diff options
Diffstat (limited to 'src/appl/user_user/client.c')
| -rw-r--r-- | src/appl/user_user/client.c | 82 |
1 files changed, 39 insertions, 43 deletions
diff --git a/src/appl/user_user/client.c b/src/appl/user_user/client.c index 743c03583..ea6d39e66 100644 --- a/src/appl/user_user/client.c +++ b/src/appl/user_user/client.c @@ -35,20 +35,6 @@ #include "krb5.h" #include "com_err.h" -krb5_error_code -tgt_keyproc(context, keyprocarg, principal, vno, keytype, key) - krb5_context context; - krb5_pointer keyprocarg; - krb5_principal principal; - krb5_kvno vno; - krb5_keytype keytype; - krb5_keyblock ** key; -{ - krb5_creds *creds = (krb5_creds *)keyprocarg; - - return krb5_copy_keyblock(context, &creds->keyblock, key); -} - int main (argc, argv) int argc; char *argv[]; @@ -65,8 +51,9 @@ char *argv[]; krb5_ccache cc; krb5_creds creds, *new_creds; krb5_data reply, msg, princ_data; - krb5_tkt_authent *authdat; - krb5_context context; + krb5_auth_context * auth_context = NULL; + krb5_ticket * ticket = NULL; + krb5_context context; unsigned short port; if (argc < 2 || argc > 4) @@ -227,30 +214,44 @@ char *argv[]; cli_addr.length = sizeof(cli_net_addr.sin_addr); cli_addr.contents = (krb5_octet *)&cli_net_addr.sin_addr; + if (retval = krb5_auth_con_init(context, &auth_context)) { + com_err("uu-client", retval, "initializing the auth_context"); + return 9; + } + + if (retval = krb5_auth_con_setflags(context, auth_context, + KRB5_AUTH_CONTEXT_DO_SEQUENCE)) { + com_err("uu-client", retval, "initializing the auth_context flags"); + return 9; + } + + if (retval = krb5_auth_con_setaddrs(context, auth_context, &cli_addr, + &serv_addr)) { + com_err("uu-client", retval, "setting addresses for auth_context"); + return 9; + } + + if (retval = krb5_auth_con_setuseruserkey(context, auth_context, + &new_creds->keyblock)) { + com_err("uu-client", retval, "setting useruserkey for authcontext"); + return 9; + } + #if 1 - /* read the ap_req to get the session key */ - retval = krb5_rd_req(context, &reply, - 0, /* don't know server's name... */ - &serv_addr, - 0, /* no fetchfrom */ - tgt_keyproc, - (krb5_pointer)new_creds, /* credentials as arg to - keyproc */ - 0, /* no rcache for the moment XXX */ - &authdat); - free(reply.data); + /* read the ap_req to get the session key */ + retval = krb5_rd_req(context, &auth_context, &reply, + NULL, NULL, NULL, &ticket); + free(reply.data); #else - retval = krb5_recvauth(context, (krb5_pointer)&s, "???", - 0, /* server */ - &serv_addr, 0, tgt_keyproc, (krb5_pointer)new_creds, - 0, 0, - 0, 0, 0, 0); + retval = krb5_recvauth(context, &auth_context, (krb5_pointer)&s, "???", + 0, /* server */, NULL, 0, NULL, &ticket); #endif + if (retval) { com_err("uu-client", retval, "reading AP_REQ from server"); return 9; } - if (retval = krb5_unparse_name(context, authdat->ticket->enc_part2->client, &princ)) + if (retval = krb5_unparse_name(context, ticket->enc_part2->client, &princ)) com_err("uu-client", retval, "while unparsing client name"); else { printf("server is named \"%s\"\n", princ); @@ -263,16 +264,11 @@ char *argv[]; return 9; } - - if (retval = krb5_rd_safe(context, &reply, authdat->ticket->enc_part2->session, - &serv_addr, &cli_addr, - authdat->authenticator->seq_number, - KRB5_SAFE_NOTIME|KRB5_SAFE_DOSEQUENCE, 0, &msg)) - { - com_err("uu-client", retval, "decoding reply from server"); - return 10; + if (retval = krb5_rd_safe(context, auth_context, &reply, &msg, NULL)) { + com_err("uu-client", retval, "decoding reply from server"); + return 10; } - printf ("uu-client: server says \"%s\".\n", msg.data); - return 0; + printf ("uu-client: server says \"%s\".\n", msg.data); + return 0; } |