X-Git-Url: http://andersk.mit.edu/gitweb/moira.git/blobdiff_plain/56d50401cf0029186326ac154bb6cb97c2edc757..3adf4b2f0bdeeb5773607d707b7816983f93168e:/reg_svr/admin_call.c diff --git a/reg_svr/admin_call.c b/reg_svr/admin_call.c index f0359102..ff6d2ea6 100644 --- a/reg_svr/admin_call.c +++ b/reg_svr/admin_call.c @@ -4,29 +4,21 @@ * $Header$ * * Copyright (C) 1987 by the Massachusetts Institute of Technology + * For copying and distribution information, please see the file + * . * * Utility functions for communication with the Kerberos admin_server * * Original version written by Jeffery I. Schiller, January 1987 * Completely gutted and rewritten by Bill Sommerfeld, August 1987 * - * $Log$ - * Revision 1.3 1987-09-04 22:30:34 wesommer - * Un-crock the KDC host (oops -- this one got distributed!!). - * - * Revision 1.2 87/08/22 17:13:59 wesommer - * Make admin_errmsg external rather than static. - * Crock up KDC host. - * - * Revision 1.1 87/08/07 13:50:37 wesommer - * Initial revision - * */ #ifndef lint static char *rcsid_admin_call_c = "$Header$"; #endif lint +#include #include #include #include @@ -36,14 +28,15 @@ static char *rcsid_admin_call_c = "$Header$"; #include #include +#include #include #include "admin_err.h" #include "admin_server.h" #include "prot.h" #include "krb.h" +#include "krb_et.h" -extern int krb_err_base; /* Offset between com_err and kerberos codes */ extern int errno; /* System call error numbers */ extern long gethostid(); @@ -58,6 +51,7 @@ static struct sockaddr_in my_addr; /* address bound to admin_fd. */ static int my_addr_len; /* size of above address. */ static char krbrlm[REALM_SZ]; /* Local kerberos realm */ +static char krbhost[BUFSIZ]; /* Name of server for local realm */ char admin_errmsg[BUFSIZ]; /* Server error message */ /* @@ -71,11 +65,10 @@ int admin_call_init() if (!inited) { struct hostent *hp; /* host to talk to */ struct servent *sp; /* service to talk to */ - int on = 1; /* ioctl argument */ - - init_kadm_err_tbl(); - if (status = get_krbrlm(krbrlm, 1)) { - status += krb_err_base; + + initialize_kadm_error_table(); + if (status = krb_get_lrealm(krbrlm, 1)) { + status += ERROR_TABLE_BASE_krb; goto punt; } @@ -83,7 +76,11 @@ int admin_call_init() * Locate server. */ - hp = gethostbyname(KERB_HOST); + if (status = krb_get_krbhst(krbhost, krbrlm, 1)) { + status += ERROR_TABLE_BASE_krb; + goto punt; + } + hp = gethostbyname(krbhost); if (!hp) { status = ADMIN_UNKNOWN_HOST; goto punt; @@ -98,39 +95,16 @@ int admin_call_init() bcopy((char *)hp->h_addr, (char *)&admin_addr.sin_addr, hp->h_length); admin_addr.sin_port = sp->s_port; - /* - * Set up socket. + /* lowercase & truncate hostname becuase it will be used as an + * instance name. */ - - admin_fd = socket(hp->h_addrtype, SOCK_DGRAM, 0); - if (admin_fd < 0) { - status = errno; - goto punt; + { + char *s; + for (s = krbhost; *s && *s != '.'; s++) + if (isupper(*s)) + *s = tolower(*s); + *s = 0; } - - bzero((char *)&my_addr, sizeof(my_addr)); - - my_addr.sin_family = admin_addr.sin_family; - my_addr.sin_addr.s_addr = gethostid(); - - if (bind(admin_fd, &my_addr, sizeof(my_addr)) < 0) { - status = errno; - goto punt; - } - - my_addr_len = sizeof(my_addr); - - if (getsockname(admin_fd, (struct sockaddr *)&my_addr, - &my_addr_len) < 0) { - status = errno; - goto punt; - } - - if (ioctl(admin_fd, FIONBIO, (char *)&on) < 0) { - status = errno; - goto punt; - } - inited = 1; } return 0; @@ -177,6 +151,8 @@ admin_call(opcode, pname, old_passwd, new_passwd, crypt_passwd) struct sockaddr rec_addr; /* Address we got reply from */ int rec_addr_len; /* Length of that address */ + int on = 1; /* ioctl argument */ + if (!inited) { status = admin_call_init(); @@ -220,8 +196,8 @@ admin_call(opcode, pname, old_passwd, new_passwd, crypt_passwd) * find our session key. */ - if (status = get_credentials("changepw", "kerberos", krbrlm, &cred)) { - status += krb_err_base; + if (status = krb_get_cred("changepw", krbhost, krbrlm, &cred)) { + status += ERROR_TABLE_BASE_krb; goto bad; } @@ -233,12 +209,45 @@ admin_call(opcode, pname, old_passwd, new_passwd, crypt_passwd) goto bad; } + /* + * Set up socket. + */ + + admin_fd = socket(admin_addr.sin_family, SOCK_DGRAM, 0); + if (admin_fd < 0) { + status = errno; + goto bad; + } + + bzero((char *)&my_addr, sizeof(my_addr)); + + my_addr.sin_family = admin_addr.sin_family; + my_addr.sin_addr.s_addr = gethostid(); + + if (bind(admin_fd, &my_addr, sizeof(my_addr)) < 0) { + status = errno; + goto bad; + } + + my_addr_len = sizeof(my_addr); + + if (getsockname(admin_fd, (struct sockaddr *)&my_addr, + &my_addr_len) < 0) { + status = errno; + goto bad; + } + + if (ioctl(admin_fd, FIONBIO, (char *)&on) < 0) { + status = errno; + goto bad; + } + /* * Encrypt the message using the session key. * Since this contains passwords, it must be kept from prying eyes. */ - sealed_len = mk_private_msg(pvt_buf, sealed_buf, pvt_len, + sealed_len = krb_mk_priv(pvt_buf, sealed_buf, pvt_len, sess_sched, sess_key, &my_addr, &admin_addr); if (sealed_len < 0) { @@ -257,9 +266,9 @@ admin_call(opcode, pname, old_passwd, new_passwd, crypt_passwd) * and know who we are. */ - if (status = mk_ap_req(&authent, "changepw", "kerberos", krbrlm, + if (status = krb_mk_req(&authent, "changepw", krbhost, krbrlm, checksum)) { - status += krb_err_base; + status += ERROR_TABLE_BASE_krb; goto bad; } @@ -353,12 +362,12 @@ admin_call(opcode, pname, old_passwd, new_passwd, crypt_passwd) goto bad; } } - status = rd_private_msg(reply.dat, reply.length, + status = krb_rd_priv(reply.dat, reply.length, sess_sched, sess_key, &admin_addr, &my_addr, &msg_data); if (status) { - status += krb_err_base; + status += ERROR_TABLE_BASE_krb; goto bad; } bp = msg_data.app_data; @@ -383,6 +392,12 @@ bad: bzero((char *)sess_key, sizeof(sess_key)); bzero((char *)sess_sched, sizeof(sess_sched)); bzero(pvt_buf, sizeof(pvt_buf)); + + if (admin_fd >= 0) { + (void) close(admin_fd); + admin_fd = -1; + } + return status; } @@ -403,14 +418,3 @@ static u_char *strapp(dest, source, end) return dest + length; } } - -/* - * Local Variables: - * mode: c - * c-indent-level: 4 - * c-continued-statement-offset: 4 - * c-brace-offset: -4 - * c-argdecl-indent: 4 - * c-label-offset: -4 - * End: - */