2 Copyright (C) 1989 by the Massachusetts Institute of Technology
4 Export of this software from the United States of America is assumed
5 to require a specific license from the United States Government.
6 It is the responsibility of any person or organization contemplating
7 export to obtain such a license before exporting.
9 WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
10 distribute this software and its documentation for any purpose and
11 without fee is hereby granted, provided that the above copyright
12 notice appear in all copies and that both that copyright notice and
13 this permission notice appear in supporting documentation, and that
14 the name of M.I.T. not be used in advertising or publicity pertaining
15 to distribution of the software without specific, written prior
16 permission. M.I.T. makes no representations about the suitability of
17 this software for any purpose. It is provided "as is" without express
23 * krb_kntoln converts an auth name into a local name by looking up
24 * the auth name in the /etc/aname file. The format of the aname
27 * +-----+-----+-----+-----+------+----------+-------+-------+
28 * | anl | inl | rll | lnl | name | instance | realm | lname |
29 * +-----+-----+-----+-----+------+----------+-------+-------+
30 * | 1by | 1by | 1by | 1by | name | instance | realm | lname |
31 * +-----+-----+-----+-----+------+----------+-------+-------+
33 * If the /etc/aname file can not be opened it will set the
34 * local name to the auth name. Thus, in this case it performs as
35 * the identity function.
37 * The name instance and realm are passed to krb_kntoln through
38 * the AUTH_DAT structure (ad).
40 * Now here's what it *really* does:
42 * Given a Kerberos name in an AUTH_DAT structure, check that the
43 * instance is null, and that the realm is the same as the local
44 * realm, and return the principal's name in "lname". Return
45 * KSUCCESS if all goes well, otherwise KFAILURE.
50 RCSID("$Id: kntoln.c,v 1.10 1998/06/09 19:25:21 joda Exp $");
53 krb_kntoln(AUTH_DAT *ad, char *lname)
55 static char lrealm[REALM_SZ] = "";
57 if (!(*lrealm) && (krb_get_lrealm(lrealm,1) == KFAILURE))
60 if (strcmp(ad->pinst, ""))
62 if (strcmp(ad->prealm, lrealm))
64 strcpy(lname, ad->pname);
69 /* Posted to usenet by "Derrick J. Brashear" <shadow+@andrew.cmu.edu> */
76 #include <sys/syslog.h>
77 #include <sys/errno.h>
81 * antoln converts an authentication name into a local name by looking up
82 * the authentication name in the /etc/aname dbm database.
84 * If the /etc/aname file can not be opened it will set the
85 * local name to the principal name. Thus, in this case it performs as
86 * the identity function.
88 * The name instance and realm are passed to antoln through
89 * the AUTH_DAT structure (ad).
92 static char lrealm[REALM_SZ] = "";
95 an_to_ln(AUTH_DAT *ad, char *lname)
97 static DBM *aname = NULL;
98 char keyname[ANAME_SZ+INST_SZ+REALM_SZ+2];
100 if(!(*lrealm) && (krb_get_lrealm(lrealm,1) == KFAILURE))
103 if((strcmp(ad->pinst,"") && strcmp(ad->pinst,"root")) ||
104 strcmp(ad->prealm,lrealm)) {
108 * Non-local name (or) non-null and non-root instance.
109 * Look up in dbm file.
112 if ((aname = dbm_open("/etc/aname", O_RDONLY, 0))
113 == NULL) return (KFAILURE);
115 /* Construct dbm lookup key. */
116 an_to_a(ad, keyname);
118 key.dsize = strlen(keyname)+1;
119 flock(dbm_dirfno(aname), LOCK_SH);
120 val = dbm_fetch(aname, key);
121 flock(dbm_dirfno(aname), LOCK_UN);
127 strcpy(lname,val.dptr);
129 } else strcpy(lname,ad->pname);
134 an_to_a(AUTH_DAT *ad, char *str)
136 strcpy(str, ad->pname);
139 strcat(str, ad->pinst);
142 strcat(str, ad->prealm);
146 * Parse a string of the form "user[.instance][@realm]"
147 * into a struct AUTH_DAT.
151 a_to_an(char *str, AUTH_DAT *ad)
153 char *buf = (char *)malloc(strlen(str)+1);
154 char *rlm, *inst, *princ;
156 if(!(*lrealm) && (krb_get_lrealm(lrealm,1) == KFAILURE)) {
160 /* destructive string hacking is more fun.. */
163 if (rlm = index(buf, '@')) {
166 if (inst = index(buf, '.')) {
169 strcpy(ad->pname, buf);
170 if(inst) strcpy(ad->pinst, inst);
171 else *ad->pinst = '\0';
172 if (rlm) strcpy(ad->prealm, rlm);
173 else strcpy(ad->prealm, lrealm);