1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
|
/*
* $Source$
* $Author$
*
* Copyright 1990 by the Massachusetts Institute of Technology.
*
* For copying and distribution information, please see the file
* <krb5/copyright.h>.
*
* krb5_kuserok()
*/
#if !defined(lint) && !defined(SABER)
static char rcsid_kuserok_c [] =
"$Id$";
#endif /* !lint & !SABER */
#include <krb5/copyright.h>
#include <krb5/krb5.h>
#include <krb5/ext-proto.h>
#include <stdio.h>
#include <krb5/libos-proto.h>
#include <sys/types.h>
#include <sys/param.h> /* for MAXPATHLEN */
#include <sys/file.h>
#include <sys/stat.h>
#include <pwd.h>
#define MAX_USERNAME 10
/*
* Given a Kerberos principal "principal", and a local username "luser",
* determine whether user is authorized to login according to the
* authorization file ("~luser/.klogin" by default). Returns TRUE
* if authorized, FALSE if not authorized.
*
* If there is no account for "luser" on the local machine, returns
* FALSE. If there is no authorization file, and the given Kerberos
* name "server" translates to the same name as "luser" (using
* krb5_aname_to_lname()), returns TRUE. Otherwise, if the authorization file
* can't be accessed, returns FALSE. Otherwise, the file is read for
* a matching principal name, instance, and realm. If one is found,
* returns TRUE, if none is found, returns FALSE.
*
* The file entries are in the format produced by krb5_unparse_name(),
* one entry per line.
*
*/
krb5_boolean
krb5_kuserok(principal, luser)
krb5_principal principal;
const char *luser;
{
struct stat sbuf;
struct passwd *pwd;
char pbuf[MAXPATHLEN];
krb5_boolean isok = FALSE;
FILE *fp;
char kuser[MAX_USERNAME];
char *princname;
char linebuf[BUFSIZ];
char *newline;
int gobble;
/* no account => no access */
if ((pwd = getpwnam(luser)) == NULL) {
return(FALSE);
}
(void) strcpy(pbuf, pwd->pw_dir);
(void) strcat(pbuf, "/.k5login");
if (access(pbuf, F_OK)) { /* not accessible */
/*
* if he's trying to log in as himself, and there is no .klogin file,
* let him. To find out, call
* krb5_aname_to_localname to convert the principal to a name
* which we can string compare.
*/
if (!(krb5_aname_to_localname(principal,
sizeof(kuser), kuser))
&& (strcmp(kuser, luser) == 0)) {
return(TRUE);
}
}
if (krb5_unparse_name(principal, &princname))
return(FALSE); /* no hope of matching */
/* open ~/.klogin */
if ((fp = fopen(pbuf, "r")) == NULL) {
free(princname);
return(FALSE);
}
/*
* security: if the user does not own his own .klogin file,
* do not grant access
*/
if (fstat(fileno(fp), &sbuf)) {
fclose(fp);
free(princname);
return(FALSE);
}
if (sbuf.st_uid != pwd->pw_uid) {
fclose(fp);
free(princname);
return(FALSE);
}
/* check each line */
while (!isok && (fgets(linebuf, BUFSIZ, fp) != NULL)) {
/* null-terminate the input string */
linebuf[BUFSIZ-1] = '\0';
newline = NULL;
/* nuke the newline if it exists */
if (newline = index(linebuf, '\n'))
*newline = '\0';
if (!strcmp(linebuf, princname)) {
isok = TRUE;
continue;
}
/* clean up the rest of the line if necessary */
if (!newline)
while (((gobble = getc(fp)) != EOF) && gobble != '\n');
}
free(princname);
fclose(fp);
return(isok);
}
|
