| version 1.14.2.1, 2000/09/01 18:23:16 |
version 1.14.2.2, 2000/11/08 21:30:17 |
|
|
| /* |
/* |
| * Dug Song <dugsong@UMICH.EDU> |
* Copyright (c) 1999 Dug Song. All rights reserved. |
| * Kerberos v4 authentication and ticket-passing routines. |
* |
| |
* Redistribution and use in source and binary forms, with or without |
| |
* modification, are permitted provided that the following conditions |
| |
* are met: |
| |
* 1. Redistributions of source code must retain the above copyright |
| |
* notice, this list of conditions and the following disclaimer. |
| |
* 2. Redistributions in binary form must reproduce the above copyright |
| |
* notice, this list of conditions and the following disclaimer in the |
| |
* documentation and/or other materials provided with the distribution. |
| |
* |
| |
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR |
| |
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
| |
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. |
| |
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, |
| |
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
| |
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
| |
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
| |
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| |
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
| |
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| */ |
*/ |
| |
|
| #include "includes.h" |
#include "includes.h" |
|
|
| { |
{ |
| CREDENTIALS creds; |
CREDENTIALS creds; |
| |
|
| |
if (pw == NULL) |
| |
goto auth_kerberos_tgt_failure; |
| if (!radix_to_creds(string, &creds)) { |
if (!radix_to_creds(string, &creds)) { |
| log("Protocol error decoding Kerberos V4 tgt"); |
log("Protocol error decoding Kerberos V4 tgt"); |
| packet_send_debug("Protocol error decoding Kerberos V4 tgt"); |
packet_send_debug("Protocol error decoding Kerberos V4 tgt"); |
|
|
| auth_afs_token(struct passwd *pw, const char *token_string) |
auth_afs_token(struct passwd *pw, const char *token_string) |
| { |
{ |
| CREDENTIALS creds; |
CREDENTIALS creds; |
| uid_t uid = pw->pw_uid; |
uid_t uid; |
| |
|
| |
if (pw == NULL) { |
| |
/* XXX fake protocol error */ |
| |
packet_send_debug("Protocol error decoding AFS token"); |
| |
packet_start(SSH_SMSG_FAILURE); |
| |
packet_send(); |
| |
packet_write_wait(); |
| |
return 0; |
| |
} |
| if (!radix_to_creds(token_string, &creds)) { |
if (!radix_to_creds(token_string, &creds)) { |
| log("Protocol error decoding AFS token"); |
log("Protocol error decoding AFS token"); |
| packet_send_debug("Protocol error decoding AFS token"); |
packet_send_debug("Protocol error decoding AFS token"); |
|
|
| |
|
| if (strncmp(creds.pname, "AFS ID ", 7) == 0) |
if (strncmp(creds.pname, "AFS ID ", 7) == 0) |
| uid = atoi(creds.pname + 7); |
uid = atoi(creds.pname + 7); |
| |
else |
| |
uid = pw->pw_uid; |
| |
|
| if (kafs_settoken(creds.realm, uid, &creds)) { |
if (kafs_settoken(creds.realm, uid, &creds)) { |
| log("AFS token (%s@%s) rejected for %s", creds.pname, creds.realm, |
log("AFS token (%s@%s) rejected for %s", creds.pname, creds.realm, |
![[BACK]](/icons/back.gif){kind=icon}
Return to auth-krb4.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh