2
* Unix SMB/CIFS implementation.
4
* Copyright (C) Volker Lendecke 2004
6
* This program is free software; you can redistribute it and/or modify
7
* it under the terms of the GNU General Public License as published by
8
* the Free Software Foundation; either version 2 of the License, or
9
* (at your option) any later version.
11
* This program is distributed in the hope that it will be useful,
12
* but WITHOUT ANY WARRANTY; without even the implied warranty of
13
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14
* GNU General Public License for more details.
16
* You should have received a copy of the GNU General Public License
17
* along with this program; if not, write to the Free Software
18
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
23
#ifdef WITH_FAKE_KASERVER
25
#define NO_ASN1_TYPEDEFS 1
30
#include <afs/venus.h>
31
#include <asm/unistd.h>
32
#include <openssl/des.h>
33
#include <sys/syscall.h>
35
int afs_syscall( int subcall,
41
return( syscall( SYS_afs_syscall, subcall, path, cmd, cmarg, follow));
48
uint32 BeginTimestamp;
52
static BOOL afs_decode_token(const char *string, char **cell,
53
DATA_BLOB *ticket, struct ClearToken *ct)
56
struct ClearToken result_ct;
58
char *s = SMB_STRDUP(string);
62
if ((t = strtok(s, "\n")) == NULL) {
63
DEBUG(10, ("strtok failed\n"));
67
*cell = SMB_STRDUP(t);
69
if ((t = strtok(NULL, "\n")) == NULL) {
70
DEBUG(10, ("strtok failed\n"));
74
if (sscanf(t, "%u", &result_ct.AuthHandle) != 1) {
75
DEBUG(10, ("sscanf AuthHandle failed\n"));
79
if ((t = strtok(NULL, "\n")) == NULL) {
80
DEBUG(10, ("strtok failed\n"));
84
blob = base64_decode_data_blob(t);
86
if ( (blob.data == NULL) ||
87
(blob.length != sizeof(result_ct.HandShakeKey) )) {
88
DEBUG(10, ("invalid key: %x/%d\n", (uint32)blob.data,
93
memcpy(result_ct.HandShakeKey, blob.data, blob.length);
95
data_blob_free(&blob);
97
if ((t = strtok(NULL, "\n")) == NULL) {
98
DEBUG(10, ("strtok failed\n"));
102
if (sscanf(t, "%u", &result_ct.ViceId) != 1) {
103
DEBUG(10, ("sscanf ViceId failed\n"));
107
if ((t = strtok(NULL, "\n")) == NULL) {
108
DEBUG(10, ("strtok failed\n"));
112
if (sscanf(t, "%u", &result_ct.BeginTimestamp) != 1) {
113
DEBUG(10, ("sscanf BeginTimestamp failed\n"));
117
if ((t = strtok(NULL, "\n")) == NULL) {
118
DEBUG(10, ("strtok failed\n"));
122
if (sscanf(t, "%u", &result_ct.EndTimestamp) != 1) {
123
DEBUG(10, ("sscanf EndTimestamp failed\n"));
127
if ((t = strtok(NULL, "\n")) == NULL) {
128
DEBUG(10, ("strtok failed\n"));
132
blob = base64_decode_data_blob(t);
134
if (blob.data == NULL) {
135
DEBUG(10, ("Could not get ticket\n"));
146
Put an AFS token into the Kernel so that it can authenticate against
147
the AFS server. This assumes correct local uid settings.
149
This is currently highly Linux and OpenAFS-specific. The correct API
150
call for this would be ktc_SetToken. But to do that we would have to
151
import a REALLY big bunch of libraries which I would currently like
155
static BOOL afs_settoken(const char *cell,
156
const struct ClearToken *ctok,
162
uint16 in_size, out_size;
169
memcpy(p, &ticket.length, sizeof(uint32));
171
memcpy(p, ticket.data, ticket.length);
174
tmp = sizeof(struct ClearToken);
175
memcpy(p, &tmp, sizeof(uint32));
177
memcpy(p, ctok, tmp);
182
memcpy(p, &tmp, sizeof(uint32));
186
if (tmp >= MAXKTCREALMLEN) {
187
DEBUG(1, ("Realm too long\n"));
191
strncpy(p, cell, tmp);
197
iob.in_size = PTR_DIFF(p,buf);
199
iob.out_size = sizeof(buf);
202
file_save("/tmp/ioctlbuf", iob.in, iob.in_size);
205
ret = afs_syscall(AFSCALL_PIOCTL, 0, VIOCSETTOK, (char *)&iob, 0);
207
DEBUG(10, ("afs VIOCSETTOK returned %d\n", ret));
211
BOOL afs_settoken_str(const char *token_string)
214
struct ClearToken ct;
218
if (!afs_decode_token(token_string, &cell, &ticket, &ct))
222
ct.ViceId = getuid();
224
result = afs_settoken(cell, &ct, ticket);
227
data_blob_free(&ticket);
234
BOOL afs_settoken_str(const char *token_string)