1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
|
/*
* Copyright (c) 1994 by the University of Southern California
*
* EXPORT OF THIS SOFTWARE from the United States of America may
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
*
* WITHIN THAT CONSTRAINT, permission to copy, modify, and distribute
* this software and its documentation in source and binary forms is
* hereby granted, provided that any documentation or other materials
* related to such distribution or use acknowledge that the software
* was developed by the University of Southern California.
*
* DISCLAIMER OF WARRANTY. THIS SOFTWARE IS PROVIDED "AS IS". The
* University of Southern California MAKES NO REPRESENTATIONS OR
* WARRANTIES, EXPRESS OR IMPLIED. By way of example, but not
* limitation, the University of Southern California MAKES NO
* REPRESENTATIONS OR WARRANTIES OF MERCHANTABILITY OR FITNESS FOR ANY
* PARTICULAR PURPOSE. The University of Southern
* California shall not be held liable for any liability nor for any
* direct, indirect, or consequential damages with respect to any
* claim by the user or distributor of the ksu software.
*
* KSU was writen by: Ari Medvinsky, ari@isi.edu
*/
#include "k5-int.h"
#include <stdio.h>
#include "com_err.h"
#include <sys/types.h>
#include <sys/param.h>
#include <pwd.h>
#include <unistd.h>
#include <string.h>
#include <syslog.h>
#ifdef STDARG_PROTOTYPES
#include <stdarg.h>
#else
#include <varargs.h>
#endif
#define NO_TARGET_FILE '.'
#define SOURCE_USER_LOGIN "."
#define KRB5_DEFAULT_OPTIONS 0
#define KRB5_DEFAULT_TKT_LIFE 60*60*12 /* 12 hours */
#define KRB5_SECONDARY_CACHE "FILE:/tmp/krb5cc_"
#define KRB5_LOGIN_NAME ".k5login"
#define KRB5_USERS_NAME ".k5users"
#define USE_DEFAULT_REALM_NAME "."
#define PERMIT_ALL_COMMANDS "*"
#define KRB5_SEC_BUFFSIZE 80
#define NOT_AUTHORIZED 1
#define CHUNK 3
#define CACHE_MODE 0600
#define MAX_CMD 2048 /* this is temp, should use realloc instead,
as done in most of the code */
extern int optind;
extern char * optarg;
/* globals */
extern char * prog_name;
extern int auth_debug;
extern int quiet;
extern char k5login_path[MAXPATHLEN];
extern char k5users_path[MAXPATHLEN];
extern char * gb_err;
/***********/
typedef struct opt_info{
int opt;
long lifetime;
long rlife;
int princ;
}opt_info;
extern krb5_boolean krb5_auth_check();
extern krb5_error_code get_best_principal();
extern void dump_principal ();
extern krb5_boolean krb5_fast_auth();
extern krb5_boolean krb5_get_tkt_via_passwd ();
extern int gen_sym();
extern krb5_error_code krb5_authorization();
extern krb5_error_code k5login_lookup ();
extern krb5_error_code k5users_lookup ();
extern krb5_error_code get_line ();
extern char * get_first_token ();
extern char * get_next_token ();
extern krb5_boolean fowner();
extern krb5_boolean krb5_find_princ_in_cred_list();
extern krb5_error_code krb5_find_princ_in_cache();
#ifndef min
#define min(a,b) ((a) > (b) ? (b) : (a))
#endif /* min */
extern char *krb5_lname_file; /* Note: print this out just be sure
that it gets set */
|