dat, reply.length,
+ status = krb_rd_priv(reply.dat, reply.length,
sess_sched, sess_key,
&admin_addr, &my_addr,
&msg_data);
if (status) {
- status += krb_err_base;
+ status += ERROR_TABLE_BASE_krb;
goto bad;
}
bp = msg_data.app_data;
bzero((char *)sess_key, sizeof(sess_key));
bzero((char *)sess_sched, sizeof(sess_sched));
bzero(pvt_buf, sizeof(pvt_buf));
+
+ if (admin_fd >= 0) {
+ (void) close(admin_fd);
+ admin_fd = -1;
+ }
+
return status;
}
return dest + length;
}
}
-
-/*
- * Local Variables:
- * mode: c
- * c-indent-level: 4
- * c-continued-statement-offset: 4
- * c-brace-offset: -4
- * c-argdecl-indent: 4
- * c-label-offset: -4
- * End:
- */