diff options
Diffstat (limited to 'src/lib/krb4/kuserok.c')
-rw-r--r-- | src/lib/krb4/kuserok.c | 190 |
1 files changed, 0 insertions, 190 deletions
diff --git a/src/lib/krb4/kuserok.c b/src/lib/krb4/kuserok.c deleted file mode 100644 index 84a8ebde8..000000000 --- a/src/lib/krb4/kuserok.c +++ /dev/null @@ -1,190 +0,0 @@ -/* - * lib/krb4/kuserok.c - * - * Copyright 1987, 1988, 2007 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * kuserok: check if a kerberos principal has - * access to a local account - */ - -#include "krb.h" - -#if !defined(_WIN32) - -#include <stdio.h> -#include <pwd.h> -#include <sys/param.h> -#include <sys/stat.h> -#include <sys/file.h> -#include <string.h> -#include "autoconf.h" -#ifdef HAVE_UNISTD_H -#include <unistd.h> -#endif -#ifdef __SCO__ -/* just for F_OK for sco */ -#include <sys/unistd.h> -#endif -#include "k5-platform.h" - -#ifndef HAVE_SETEUID -#ifdef HAVE_SETRESUID -#define seteuid(e) setresuid(-1,e,-1) -#define setegid(e) setresgid(-1,e,-1) -#endif -#endif - -#define OK 0 -#define NOTOK 1 -#define MAX_USERNAME 10 - -/* - * Given a Kerberos principal "kdata", and a local username "luser", - * determine whether user is authorized to login according to the - * authorization file ("~luser/.klogin" by default). Returns OK - * if authorized, NOTOK if not authorized. - * - * If there is no account for "luser" on the local machine, returns - * NOTOK. If there is no authorization file, and the given Kerberos - * name "kdata" translates to the same name as "luser" (using - * krb_kntoln()), returns OK. Otherwise, if the authorization file - * can't be accessed, returns NOTOK. Otherwise, the file is read for - * a matching principal name, instance, and realm. If one is found, - * returns OK, if none is found, returns NOTOK. - * - * The file entries are in the format: - * - * name.instance@realm - * - * one entry per line. - * - */ - -int KRB5_CALLCONV -kuserok(kdata, luser) - AUTH_DAT *kdata; - char *luser; -{ - struct stat sbuf; - struct passwd *pwd; - char pbuf[MAXPATHLEN]; - int isok = NOTOK, rc; - FILE *fp; - char kuser[MAX_USERNAME]; - char principal[ANAME_SZ], inst[INST_SZ], realm[REALM_SZ]; - char linebuf[BUFSIZ]; - char *newline; - int gobble; - - /* no account => no access */ - if ((pwd = getpwnam(luser)) == NULL) { - return(NOTOK); - } - if (strlen (pwd->pw_dir) + sizeof ("/.klogin") >= sizeof (pbuf)) - return NOTOK; - (void) strncpy(pbuf, pwd->pw_dir, sizeof(pbuf) - 1); - pbuf[sizeof(pbuf) - 1] = '\0'; - (void) strncat(pbuf, "/.klogin", sizeof(pbuf) - 1 - strlen(pbuf)); - - if (access(pbuf, F_OK)) { /* not accessible */ - /* - * if he's trying to log in as himself, and there is no .klogin file, - * let him. To find out, call - * krb_kntoln to convert the triple in kdata to a name which we can - * string compare. - */ - if (!krb_kntoln(kdata, kuser) && (strcmp(kuser, luser) == 0)) { - return(OK); - } - } - /* open ~/.klogin */ - if ((fp = fopen(pbuf, "r")) == NULL) { - /* however, root might not have enough access, so temporarily switch - * over to the user's uid, try the access again, and switch back - */ - if(getuid() == 0) { - uid_t old_euid = geteuid(); - if (seteuid(pwd->pw_uid) < 0) - return NOTOK; - fp = fopen(pbuf, "r"); - if (seteuid(old_euid) < 0) - return NOTOK; - if ((fp) == NULL) { - return(NOTOK); - } - } else { - return(NOTOK); - } - } - set_cloexec_file(fp); - /* - * security: if the user does not own his own .klogin file, - * do not grant access - */ - if (fstat(fileno(fp), &sbuf)) { - fclose(fp); - return(NOTOK); - } - /* - * however, allow root to own the .klogin file, to allow creative - * access management schemes. - */ - if (sbuf.st_uid && (sbuf.st_uid != pwd->pw_uid)) { - fclose(fp); - return(NOTOK); - } - - /* check each line */ - while ((isok != OK) && (fgets(linebuf, BUFSIZ, fp) != NULL)) { - /* null-terminate the input string */ - linebuf[BUFSIZ-1] = '\0'; - newline = NULL; - /* nuke the newline if it exists */ - if ((newline = strchr(linebuf, '\n'))) - *newline = '\0'; - - /* Default the fields (default realm is filled in later) */ - principal[0] = '\0'; - inst[0] = '\0'; - realm[0] = '\0'; - rc = kname_parse(principal, inst, realm, linebuf); - if (rc == KSUCCESS) { - if (realm[0] == '\0') { - rc = krb_get_lrealm(realm, 1); - if (rc != KSUCCESS) - goto nextline; - } - isok = (strncmp(kdata->pname, principal, ANAME_SZ) || - strncmp(kdata->pinst, inst, INST_SZ) || - strncmp(kdata->prealm, realm, REALM_SZ)); - } - nextline: - /* clean up the rest of the line if necessary */ - if (!newline) - while (((gobble = getc(fp)) != EOF) && gobble != '\n'); - } - fclose(fp); - return(isok); -} - -#endif |