155682Smarkm/* 255682Smarkm * Copyright (c) 1995-1999 Kungliga Tekniska H�gskolan 355682Smarkm * (Royal Institute of Technology, Stockholm, Sweden). 455682Smarkm * All rights reserved. 555682Smarkm * 655682Smarkm * Redistribution and use in source and binary forms, with or without 755682Smarkm * modification, are permitted provided that the following conditions 855682Smarkm * are met: 955682Smarkm * 1055682Smarkm * 1. Redistributions of source code must retain the above copyright 1155682Smarkm * notice, this list of conditions and the following disclaimer. 1255682Smarkm * 1355682Smarkm * 2. Redistributions in binary form must reproduce the above copyright 1455682Smarkm * notice, this list of conditions and the following disclaimer in the 1555682Smarkm * documentation and/or other materials provided with the distribution. 1655682Smarkm * 1755682Smarkm * 3. Neither the name of the Institute nor the names of its contributors 1855682Smarkm * may be used to endorse or promote products derived from this software 1955682Smarkm * without specific prior written permission. 2055682Smarkm * 2155682Smarkm * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 2255682Smarkm * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 2355682Smarkm * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 2455682Smarkm * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 2555682Smarkm * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 2655682Smarkm * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 2755682Smarkm * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 2855682Smarkm * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 2955682Smarkm * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 3055682Smarkm * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 3155682Smarkm * SUCH DAMAGE. 3255682Smarkm */ 3355682Smarkm 3455682Smarkm#include "ftp_locl.h" 35178825SdfrRCSID("$Id: kauth.c 15666 2005-07-19 17:08:11Z lha $"); 36178825Sdfr 37178825Sdfr#ifdef KRB4 3855682Smarkm#include <krb.h> 3955682Smarkm 4055682Smarkmvoid 4155682Smarkmkauth(int argc, char **argv) 4255682Smarkm{ 4355682Smarkm int ret; 4455682Smarkm char buf[1024]; 4555682Smarkm des_cblock key; 4655682Smarkm des_key_schedule schedule; 4755682Smarkm KTEXT_ST tkt, tktcopy; 4855682Smarkm char *name; 4955682Smarkm char *p; 5055682Smarkm int overbose; 5155682Smarkm char passwd[100]; 5255682Smarkm int tmp; 5355682Smarkm 5455682Smarkm int save; 5555682Smarkm 5655682Smarkm if(argc > 2){ 5755682Smarkm printf("usage: %s [principal]\n", argv[0]); 5855682Smarkm code = -1; 5955682Smarkm return; 6055682Smarkm } 6155682Smarkm if(argc == 2) 6255682Smarkm name = argv[1]; 6355682Smarkm else 6455682Smarkm name = username; 6555682Smarkm 6655682Smarkm overbose = verbose; 6755682Smarkm verbose = 0; 6855682Smarkm 6955682Smarkm save = set_command_prot(prot_private); 7055682Smarkm ret = command("SITE KAUTH %s", name); 7155682Smarkm if(ret != CONTINUE){ 7255682Smarkm verbose = overbose; 7355682Smarkm set_command_prot(save); 7455682Smarkm code = -1; 7555682Smarkm return; 7655682Smarkm } 7755682Smarkm verbose = overbose; 7855682Smarkm p = strstr(reply_string, "T="); 7955682Smarkm if(!p){ 8055682Smarkm printf("Bad reply from server.\n"); 8155682Smarkm set_command_prot(save); 8255682Smarkm code = -1; 8355682Smarkm return; 8455682Smarkm } 8555682Smarkm p += 2; 8655682Smarkm tmp = base64_decode(p, &tkt.dat); 8755682Smarkm if(tmp < 0){ 8855682Smarkm printf("Failed to decode base64 in reply.\n"); 8955682Smarkm set_command_prot(save); 9055682Smarkm code = -1; 9155682Smarkm return; 9255682Smarkm } 9355682Smarkm tkt.length = tmp; 9455682Smarkm tktcopy.length = tkt.length; 9555682Smarkm 9655682Smarkm p = strstr(reply_string, "P="); 9755682Smarkm if(!p){ 9855682Smarkm printf("Bad reply from server.\n"); 9955682Smarkm verbose = overbose; 10055682Smarkm set_command_prot(save); 10155682Smarkm code = -1; 10255682Smarkm return; 10355682Smarkm } 10455682Smarkm name = p + 2; 10555682Smarkm for(; *p && *p != ' ' && *p != '\r' && *p != '\n'; p++); 10655682Smarkm *p = 0; 10755682Smarkm 10855682Smarkm snprintf(buf, sizeof(buf), "Password for %s:", name); 10955682Smarkm if (des_read_pw_string (passwd, sizeof(passwd)-1, buf, 0)) 11055682Smarkm *passwd = '\0'; 11155682Smarkm des_string_to_key (passwd, &key); 11255682Smarkm 11355682Smarkm des_key_sched(&key, schedule); 11455682Smarkm 11555682Smarkm des_pcbc_encrypt((des_cblock*)tkt.dat, (des_cblock*)tktcopy.dat, 11655682Smarkm tkt.length, 11755682Smarkm schedule, &key, DES_DECRYPT); 11855682Smarkm if (strcmp ((char*)tktcopy.dat + 8, 11955682Smarkm KRB_TICKET_GRANTING_TICKET) != 0) { 12055682Smarkm afs_string_to_key (passwd, krb_realmofhost(hostname), &key); 12155682Smarkm des_key_sched (&key, schedule); 12255682Smarkm des_pcbc_encrypt((des_cblock*)tkt.dat, (des_cblock*)tktcopy.dat, 12355682Smarkm tkt.length, 12455682Smarkm schedule, &key, DES_DECRYPT); 12555682Smarkm } 12655682Smarkm memset(key, 0, sizeof(key)); 12755682Smarkm memset(schedule, 0, sizeof(schedule)); 12855682Smarkm memset(passwd, 0, sizeof(passwd)); 12955682Smarkm if(base64_encode(tktcopy.dat, tktcopy.length, &p) < 0) { 13055682Smarkm printf("Out of memory base64-encoding.\n"); 13155682Smarkm set_command_prot(save); 13255682Smarkm code = -1; 13355682Smarkm return; 13455682Smarkm } 13555682Smarkm memset (tktcopy.dat, 0, tktcopy.length); 13655682Smarkm ret = command("SITE KAUTH %s %s", name, p); 13755682Smarkm free(p); 13855682Smarkm set_command_prot(save); 13955682Smarkm if(ret != COMPLETE){ 14055682Smarkm code = -1; 14155682Smarkm return; 14255682Smarkm } 14355682Smarkm code = 0; 14455682Smarkm} 14555682Smarkm 14655682Smarkmvoid 14755682Smarkmkdestroy(int argc, char **argv) 14855682Smarkm{ 14955682Smarkm int ret; 15055682Smarkm if (argc != 1) { 15155682Smarkm printf("usage: %s\n", argv[0]); 15255682Smarkm code = -1; 15355682Smarkm return; 15455682Smarkm } 15555682Smarkm ret = command("SITE KDESTROY"); 15655682Smarkm code = (ret == COMPLETE); 15755682Smarkm} 15855682Smarkm 15955682Smarkmvoid 16055682Smarkmkrbtkfile(int argc, char **argv) 16155682Smarkm{ 16255682Smarkm int ret; 16355682Smarkm if(argc != 2) { 16455682Smarkm printf("usage: %s tktfile\n", argv[0]); 16555682Smarkm code = -1; 16655682Smarkm return; 16755682Smarkm } 16855682Smarkm ret = command("SITE KRBTKFILE %s", argv[1]); 16955682Smarkm code = (ret == COMPLETE); 17055682Smarkm} 171178825Sdfr#endif 17255682Smarkm 173178825Sdfr#if defined(KRB4) || defined(KRB5) 174178825Sdfr 17555682Smarkmvoid 17655682Smarkmafslog(int argc, char **argv) 17755682Smarkm{ 17855682Smarkm int ret; 17955682Smarkm if(argc > 2) { 18055682Smarkm printf("usage: %s [cell]\n", argv[0]); 18155682Smarkm code = -1; 18255682Smarkm return; 18355682Smarkm } 18455682Smarkm if(argc == 2) 18555682Smarkm ret = command("SITE AFSLOG %s", argv[1]); 18655682Smarkm else 18755682Smarkm ret = command("SITE AFSLOG"); 18855682Smarkm code = (ret == COMPLETE); 18955682Smarkm} 190178825Sdfr 191178825Sdfr#else 192178825Sdfrint ftp_afslog_placeholder; 193178825Sdfr#endif 194