* $Header$
*
* Copyright (C) 1987 by the Massachusetts Institute of Technology
+ * For copying and distribution information, please see the file
+ * <mit-copyright.h>.
*
- * $Log$
- * Revision 1.6 1987-08-04 02:40:47 wesommer
- * Clean up messages.
- *
- * Revision 1.5 87/07/14 00:40:18 wesommer
- * Rearranged logging.
- *
- * Revision 1.4 87/06/30 20:03:46 wesommer
- * Put parsed kerberos principal name into the per-client structure.
- *
- * Revision 1.3 87/06/21 16:40:10 wesommer
- * Performance work, rearrangement of include files.
- *
- * Revision 1.2 87/06/04 01:34:35 wesommer
- * Added logging of arguments for some perverse reason.
- *
- * Revision 1.1 87/06/02 20:06:57 wesommer
- * Initial revision
- *
*/
#ifndef lint
static char *rcsid_sms_sauth_c = "$Header$";
#endif lint
-extern int krb_err_base;
-#include <strings.h>
-#include "sms_server.h"
+#include <mit-copyright.h>
+#include <string.h>
+#include "mr_server.h"
+#include <ctype.h>
+#include <krb_et.h>
+#include <moira.h>
extern char buf1[];
extern char *whoami;
-extern char *malloc();
+
+/* from libmoira */
+char *kname_unparse(char *, char *, char *);
/*
- * Handle a SMS_AUTH RPC request.
+ * Handle a MOIRA_AUTH RPC request.
*
* argv[0] is a kerberos authenticator. Decompose it, and if
* successful, store the name the user authenticated to in
{
KTEXT_ST auth;
AUTH_DAT ad;
- int status;
- char buf[REALM_SZ+INST_SZ+ANAME_SZ];
- extern int krb_err_base;
-
- auth.length = cl->args->sms_argl[0];
+ int status, ok;
+ char hostbuf[BUFSIZ], *host, *p;
+ extern int errno;
- bcopy(cl->args->sms_argv[0], (char *)auth.dat, auth.length);
+ auth.length = cl->args->mr_argl[0];
+ memcpy((char *)auth.dat, cl->args->mr_argv[0], auth.length);
auth.mbz = 0;
-
- if ((status = rd_ap_req (&auth, "sms", "sms", cl->haddr.sin_addr,
- &ad, "")) != KSUCCESS) {
- status += krb_err_base;
- cl->reply.sms_status = status;
+ if (gethostname(hostbuf, sizeof(hostbuf)) < 0)
+ com_err(whoami, errno, "Unable to get local hostname");
+ host = canonicalize_hostname(strsave(hostbuf));
+ for (p = host; *p && *p != '.'; p++)
+ if (isupper(*p))
+ *p = tolower(*p);
+ *p = 0;
+
+ if ((status = krb_rd_req (&auth, MOIRA_SNAME, host,
+ cl->haddr.sin_addr.s_addr, &ad, "")) != 0) {
+ status += ERROR_TABLE_BASE_krb;
+ cl->reply.mr_status = status;
if (log_flags & LOG_RES)
com_err(whoami, status, "(authentication failed)");
return;
}
- bcopy(ad.pname, cl->kname.name, ANAME_SZ);
- bcopy(ad.pinst, cl->kname.inst, INST_SZ);
- bcopy(ad.prealm, cl->kname.realm, REALM_SZ);
-
- (void) strcpy(buf, ad.pname);
- if(ad.pinst[0]) {
- (void) strcat(buf, ".");
- (void) strcat(buf, ad.pinst);
- }
- (void) strcat(buf, "@");
- (void) strcat(buf, ad.prealm);
- if (cl->clname) free((char *)cl->clname);
-
- cl->clname = (char *)malloc((unsigned)(strlen(buf)+1));
- (void) strcpy(cl->clname, buf);
- if (log_flags & LOG_RES) {
- com_err(whoami, 0, "Authenticated to %s", cl->clname);
+ free(host);
+
+ memcpy(cl->kname.name, ad.pname, ANAME_SZ);
+ memcpy(cl->kname.inst, ad.pinst, INST_SZ);
+ memcpy(cl->kname.realm, ad.prealm, REALM_SZ);
+ strcpy(cl->clname, kname_unparse(ad.pname, ad.pinst, ad.prealm));
+
+ if (ad.pinst[0] == 0 && !strcmp(ad.prealm, krb_realm))
+ ok = 1;
+ else
+ ok = 0;
+ /* this is in a separate function because it accesses the database */
+ status = set_krb_mapping(cl->clname, ad.pname, ok,
+ &cl->client_id, &cl->users_id);
+
+ if (cl->args->mr_version_no == MR_VERSION_2) {
+ strncpy(cl->entity, cl->args->mr_argv[1], 8);
+ cl->entity[8] = 0;
+ } else {
+ strcpy(cl->entity, "???");
}
+ memset(&ad, 0, sizeof(ad)); /* Clean up session key, etc. */
+
+ if (log_flags & LOG_RES)
+ com_err(whoami, 0, "Auth to %s using %s, uid %d cid %d",
+ cl->clname, cl->entity, cl->users_id, cl->client_id);
+ if (status != MR_SUCCESS)
+ cl->reply.mr_status = status;
+ else if (cl->users_id == 0)
+ cl->reply.mr_status = MR_USER_AUTH;
}
andersk / moira.git / blobdiff