1 | /* Convert the user's krb5 tickets to krb4 tickets. */ |
---|
2 | #include "includes.h" |
---|
3 | RCSID("$Id: krb524.c,v 1.1 2002-02-16 22:47:12 zacheiss Exp $"); |
---|
4 | #include "xmalloc.h" |
---|
5 | #include "auth.h" |
---|
6 | #ifdef KRB5 |
---|
7 | #include <krb5.h> |
---|
8 | #include <krb.h> |
---|
9 | int |
---|
10 | do_krb524_conversion(Authctxt *authctxt) |
---|
11 | { |
---|
12 | static char tktname[512]; |
---|
13 | int problem; |
---|
14 | krb5_creds increds, *v5creds; |
---|
15 | krb5_data *realm; |
---|
16 | CREDENTIALS v4creds; |
---|
17 | |
---|
18 | krb524_init_ets(authctxt->krb5_ctx); |
---|
19 | realm = krb5_princ_realm(authctxt->krb5_ctx, authctxt->krb5_user); |
---|
20 | |
---|
21 | memset(&increds, 0, sizeof(increds)); |
---|
22 | if ((problem = krb5_build_principal_ext(authctxt->krb5_ctx, |
---|
23 | &(increds.server), realm->length, |
---|
24 | realm->data, 6, "krbtgt", |
---|
25 | realm->length, realm->data, NULL))) |
---|
26 | return problem; |
---|
27 | |
---|
28 | increds.client = authctxt->krb5_user; |
---|
29 | increds.times.endtime = 0; |
---|
30 | increds.keyblock.enctype = ENCTYPE_DES_CBC_CRC; |
---|
31 | if ((problem = krb5_get_credentials(authctxt->krb5_ctx, 0, |
---|
32 | authctxt->krb5_fwd_ccache, &increds, |
---|
33 | &v5creds))) |
---|
34 | return problem; |
---|
35 | |
---|
36 | if ((problem = krb524_convert_creds_kdc(authctxt->krb5_ctx, v5creds, |
---|
37 | &v4creds))) |
---|
38 | return problem; |
---|
39 | |
---|
40 | sprintf(tktname, "KRBTKFILE=/tmp/tkt_p%d", getpid()); |
---|
41 | putenv(xstrdup(tktname)); |
---|
42 | if (problem = in_tkt(v4creds.pname, v4creds.pinst)) |
---|
43 | return problem; |
---|
44 | |
---|
45 | if ((problem = krb_save_credentials(v4creds.service, v4creds.instance, |
---|
46 | v4creds.realm, v4creds.session, |
---|
47 | v4creds.lifetime, v4creds.kvno, |
---|
48 | &(v4creds.ticket_st), |
---|
49 | v4creds.issue_date))) |
---|
50 | return problem; |
---|
51 | |
---|
52 | chown(tkt_string(), authctxt->pw->pw_uid, authctxt->pw->pw_gid); |
---|
53 | return 0; |
---|
54 | } |
---|
55 | #endif |
---|