155682Smarkm/*
255682Smarkm * Copyright (c) 1995-1999 Kungliga Tekniska H�gskolan
355682Smarkm * (Royal Institute of Technology, Stockholm, Sweden).
455682Smarkm * All rights reserved.
555682Smarkm *
655682Smarkm * Redistribution and use in source and binary forms, with or without
755682Smarkm * modification, are permitted provided that the following conditions
855682Smarkm * are met:
955682Smarkm *
1055682Smarkm * 1. Redistributions of source code must retain the above copyright
1155682Smarkm *    notice, this list of conditions and the following disclaimer.
1255682Smarkm *
1355682Smarkm * 2. Redistributions in binary form must reproduce the above copyright
1455682Smarkm *    notice, this list of conditions and the following disclaimer in the
1555682Smarkm *    documentation and/or other materials provided with the distribution.
1655682Smarkm *
1755682Smarkm * 3. Neither the name of the Institute nor the names of its contributors
1855682Smarkm *    may be used to endorse or promote products derived from this software
1955682Smarkm *    without specific prior written permission.
2055682Smarkm *
2155682Smarkm * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
2255682Smarkm * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
2355682Smarkm * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
2455682Smarkm * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
2555682Smarkm * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
2655682Smarkm * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
2755682Smarkm * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
2855682Smarkm * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
2955682Smarkm * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
3055682Smarkm * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
3155682Smarkm * SUCH DAMAGE.
3255682Smarkm */
3355682Smarkm
3455682Smarkm#include "ftp_locl.h"
35178825SdfrRCSID("$Id: kauth.c 15666 2005-07-19 17:08:11Z lha $");
36178825Sdfr
37178825Sdfr#ifdef KRB4
3855682Smarkm#include <krb.h>
3955682Smarkm
4055682Smarkmvoid
4155682Smarkmkauth(int argc, char **argv)
4255682Smarkm{
4355682Smarkm    int ret;
4455682Smarkm    char buf[1024];
4555682Smarkm    des_cblock key;
4655682Smarkm    des_key_schedule schedule;
4755682Smarkm    KTEXT_ST tkt, tktcopy;
4855682Smarkm    char *name;
4955682Smarkm    char *p;
5055682Smarkm    int overbose;
5155682Smarkm    char passwd[100];
5255682Smarkm    int tmp;
5355682Smarkm
5455682Smarkm    int save;
5555682Smarkm
5655682Smarkm    if(argc > 2){
5755682Smarkm	printf("usage: %s [principal]\n", argv[0]);
5855682Smarkm	code = -1;
5955682Smarkm	return;
6055682Smarkm    }
6155682Smarkm    if(argc == 2)
6255682Smarkm	name = argv[1];
6355682Smarkm    else
6455682Smarkm	name = username;
6555682Smarkm
6655682Smarkm    overbose = verbose;
6755682Smarkm    verbose = 0;
6855682Smarkm
6955682Smarkm    save = set_command_prot(prot_private);
7055682Smarkm    ret = command("SITE KAUTH %s", name);
7155682Smarkm    if(ret != CONTINUE){
7255682Smarkm	verbose = overbose;
7355682Smarkm	set_command_prot(save);
7455682Smarkm	code = -1;
7555682Smarkm	return;
7655682Smarkm    }
7755682Smarkm    verbose = overbose;
7855682Smarkm    p = strstr(reply_string, "T=");
7955682Smarkm    if(!p){
8055682Smarkm	printf("Bad reply from server.\n");
8155682Smarkm	set_command_prot(save);
8255682Smarkm	code = -1;
8355682Smarkm	return;
8455682Smarkm    }
8555682Smarkm    p += 2;
8655682Smarkm    tmp = base64_decode(p, &tkt.dat);
8755682Smarkm    if(tmp < 0){
8855682Smarkm	printf("Failed to decode base64 in reply.\n");
8955682Smarkm	set_command_prot(save);
9055682Smarkm	code = -1;
9155682Smarkm	return;
9255682Smarkm    }
9355682Smarkm    tkt.length = tmp;
9455682Smarkm    tktcopy.length = tkt.length;
9555682Smarkm
9655682Smarkm    p = strstr(reply_string, "P=");
9755682Smarkm    if(!p){
9855682Smarkm	printf("Bad reply from server.\n");
9955682Smarkm	verbose = overbose;
10055682Smarkm	set_command_prot(save);
10155682Smarkm	code = -1;
10255682Smarkm	return;
10355682Smarkm    }
10455682Smarkm    name = p + 2;
10555682Smarkm    for(; *p && *p != ' ' && *p != '\r' && *p != '\n'; p++);
10655682Smarkm    *p = 0;
10755682Smarkm
10855682Smarkm    snprintf(buf, sizeof(buf), "Password for %s:", name);
10955682Smarkm    if (des_read_pw_string (passwd, sizeof(passwd)-1, buf, 0))
11055682Smarkm        *passwd = '\0';
11155682Smarkm    des_string_to_key (passwd, &key);
11255682Smarkm
11355682Smarkm    des_key_sched(&key, schedule);
11455682Smarkm
11555682Smarkm    des_pcbc_encrypt((des_cblock*)tkt.dat, (des_cblock*)tktcopy.dat,
11655682Smarkm		     tkt.length,
11755682Smarkm		     schedule, &key, DES_DECRYPT);
11855682Smarkm    if (strcmp ((char*)tktcopy.dat + 8,
11955682Smarkm		KRB_TICKET_GRANTING_TICKET) != 0) {
12055682Smarkm        afs_string_to_key (passwd, krb_realmofhost(hostname), &key);
12155682Smarkm	des_key_sched (&key, schedule);
12255682Smarkm	des_pcbc_encrypt((des_cblock*)tkt.dat, (des_cblock*)tktcopy.dat,
12355682Smarkm			 tkt.length,
12455682Smarkm			 schedule, &key, DES_DECRYPT);
12555682Smarkm    }
12655682Smarkm    memset(key, 0, sizeof(key));
12755682Smarkm    memset(schedule, 0, sizeof(schedule));
12855682Smarkm    memset(passwd, 0, sizeof(passwd));
12955682Smarkm    if(base64_encode(tktcopy.dat, tktcopy.length, &p) < 0) {
13055682Smarkm	printf("Out of memory base64-encoding.\n");
13155682Smarkm	set_command_prot(save);
13255682Smarkm	code = -1;
13355682Smarkm	return;
13455682Smarkm    }
13555682Smarkm    memset (tktcopy.dat, 0, tktcopy.length);
13655682Smarkm    ret = command("SITE KAUTH %s %s", name, p);
13755682Smarkm    free(p);
13855682Smarkm    set_command_prot(save);
13955682Smarkm    if(ret != COMPLETE){
14055682Smarkm	code = -1;
14155682Smarkm	return;
14255682Smarkm    }
14355682Smarkm    code = 0;
14455682Smarkm}
14555682Smarkm
14655682Smarkmvoid
14755682Smarkmkdestroy(int argc, char **argv)
14855682Smarkm{
14955682Smarkm    int ret;
15055682Smarkm    if (argc != 1) {
15155682Smarkm	printf("usage: %s\n", argv[0]);
15255682Smarkm	code = -1;
15355682Smarkm	return;
15455682Smarkm    }
15555682Smarkm    ret = command("SITE KDESTROY");
15655682Smarkm    code = (ret == COMPLETE);
15755682Smarkm}
15855682Smarkm
15955682Smarkmvoid
16055682Smarkmkrbtkfile(int argc, char **argv)
16155682Smarkm{
16255682Smarkm    int ret;
16355682Smarkm    if(argc != 2) {
16455682Smarkm	printf("usage: %s tktfile\n", argv[0]);
16555682Smarkm	code = -1;
16655682Smarkm	return;
16755682Smarkm    }
16855682Smarkm    ret = command("SITE KRBTKFILE %s", argv[1]);
16955682Smarkm    code = (ret == COMPLETE);
17055682Smarkm}
171178825Sdfr#endif
17255682Smarkm
173178825Sdfr#if defined(KRB4) || defined(KRB5)
174178825Sdfr
17555682Smarkmvoid
17655682Smarkmafslog(int argc, char **argv)
17755682Smarkm{
17855682Smarkm    int ret;
17955682Smarkm    if(argc > 2) {
18055682Smarkm	printf("usage: %s [cell]\n", argv[0]);
18155682Smarkm	code = -1;
18255682Smarkm	return;
18355682Smarkm    }
18455682Smarkm    if(argc == 2)
18555682Smarkm	ret = command("SITE AFSLOG %s", argv[1]);
18655682Smarkm    else
18755682Smarkm	ret = command("SITE AFSLOG");
18855682Smarkm    code = (ret == COMPLETE);
18955682Smarkm}
190178825Sdfr
191178825Sdfr#else
192178825Sdfrint ftp_afslog_placeholder;
193178825Sdfr#endif
194