55 	Authctxt *authctxt = (Authctxt *)context;
59 	if (authctxt->krb5_ctx == NULL) {
60 		problem = krb5_init_context(&authctxt->krb5_ctx);
63 		krb5_init_ets(authctxt->krb5_ctx);
66 		fatal_add_cleanup(krb5_cleanup_proc, authctxt);
78 auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client, krb5_data *reply)
90 	problem = krb5_init(authctxt);
94 	problem = krb5_auth_con_init(authctxt->krb5_ctx,
95 	    &authctxt->krb5_auth_ctx);
101 	problem = krb5_auth_con_setaddrs_from_fd(authctxt->krb5_ctx,
102 	    authctxt->krb5_auth_ctx, &fd);
104 	problem = krb5_auth_con_genaddrs(authctxt->krb5_ctx, 
105 	    authctxt->krb5_auth_ctx,fd,
112 	problem = krb5_sname_to_principal(authctxt->krb5_ctx,  NULL, NULL ,
117 	problem = krb5_rd_req(authctxt->krb5_ctx, &authctxt->krb5_auth_ctx,
123 	problem = krb5_copy_principal(authctxt->krb5_ctx, ticket->client,
124 	    &authctxt->krb5_user);
126 	problem = krb5_copy_principal(authctxt->krb5_ctx, 
128 				      &authctxt->krb5_user);
134 	problem = krb5_mk_rep(authctxt->krb5_ctx, authctxt->krb5_auth_ctx,
140 	if (!krb5_kuserok(authctxt->krb5_ctx, authctxt->krb5_user,
141 	    authctxt->pw->pw_name))
145 		krb5_unparse_name(authctxt->krb5_ctx, authctxt->krb5_user,
151 		krb5_free_principal(authctxt->krb5_ctx, server);
153 		krb5_free_ticket(authctxt->krb5_ctx, ticket);
160 		if (authctxt->krb5_ctx != NULL)
162 			    krb5_get_err_text(authctxt->krb5_ctx, problem));
172 auth_krb5_tgt(Authctxt *authctxt, krb5_data *tgt)
179 	if (authctxt->pw == NULL || authctxt->krb5_user == NULL)
182 	temporarily_use_uid(authctxt->pw);
185 	problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_fcc_ops, &ccache);
205 	problem = krb5_cc_resolve(authctxt->krb5_ctx, ccname, &ccache);
211 	problem = krb5_cc_initialize(authctxt->krb5_ctx, ccache,
212 	    authctxt->krb5_user);
217 	problem = krb5_rd_cred2(authctxt->krb5_ctx, authctxt->krb5_auth_ctx,
222 	problem = krb5_rd_cred(authctxt->krb5_ctx, authctxt->krb5_auth_ctx,
226 	problem = krb5_cc_store_cred(authctxt->krb5_ctx, ccache, *creds);
231 	authctxt->krb5_fwd_ccache = ccache;
234 	authctxt->krb5_ticket_file = (char *)krb5_cc_get_name(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache);
236 	problem = krb5_unparse_name(authctxt->krb5_ctx, authctxt->krb5_user,
250 		    krb5_get_err_text(authctxt->krb5_ctx, problem));
252 		krb5_cc_destroy(authctxt->krb5_ctx, ccache);
260 auth_krb5_password(Authctxt *authctxt, const char *password)
270 	if (authctxt->pw == NULL)
273 	temporarily_use_uid(authctxt->pw);
275 	problem = krb5_init(authctxt);
279 	problem = krb5_parse_name(authctxt->krb5_ctx, authctxt->pw->pw_name,
280 		    &authctxt->krb5_user);
285 	problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_mcc_ops,
286 	    &authctxt->krb5_fwd_ccache);
290 	problem = krb5_cc_initialize(authctxt->krb5_ctx,
291 	    authctxt->krb5_fwd_ccache, authctxt->krb5_user);
296 	problem = krb5_verify_user(authctxt->krb5_ctx, authctxt->krb5_user,
297 	    authctxt->krb5_fwd_ccache, password, 1, NULL);
298 	temporarily_use_uid(authctxt->pw);
304 	problem = krb5_get_init_creds_password(authctxt->krb5_ctx, &creds,
305 	    authctxt->krb5_user, (char *)password, NULL, NULL, 0, NULL, NULL);
309 	problem = krb5_sname_to_principal(authctxt->krb5_ctx, NULL, NULL,
315 	problem = krb5_verify_init_creds(authctxt->krb5_ctx, &creds, server,
317 	krb5_free_principal(authctxt->krb5_ctx, server);
318 	temporarily_use_uid(authctxt->pw);
322 	if (!krb5_kuserok(authctxt->krb5_ctx, authctxt->krb5_user, 
323 			  authctxt->pw->pw_name)) {
344 	problem = krb5_cc_resolve(authctxt->krb5_ctx, ccname, &authctxt->krb5_fwd_ccache);
348 	problem = krb5_cc_initialize(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache,
349 				     authctxt->krb5_user);
353 	problem= krb5_cc_store_cred(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache,
359 	authctxt->krb5_ticket_file = (char *)krb5_cc_get_name(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache);
365 		if (authctxt->krb5_ctx != NULL && problem!=-1)
367 			    krb5_get_err_text(authctxt->krb5_ctx, problem));
372 		krb5_cleanup_proc(authctxt);
385 	Authctxt *authctxt = (Authctxt *)context;
388 	if (authctxt->krb5_fwd_ccache) {
389 		krb5_cc_destroy(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache);
390 		authctxt->krb5_fwd_ccache = NULL;
392 	if (authctxt->krb5_user) {
393 		krb5_free_principal(authctxt->krb5_ctx, authctxt->krb5_user);
394 		authctxt->krb5_user = NULL;
396 	if (authctxt->krb5_auth_ctx) {
397 		krb5_auth_con_free(authctxt->krb5_ctx,
398 		    authctxt->krb5_auth_ctx);
399 		authctxt->krb5_auth_ctx = NULL;
401 	if (authctxt->krb5_ctx) {
402 		krb5_free_context(authctxt->krb5_ctx);
403 		authctxt->krb5_ctx = NULL;

Indexes created Mon Jul 01 21:43:02 MDT 2024