1 /* 2 * Copyright (c) 1995-1999 Kungliga Tekniska H�gskolan 3 * (Royal Institute of Technology, Stockholm, Sweden). 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * 3. Neither the name of the Institute nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34 #include "ftp_locl.h" 35 RCSID("$Id: kauth.c 15666 2005-07-19 17:08:11Z lha $"); 36 37 #ifdef KRB4 38 #include <krb.h> 39 40 void 41 kauth(int argc, char **argv) 42 { 43 int ret; 44 char buf[1024]; 45 des_cblock key; 46 des_key_schedule schedule; 47 KTEXT_ST tkt, tktcopy; 48 char *name; 49 char *p; 50 int overbose; 51 char passwd[100]; 52 int tmp; 53 54 int save; 55 56 if(argc > 2){ 57 printf("usage: %s [principal]\n", argv[0]); 58 code = -1; 59 return; 60 } 61 if(argc == 2) 62 name = argv[1]; 63 else 64 name = username; 65 66 overbose = verbose; 67 verbose = 0; 68 69 save = set_command_prot(prot_private); 70 ret = command("SITE KAUTH %s", name); 71 if(ret != CONTINUE){ 72 verbose = overbose; 73 set_command_prot(save); 74 code = -1; 75 return; 76 } 77 verbose = overbose; 78 p = strstr(reply_string, "T="); 79 if(!p){ 80 printf("Bad reply from server.\n"); 81 set_command_prot(save); 82 code = -1; 83 return; 84 } 85 p += 2; 86 tmp = base64_decode(p, &tkt.dat); 87 if(tmp < 0){ 88 printf("Failed to decode base64 in reply.\n"); 89 set_command_prot(save); 90 code = -1; 91 return; 92 } 93 tkt.length = tmp; 94 tktcopy.length = tkt.length; 95 96 p = strstr(reply_string, "P="); 97 if(!p){ 98 printf("Bad reply from server.\n"); 99 verbose = overbose; 100 set_command_prot(save); 101 code = -1; 102 return; 103 } 104 name = p + 2; 105 for(; *p && *p != ' ' && *p != '\r' && *p != '\n'; p++); 106 *p = 0; 107 108 snprintf(buf, sizeof(buf), "Password for %s:", name); 109 if (des_read_pw_string (passwd, sizeof(passwd)-1, buf, 0)) 110 *passwd = '\0'; 111 des_string_to_key (passwd, &key); 112 113 des_key_sched(&key, schedule); 114 115 des_pcbc_encrypt((des_cblock*)tkt.dat, (des_cblock*)tktcopy.dat, 116 tkt.length, 117 schedule, &key, DES_DECRYPT); 118 if (strcmp ((char*)tktcopy.dat + 8, 119 KRB_TICKET_GRANTING_TICKET) != 0) { 120 afs_string_to_key (passwd, krb_realmofhost(hostname), &key); 121 des_key_sched (&key, schedule); 122 des_pcbc_encrypt((des_cblock*)tkt.dat, (des_cblock*)tktcopy.dat, 123 tkt.length, 124 schedule, &key, DES_DECRYPT); 125 } 126 memset(key, 0, sizeof(key)); 127 memset(schedule, 0, sizeof(schedule)); 128 memset(passwd, 0, sizeof(passwd)); 129 if(base64_encode(tktcopy.dat, tktcopy.length, &p) < 0) { 130 printf("Out of memory base64-encoding.\n"); 131 set_command_prot(save); 132 code = -1; 133 return; 134 } 135 memset (tktcopy.dat, 0, tktcopy.length); 136 ret = command("SITE KAUTH %s %s", name, p); 137 free(p); 138 set_command_prot(save); 139 if(ret != COMPLETE){ 140 code = -1; 141 return; 142 } 143 code = 0; 144 } 145 146 void 147 kdestroy(int argc, char **argv) 148 { 149 int ret; 150 if (argc != 1) { 151 printf("usage: %s\n", argv[0]); 152 code = -1; 153 return; 154 } 155 ret = command("SITE KDESTROY"); 156 code = (ret == COMPLETE); 157 } 158 159 void 160 krbtkfile(int argc, char **argv) 161 { 162 int ret; 163 if(argc != 2) { 164 printf("usage: %s tktfile\n", argv[0]); 165 code = -1; 166 return; 167 } 168 ret = command("SITE KRBTKFILE %s", argv[1]); 169 code = (ret == COMPLETE); 170 } 171 #endif 172 173 #if defined(KRB4) || defined(KRB5) 174 175 void 176 afslog(int argc, char **argv) 177 { 178 int ret; 179 if(argc > 2) { 180 printf("usage: %s [cell]\n", argv[0]); 181 code = -1; 182 return; 183 } 184 if(argc == 2) 185 ret = command("SITE AFSLOG %s", argv[1]); 186 else 187 ret = command("SITE AFSLOG"); 188 code = (ret == COMPLETE); 189 } 190 191 #else 192 int ftp_afslog_placeholder; 193 #endif 194