source: trunk/athena/bin/discuss/libds/auth_krb.c @ 24188

Revision 24188, 4.3 KB checked in by broder, 15 years ago (diff)
Update discuss to not call initialize_krb5_error_table on Mac OS X systems. r23811 replaced a call to initialize_krb_error_table with initialize_krb5_error_table, which is unnecessary with OS X's version of com_err.
RevLine 
[273]1/*
2 *
[1934]3 *      Copyright (C) 1988, 1989 by the Massachusetts Institute of Technology
4 *      Developed by the MIT Student Information Processing Board (SIPB).
5 *      For copying information, see the file mit-copyright.h in this release.
6 *
7 */
8/*
9 *
[22658]10 *      $Id: auth_krb.c,v 1.13 2007-08-09 20:41:32 amb Exp $
[341]11 *
[22658]12 * auth_krb () -- Authentication procedure for kerberos v5.  This contains the
13 *                standard authentication for kerberos v5, and fallback code
14 *                for kerberos v4.
[273]15 *
16 */
[341]17#ifndef lint
[1335]18static char *rcsid_auth_krb_c =
[22658]19    "$Id: auth_krb.c,v 1.13 2007-08-09 20:41:32 amb Exp $";
[12459]20#endif /* lint */
[273]21
[12439]22#include <stdio.h>
[8855]23#include <string.h>
[273]24#include <ctype.h>
[23811]25#ifdef HAVE_KRB4
[273]26#include "krb.h"
[23811]27#endif /* HAVE_KRB4 */
[23807]28#ifdef HAVE_KRB5
[22658]29#include "krb5.h"
[23807]30#endif /* HAVE_KRB5 */
[23815]31#include "discuss_err.h"
[273]32
[6358]33char *local_host_name ();
[273]34
35/*
36 *
37 * get_authenticator () -- Interface routine to get an authenticator over
38 *                         the net.  Input is a service name (for kerberos,
39 *                         this is in the form of service@REALM), optional
40 *                         checksum.  We return a pointer to the authenticator,
41 *                         its length, and a standard error code.
42 *
43 */
44get_authenticator (service_id, checksum, authp, authl, result)
45char *service_id;
46int checksum;
47char **authp;
48int *authl;
49int *result;
50{
[23807]51#ifdef HAVE_KRB5
[22658]52     get_authenticator_krb5(service_id, checksum, authp, authl, result);
[23811]53#elif HAVE_KRB4
[22658]54     get_authenticator_krb4(service_id, checksum, authp, authl, result);
[23811]55#else /* No Kerberos */
[23815]56     *authl = 0;
57     *authp = NULL;
58     *result = DISC_NO_KRB;
[23811]59#endif
[22658]60}
61
[23807]62#ifdef HAVE_KRB5
[22658]63get_authenticator_krb5 (service_id, checksum, authp, authl, result)
64char *service_id;
65int checksum;
66char **authp;
67int *authl;
68int *result;
69{
[273]70     char *realmp,*instancep;
[22658]71     char serv [80];
[273]72     int rem;
[22658]73     krb5_data packet, inbuf;
74     krb5_ccache ccdef;
75     krb5_context context;
76     krb5_auth_context auth_context = NULL;
[273]77
[22658]78     rem = krb5_init_context(&context);
79     if (rem) {
80         com_err("get_authenticator_krb5", rem, "while initializing krb5");
81         exit(1);
82     }
[273]83
[24188]84#if !defined(__APPLE__) || !defined(__MACH__)
[23811]85     initialize_krb5_error_table();
[24188]86#endif
[273]87
[8855]88     realmp = strchr (service_id, '@');
[273]89     if (realmp == NULL || realmp - service_id >= sizeof (serv)) {
90          realmp = "";
91          strncpy (serv, service_id, sizeof (serv));
92     } else {
[8855]93         memcpy (serv, service_id, realmp - service_id); /* copy to serv */
[1335]94         serv [realmp - service_id] = '\0';
95         realmp++;
[273]96     }
97
98     /* look for service instance */
[22658]99     instancep = strchr (serv, '/');
[273]100     if (instancep == NULL) {
[274]101          instancep = "";
[273]102     } else {
103          *instancep++ = '\0';
104     }
105
[22658]106     inbuf.data = instancep;
107     inbuf.length = strlen(instancep);
108
109     rem = krb5_cc_default(context, &ccdef);
110     if (rem) {
111         com_err("get_authenticator_krb5", rem, "while getting default ccache");
112         exit(1);
113     }
114
115     rem = krb5_mk_req (context, &auth_context, 0, serv, instancep, &inbuf,
116                        ccdef, &packet);
117     if (rem) {
118         com_err("get_authenticator_krb5", rem, "while preparing AP_REQ");
119         *authl = 0;
120         *authp = NULL;
121         *result = rem;
122     } else {
123         *authl = packet.length;
124         *authp = (char *)packet.data;
125         *result = 0;
126     }
127}
[23807]128#endif /* HAVE_KRB5 */
[22658]129
[23811]130#ifdef HAVE_KRB4
[22658]131get_authenticator_krb4 (service_id, checksum, authp, authl, result)
132char *service_id;
133int checksum;
134char **authp;
135int *authl;
136int *result;
137{
138     char *realmp,*instancep;
139     char serv [SNAME_SZ+INST_SZ];
140     int rem;
141
142     static KTEXT_ST ticket;
143
[22864]144     initialize_krb_error_table();
[22658]145
146     realmp = strchr (service_id, '@');
147     if (realmp == NULL || realmp - service_id >= sizeof (serv)) {
148          realmp = "";
149          strncpy (serv, service_id, sizeof (serv));
150     } else {
151         memcpy (serv, service_id, realmp - service_id); /* copy to serv */
152         serv [realmp - service_id] = '\0';
153         realmp++;
154     }
155
156     /* look for service instance */
157     instancep = strchr (serv, '.');
158     if (instancep == NULL) {
159          instancep = "";
160     } else {
161          *instancep++ = '\0';
162     }
163
[1335]164     rem = krb_mk_req (&ticket, serv, instancep, realmp, checksum);
[273]165     if (rem == KSUCCESS) {
[22658]166         *authl = ticket.length;
167         *authp = (char *) ticket.dat;
168         *result = 0;
[273]169     } else {
[22658]170         *authl = 0;
171         *authp = NULL;
[22864]172         *result = rem + ERROR_TABLE_BASE_krb;
[273]173     }
174}
[23811]175#endif /* HAVE_KRB4 */
Note: See TracBrowser for help on using the repository browser.