2 * Copyright 2000, International Business Machines Corporation and others.
5 * This software has been released under the terms of the IBM Public
6 * License. For details, see the LICENSE file in the top-level source
7 * directory or online at http://www.openafs.org/dl/license10.html
10 #include <afsconfig.h>
11 #include <afs/param.h>
15 #if defined(AFS_AIX41_ENV)
16 #include <sys/types.h>
17 #include <sys/param.h>
23 #include <sys/socket.h>
28 #include <afs/kauth.h>
29 #include <afs/kautils.h>
32 int afs_authenticate (char *userName, char *response, int *reenter, char **message) {
33 char *reason, *pword, prompt[256];
35 int code, unixauthneeded, password_expires = -1;
42 sprintf(prompt,"Enter AFS password for %s: ",userName);
43 pword=getpass(prompt);
44 if(strlen(pword)==0) {
45 printf("Unable to read password because zero length passord is illegal\n");
46 *message = (char *)malloc(256);
47 sprintf(*message, "Unable to read password because zero length passord is illegal\n");
51 if ((pwd = getpwnam(userName)) == NULL){
52 *message = (char *)malloc(256);
53 sprintf(*message, "getpwnam for user failed\n");
56 if (code = ka_UserAuthenticateGeneral(KA_USERAUTH_VERSION + KA_USERAUTH_DOSETPAG, userName,
57 NULL, NULL, pword, 0, &password_expires, 0, &reason)) {
60 *message = (char *)malloc(1024);
61 sprintf(*message, "Unable to authenticate to AFS because %s.\n", reason);
64 #if defined(AFS_KERBEROS_ENV)
65 setup_ticket_file(userName);
70 int afs_chpass (char *userName, char *oldPasswd, char *newPasswd, char **message) {
74 int afs_passwdexpired (char *userName, char **message) {
78 int afs_passwdrestrictions (char *userName, char *newPasswd, char *oldPasswd, char **message) {
82 int afs_getgrset (char *userName) {
86 int afs_getgrgid (int id) {
90 int afs_getgrnam (char *name) {
94 int afs_getpwnam(int id)
99 int afs_getpwuid(char *name)
104 int afs_initialize(struct secmethod_table *meths) {
106 * Initialize kauth package here so we don't have to call it
107 * each time we call the authenticate routine.
110 memset(meths, 0, sizeof(struct secmethod_table));
112 * Initialize the exported interface routines. Except the authenticate one
113 * the others are currently mainly noops.
115 meths->method_chpass = afs_chpass;
116 meths->method_authenticate = afs_authenticate;
117 meths->method_passwdexpired = afs_passwdexpired;
118 meths->method_passwdrestrictions = afs_passwdrestrictions;
120 * These we need to bring in because, for afs users, /etc/security/user's
121 * "registry" must non-local (i.e. DCE) since otherwise it assumes it's a
122 * local domain and uses valid_crypt(passwd) to validate the afs passwd
123 * which, of course, will fail. NULL return from these routine simply
124 * means use the local version ones after all.
126 meths->method_getgrgid = afs_getgrgid;
127 meths->method_getgrset = afs_getgrset;
128 meths->method_getgrnam = afs_getgrnam;
129 meths->method_getpwnam = afs_getpwnam;
130 meths->method_getpwuid = afs_getpwuid;
134 #if defined(AFS_KERBEROS_ENV)
136 setup_ticket_file(userName)
139 extern char* ktc_tkt_string();
142 setpwent(); /* open the pwd database */
143 pwd = getpwnam(userName);
146 if ( chown(ktc_tkt_string(), pwd->pw_uid, pwd->pw_gid) < 0 )
149 else perror("getpwnam : ");
150 endpwent(); /* close the pwd database */
152 #endif /* AFS_KERBEROS_ENV */