From fbef31bff2885f7e9717a90e7680c85561693907 Mon Sep 17 00:00:00 2001 From: Assar Westerlund Date: Fri, 23 Jul 1999 21:27:36 +0000 Subject: [PATCH] more clean-up git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@6492 ec53bebd-3082-4978-b11e-865c3cabbd6b --- appl/kf/kf.c | 214 ++++++++++++++++++++++++++------------------------- 1 file changed, 111 insertions(+), 103 deletions(-) diff --git a/appl/kf/kf.c b/appl/kf/kf.c index 335db524b..2c66ffb2a 100644 --- a/appl/kf/kf.c +++ b/appl/kf/kf.c @@ -43,10 +43,10 @@ krb5_context context; static int help_flag; static int version_flag; static char *port_str; -char *service = SERVICE; -char *remote_name=NULL; -int forwardable=0; -char *tk_file=NULL; +char *service = SERVICE; +char *remote_name = NULL; +int forwardable = 0; +char *tk_file = NULL; static struct getargs args[] = { { "port", 'p', arg_string, &port_str, "port to connect to", "port" }, @@ -82,7 +82,7 @@ client_setup(krb5_context *context, int *argc, char **argv) exit(0); } - if(port_str){ + if(port_str) { struct servent *s = roken_getservbyname(port_str, "tcp"); if(s) port = s->s_port; @@ -101,11 +101,16 @@ client_setup(krb5_context *context, int *argc, char **argv) if(*argc - optind < 1) usage(1, args, num_args); - *argc=optind; + *argc = optind; return port; } +/* + * forward creds to `hostname'/`service' over `sock' + * return 0 iff OK + */ + static int proto (int sock, const char *hostname, const char *service) { @@ -125,41 +130,34 @@ proto (int sock, const char *hostname, const char *service) krb5_creds creds; krb5_kdc_flags flags; krb5_principal principal; - struct passwd *pwd; char ret_string[10]; char buf[1000]; addrlen = sizeof(local); if (getsockname (sock, (struct sockaddr *)&local, &addrlen) < 0 - || addrlen != sizeof(local)) - {warn ("getsockname(%s)", hostname); - return 1; + || addrlen != sizeof(local)) { + warn ("getsockname(%s)", hostname); + return 1; } addrlen = sizeof(remote); if (getpeername (sock, (struct sockaddr *)&remote, &addrlen) < 0 - || addrlen != sizeof(remote)) - {warn ("getpeername(%s)", hostname); - return 1; + || addrlen != sizeof(remote)) { + warn ("getpeername(%s)", hostname); + return 1; } - status = krb5_init_context(&context); - if (status) - errx (1, "krb5_init_context: %s", - krb5_get_err_text(context, status)); - status = krb5_auth_con_init (context, &auth_context); - if (status) - {warn ("krb5_auth_con_init: %s", - krb5_get_err_text(context, status)); - return 1; + if (status) { + krb5_warn (context, status, "krb5_auth_con_init"); + return 1; } - local_addr.addr_type = AF_INET; + local_addr.addr_type = AF_INET; local_addr.address.length = sizeof(local.sin_addr); local_addr.address.data = &local.sin_addr; - remote_addr.addr_type = AF_INET; + remote_addr.addr_type = AF_INET; remote_addr.address.length = sizeof(remote.sin_addr); remote_addr.address.data = &remote.sin_addr; @@ -167,10 +165,9 @@ proto (int sock, const char *hostname, const char *service) auth_context, &local_addr, &remote_addr); - if (status) - {warn ("krb5_auth_con_setaddr: %s", - krb5_get_err_text(context, status)); - return 1; + if (status) { + krb5_warn (context, status, "krb5_auth_con_setaddr"); + return 1; } status = krb5_sname_to_principal (context, @@ -178,11 +175,10 @@ proto (int sock, const char *hostname, const char *service) service, KRB5_NT_SRV_HST, &server); - if (status) - {warn ("krb5_sname_to_principal: %s", - krb5_get_err_text(context, status)); - return 1; - } + if (status) { + krb5_warn (context, status, "krb5_sname_to_principal"); + return 1; + } status = krb5_sendauth (context, &auth_context, @@ -197,65 +193,64 @@ proto (int sock, const char *hostname, const char *service) NULL, NULL, NULL); - if (status) - {warn("krb5_sendauth: %s", - krb5_get_err_text(context, status)); - return 1; - } + if (status) { + krb5_warn(context, status, "krb5_sendauth"); + return 1; + } - if (remote_name == NULL) - { - pwd = getpwuid (getuid()); - if (pwd == NULL) - errx (1, "who are you?"); - remote_name=pwd->pw_name; - } + if (remote_name == NULL) { + remote_name = get_default_username (); + if (remote_name == NULL) + errx (1, "who are you?"); + } krb5_data_zero(&data_send); - data_send.data=remote_name; - data_send.length=strlen(remote_name) + 1; - status=krb5_write_message(context,&sock,&data_send); - if (status) - {err(1,"krb5_write_message"); + data_send.data = remote_name; + data_send.length = strlen(remote_name) + 1; + status = krb5_write_message(context, &sock, &data_send); + if (status) { + krb5_warnx (context, status, "krb5_write_message"); + return 1; } - if (tk_file) snprintf (buf, sizeof(buf), "%s", tk_file); - else snprintf (buf, sizeof(buf), ""); - data_send.data=buf; - data_send.length=strlen(buf)+1; - status=krb5_write_message(context,&sock,&data_send); - if (status) - {err(1,"krb5_write_message"); + if (tk_file) + snprintf (buf, sizeof(buf), "%s", tk_file); + else + snprintf (buf, sizeof(buf), ""); + data_send.data = buf; + data_send.length = strlen(buf)+1; + status = krb5_write_message(context, &sock, &data_send); + if (status) { + krb5_warnx (context, status, "krb5_write_message"); + return 1; } memset (&creds, 0, sizeof(creds)); status = krb5_cc_default (context, &ccache); if (status) { - warn ("could not forward creds: krb5_cc_default: %s", - krb5_get_err_text (context, status)); + krb5_warn (context, status, "krb5_cc_default"); + return 1; } status = krb5_cc_get_principal (context, ccache, &principal); if (status) { - warn ("could not forward creds: krb5_cc_get_principal: %s", - krb5_get_err_text (context, status)); + krb5_warn (context, status, "krb5_cc_get_principal"); return 1; } creds.client = principal; status = krb5_build_principal (context, - &creds.server, - strlen(principal->realm), - principal->realm, - "krbtgt", - principal->realm, - NULL); + &creds.server, + strlen(principal->realm), + principal->realm, + KRB5_TGS_NAME, + principal->realm, + NULL); if (status) { - warn ("could not forward creds: krb5_build_principal: %s", - krb5_get_err_text (context, status)); + krb5_warn (context, status, "krb5_build_principal"); return 1; } @@ -266,15 +261,14 @@ proto (int sock, const char *hostname, const char *service) flags.b.forwardable = forwardable; status = krb5_get_forwarded_creds (context, - auth_context, - ccache, - flags.i, - hostname, - &creds, - &data); + auth_context, + ccache, + flags.i, + hostname, + &creds, + &data); if (status) { - warn ("could not forward creds: krb5_get_forwarded_creds: %s", - krb5_get_err_text (context, status)); + krb5_warn (context, status, "krb5_get_forwarded_creds"); return 1; } @@ -283,28 +277,39 @@ proto (int sock, const char *hostname, const char *service) &data, &packet, NULL); - if (status) - {warn ("krb5_mk_priv: %s", - krb5_get_err_text(context, status)); - return 1;} + if (status) { + krb5_warn (context, status, "krb5_mk_priv"); + return 1; + } len = packet.length; net_len = htonl(len); - if (krb5_net_write (context, &sock, &net_len, 4) != 4) - {warn("krb5_net_write"); - return 1;} - if (krb5_net_write (context, &sock, packet.data, len) != len) - {warn ("krb5_net_write"); - return 1;} + if (krb5_net_write (context, &sock, &net_len, 4) != 4) { + krb5_warn (context, status, "krb5_net_write"); + return 1; + } + if (krb5_net_write (context, &sock, packet.data, len) != len) { + krb5_warn (context, status, "krb5_net_write"); + return 1; + } krb5_data_free (&data); - if (krb5_net_read (context, &sock, &net_len, 4) != 4) - err (1, "krb5_net_read"); + if (krb5_net_read (context, &sock, &net_len, 4) != 4) { + krb5_warn (context, status, "krb5_net_read"); + return 1; + } len = ntohl(net_len); - if (krb5_net_read (context, &sock, ret_string, len) != len) - err (1, "krb5_net_read"); + if (len >= sizeof(ret_string)) { + krb5_warnx (context, "too long string back from %s", hostname); + return 1; + } + if (krb5_net_read (context, &sock, ret_string, len) != len) { + krb5_warnx (context, "read too short from %s", hostname); + return 1; + } + ret_string[sizeof(ret_string) - 1] = '\0'; return(strcmp(ret_string,"ok")); } @@ -316,11 +321,11 @@ doit (const char *hostname, int port, const char *service) struct hostent *hostent; hostent = roken_gethostbyname (hostname); - if (hostent == NULL) - {warn ("gethostbyname '%s' failed: %s", + if (hostent == NULL) { + warn ("gethostbyname '%s' failed: %s", hostname, hstrerror(h_errno)); - return 1; + return 1; } for (h = (struct in_addr **)hostent->h_addr_list; @@ -349,15 +354,18 @@ doit (const char *hostname, int port, const char *service) int main(int argc, char **argv) -{ int argcc,port,i; - int ret=0; +{ + int argcc,port,i; + int ret=0; - argcc=argc; - port=client_setup(&context, &argcc, argv); + argcc = argc; + port = client_setup(&context, &argcc, argv); - for (i=argcc;i