From 892e3ee1af9a85e719a0bc310220f5f408e4fd5f Mon Sep 17 00:00:00 2001 From: Assar Westerlund Date: Fri, 11 Oct 1996 10:36:33 +0000 Subject: [PATCH] old changes git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@841 ec53bebd-3082-4978-b11e-865c3cabbd6b --- Makefile | 6 ++-- cache.c | 21 ++++++++++-- get_cred.c | 78 +++++++++++++++++++++++++++++++++++++++++++ get_in_tkt.c | 1 + krb5.h | 6 +++- lib/krb5/cache.c | 21 ++++++++++-- lib/krb5/get_cred.c | 78 +++++++++++++++++++++++++++++++++++++++++++ lib/krb5/get_in_tkt.c | 1 + lib/krb5/krb5.h | 6 +++- test.c | 36 ++++++++++++++++++++ 10 files changed, 243 insertions(+), 11 deletions(-) create mode 100644 get_cred.c create mode 100644 lib/krb5/get_cred.c diff --git a/Makefile b/Makefile index ff8f24078..8a15c184d 100644 --- a/Makefile +++ b/Makefile @@ -6,9 +6,9 @@ CFLAGS=-I. -I/usr/athena/include -g YACC=yacc SOURCES = cache.c principal.c principal_p.c data.c context.c misc.c \ - krbhst.c get_port.c send_to_kdc.c der.c e.c d.c str2key.c \ - get_in_tkt.c get_in_tkt_pw.c der_put.c constants.c get_addrs.c \ - k5_der.c + krbhst.c get_port.c send_to_kdc.c str2key.c \ + get_in_tkt.c get_in_tkt_pw.c constants.c get_addrs.c \ + get_cred.c OBJECTS = $(SOURCES:%.c=%.o) config_file.o diff --git a/cache.c b/cache.c index 61d39e060..6b3477fb0 100644 --- a/cache.c +++ b/cache.c @@ -102,8 +102,13 @@ static krb5_error_code store_int32(int fd, int32_t value) { + int ret; + value = htonl(value); - return write(fd, &value, sizeof(value)); + ret = write(fd, &value, sizeof(value)); + if (ret != sizeof(value)) + return (ret<0)?errno:-1; + return 0; } static krb5_error_code @@ -124,8 +129,13 @@ static krb5_error_code store_int16(int fd, int16_t value) { + int ret; + value = htons(value); - return write(fd, &value, sizeof(value)); + ret = write(fd, &value, sizeof(value)); + if (ret != sizeof(value)) + return (ret<0)?errno:-1; + return 0; } static krb5_error_code @@ -146,7 +156,12 @@ static krb5_error_code store_int8(int fd, int8_t value) { - return write(fd, &value, sizeof(value)); + int ret; + + ret = write(fd, &value, sizeof(value)); + if (ret != sizeof(value)) + return (ret<0)?errno:-1; + return 0; } static krb5_error_code diff --git a/get_cred.c b/get_cred.c new file mode 100644 index 000000000..248aed8b5 --- /dev/null +++ b/get_cred.c @@ -0,0 +1,78 @@ +#include +#include +#include +#include + +/* + * + */ + +krb5_error_code +krb5_get_credentials (krb5_context context, + krb5_flags options, + krb5_ccache ccache, + krb5_creds *in_creds, + krb5_creds *out_creds) +{ + krb5_error_code err; + Tgs_Req a; + krb5_kdc_rep rep; + krb5_data req, resp; + char buf[BUFSIZ]; + int i; + Buffer buffer; + + /* + * XXX - Check if cred found in ccache + */ + + /* + * Prepare Tgs_Req. + */ + + err = krb5_get_default_in_tkt_etypes (context, &a.etypes); + if (err) + return err; + a.num_etypes = 1; + + err = krb5_get_all_client_addrs (&a.addrs); + if (err) + return err; + + a.pvno = 5; + a.msg_type = KRB_TGS_REQ; + memset (&a.kdc_options, 0, sizeof(a.kdc_options)); + /* a.kdc_options */ + a.realm.length = 0; + krb5_data_copy (&a.realm, in_creds->server->realm.data, + in_creds->server->realm.length); + krb5_copy_principal (context, in_creds->server, &a.sname); + a.till = in_creds->times.endtime; + a.nonce = 17; + a.cname = NULL; + + /* + * Encode + */ + + req.length = der_put_as_req (buf + sizeof (buf) - 1, &a); + req.data = buf + sizeof(buf) - req.length; + + for (i = 0; i < a.addrs.number; ++i) + krb5_data_free (&a.addrs.addrs[i].address); + free (a.addrs.addrs); + + /* + * Send and receive + */ + + err = krb5_sendto_kdc (context, &req, &a.realm, &resp); + if (err) { + return err; + } + buf_init (&buffer, resp.data, resp.length); + if (der_get_tgs_rep (&buffer, &rep) == -1) { + return ASN1_PARSE_ERROR; + } + +} diff --git a/get_in_tkt.c b/get_in_tkt.c index 6d03cca76..d0e041e68 100644 --- a/get_in_tkt.c +++ b/get_in_tkt.c @@ -88,6 +88,7 @@ krb5_get_in_tkt(krb5_context context, a.pvno = 5; a.msg_type = KRB_AS_REQ; + memset (&a.kdc_options, 0, sizeof(a.kdc_options)); /* a.kdc_options */ a.cname = creds->client; a.sname = creds->server; diff --git a/krb5.h b/krb5.h index 1938e5995..2f249b20e 100644 --- a/krb5.h +++ b/krb5.h @@ -156,7 +156,11 @@ typedef struct krb5_creds { typedef struct krb5_authenticator_data{ - int dummy; + int vno; + krb5_principal cname; + int cusec; + krb5_time ctime; + int *seq_number; } krb5_authenticator_data; typedef krb5_authenticator_data *krb5_authenticator; diff --git a/lib/krb5/cache.c b/lib/krb5/cache.c index 61d39e060..6b3477fb0 100644 --- a/lib/krb5/cache.c +++ b/lib/krb5/cache.c @@ -102,8 +102,13 @@ static krb5_error_code store_int32(int fd, int32_t value) { + int ret; + value = htonl(value); - return write(fd, &value, sizeof(value)); + ret = write(fd, &value, sizeof(value)); + if (ret != sizeof(value)) + return (ret<0)?errno:-1; + return 0; } static krb5_error_code @@ -124,8 +129,13 @@ static krb5_error_code store_int16(int fd, int16_t value) { + int ret; + value = htons(value); - return write(fd, &value, sizeof(value)); + ret = write(fd, &value, sizeof(value)); + if (ret != sizeof(value)) + return (ret<0)?errno:-1; + return 0; } static krb5_error_code @@ -146,7 +156,12 @@ static krb5_error_code store_int8(int fd, int8_t value) { - return write(fd, &value, sizeof(value)); + int ret; + + ret = write(fd, &value, sizeof(value)); + if (ret != sizeof(value)) + return (ret<0)?errno:-1; + return 0; } static krb5_error_code diff --git a/lib/krb5/get_cred.c b/lib/krb5/get_cred.c new file mode 100644 index 000000000..248aed8b5 --- /dev/null +++ b/lib/krb5/get_cred.c @@ -0,0 +1,78 @@ +#include +#include +#include +#include + +/* + * + */ + +krb5_error_code +krb5_get_credentials (krb5_context context, + krb5_flags options, + krb5_ccache ccache, + krb5_creds *in_creds, + krb5_creds *out_creds) +{ + krb5_error_code err; + Tgs_Req a; + krb5_kdc_rep rep; + krb5_data req, resp; + char buf[BUFSIZ]; + int i; + Buffer buffer; + + /* + * XXX - Check if cred found in ccache + */ + + /* + * Prepare Tgs_Req. + */ + + err = krb5_get_default_in_tkt_etypes (context, &a.etypes); + if (err) + return err; + a.num_etypes = 1; + + err = krb5_get_all_client_addrs (&a.addrs); + if (err) + return err; + + a.pvno = 5; + a.msg_type = KRB_TGS_REQ; + memset (&a.kdc_options, 0, sizeof(a.kdc_options)); + /* a.kdc_options */ + a.realm.length = 0; + krb5_data_copy (&a.realm, in_creds->server->realm.data, + in_creds->server->realm.length); + krb5_copy_principal (context, in_creds->server, &a.sname); + a.till = in_creds->times.endtime; + a.nonce = 17; + a.cname = NULL; + + /* + * Encode + */ + + req.length = der_put_as_req (buf + sizeof (buf) - 1, &a); + req.data = buf + sizeof(buf) - req.length; + + for (i = 0; i < a.addrs.number; ++i) + krb5_data_free (&a.addrs.addrs[i].address); + free (a.addrs.addrs); + + /* + * Send and receive + */ + + err = krb5_sendto_kdc (context, &req, &a.realm, &resp); + if (err) { + return err; + } + buf_init (&buffer, resp.data, resp.length); + if (der_get_tgs_rep (&buffer, &rep) == -1) { + return ASN1_PARSE_ERROR; + } + +} diff --git a/lib/krb5/get_in_tkt.c b/lib/krb5/get_in_tkt.c index 6d03cca76..d0e041e68 100644 --- a/lib/krb5/get_in_tkt.c +++ b/lib/krb5/get_in_tkt.c @@ -88,6 +88,7 @@ krb5_get_in_tkt(krb5_context context, a.pvno = 5; a.msg_type = KRB_AS_REQ; + memset (&a.kdc_options, 0, sizeof(a.kdc_options)); /* a.kdc_options */ a.cname = creds->client; a.sname = creds->server; diff --git a/lib/krb5/krb5.h b/lib/krb5/krb5.h index 1938e5995..2f249b20e 100644 --- a/lib/krb5/krb5.h +++ b/lib/krb5/krb5.h @@ -156,7 +156,11 @@ typedef struct krb5_creds { typedef struct krb5_authenticator_data{ - int dummy; + int vno; + krb5_principal cname; + int cusec; + krb5_time ctime; + int *seq_number; } krb5_authenticator_data; typedef krb5_authenticator_data *krb5_authenticator; diff --git a/test.c b/test.c index f39171dda..8a4457c40 100644 --- a/test.c +++ b/test.c @@ -4,10 +4,46 @@ int main(int argc, char **argv) { + krb5_error_code err; + krb5_context context; + krb5_ccache ccache; + krb5_creds cred, out_cred; +#if 0 k5_cfile *cf; char *p; krb5_parse_config_file(&cf, "krb5.conf"); krb5_get_config_tag(cf, "realms ATHENA.MIT.EDU v4_instance_convert mit", &p); +#endif + + err = krb5_init_context (&context); + if (err) + abort (); + + err = krb5_cc_default (context, &ccache); + if (err) + abort (); + + err = krb5_build_principal (context, + &cred.server, + strlen("x-dce.pdc.kth.se"), + "x-dce.pdc.kth.se", + "host", + "sisyphus.pdc.kth.se", + NULL); + if (err) + abort (); + cred.server->type = KRB5_NT_SRV_HST; + cred.times.endtime = time (NULL) + 4711; + + err = krb5_get_credentials (context, + 0, + ccache, + &cred, + &out_cred); + if (err) + abort (); + + krb5_free_context (); return 0; }