source: trunk/third/moira/lib/mr_auth.c @ 23178

Revision 23178, 3.3 KB checked in by broder, 16 years ago (diff)
Take a new snapshot from CVS for Moira, and add a debathena-moira-update-server package
Line 
1/* $Id$
2 *
3 * Handles the client side of the sending of authenticators to the moira server
4 *
5 * Copyright (C) 1987-1998 by the Massachusetts Institute of Technology
6 * For copying and distribution information, please see the file
7 * <mit-copyright.h>.
8 */
9
10#include <mit-copyright.h>
11#include <moira.h>
12#include "mr_private.h"
13
14#include <ctype.h>
15#include <stdio.h>
16#include <string.h>
17
18#include <krb.h>
19#include <krb5.h>
20
21krb5_context context = NULL;
22krb5_auth_context auth_con = NULL;
23
24RCSID("$Header$");
25
26/* Authenticate this client with the Moira server.  prog is the name of the
27 * client program, and will be recorded in the database.
28 */
29
30int mr_auth(char *prog)
31{
32  int status;
33  mr_params params, reply;
34  char *args[2];
35  int argl[2];
36  char realm[REALM_SZ], host[BUFSIZ], *p;
37  KTEXT_ST auth;
38
39  CHECK_CONNECTED;
40
41  if ((status = mr_host(host, sizeof(host) - 1)))
42    return status;
43
44  strcpy(realm, krb_realmofhost(host));
45  for (p = host; *p && *p != '.'; p++)
46    {
47      if (isupper(*p))
48        *p = tolower(*p);
49    }
50  *p = '\0';
51
52  status = krb_mk_req(&auth, MOIRA_SNAME, host, realm, 0);
53  if (status != KSUCCESS)
54    {
55      status += ERROR_TABLE_BASE_krb;
56      return status;
57    }
58  params.u.mr_procno = MR_AUTH;
59  params.mr_argc = 2;
60  params.mr_argv = args;
61  params.mr_argl = argl;
62  params.mr_argv[0] = (char *)auth.dat;
63  params.mr_argl[0] = auth.length;
64  params.mr_argv[1] = prog;
65  params.mr_argl[1] = strlen(prog) + 1;
66
67  if ((status = mr_do_call(&params, &reply)) == MR_SUCCESS)
68    status = reply.u.mr_status;
69
70  mr_destroy_reply(reply);
71
72  return status;
73}
74
75int mr_proxy(char *principal, char *orig_authtype)
76{
77  int status;
78  mr_params params, reply;
79  char *args[2];
80
81  CHECK_CONNECTED;
82
83  params.u.mr_procno = MR_PROXY;
84  params.mr_argc = 2;
85  params.mr_argv = args;
86  params.mr_argv[0] = principal;
87  params.mr_argv[1] = orig_authtype;
88  params.mr_argl = NULL;
89
90  if ((status = mr_do_call(&params, &reply)) == MR_SUCCESS)
91    status = reply.u.mr_status;
92
93  mr_destroy_reply(reply);
94
95  return status;
96}
97
98int mr_krb5_auth(char *prog)
99{
100  mr_params params, reply;
101  char host[BUFSIZ], *p;
102  char *args[2];
103  int argl[2];
104  krb5_ccache ccache = NULL;
105  krb5_data auth;
106  krb5_error_code problem = 0;
107
108  CHECK_CONNECTED;
109
110  memset(&auth, 0, sizeof(auth));
111
112  if ((problem = mr_host(host, sizeof(host) - 1)))
113    return problem;
114
115  if (!context)
116    {
117      problem = krb5_init_context(&context);
118      if (problem)
119        goto out;
120    }
121
122  problem = krb5_auth_con_init(context, &auth_con);
123  if (problem)
124    goto out;
125
126  problem = krb5_cc_default(context, &ccache);
127  if (problem)
128    goto out;
129
130  problem = krb5_mk_req(context, &auth_con, 0, MOIRA_SNAME, host, NULL,
131                       ccache, &auth);
132  if (problem)
133    goto out;
134
135  params.u.mr_procno = MR_KRB5_AUTH;
136  params.mr_argc = 2;
137  params.mr_argv = args;
138  params.mr_argl = argl;
139  params.mr_argv[0] = (char *)auth.data;
140  params.mr_argl[0] = auth.length;
141  params.mr_argv[1] = prog;
142  params.mr_argl[1] = strlen(prog) + 1;
143
144  if ((problem = mr_do_call(&params, &reply)) == MR_SUCCESS)
145    problem = reply.u.mr_status;
146
147  mr_destroy_reply(reply);
148
149 out:
150  if (ccache)
151    krb5_cc_close(context, ccache);
152  krb5_free_data_contents(context, &auth);
153  if (auth_con)
154    krb5_auth_con_free(context, auth_con);
155  auth_con = NULL;
156
157  return problem;
158}
159     
Note: See TracBrowser for help on using the repository browser.