1/* 2 * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska H�gskolan 3 * (Royal Institute of Technology, Stockholm, Sweden). 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * 3. Neither the name of the Institute nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34#include "krb_locl.h" 35 36RCSID("$Id: mk_auth.c,v 1.4 2005/01/10 19:10:46 snsimon Exp $"); 37 38/* 39 * Generate an authenticator for service.instance@realm. 40 * instance is canonicalized by `krb_get_phost' 41 * realm is set to the local realm if realm == NULL 42 * The ticket acquired by `krb_mk_req' is returned in `ticket' and the 43 * authenticator in `buf'. 44 * Options control the behaviour (see krb_sendauth). 45 */ 46 47int 48krb_mk_auth(int32_t options, 49 KTEXT ticket, 50 char *service, 51 char *instance, 52 char *realm, 53 u_int32_t checksum, 54 char *version, 55 KTEXT buf) 56{ 57 char realinst[INST_SZ]; 58 char realrealm[REALM_SZ]; 59 int ret; 60 char *tmp; 61 62 if (options & KOPT_DONT_CANON) 63 tmp = instance; 64 else 65 tmp = krb_get_phost (instance); 66 67 strlcpy(realinst, tmp, sizeof(realinst)); 68 69 if (realm == NULL) { 70 ret = krb_get_lrealm (realrealm, 1); 71 if (ret != KSUCCESS) 72 return ret; 73 realm = realrealm; 74 } 75 76 if(!(options & KOPT_DONT_MK_REQ)) { 77 ret = krb_mk_req (ticket, service, realinst, realm, checksum); 78 if (ret != KSUCCESS) 79 return ret; 80 } 81 82 { 83 int tmp; 84 size_t rem = sizeof(buf->dat); 85 unsigned char *p = buf->dat; 86 87 p = buf->dat; 88 89 if (rem < 2 * KRB_SENDAUTH_VLEN) 90 return KFAILURE; 91 memcpy (p, KRB_SENDAUTH_VERS, KRB_SENDAUTH_VLEN); 92 p += KRB_SENDAUTH_VLEN; 93 rem -= KRB_SENDAUTH_VLEN; 94 95 memcpy (p, version, KRB_SENDAUTH_VLEN); 96 p += KRB_SENDAUTH_VLEN; 97 rem -= KRB_SENDAUTH_VLEN; 98 99 tmp = krb_put_int(ticket->length, p, rem, 4); 100 if (tmp < 0) 101 return KFAILURE; 102 p += tmp; 103 rem -= tmp; 104 105 if (rem < ticket->length) 106 return KFAILURE; 107 memcpy(p, ticket->dat, ticket->length); 108 p += ticket->length; 109 rem -= ticket->length; 110 buf->length = p - buf->dat; 111 } 112 return KSUCCESS; 113} 114