155682Smarkm/* 2120945Snectar * Copyright (c) 1995 - 2001, 2003 Kungliga Tekniska H�gskolan 355682Smarkm * (Royal Institute of Technology, Stockholm, Sweden). 455682Smarkm * All rights reserved. 555682Smarkm * 655682Smarkm * Redistribution and use in source and binary forms, with or without 755682Smarkm * modification, are permitted provided that the following conditions 855682Smarkm * are met: 955682Smarkm * 1055682Smarkm * 1. Redistributions of source code must retain the above copyright 1155682Smarkm * notice, this list of conditions and the following disclaimer. 1255682Smarkm * 1355682Smarkm * 2. Redistributions in binary form must reproduce the above copyright 1455682Smarkm * notice, this list of conditions and the following disclaimer in the 1555682Smarkm * documentation and/or other materials provided with the distribution. 1655682Smarkm * 1755682Smarkm * 3. Neither the name of the Institute nor the names of its contributors 1855682Smarkm * may be used to endorse or promote products derived from this software 1955682Smarkm * without specific prior written permission. 2055682Smarkm * 2155682Smarkm * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 2255682Smarkm * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 2355682Smarkm * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 2455682Smarkm * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 2555682Smarkm * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 2655682Smarkm * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 2755682Smarkm * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 2855682Smarkm * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 2955682Smarkm * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 3055682Smarkm * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 3155682Smarkm * SUCH DAMAGE. 3255682Smarkm */ 3355682Smarkm 3455682Smarkm#include "kafs_locl.h" 3555682Smarkm 36178825SdfrRCSID("$Id: afskrb.c 15342 2005-06-02 07:38:22Z lha $"); 3755682Smarkm 38120945Snectar#ifdef KRB4 39120945Snectar 4055682Smarkmstruct krb_kafs_data { 4155682Smarkm const char *realm; 4255682Smarkm}; 4355682Smarkm 4455682Smarkmstatic int 45178825Sdfrget_cred(struct kafs_data *data, const char *name, const char *inst, 46120945Snectar const char *realm, uid_t uid, struct kafs_token *kt) 4755682Smarkm{ 48120945Snectar CREDENTIALS c; 4955682Smarkm KTEXT_ST tkt; 50120945Snectar int ret = krb_get_cred((char*)name, (char*)inst, (char*)realm, &c); 5155682Smarkm 5255682Smarkm if (ret) { 5355682Smarkm ret = krb_mk_req(&tkt, (char*)name, (char*)inst, (char*)realm, 0); 5455682Smarkm if (ret == KSUCCESS) 55120945Snectar ret = krb_get_cred((char*)name, (char*)inst, (char*)realm, &c); 5655682Smarkm } 57120945Snectar if (ret == 0) 58120945Snectar ret = _kafs_v4_to_kt(&c, uid, kt); 5955682Smarkm return ret; 6055682Smarkm} 6155682Smarkm 6255682Smarkmstatic int 63178825Sdfrafslog_uid_int(struct kafs_data *data, 6455682Smarkm const char *cell, 6555682Smarkm const char *realm_hint, 6655682Smarkm uid_t uid, 6755682Smarkm const char *homedir) 6855682Smarkm{ 6955682Smarkm int ret; 70120945Snectar struct kafs_token kt; 7190926Snectar char name[ANAME_SZ]; 7290926Snectar char inst[INST_SZ]; 7355682Smarkm char realm[REALM_SZ]; 7455682Smarkm 75120945Snectar kt.ticket = NULL; 76120945Snectar 7755682Smarkm if (cell == 0 || cell[0] == 0) 7855682Smarkm return _kafs_afslog_all_local_cells (data, uid, homedir); 7955682Smarkm 8055682Smarkm /* Extract realm from ticket file. */ 8190926Snectar ret = krb_get_tf_fullname(tkt_string(), name, inst, realm); 8272445Sassar if (ret != KSUCCESS) 8372445Sassar return ret; 8455682Smarkm 85120945Snectar kt.ticket = NULL; 86120945Snectar ret = _kafs_get_cred(data, cell, realm_hint, realm, uid, &kt); 8755682Smarkm 88120945Snectar if (ret == 0) { 89120945Snectar ret = kafs_settoken_rxkad(cell, &kt.ct, kt.ticket, kt.ticket_len); 90120945Snectar free(kt.ticket); 91120945Snectar } 9255682Smarkm return ret; 9355682Smarkm} 9455682Smarkm 9555682Smarkmstatic char * 96178825Sdfrget_realm(struct kafs_data *data, const char *host) 9755682Smarkm{ 9855682Smarkm char *r = krb_realmofhost(host); 9955682Smarkm if(r != NULL) 10055682Smarkm return strdup(r); 10155682Smarkm else 10255682Smarkm return NULL; 10355682Smarkm} 10455682Smarkm 10555682Smarkmint 10655682Smarkmkrb_afslog_uid_home(const char *cell, const char *realm_hint, uid_t uid, 10755682Smarkm const char *homedir) 10855682Smarkm{ 109178825Sdfr struct kafs_data kd; 11055682Smarkm 111120945Snectar kd.name = "krb4"; 11255682Smarkm kd.afslog_uid = afslog_uid_int; 11355682Smarkm kd.get_cred = get_cred; 11455682Smarkm kd.get_realm = get_realm; 11555682Smarkm kd.data = 0; 11655682Smarkm return afslog_uid_int(&kd, cell, realm_hint, uid, homedir); 11755682Smarkm} 11855682Smarkm 11955682Smarkmint 12055682Smarkmkrb_afslog_uid(const char *cell, const char *realm_hint, uid_t uid) 12155682Smarkm{ 12255682Smarkm return krb_afslog_uid_home(cell, realm_hint, uid, NULL); 12355682Smarkm} 12455682Smarkm 12555682Smarkmint 12655682Smarkmkrb_afslog(const char *cell, const char *realm_hint) 12755682Smarkm{ 12855682Smarkm return krb_afslog_uid(cell, realm_hint, getuid()); 12955682Smarkm} 13055682Smarkm 13155682Smarkmint 13255682Smarkmkrb_afslog_home(const char *cell, const char *realm_hint, const char *homedir) 13355682Smarkm{ 13455682Smarkm return krb_afslog_uid_home(cell, realm_hint, getuid(), homedir); 13555682Smarkm} 13655682Smarkm 13755682Smarkm/* 13855682Smarkm * 13955682Smarkm */ 14055682Smarkm 14155682Smarkmint 14255682Smarkmkrb_realm_of_cell(const char *cell, char **realm) 14355682Smarkm{ 144178825Sdfr struct kafs_data kd; 14555682Smarkm 146120945Snectar kd.name = "krb4"; 14755682Smarkm kd.get_realm = get_realm; 14855682Smarkm return _kafs_realm_of_cell(&kd, cell, realm); 14955682Smarkm} 150120945Snectar 151120945Snectarint 152120945Snectarkafs_settoken(const char *cell, uid_t uid, CREDENTIALS *c) 153120945Snectar{ 154120945Snectar struct kafs_token kt; 155120945Snectar int ret; 156120945Snectar 157120945Snectar kt.ticket = NULL; 158120945Snectar 159120945Snectar ret = _kafs_v4_to_kt(c, uid, &kt); 160120945Snectar if (ret) 161120945Snectar return ret; 162120945Snectar 163120945Snectar if (kt.ct.EndTimestamp < time(NULL)) { 164120945Snectar free(kt.ticket); 165120945Snectar return 0; 166120945Snectar } 167120945Snectar 168120945Snectar ret = kafs_settoken_rxkad(cell, &kt.ct, kt.ticket, kt.ticket_len); 169120945Snectar free(kt.ticket); 170120945Snectar return ret; 171120945Snectar} 172120945Snectar 173178825Sdfr#else /* KRB4 */ 174178825Sdfr 175178825Sdfr#define KAFS_KRBET_KDC_SERVICE_EXP 39525378 176178825Sdfr 177178825Sdfrint 178178825Sdfrkrb_afslog_uid_home(const char *cell, const char *realm_hint, uid_t uid, 179178825Sdfr const char *homedir) 180178825Sdfr{ 181178825Sdfr return KAFS_KRBET_KDC_SERVICE_EXP; 182178825Sdfr} 183178825Sdfr 184178825Sdfrint 185178825Sdfrkrb_afslog_uid(const char *cell, const char *realm_hint, uid_t uid) 186178825Sdfr{ 187178825Sdfr return KAFS_KRBET_KDC_SERVICE_EXP; 188178825Sdfr} 189178825Sdfr 190178825Sdfrint 191178825Sdfrkrb_afslog_home(const char *cell, const char *realm_hint, const char *homedir) 192178825Sdfr{ 193178825Sdfr return KAFS_KRBET_KDC_SERVICE_EXP; 194178825Sdfr} 195178825Sdfr 196178825Sdfrint 197178825Sdfrkrb_afslog(const char *cell, const char *realm_hint) 198178825Sdfr{ 199178825Sdfr return KAFS_KRBET_KDC_SERVICE_EXP; 200178825Sdfr} 201178825Sdfr 202178825Sdfrint 203178825Sdfrkrb_realm_of_cell(const char *cell, char **realm) 204178825Sdfr{ 205178825Sdfr *realm = NULL; 206178825Sdfr return KAFS_KRBET_KDC_SERVICE_EXP; 207178825Sdfr} 208178825Sdfr 209178825Sdfrint kafs_settoken (const char*, uid_t, struct credentials *); 210178825Sdfr 211178825Sdfrint 212178825Sdfrkafs_settoken(const char *cell, uid_t uid, struct credentials *c) 213178825Sdfr{ 214178825Sdfr return KAFS_KRBET_KDC_SERVICE_EXP; 215178825Sdfr} 216178825Sdfr 217120945Snectar#endif /* KRB4 */ 218