2 * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. All advertising materials mentioning features or use of this software
18 * must display the following acknowledgement:
19 * This product includes software developed by the Kungliga Tekniska
20 * Högskolan and its contributors.
22 * 4. Neither the name of the Institute nor the names of its contributors
23 * may be used to endorse or promote products derived from this software
24 * without specific prior written permission.
26 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
29 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
41 RCSID("$Id: auth.c,v 1.11 1997/05/04 23:09:00 assar Exp $");
47 #ifdef HAVE_SYS_TYPES_H
48 #include <sys/types.h>
50 #ifdef HAVE_SYS_SOCKET_H
51 #include <sys/socket.h>
53 #if defined(HAVE_SYS_IOCTL_H) && SunOS != 4
54 #include <sys/ioctl.h>
64 static struct at auth_types [] = {
65 { "KERBEROS_V4", krb4_auth, krb4_adat, krb4_pbsz, krb4_prot, krb4_ccc,
66 krb4_mic, krb4_conf, krb4_enc, krb4_read, krb4_write, krb4_userok,
68 { 0, 0, 0, 0, 0, 0, 0, 0, 0 }
75 unsigned char *data_buffer;
79 char *protection_names[] = {
81 "confidential", "private"
92 void new_ftp_command(char *command)
94 ftp_command = command;
97 void delete_ftp_command(void)
107 return ct && auth_complete;
110 void auth(char *auth)
112 for(ct=auth_types; ct->name; ct++){
113 if(!strcasecmp(auth, ct->name)){
118 reply(504, "%s is not a known security mechanism", auth);
121 void adat(char *auth)
123 if(ct && !auth_complete)
126 reply(503, "You must (re)issue an AUTH first.");
131 int old = buffer_size;
135 reply(503, "Incomplete security data exchange.");
136 if(buffer_size != old){
139 data_buffer = malloc(buffer_size + 4);
147 if(buffer_size == 0){
148 reply(503, "No protection buffer size negotiated.");
152 if(!strcasecmp(pl, "C"))
155 if(!strcasecmp(pl, "S"))
158 if(!strcasecmp(pl, "E"))
159 p = prot_confidential;
161 if(!strcasecmp(pl, "P"))
165 reply(504, "Unrecognized protection level.");
171 reply(536, "%s does not support %s protection.",
172 ct->name, protection_names[p]);
175 reply(200, "Data protection is %s.",
176 protection_names[data_protection]);
179 reply(503, "Incomplete security data exchange.");
187 prot_level = prot_clear;
189 reply(503, "Incomplete security data exchange.");
196 prot_level = prot_safe;
198 reply(503, "Incomplete security data exchange.");
205 prot_level = prot_confidential;
207 reply(503, "Incomplete security data exchange.");
214 prot_level = prot_private;
216 reply(503, "Incomplete security data exchange.");
219 int auth_read(int fd, void *data, int length)
221 if(auth_ok() && data_protection)
222 return ct->read(fd, data, length);
224 return read(fd, data, length);
227 int auth_write(int fd, void *data, int length)
229 if(auth_ok() && data_protection)
230 return ct->write(fd, data, length);
232 return write(fd, data, length);
235 void auth_vprintf(const char *fmt, va_list ap)
237 if(auth_ok() && prot_level){
238 ct->vprintf(fmt, ap);
243 void auth_printf(const char *fmt, ...)
247 auth_vprintf(fmt, ap);