diff options
author | Theodore Tso <tytso@mit.edu> | 1995-06-06 02:29:09 +0000 |
---|---|---|
committer | Theodore Tso <tytso@mit.edu> | 1995-06-06 02:29:09 +0000 |
commit | 34ef8b05a95912d7750b570a66d1cfbf148bc766 (patch) | |
tree | 538a1e126e456dcd9cbe99b9c77a45e0a447141e /src/krb524/krb524d.c | |
parent | 6ffb2100cb6bdabce3b956ef2c827add590c41a5 (diff) | |
download | krb5-34ef8b05a95912d7750b570a66d1cfbf148bc766.tar.gz krb5-34ef8b05a95912d7750b570a66d1cfbf148bc766.tar.xz krb5-34ef8b05a95912d7750b570a66d1cfbf148bc766.zip |
Updated to use autoconf, and to use the new Kerberos library API
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@5952 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/krb524/krb524d.c')
-rw-r--r-- | src/krb524/krb524d.c | 137 |
1 files changed, 80 insertions, 57 deletions
diff --git a/src/krb524/krb524d.c b/src/krb524/krb524d.c index cdf368b079..4d411f5c1c 100644 --- a/src/krb524/krb524d.c +++ b/src/krb524/krb524d.c @@ -20,8 +20,12 @@ * PERFORMANCE OF THIS SOFTWARE. */ +#include "k5-int.h" +#include "com_err.h" + #include <stdio.h> #include <string.h> +#include <signal.h> #include <sys/types.h> #include <sys/time.h> #include <sys/socket.h> @@ -29,7 +33,7 @@ #include <netinet/in.h> #include <netdb.h> -#include "k5-int.h" +#include "adm.h" #include <krb.h> #include "krb524.h" @@ -50,36 +54,38 @@ krb5_principal master_princ; krb5_encrypt_block master_encblock; krb5_keyblock master_keyblock; -void init_keytab(), init_master(); +void init_keytab(), init_master(), cleanup_and_exit(); krb5_error_code do_connection(), lookup_service_key(), kdc_get_server_key(); void usage() { fprintf(stderr, "Usage: %s [-m[aster]] [-k[eytab]]\n", whoami); - cleanup_and_exit(1); + cleanup_and_exit(1, NULL); } -int request_exit() +RETSIGTYPE request_exit() { signalled = 1; } -int krb5_free_keyblock_contents(krb5_keyblock *key) +int krb5_free_keyblock_contents(krb5_context context, krb5_keyblock *key) { memset(key->contents, 0, key->length); krb5_xfree(key->contents); return 0; } -main(int argc, char **argv) +int main(int argc, char **argv) { struct servent *serv; struct sockaddr_in saddr; struct timeval timeout; - int ret, s, conn; + int ret, s; fd_set rfds; + krb5_context context; - krb5_init_ets(); + krb5_init_context(&context); + krb524_init_ets(context); whoami = ((whoami = strrchr(argv[0], '/')) ? whoami + 1 : argv[0]); @@ -103,9 +109,9 @@ main(int argc, char **argv) signal(SIGTERM, request_exit); if (use_keytab) - init_keytab(); + init_keytab(context); if (use_master) - init_master(); + init_master(context); memset((char *) &saddr, 0, sizeof(struct sockaddr_in)); saddr.sin_family = AF_INET; @@ -119,12 +125,12 @@ main(int argc, char **argv) if ((s = socket(AF_INET, SOCK_DGRAM, 0)) < 0) { com_err(whoami, errno, "creating main socket"); - cleanup_and_exit(1); + cleanup_and_exit(1, context); } if ((ret = bind(s, (struct sockaddr *) &saddr, sizeof(struct sockaddr_in))) < 0) { com_err(whoami, errno, "binding main socket"); - cleanup_and_exit(1); + cleanup_and_exit(1, context); } timeout.tv_sec = TIMEOUT; @@ -135,100 +141,107 @@ main(int argc, char **argv) ret = select(s+1, &rfds, NULL, NULL, &timeout); if (signalled) - cleanup_and_exit(0); + cleanup_and_exit(0, context); else if (ret == 0) { if (use_master) { - ret = krb5_dbm_db_fini(); + ret = krb5_db_fini(context); if (ret && ret != KRB5_KDB_DBNOTINITED) { com_err(whoami, ret, "closing kerberos database"); - cleanup_and_exit(1); + cleanup_and_exit(1, context); } } } else if (ret < 0 && errno != EINTR) { com_err(whoami, errno, "in select"); - cleanup_and_exit(1); + cleanup_and_exit(1, context); } else if (FD_ISSET(s, &rfds)) { if (debug) printf("received packet\n"); - if (ret = do_connection(s)) { + if ((ret = do_connection(s, context))) { com_err(whoami, ret, "handling packet"); } } else com_err(whoami, 0, "impossible situation occurred!"); } - return cleanup_and_exit(0); + cleanup_and_exit(0, context); } -int cleanup_and_exit(int ret) +void cleanup_and_exit(ret, context) + int ret; + krb5_context context; { if (use_master) { - krb5_finish_key(&master_encblock); + krb5_finish_key(context, &master_encblock); memset((char *)&master_encblock, 0, sizeof(master_encblock)); - (void) krb5_db_fini(); + (void) krb5_db_fini(context); } exit(ret); } -void init_keytab() +void init_keytab(context) + krb5_context context; { int ret; if (keytab == NULL) { - if (ret = krb5_kt_default(&kt)) { + if ((ret = krb5_kt_default(context, &kt))) { com_err(whoami, ret, "while opening default keytab"); - cleanup_and_exit(1); + cleanup_and_exit(1, context); } } else { - if (ret = krb5_kt_resolve(keytab, &kt)) { + if ((ret = krb5_kt_resolve(context, keytab, &kt))) { com_err(whoami, ret, "while resolving keytab %s", keytab); - cleanup_and_exit(1); + cleanup_and_exit(1, context); } } } -void init_master() +void init_master(context) + krb5_context context; { int ret; char *realm; - if (ret = krb5_get_default_realm(&realm)) { + if ((ret = krb5_get_default_realm(context, &realm))) { com_err(whoami, ret, "getting default realm"); - cleanup_and_exit(1); + cleanup_and_exit(1, context); } - if (ret = krb5_db_setup_mkey_name(NULL, realm, (char **) 0, - &master_princ)) { + if ((ret = krb5_db_setup_mkey_name(context, NULL, realm, (char **) 0, + &master_princ))) { com_err(whoami, ret, "while setting up master key name"); - cleanup_and_exit(1); + cleanup_and_exit(1, context); } #ifdef PROVIDE_DES_CBC_CRC - master_encblock.crypto_entry = &mit_des_cryptosystem_entry; + krb5_use_cstype(context, &master_encblock, ETYPE_DES_CBC_CRC); #else error(You gotta figure out what cryptosystem to use in the KDC); #endif master_keyblock.keytype = KEYTYPE_DES; - if (ret = krb5_db_fetch_mkey(master_princ, &master_encblock, + if ((ret = krb5_db_fetch_mkey(context, master_princ, &master_encblock, FALSE, /* non-manual type-in */ FALSE, /* irrelevant, given prev. arg */ - 0, &master_keyblock)) { + 0, &master_keyblock))) { com_err(whoami, ret, "while fetching master key"); - cleanup_and_exit(1); + cleanup_and_exit(1, context); } - if (ret = krb5_db_init()) { + if ((ret = krb5_db_init(context))) { com_err(whoami, ret, "while initializing master database"); - cleanup_and_exit(1); + cleanup_and_exit(1, context); } - if (ret = krb5_process_key(&master_encblock, &master_keyblock)) { - krb5_db_fini(); + if ((ret = krb5_process_key(context, &master_encblock, + &master_keyblock))) { + krb5_db_fini(context); com_err(whoami, ret, "while processing master key"); - cleanup_and_exit(1); + cleanup_and_exit(1, context); } } -krb5_error_code do_connection(int s) +krb5_error_code do_connection(s, context) + int s; + krb5_context context; { struct sockaddr saddr; krb5_ticket *v5tkt; @@ -250,21 +263,24 @@ krb5_error_code do_connection(int s) if (debug) printf("message received\n"); - if (ret = decode_krb5_ticket(&msgdata, &v5tkt)) + if ((ret = decode_krb5_ticket(&msgdata, &v5tkt))) goto error; if (debug) printf("V5 ticket decoded\n"); - if (ret = lookup_service_key(v5tkt->server, &service_key)) + /* XXX KEYTYPE_DES shouldn't be hardcoded here. Should be + derived from the ticket. */ + if ((ret = lookup_service_key(context, v5tkt->server, KEYTYPE_DES, + &service_key))) goto error; if (debug) printf("service key retrieved\n"); - ret = krb524_convert_tkt_skey(v5tkt, &v4tkt, &service_key); + ret = krb524_convert_tkt_skey(context, v5tkt, &v4tkt, &service_key); if (ret) goto error; - krb5_free_keyblock_contents(&service_key); - krb5_free_ticket(v5tkt); + krb5_free_keyblock_contents(context, &service_key); + krb5_free_ticket(context, v5tkt); if (debug) printf("credentials converted\n"); @@ -310,25 +326,31 @@ write_msg: return ret; } -krb5_error_code lookup_service_key(krb5_principal p, krb5_keyblock *key) +krb5_error_code lookup_service_key(context, p, ktype, key) + krb5_context context; + krb5_principal p; + krb5_keytype ktype; + krb5_keyblock *key; { int ret; krb5_keytab_entry entry; if (use_keytab) { - if (ret = krb5_kt_get_entry(kt, p, 0, &entry)) + if ((ret = krb5_kt_get_entry(context, kt, p, 0, ktype, &entry))) return ret; memcpy(key, (char *) &entry.key, sizeof(krb5_keyblock)); return 0; } else if (use_master) { - if (ret = krb5_dbm_db_init()) + if ((ret = krb5_db_init(context))) return ret; - return kdc_get_server_key(p, key, NULL); + return kdc_get_server_key(context, p, key, NULL); } + return 0; } /* taken from kdc/kdc_util.c, and modified somewhat */ -krb5_error_code kdc_get_server_key(service, key, kvno) +krb5_error_code kdc_get_server_key(context, service, key, kvno) + krb5_context context; krb5_principal service; krb5_keyblock *key; krb5_kvno *kvno; @@ -339,14 +361,14 @@ krb5_error_code kdc_get_server_key(service, key, kvno) krb5_boolean more; nprincs = 1; - if (ret = krb5_db_get_principal(service, &server, &nprincs, &more)) + if ((ret = krb5_db_get_principal(context, service, &server, &nprincs, &more))) return(ret); if (more) { - krb5_db_free_principal(&server, nprincs); + krb5_db_free_principal(context, &server, nprincs); return(KRB5KDC_ERR_PRINCIPAL_NOT_UNIQUE); } else if (nprincs != 1) { - krb5_db_free_principal(&server, nprincs); + krb5_db_free_principal(context, &server, nprincs); return(KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN); } @@ -354,9 +376,10 @@ krb5_error_code kdc_get_server_key(service, key, kvno) * convert server.key into a real key (it is encrypted in the * database) */ - ret = KDB_CONVERT_KEY_OUTOF_DB(&server.key, key); + ret = KDB_CONVERT_KEY_OUTOF_DB(context, &server.key, key); if (kvno) *kvno = server.kvno; - krb5_db_free_principal(&server, nprincs); + krb5_db_free_principal(context, &server, nprincs); return ret; } + |