source: trunk/athena/bin/discuss/libds/auth_krb.c @ 24188

Revision 24188, 4.3 KB checked in by broder, 14 years ago (diff)
Update discuss to not call initialize_krb5_error_table on Mac OS X systems. r23811 replaced a call to initialize_krb_error_table with initialize_krb5_error_table, which is unnecessary with OS X's version of com_err.
Line 
1/*
2 *
3 *      Copyright (C) 1988, 1989 by the Massachusetts Institute of Technology
4 *      Developed by the MIT Student Information Processing Board (SIPB).
5 *      For copying information, see the file mit-copyright.h in this release.
6 *
7 */
8/*
9 *
10 *      $Id: auth_krb.c,v 1.13 2007-08-09 20:41:32 amb Exp $
11 *
12 * auth_krb () -- Authentication procedure for kerberos v5.  This contains the
13 *                standard authentication for kerberos v5, and fallback code
14 *                for kerberos v4.
15 *
16 */
17#ifndef lint
18static char *rcsid_auth_krb_c =
19    "$Id: auth_krb.c,v 1.13 2007-08-09 20:41:32 amb Exp $";
20#endif /* lint */
21
22#include <stdio.h>
23#include <string.h>
24#include <ctype.h>
25#ifdef HAVE_KRB4
26#include "krb.h"
27#endif /* HAVE_KRB4 */
28#ifdef HAVE_KRB5
29#include "krb5.h"
30#endif /* HAVE_KRB5 */
31#include "discuss_err.h"
32
33char *local_host_name ();
34
35/*
36 *
37 * get_authenticator () -- Interface routine to get an authenticator over
38 *                         the net.  Input is a service name (for kerberos,
39 *                         this is in the form of service@REALM), optional
40 *                         checksum.  We return a pointer to the authenticator,
41 *                         its length, and a standard error code.
42 *
43 */
44get_authenticator (service_id, checksum, authp, authl, result)
45char *service_id;
46int checksum;
47char **authp;
48int *authl;
49int *result;
50{
51#ifdef HAVE_KRB5
52     get_authenticator_krb5(service_id, checksum, authp, authl, result);
53#elif HAVE_KRB4
54     get_authenticator_krb4(service_id, checksum, authp, authl, result);
55#else /* No Kerberos */
56     *authl = 0;
57     *authp = NULL;
58     *result = DISC_NO_KRB;
59#endif
60}
61
62#ifdef HAVE_KRB5
63get_authenticator_krb5 (service_id, checksum, authp, authl, result)
64char *service_id;
65int checksum;
66char **authp;
67int *authl;
68int *result;
69{
70     char *realmp,*instancep;
71     char serv [80];
72     int rem;
73     krb5_data packet, inbuf;
74     krb5_ccache ccdef;
75     krb5_context context;
76     krb5_auth_context auth_context = NULL;
77
78     rem = krb5_init_context(&context);
79     if (rem) {
80         com_err("get_authenticator_krb5", rem, "while initializing krb5");
81         exit(1);
82     }
83
84#if !defined(__APPLE__) || !defined(__MACH__)
85     initialize_krb5_error_table();
86#endif
87
88     realmp = strchr (service_id, '@');
89     if (realmp == NULL || realmp - service_id >= sizeof (serv)) {
90          realmp = "";
91          strncpy (serv, service_id, sizeof (serv));
92     } else {
93         memcpy (serv, service_id, realmp - service_id); /* copy to serv */
94         serv [realmp - service_id] = '\0';
95         realmp++;
96     }
97
98     /* look for service instance */
99     instancep = strchr (serv, '/');
100     if (instancep == NULL) {
101          instancep = "";
102     } else {
103          *instancep++ = '\0';
104     }
105
106     inbuf.data = instancep;
107     inbuf.length = strlen(instancep);
108
109     rem = krb5_cc_default(context, &ccdef);
110     if (rem) {
111         com_err("get_authenticator_krb5", rem, "while getting default ccache");
112         exit(1);
113     }
114
115     rem = krb5_mk_req (context, &auth_context, 0, serv, instancep, &inbuf,
116                        ccdef, &packet);
117     if (rem) {
118         com_err("get_authenticator_krb5", rem, "while preparing AP_REQ");
119         *authl = 0;
120         *authp = NULL;
121         *result = rem;
122     } else {
123         *authl = packet.length;
124         *authp = (char *)packet.data;
125         *result = 0;
126     }
127}
128#endif /* HAVE_KRB5 */
129
130#ifdef HAVE_KRB4
131get_authenticator_krb4 (service_id, checksum, authp, authl, result)
132char *service_id;
133int checksum;
134char **authp;
135int *authl;
136int *result;
137{
138     char *realmp,*instancep;
139     char serv [SNAME_SZ+INST_SZ];
140     int rem;
141
142     static KTEXT_ST ticket;
143
144     initialize_krb_error_table();
145
146     realmp = strchr (service_id, '@');
147     if (realmp == NULL || realmp - service_id >= sizeof (serv)) {
148          realmp = "";
149          strncpy (serv, service_id, sizeof (serv));
150     } else {
151         memcpy (serv, service_id, realmp - service_id); /* copy to serv */
152         serv [realmp - service_id] = '\0';
153         realmp++;
154     }
155
156     /* look for service instance */
157     instancep = strchr (serv, '.');
158     if (instancep == NULL) {
159          instancep = "";
160     } else {
161          *instancep++ = '\0';
162     }
163
164     rem = krb_mk_req (&ticket, serv, instancep, realmp, checksum);
165     if (rem == KSUCCESS) {
166         *authl = ticket.length;
167         *authp = (char *) ticket.dat;
168         *result = 0;
169     } else {
170         *authl = 0;
171         *authp = NULL;
172         *result = rem + ERROR_TABLE_BASE_krb;
173     }
174}
175#endif /* HAVE_KRB4 */
Note: See TracBrowser for help on using the repository browser.