1 /* 2 * Copyright (c) 1995-1999 Kungliga Tekniska H�gskolan 3 * (Royal Institute of Technology, Stockholm, Sweden). 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * 3. Neither the name of the Institute nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34 #include "ftp_locl.h" 35 #include <krb.h> 36 RCSID("$Id: kauth.c,v 1.20 1999/12/02 16:58:29 joda Exp $"); 37 38 void 39 kauth(int argc, char **argv) 40 { 41 int ret; 42 char buf[1024]; 43 des_cblock key; 44 des_key_schedule schedule; 45 KTEXT_ST tkt, tktcopy; 46 char *name; 47 char *p; 48 int overbose; 49 char passwd[100]; 50 int tmp; 51 52 int save; 53 54 if(argc > 2){ 55 printf("usage: %s [principal]\n", argv[0]); 56 code = -1; 57 return; 58 } 59 if(argc == 2) 60 name = argv[1]; 61 else 62 name = username; 63 64 overbose = verbose; 65 verbose = 0; 66 67 save = set_command_prot(prot_private); 68 ret = command("SITE KAUTH %s", name); 69 if(ret != CONTINUE){ 70 verbose = overbose; 71 set_command_prot(save); 72 code = -1; 73 return; 74 } 75 verbose = overbose; 76 p = strstr(reply_string, "T="); 77 if(!p){ 78 printf("Bad reply from server.\n"); 79 set_command_prot(save); 80 code = -1; 81 return; 82 } 83 p += 2; 84 tmp = base64_decode(p, &tkt.dat); 85 if(tmp < 0){ 86 printf("Failed to decode base64 in reply.\n"); 87 set_command_prot(save); 88 code = -1; 89 return; 90 } 91 tkt.length = tmp; 92 tktcopy.length = tkt.length; 93 94 p = strstr(reply_string, "P="); 95 if(!p){ 96 printf("Bad reply from server.\n"); 97 verbose = overbose; 98 set_command_prot(save); 99 code = -1; 100 return; 101 } 102 name = p + 2; 103 for(; *p && *p != ' ' && *p != '\r' && *p != '\n'; p++); 104 *p = 0; 105 106 snprintf(buf, sizeof(buf), "Password for %s:", name); 107 if (des_read_pw_string (passwd, sizeof(passwd)-1, buf, 0)) 108 *passwd = '\0'; 109 des_string_to_key (passwd, &key); 110 111 des_key_sched(&key, schedule); 112 113 des_pcbc_encrypt((des_cblock*)tkt.dat, (des_cblock*)tktcopy.dat, 114 tkt.length, 115 schedule, &key, DES_DECRYPT); 116 if (strcmp ((char*)tktcopy.dat + 8, 117 KRB_TICKET_GRANTING_TICKET) != 0) { 118 afs_string_to_key (passwd, krb_realmofhost(hostname), &key); 119 des_key_sched (&key, schedule); 120 des_pcbc_encrypt((des_cblock*)tkt.dat, (des_cblock*)tktcopy.dat, 121 tkt.length, 122 schedule, &key, DES_DECRYPT); 123 } 124 memset(key, 0, sizeof(key)); 125 memset(schedule, 0, sizeof(schedule)); 126 memset(passwd, 0, sizeof(passwd)); 127 if(base64_encode(tktcopy.dat, tktcopy.length, &p) < 0) { 128 printf("Out of memory base64-encoding.\n"); 129 set_command_prot(save); 130 code = -1; 131 return; 132 } 133 memset (tktcopy.dat, 0, tktcopy.length); 134 ret = command("SITE KAUTH %s %s", name, p); 135 free(p); 136 set_command_prot(save); 137 if(ret != COMPLETE){ 138 code = -1; 139 return; 140 } 141 code = 0; 142 } 143 144 void 145 klist(int argc, char **argv) 146 { 147 int ret; 148 if(argc != 1){ 149 printf("usage: %s\n", argv[0]); 150 code = -1; 151 return; 152 } 153 154 ret = command("SITE KLIST"); 155 code = (ret == COMPLETE); 156 } 157 158 void 159 kdestroy(int argc, char **argv) 160 { 161 int ret; 162 if (argc != 1) { 163 printf("usage: %s\n", argv[0]); 164 code = -1; 165 return; 166 } 167 ret = command("SITE KDESTROY"); 168 code = (ret == COMPLETE); 169 } 170 171 void 172 krbtkfile(int argc, char **argv) 173 { 174 int ret; 175 if(argc != 2) { 176 printf("usage: %s tktfile\n", argv[0]); 177 code = -1; 178 return; 179 } 180 ret = command("SITE KRBTKFILE %s", argv[1]); 181 code = (ret == COMPLETE); 182 } 183 184 void 185 afslog(int argc, char **argv) 186 { 187 int ret; 188 if(argc > 2) { 189 printf("usage: %s [cell]\n", argv[0]); 190 code = -1; 191 return; 192 } 193 if(argc == 2) 194 ret = command("SITE AFSLOG %s", argv[1]); 195 else 196 ret = command("SITE AFSLOG"); 197 code = (ret == COMPLETE); 198 } 199