src/kauth/krb_tf.c

   1 /*
   2  * Copyright 2000, International Business Machines Corporation and others.
   3  * All Rights Reserved.
   4  *
   5  * This software has been released under the terms of the IBM Public
   6  * License.  For details, see the LICENSE file in the top-level source
   7  * directory or online at http://www.openafs.org/dl/license10.html
   8  */
   9
  10 /*
  11  * ALL RIGHTS RESERVED
  12  */
  13
  14 /* This modified from the code in kerberos/src/lib/krb/tf_util.c. */
  15
  16 /*
  17  * This file contains routines for manipulating the ticket cache file.
  18  *
  19  * The ticket file is in the following format:
  20  *
  21  *      principal's name        (null-terminated string)
  22  *      principal's instance    (null-terminated string)
  23  *      CREDENTIAL_1
  24  *      CREDENTIAL_2
  25  *      ...
  26  *      CREDENTIAL_n
  27  *      EOF
  28  *
  29  *      Where "CREDENTIAL_x" consists of the following fixed-length
  30  *      fields from the CREDENTIALS structure (see "krb.h"):
  31  *
  32  *              char            service[ANAME_SZ]
  33  *              char            instance[INST_SZ]
  34  *              char            realm[REALM_SZ]
  35  *              C_Block         session
  36  *              int             lifetime
  37  *              int             kvno
  38  *              KTEXT_ST        ticket_st
  39  *              afs_int32            issue_date
  40  *
  41  * . . .
  42  */
  43
  44 /* Inspite of what the above comment suggests the fields are not fixed length
  45    but null terminated as you might figure, except for the ticket which is
  46    preceded by a 4 byte length.  All fields in host order. 890306 */
  47 #include <afsconfig.h>
  48 #include <afs/param.h>
  49
  50
  51 #ifdef HAVE_FCNTL_H
  52 #include <fcntl.h>
  53 #endif
  54 #ifdef AFS_NT40_ENV
  55 #include <io.h>
  56 #else
  57 #include <sys/file.h>
  58 #endif
  59 #include <string.h>
  60 #include <sys/types.h>
  61 #include <rx/xdr.h>
  62 #include <errno.h>
  63 #include <afs/auth.h>
  64 #include <afs/afsutil.h>
  65 #include "kauth.h"
  66 #include "kautils.h"
  67 #include "kauth_internal.h"
  68
  69 afs_int32
  70 krb_write_ticket_file(char *realm)
  71 {
  72     int fd;
  73     int count;
  74     afs_int32 code;
  75     int lifetime, kvno;
  76     char *tf_name;
  77     struct ktc_principal client, server;
  78     struct ktc_token token;
  79
  80     if ((strlen(realm) >= sizeof(client.cell)))
  81         return KABADNAME;
  82     strcpy(server.name, KA_TGS_NAME);
  83     strcpy(server.instance, realm);
  84     lcstring(server.cell, realm, sizeof(server.cell));
  85
  86     code = ktc_GetToken(&server, &token, sizeof(struct ktc_token), &client);
  87     if (code)
  88         return code;
  89
  90     /* Use the KRBTKFILE environment variable if it exists, otherwise fall
  91      * back upon /tmp/tkt(uid}.
  92      */
  93     if ((tf_name = (char *)getenv("KRBTKFILE")))
  94         fd = open(tf_name, O_WRONLY | O_CREAT | O_TRUNC, 0700);
  95     else {
  96         afs_asprintf(&tf_name, "%s/tkt%d", gettmpdir(), getuid());
  97         if (tf_name == NULL)
  98             return ENOMEM;
  99         fd = open(tf_name, O_WRONLY | O_CREAT | O_TRUNC, 0700);
 100         free(tf_name);
 101     }
 102
 103     if (fd <= 0)
 104         return errno;
 105
 106     /* write client name as file header */
 107
 108     count = strlen(client.name) + 1;
 109     if (write(fd, client.name, count) != count)
 110         goto bad;
 111
 112     count = strlen(client.instance) + 1;
 113     if (write(fd, client.instance, count) != count)
 114         goto bad;
 115
 116     /* Write the ticket and associated data */
 117     /* Service */
 118     count = strlen(server.name) + 1;
 119     if (write(fd, server.name, count) != count)
 120         goto bad;
 121     /* Instance */
 122     count = strlen(server.instance) + 1;
 123     if (write(fd, server.instance, count) != count)
 124         goto bad;
 125     /* Realm */
 126     ucstring(server.cell, server.cell, sizeof(server.cell));
 127     count = strlen(server.cell) + 1;
 128     if (write(fd, server.cell, count) != count)
 129         goto bad;
 130     /* Session key */
 131     if (write(fd, (char *)&token.sessionKey, 8) != 8)
 132         goto bad;
 133     /* Lifetime */
 134     lifetime = time_to_life(token.startTime, token.endTime);
 135     if (write(fd, (char *)&lifetime, sizeof(int)) != sizeof(int))
 136         goto bad;
 137     /* Key vno */
 138     kvno = token.kvno;
 139     if (write(fd, (char *)&kvno, sizeof(int)) != sizeof(int))
 140         goto bad;
 141     /* Tkt length */
 142     if (write(fd, (char *)&(token.ticketLen), sizeof(int)) != sizeof(int))
 143         goto bad;
 144     /* Ticket */
 145     count = token.ticketLen;
 146     if (write(fd, (char *)(token.ticket), count) != count)
 147         goto bad;
 148     /* Issue date */
 149     if (write(fd, (char *)&(token.startTime), sizeof(afs_int32))
 150         != sizeof(afs_int32))
 151         goto bad;
 152     close(fd);
 153     return 0;
 154
 155   bad:
 156     close(fd);
 157     return -1;
 158 }