2 * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 #include "kafs_locl.h"
36 RCSID("$Id: afskrb5.c,v 1.14 2001/06/18 13:11:32 assar Exp $");
38 struct krb5_kafs_data {
41 krb5_const_realm realm;
45 get_cred(kafs_data *data, const char *name, const char *inst,
46 const char *realm, CREDENTIALS *c)
49 krb5_creds in_creds, *out_creds;
50 struct krb5_kafs_data *d = data->data;
52 memset(&in_creds, 0, sizeof(in_creds));
53 ret = krb5_425_conv_principal(d->context, name, inst, realm,
57 ret = krb5_cc_get_principal(d->context, d->id, &in_creds.client);
59 krb5_free_principal(d->context, in_creds.server);
62 in_creds.session.keytype = KEYTYPE_DES;
63 ret = krb5_get_credentials(d->context, 0, d->id, &in_creds, &out_creds);
64 krb5_free_principal(d->context, in_creds.server);
65 krb5_free_principal(d->context, in_creds.client);
68 ret = krb524_convert_creds_kdc_ccache(d->context, d->id, out_creds, c);
69 krb5_free_creds(d->context, out_creds);
73 static krb5_error_code
74 afslog_uid_int(kafs_data *data, const char *cell, const char *rh, uid_t uid,
80 krb5_realm *trealm; /* ticket realm */
81 struct krb5_kafs_data *d = data->data;
83 if (cell == 0 || cell[0] == 0)
84 return _kafs_afslog_all_local_cells (data, uid, homedir);
86 ret = krb5_cc_get_principal (d->context, d->id, &princ);
90 trealm = krb5_princ_realm (d->context, princ);
92 if (d->realm != NULL && strcmp (d->realm, *trealm) == 0) {
94 krb5_free_principal (d->context, princ);
97 ret = _kafs_get_cred(data, cell, d->realm, *trealm, &c);
99 krb5_free_principal (d->context, princ);
102 ret = kafs_settoken(cell, uid, &c);
107 get_realm(kafs_data *data, const char *host)
109 struct krb5_kafs_data *d = data->data;
112 if(krb5_get_host_realm(d->context, host, &realms))
114 r = strdup(realms[0]);
115 krb5_free_host_realm(d->context, realms);
120 krb5_afslog_uid_home(krb5_context context,
123 krb5_const_realm realm,
128 struct krb5_kafs_data d;
129 kd.afslog_uid = afslog_uid_int;
130 kd.get_cred = get_cred;
131 kd.get_realm = get_realm;
136 return afslog_uid_int(&kd, cell, 0, uid, homedir);
140 krb5_afslog_uid(krb5_context context,
143 krb5_const_realm realm,
146 return krb5_afslog_uid_home (context, id, cell, realm, uid, NULL);
150 krb5_afslog(krb5_context context,
153 krb5_const_realm realm)
155 return krb5_afslog_uid (context, id, cell, realm, getuid());
159 krb5_afslog_home(krb5_context context,
162 krb5_const_realm realm,
165 return krb5_afslog_uid_home (context, id, cell, realm, getuid(), homedir);
173 krb5_realm_of_cell(const char *cell, char **realm)
177 kd.get_realm = get_realm;
178 return _kafs_realm_of_cell(&kd, cell, realm);