static char *rcsid_sms_sauth_c = "$Header$";
#endif lint
-extern int krb_err_base;
#include <mit-copyright.h>
-#include <strings.h>
-#include "sms_server.h"
+#include <string.h>
+#include "mr_server.h"
+#include <ctype.h>
+#include <krb_et.h>
+#include <moira.h>
extern char buf1[];
extern char *whoami;
-extern char *malloc();
+
+/* from libmoira */
+char *kname_unparse(char *, char *, char *);
/*
- * Handle a SMS_AUTH RPC request.
+ * Handle a MOIRA_AUTH RPC request.
*
* argv[0] is a kerberos authenticator. Decompose it, and if
* successful, store the name the user authenticated to in
{
KTEXT_ST auth;
AUTH_DAT ad;
- int status;
- char buf[REALM_SZ+INST_SZ+ANAME_SZ];
- extern int krb_err_base;
- static char *unknown = "???";
-
- if (cl->clname) {
- free(cl->clname);
- cl->clname = 0;
- cl->users_id = 0;
- bzero(&cl->kname, sizeof(cl->kname));
- }
- if (cl->entity && cl->entity != unknown) {
- free(cl->entity);
- cl->entity = 0;
- }
-
- auth.length = cl->args->sms_argl[0];
- bcopy(cl->args->sms_argv[0], (char *)auth.dat, auth.length);
+ int status, ok;
+ char hostbuf[BUFSIZ], *host, *p;
+ extern int errno;
+
+ auth.length = cl->args->mr_argl[0];
+ memcpy((char *)auth.dat, cl->args->mr_argv[0], auth.length);
auth.mbz = 0;
-
- if ((status = krb_rd_req (&auth, "sms", "sms", cl->haddr.sin_addr,
- &ad, "")) != KSUCCESS) {
- status += krb_err_base;
- cl->reply.sms_status = status;
+ if (gethostname(hostbuf, sizeof(hostbuf)) < 0)
+ com_err(whoami, errno, "Unable to get local hostname");
+ host = canonicalize_hostname(strsave(hostbuf));
+ for (p = host; *p && *p != '.'; p++)
+ if (isupper(*p))
+ *p = tolower(*p);
+ *p = 0;
+
+ if ((status = krb_rd_req (&auth, MOIRA_SNAME, host,
+ cl->haddr.sin_addr.s_addr, &ad, "")) != 0) {
+ status += ERROR_TABLE_BASE_krb;
+ cl->reply.mr_status = status;
if (log_flags & LOG_RES)
com_err(whoami, status, "(authentication failed)");
return;
}
- bcopy(ad.pname, cl->kname.name, ANAME_SZ);
- bcopy(ad.pinst, cl->kname.inst, INST_SZ);
- bcopy(ad.prealm, cl->kname.realm, REALM_SZ);
-
- (void) strcpy(buf, ad.pname);
- if(ad.pinst[0]) {
- (void) strcat(buf, ".");
- (void) strcat(buf, ad.pinst);
- }
- (void) strcat(buf, "@");
- (void) strcat(buf, ad.prealm);
- if (cl->clname) free((char *)cl->clname);
-
- cl->clname = (char *)malloc((unsigned)(strlen(buf)+1));
- (void) strcpy(cl->clname, buf);
- bzero(&ad, sizeof(ad)); /* Clean up session key, etc. */
+ free(host);
- cl->users_id = get_users_id(cl->kname.name);
+ memcpy(cl->kname.name, ad.pname, ANAME_SZ);
+ memcpy(cl->kname.inst, ad.pinst, INST_SZ);
+ memcpy(cl->kname.realm, ad.prealm, REALM_SZ);
+ strcpy(cl->clname, kname_unparse(ad.pname, ad.pinst, ad.prealm));
- if (cl->args->sms_version_no == SMS_VERSION_2) {
- unsigned len = strlen(cl->args->sms_argv[1]) + 1;
+ if (ad.pinst[0] == 0 && !strcmp(ad.prealm, krb_realm))
+ ok = 1;
+ else
+ ok = 0;
+ /* this is in a separate function because it accesses the database */
+ status = set_krb_mapping(cl->clname, ad.pname, ok,
+ &cl->client_id, &cl->users_id);
- cl->entity = (char *)malloc(len);
- bcopy(cl->args->sms_argv[1], cl->entity, len+1);
+ if (cl->args->mr_version_no == MR_VERSION_2) {
+ strncpy(cl->entity, cl->args->mr_argv[1], 8);
+ cl->entity[8] = 0;
} else {
- cl->entity = unknown;
+ strcpy(cl->entity, "???");
}
+ memset(&ad, 0, sizeof(ad)); /* Clean up session key, etc. */
if (log_flags & LOG_RES)
- com_err(whoami, 0, "Authenticated to %s using %s, id %d",
- cl->clname, cl->entity, cl->users_id);
- if (cl->users_id == 0)
- cl->reply.sms_status = SMS_USER_AUTH;
+ com_err(whoami, 0, "Auth to %s using %s, uid %d cid %d",
+ cl->clname, cl->entity, cl->users_id, cl->client_id);
+ if (status != MR_SUCCESS)
+ cl->reply.mr_status = status;
+ else if (cl->users_id == 0)
+ cl->reply.mr_status = MR_USER_AUTH;
}
andersk / moira.git / blobdiff