handle new protocol

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11378 ec53bebd-3082-4978-b11e-865c3cabbd6b

appl/kf/kf.c

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska H<>gskolan
+ * Copyright (c) 1997 - 2000, 2002 Kungliga Tekniska H<>gskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -38,7 +38,7 @@ krb5_context context;
 static int help_flag;
 static int version_flag;
 static char *port_str;
-const char *service     = SERVICE;
+const char *service     = KF_SERVICE;
 const char *remote_name = NULL;
 int forwardable   = 0;
 const char *ccache_name = NULL;
@@ -107,7 +107,7 @@ client_setup(krb5_context *context, int *argc, char **argv)
     }
 
     if (port == 0)
-	port = krb5_getportbyname (*context, PORT, "tcp", PORT_NUM);
+	port = krb5_getportbyname (*context, KF_PORT_NAME, "tcp", KF_PORT_NUM);
    
     if(*argc - optind < 1)
         usage(1, args, num_args);
@@ -122,22 +122,19 @@ client_setup(krb5_context *context, int *argc, char **argv)
  */
 
 static int
-proto (int sock, const char *hostname, const char *service)
+proto (int sock, const char *hostname, const char *service,
+       char *message, size_t len)
 {
     krb5_auth_context auth_context;
     krb5_error_code status;
     krb5_principal server;
     krb5_data data;
-    krb5_data packet;
     krb5_data data_send;
-    u_int32_t len, net_len;
 
     krb5_ccache     ccache;
     krb5_creds      creds;
     krb5_kdc_flags  flags;
     krb5_principal  principal;
-    char	    ret_string[10];
-    ssize_t	    n;
 
     status = krb5_auth_con_init (context, &auth_context);
     if (status) {
@@ -166,10 +163,10 @@ proto (int sock, const char *hostname, const char *service)
     status = krb5_sendauth (context,
 			    &auth_context,
 			    &sock,
-			    VERSION,
+			    KF_VERSION_1,
 			    NULL,
 			    server,
-			    AP_OPTS_MUTUAL_REQUIRED,
+			    AP_OPTS_MUTUAL_REQUIRED | AP_OPTS_USE_SUBKEY,
 			    NULL,
 			    NULL,
 			    NULL,
@@ -181,27 +178,19 @@ proto (int sock, const char *hostname, const char *service)
 	return 1;
     }
 
-    if (remote_name == NULL) {
+    if (ccache_name == NULL)
-	remote_name = get_default_username ();
+	ccache_name = "";
-	if (remote_name == NULL)
-	    errx (1, "who are you?");
-    }
 
-    krb5_data_zero(&data_send);
     data_send.data   = (void *)remote_name;
     data_send.length = strlen(remote_name) + 1;
-    status = krb5_write_message(context, &sock, &data_send);
+    status = krb5_write_priv_message(context, auth_context, &sock, &data_send);
     if (status) {
 	krb5_warn (context, status, "krb5_write_message");
 	return 1;
     }
-  
-    if (ccache_name == NULL)
-	ccache_name = "";
-
     data_send.data   = (void *)ccache_name;
     data_send.length = strlen(ccache_name)+1;
-    status = krb5_write_message(context, &sock, &data_send);
+    status = krb5_write_priv_message(context, auth_context, &sock, &data_send);
     if (status) {
 	krb5_warn (context, status, "krb5_write_message");
 	return 1;
@@ -223,13 +212,12 @@ proto (int sock, const char *hostname, const char *service)
 
     creds.client = principal;
     
-    status = krb5_build_principal (context,
+    status = krb5_make_principal (context,
-				   &creds.server,
+				  &creds.server,
-				   strlen(principal->realm),
+				  principal->realm,
-				   principal->realm,
+				  KRB5_TGS_NAME,
-				   KRB5_TGS_NAME,
+				  principal->realm,
-				   principal->realm,
+				  NULL);
-				   NULL);
 
     if (status) {
 	krb5_warn (context, status, "krb5_build_principal");
@@ -254,60 +242,36 @@ proto (int sock, const char *hostname, const char *service)
 	return 1;
     }
 
-    status = krb5_mk_priv (context,
+    status = krb5_write_priv_message(context, auth_context, &sock, &data);
-                           auth_context,
+
-                           &data,
-                           &packet,
-                           NULL);
     if (status) {
 	krb5_warn (context, status, "krb5_mk_priv");
 	return 1;
     }
     
-    len = packet.length;
-    net_len = htonl(len);
-
-    if (krb5_net_write (context, &sock, &net_len, 4) != 4) {
-	krb5_warn (context, errno, "krb5_net_write");
-	return 1;
-    }
-    if (krb5_net_write (context, &sock, packet.data, len) != len) {
-	krb5_warn (context, errno, "krb5_net_write");
-	return 1;
-    }
-
     krb5_data_free (&data);
 
-    n = krb5_net_read (context, &sock, &net_len, 4);
+    status = krb5_read_priv_message(context, auth_context, &sock, &data);
-    if (n == 0) {
+    if (status) {
-	krb5_warnx (context, "EOF in krb5_net_read");
+	krb5_warn (context, status, "krb5_mk_priv");
 	return 1;
     }
-    if (n < 0) {
+    if(data.length >= len) {
-	krb5_warn (context, errno, "krb5_net_read");
+	krb5_warnx (context, "returned string is too long, truncating");
-	return 1;
+	memcpy(message, data.data, len);
+	message[len - 1] = '\0';
+    } else {
+	memcpy(message, data.data, data.length);
+	message[data.length] = '\0';
     }
-    len = ntohl(net_len);
+    krb5_data_free (&data);
-    if (len >= sizeof(ret_string)) {
-	krb5_warnx (context, "too long string back from %s", hostname);
-	return 1;
-    }
-    n = krb5_net_read (context, &sock, ret_string, len);
-    if (n == 0) {
-	krb5_warnx (context, "EOF in krb5_net_read");
-	return 1;
-    }
-    if (n < 0) {
-	krb5_warn (context, errno, "krb5_net_read");
-	return 1;
-    }
-    ret_string[sizeof(ret_string) - 1] = '\0';
 
-    return(strcmp(ret_string,"ok"));
+    return(strcmp(message, "ok"));
 }
 
 static int
-doit (const char *hostname, int port, const char *service)
+doit (const char *hostname, int port, const char *service, 
+      char *message, size_t len)
 {
     struct addrinfo *ai, *a;
     struct addrinfo hints;
@@ -337,7 +301,7 @@ doit (const char *hostname, int port, const char *service)
 	    continue;
 	}
 	freeaddrinfo (ai);
-	return proto (s, hostname, service);
+	return proto (s, hostname, service, message, len);
     }
     warnx ("failed to contact %s", hostname);
     freeaddrinfo (ai);
@@ -353,9 +317,19 @@ main(int argc, char **argv)
     argcc = argc;
     port = client_setup(&context, &argcc, argv);
 
+    if (remote_name == NULL) {
+	remote_name = get_default_username ();
+	if (remote_name == NULL)
+	    errx (1, "who are you?");
+    }
+
     for (i = argcc;i < argc; i++) {
-	ret = doit (argv[i], port, service);
+	char message[128];
-	warnx ("%s %s", argv[i], ret ? "failed" : "ok");
+	ret = doit (argv[i], port, service, message, sizeof(message));
+	if(ret == 0)
+	    warnx ("%s: ok", argv[i]);
+	else
+	    warnx ("%s: failed: %s", argv[i], message);
     }
     return(ret);
 }