From eb1dd3306b6459572dbb2c4d58d07939c9c85b50 Mon Sep 17 00:00:00 2001 From: Russ Allbery Date: Tue, 1 Aug 2006 21:57:14 +0000 Subject: [PATCH] we-hate-dce-20060801 Destroy all traces of dauth, including the DCE authentication support in afsweb. --- Makefile.in | 15 +- configure.in | 1 - doc/man-pages/pod1/dpass.pod | 118 ------ src/afsweb/Makefile.in | 17 +- src/afsweb/weblog.c | 542 +------------------------- src/dauth/.cvsignore | 8 - src/dauth/Makefile.in | 79 ---- src/dauth/adkint.xg | 58 --- src/dauth/dlog.c | 898 ------------------------------------------- src/dauth/dpass.c | 166 -------- 10 files changed, 11 insertions(+), 1891 deletions(-) delete mode 100644 doc/man-pages/pod1/dpass.pod delete mode 100644 src/dauth/.cvsignore delete mode 100644 src/dauth/Makefile.in delete mode 100644 src/dauth/adkint.xg delete mode 100644 src/dauth/dlog.c delete mode 100644 src/dauth/dpass.c diff --git a/Makefile.in b/Makefile.in index 9d467c0..1633b97 100644 --- a/Makefile.in +++ b/Makefile.in @@ -188,9 +188,6 @@ ptserver: cmd comerr ubik cmd comerr auth audit ptserver_depinstall kauth: cmd comerr ubik cmd auth comerr ptserver audit libacl kauth_depinstall ${COMPILE_PART1} kauth ${COMPILE_PART2} -dauth: cmd comerr ubik cmd auth kauth comerr - ${COMPILE_PART1} dauth ${COMPILE_PART2} - libacl: cmd comerr ptserver libacl_depinstall ${COMPILE_PART1} libacl ${COMPILE_PART2} @@ -456,7 +453,7 @@ libuafs: libuafs_setup vlserver_depinstall rx_depinstall fsint_depinstall \ ${COMPILE_PART1} libuafs ${COMPILE_PART2} ;; \ esac -afsweb: kauth dauth +afsweb: kauth ${COMPILE_PART1} afsweb ${COMPILE_PART2} update: cmd comerr auth @@ -584,15 +581,16 @@ jafsadm: libjafsadm finale: project cmd comerr afsd butc tbutc @ENABLE_KERNEL_MODULE@ libuafs audit kauth log package \ ptserver scout bu_utils ubik uss bozo vfsck volser tvolser tsalvaged \ - venus update xstat afsmonitor dauth rxdebug libafsrpc \ + venus update xstat afsmonitor rxdebug libafsrpc \ libafsauthent shlibafsrpc shlibafsauthent libadmin login man-pages \ platform ${COMPILE_PART1} finale ${COMPILE_PART2} finale_nolibafs: project cmd comerr afsd butc tbutc libuafs audit kauth log package \ ptserver scout bu_utils ubik uss bozo vfsck volser tvolser tsalvaged \ - venus update xstat afsmonitor dauth rxdebug libafsrpc \ - libafsauthent shlibafsrpc shlibafsauthent libadmin login man-pages + venus update xstat afsmonitor rxdebug libafsrpc \ + libafsauthent shlibafsrpc shlibafsauthent libadmin login man-pages \ + platform ${COMPILE_PART1} finale ${COMPILE_PART2} # Use washtool to ensure MakefileProto is current and obj/libafs exists. @@ -638,7 +636,6 @@ clean2: -${COMPILE_PART1} ubik ${COMPILE_CLEAN} -${COMPILE_PART1} ptserver ${COMPILE_CLEAN} -${COMPILE_PART1} kauth ${COMPILE_CLEAN} - -${COMPILE_PART1} dauth ${COMPILE_CLEAN} -${COMPILE_PART1} libacl ${COMPILE_CLEAN} -${COMPILE_PART1} dir ${COMPILE_CLEAN} -${COMPILE_PART1} vol ${COMPILE_CLEAN} @@ -705,7 +702,6 @@ clean2: -/bin/rm -rf ${TOP_INCDIR} ${TOP_LIBDIR} ${TOP_JLIBDIR} -/bin/rm -rf libafs_tree ${SYS_NAME} - distclean: clean /bin/rm -rf lib include /bin/rm -f config.log config.cache config.status \ @@ -736,7 +732,6 @@ distclean: clean src/config/Makefile.version \ src/config/Makefile.version-NOCML \ src/config/Makefile.config \ - src/dauth/Makefile \ src/des/test/Makefile \ src/des/Makefile \ src/dir/test/Makefile \ diff --git a/configure.in b/configure.in index a6288db..c12251a 100644 --- a/configure.in +++ b/configure.in @@ -37,7 +37,6 @@ src/comerr/test/Makefile \ src/config/Makefile \ src/config/Makefile.config \ src/config/Makefile.version-NOCML \ -src/dauth/Makefile \ src/des/Makefile \ src/des/test/Makefile \ src/dir/Makefile \ diff --git a/doc/man-pages/pod1/dpass.pod b/doc/man-pages/pod1/dpass.pod deleted file mode 100644 index 91da9bd..0000000 --- a/doc/man-pages/pod1/dpass.pod +++ /dev/null @@ -1,118 +0,0 @@ -=head1 NAME - -dpass - Returns the DCE password for a new DCE account - -=head1 SYNOPSIS - -=for html -
- -B S<<< [B<-cell> >] >>> [B<-help>] - -B S<<< [B<-c> >] >>> [B<-h>] - -=for html -
- -=head1 DESCRIPTION - -The B command returns the DCE password that an administrator -assigned to the issuer when using the B command to migrate AFS -user accounts into a DCE cell. - -The B command, issued on an AFS client, requests the issuer's new -DCE password from the AFS cell specified with the B<-cell> argument. - -The issuer must be authenticated as the AFS user whose AFS account was -moved into DCE, and be able to provide the user's AFS password when -prompted by the B command. - -=head1 OPTIONS - -=over 4 - -=item B<-cell> > - -Specifies the name of the AFS cell from which the AFS account was moved -into DCE and from which to fetch the new DCE password. - -=item B<-help> - -Prints the online help for this command. All other valid options are -ignored. - -=back - -=head1 OUTPUT - -By default, the dpass command writes a message similar to the following to -the standard output stream. - - Please read the following message before entering your password. - - This program will display your new, temporary DCE password on your - terminal, and you should change the assigned password as soon as - possible (from a DCE client). The program assumes that the AFS cell - uses the AFS Authentication Server and that an administrator used the - utilities in the AFS/DFS Migration Toolkit to migrate the account from - AFS to DCE. The password you enter should be the AFS password that was - in effect when your DCE account was created; this is not necessarily - the same password you have at the moment. The cell name (which you may - override with a command line option), must be the name of the AFS cell - from which the authentication information was taken. - -To suppress this message, set the DPASS_NO_MESSAGE environment -variable. It is then possible to substitute a customized message if -desired by using a script similar to the following example: - - #! /bin/csh - echo "I" - echo "I" - . - . - . - echo "I" - setenv DPASS_NO_MESSAGE - dpass $* - -After the standard or customized message, if any, the dpass command -generates the following prompt for the original AFS password: - - Original password for AFS cell : - Re-enter password to verify: - -If the AFS passwords match and are correct, the command reports the -temporary DCE password in the following message. - - The new DCE password is: cell. The DPASS_NO_MESSAGE variable has been -set to suppress the standard message. - - % dpass - Original password for AFS cell abc.com: - Re-enter password to verify: - The new DCE password is: 8655--eg8e-dcdc-8157 - -=head1 PRIVILEGE REQUIRED - -The issuer must be authenticated as the AFS user for whom to display the -corresponding DCE password. - -=head1 SEE ALSO - -L - -B reference page in I - -=head1 COPYRIGHT - -IBM Corporation 2000. All Rights Reserved. - -This documentation is covered by the IBM Public License Version 1.0. It was -converted from HTML to POD by software written by Chas Williams and Russ -Allbery, based on work by Alf Wachsmann and Elizabeth Cassell. diff --git a/src/afsweb/Makefile.in b/src/afsweb/Makefile.in index 3073f76..90a8ca0 100644 --- a/src/afsweb/Makefile.in +++ b/src/afsweb/Makefile.in @@ -16,7 +16,6 @@ UKSRCS=nsafs.h nsafs.c securehash.c # Targets for Apache AFS Web Secure # APACHE_AFS_LIB=libapacheafs.a -DCE_ADK_LIB=libadk.a APACHE_AFS_COMMON_LIB=libcommon.a BINARIES=weblog weblog_starter @@ -144,8 +143,6 @@ install: ## code. Be sure to compile with the VERSION_CFLAG=-DAPACHE_1_3 option for Apache 1.3 ## APACHE_INCLUDES=-Iapache_includes -EXTRA_CFLAGS=-DENABLE_DCE_DLOG -I../dauth/ -ADKOBJS=../dauth/adkint.cs.o ../dauth/adkint.xdr.o XLIBS= DEFINES=-DSTATUS @@ -154,7 +151,7 @@ DEBUG_FLAG= AUX_CFLAGS= VERSION_CFLAG= AFS_INCL=-I${TOP_INCDIR} -I.. -I../config -CFLAGS=$(OPTF) $(DEFINES) -I. -I.. $(EXTRA_CFLAGS) $(VERSION_CFLAG) $(DEBUG_FLAG) +CFLAGS=$(OPTF) $(DEFINES) -I. -I.. $(VERSION_CFLAG) $(DEBUG_FLAG) INCLS=${TOP_INCDIR}/ubik.h \ ${TOP_INCDIR}/lwp.h \ ${TOP_INCDIR}/lock.h \ @@ -189,16 +186,12 @@ OBJS=$(LIBOBJS) apache_afs_weblog.o weblog.o $(CCOBJ) -c $(CFLAGS) $(AFS_INCL) $(AUX_CFLAGS) $< -weblog: weblog.o $(APACHE_AFS_COMMON_LIB) $(DCE_ADK_LIB) - $(CC) -o $@ weblog.o $(APACHE_AFS_COMMON_LIB) $(LIBS) $(DCE_ADK_LIB) $(XLIBS) +weblog: weblog.o $(APACHE_AFS_COMMON_LIB) + $(CC) -o $@ weblog.o $(APACHE_AFS_COMMON_LIB) $(LIBS) $(XLIBS) weblog_starter: apache_afs_weblog.o weblog_errors.h $(CC) -o $@ apache_afs_weblog.o -$(DCE_ADK_LIB): - - /bin/rm -f $@ - $(AR) $(ARFLAGS) $@ $(ADKOBJS) - $(APACHE_AFS_COMMON_LIB):$(LIBCOMMON_OBJS) - /bin/rm -f $@ $(AR) $(ARFLAGS) $@ $(LIBCOMMON_OBJS) @@ -216,7 +209,7 @@ afs_module.c: apache_afs_module.c -DAPACHE_1_3*) echo '#include "ap_compat.h"' >> afs_module.c ;; \ esac \ ; cat apache_afs_module.c >> afs_module.c - + ## ##Dependencies ## @@ -234,7 +227,7 @@ apache_afs_plugin.o: apache_api.h apache_afs_plugin.c apache_afs_client.o apache clean: - -/bin/rm -f *.o $(BINARIES) $(APACHE_AFS_LIB) $(APACHE_AFS_COMMON_LIB) $(DCE_ADK_LIB) + -/bin/rm -f *.o $(BINARIES) $(APACHE_AFS_LIB) $(APACHE_AFS_COMMON_LIB) libclean: -/bin/rm -f $(APACHE_AFS_LIB) $(LIBOBJS) diff --git a/src/afsweb/weblog.c b/src/afsweb/weblog.c index 9332fb4..54450d3 100644 --- a/src/afsweb/weblog.c +++ b/src/afsweb/weblog.c @@ -279,524 +279,6 @@ makeNewPAG() return do_setpag(); } -#ifdef ENABLE_DCE_DLOG -/* - * Attempt to use the dlog mechanism to get a DCE-DFS ticket into the AFS cache manager - */ - -#include "adkint.h" -#include "assert.h" -#include -#include - -/* - * The un-decoded version of the encrypted portion of the kdc - * AS reply message (see Kerberos V5 spec). - */ -typedef struct kdc_as_reply { - des_cblock session_key; - afs_int32 nonce; - afs_int32 authtime; - afs_int32 starttime; - afs_int32 endtime; - char *realm; -} kdc_as_reply_t; - -static char * -makeString(char *sp) -{ - int len; - char *new_string; - - if (sp == NULL) { - fprintf(stderr, "weblog: makeString - NULL argument\n"); - return NULL; - } - len = strlen(sp); - if (len < 0) { - fprintf(stderr, "weblog: makeString. strlen error\n"); - return NULL; - } - new_string = (char *)malloc(len + 1); - if (new_string == NULL) { - fprintf(stderr, "weblog: Out of memory - malloc failed\n"); - return NULL; - } - strncpy(new_string, sp, len); - return new_string; -} - -/* - * Store the returned credentials as an AFS "token" for the user - * "AFS ID ". - */ -static int -store_afs_token(unix_id, realm_p, tkt_type, ticket_p, ticket_len, session_key, - starttime, endtime, set_pag) - afs_int32 unix_id; - char *realm_p; - afs_int32 tkt_type; - unsigned char *ticket_p; - int ticket_len; - des_cblock session_key; - afs_int32 starttime; - afs_int32 endtime; - int set_pag; -{ - struct ktc_token token; - struct ktc_principal client, server; - - token.startTime = starttime; - token.endTime = endtime; - memcpy((char *)&token.sessionKey, session_key, sizeof(token.sessionKey)); - token.kvno = tkt_type; - token.ticketLen = ticket_len; - if (ticket_len > MAXKTCTICKETLEN) { - fprintf(stderr, - "weblog: DCE ticket is too long (length %d)." - "Maximum length accepted by AFS cache manager is %d\n", - MAXKTCTICKETLEN); - return -1; - } - memcpy((char *)token.ticket, (char *)ticket_p, ticket_len); - - sprintf(client.name, "AFS ID %d", unix_id); - strcpy(client.instance, ""); - strcpy(client.cell, realm_p); - - strcpy(server.name, "afs"); - strcpy(server.instance, ""); - strcpy(server.cell, realm_p); - - return (ktc_SetToken - (&server, &token, &client, set_pag ? AFS_SETTOK_SETPAG : 0)); -} - - -static char * -make_string(s_p, length) - char *s_p; - int length; -{ - char *new_p = (char *)malloc(length + 1); - if (new_p == NULL) { - fprintf(stderr, "dlog: out of memory\n"); - exit(1); - } - memcpy(new_p, s_p, length); - new_p[length] = '\0'; - return new_p; -} - -/* - * Decode an asn.1 GeneralizedTime, turning it into a 32-bit Unix time. - * Format is fixed at YYYYMMDDHHMMSS plus a terminating "Z". - * - * NOTE: A test for this procedure is included at the end of this file. - */ -static int -decode_asn_time(buf, buflen, utime) - char *buf; - int buflen; - afs_int32 *utime; -{ - int year, month, day, hour, mina, sec; - int leapyear, days; - static mdays[11] = { 31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30 }; - int m; - - if (buflen != 15 - || sscanf(buf, "%4d%2d%2d%2d%2d%2dZ", &year, &month, &day, &hour, - &mina, &sec) != 6) { - return 1; - } - leapyear = month > 2 ? (year + 1) : year; /* Account for feb 29 if - * current year is a leap year */ - for (days = 0, m = 0; m < month - 1; m++) - days += mdays[m]; - - *utime = - ((((((year - 1970) * 365 + (leapyear - 1970 + 1) / 4 + days + day - - 1) * 24) + hour) * 60 + mina) * 60) + sec; - return 0; -} - -/* - * A quick and (very) dirty ASN.1 decode of the ciphertext portion - * of the KDC AS reply message... good enough for a product with a short - * expected lifetime (this will work as long as the message format doesn't - * change much). - * - * Assumptions: - * - * 1. The nonce is the only INTEGER with a tag of [2], at any nesting level. - * 2. The session key is the only OCTET STRING with length 8 and tag [1]. - * 3. The authtime, starttime, and endtimes are the only Generalized Time - * strings with tags 5, 6, and 7, respectively. - * 4. The realm is the only General String with tag 9. - * 5. The tags, above, are presented in ascending order. - */ - -#define ASN_INTEGER 0x2 -#define ASN_OCTET_STRING 0x4 -#define ASN_TIME 0x18 -#define ASN_GENERAL_STRING 0x1b -#define KDC_REP 0x7a - -static int -decode_reply(buf, buflen, reply_p) - unsigned char *buf; /* encoded ASN.1 string */ - int buflen; /* length of encoded string */ - kdc_as_reply_t *reply_p; /* result */ -{ - unsigned char *limit = buf + buflen; - - char saw_nonce = 0; - char saw_kdc_rep = 0; - char saw_session_key = 0; - char saw_authtime = 0; - char saw_starttime = 0; - char saw_endtime = 0; - char saw_realm = 0; - - int context = -1; /* Initialize with invalid context */ - - reply_p->starttime = 0; /* This is optionally provided by kdc */ - - while (buf < limit) { - int op; - int len; - - op = *buf++; - len = *buf++; - if ((op & 0x20) == 0) { - /* Primitive encoding */ - if (len & 0x80) { - return 1; /* Forget about long unspecified lengths */ - } - /* Bounds check */ - if (buf + len > limit) - return 1; - } - - switch (op) { - case KDC_REP: - saw_kdc_rep++; - break; - - case ASN_INTEGER: - { - /* - * Since non ANSI C doesn't recognize the "signed" - * type attribute for chars, we have to fiddle about - * to get sign extension (the sign bit is the top bit - * of the first byte). - */ -#define SHIFTSIGN ((sizeof(afs_int32) - 1) * 8) - afs_int32 val; - val = (afs_int32) (*buf++ << SHIFTSIGN) >> SHIFTSIGN; - - while (--len) - val = (val << 8) | *buf++; - - if (context == 2) { - reply_p->nonce = val; - saw_nonce++; - } - } - break; - - case ASN_OCTET_STRING: - if (context == 1 && len == sizeof(reply_p->session_key)) { - saw_session_key++; - memcpy(reply_p->session_key, buf, len); - } - buf += len; - break; - - case ASN_GENERAL_STRING: - if (context == 9) { - saw_realm = 1; - reply_p->realm = make_string(buf, len); - goto out; /* Best to terminate now, rather than - * continue--we don't know if the entire - * request is padded with zeroes, and if - * not there is a danger of misinterpreting - * an op-code (since the request may well - * be padded somewhat, for encryption purposes) - * This would work much better if we really - * tracked constructed type boundaries. - */ - } - buf += len; - break; - - case ASN_TIME: - switch (context) { - case 5: - saw_authtime++; - if (decode_asn_time(buf, len, &reply_p->authtime)) - return 1; - break; - - case 6: - saw_starttime++; - if (decode_asn_time(buf, len, &reply_p->starttime)) - return 1; - break; - - case 7: - saw_endtime++; - if (decode_asn_time(buf, len, &reply_p->endtime)) - return 1; - break; - } - buf += len; - break; - - default: - if ((op & 0xe0) == 0xa0) { - /* Remember last context label */ - context = op & 0x1f; - } else if ((op & 0x20) == 0) { - /* Skip primitive encodings we don't understand */ - buf += len; - } - } - } - - out: - return !(saw_kdc_rep == 1 && saw_nonce == 1 && saw_session_key == 1 - && saw_authtime == 1 && (saw_starttime == 1 - || saw_starttime == 0) - && saw_endtime == 1 && saw_realm == 1); -} - - -/* - * Attempt to obtain a DFS ticket - */ -static int -getDFScreds(char *name, char *realm, char *passwd, afs_uint32 lifetime, - char **reason) -{ - extern ADK_GetTicket(); - afs_int32 serverList[MAXSERVERS]; - struct rx_connection *serverconns[MAXSERVERS]; - struct ubik_client *ubik_handle = 0; - struct timeval now; /* current time */ - afs_int32 nonce; /* Kerberos V5 "nonce" */ - adk_error_ptr error_p; /* Error code from ktc intermediary */ - adk_reply_ptr reply_p; /* reply from ktc intermediary */ - des_cblock passwd_key; /* des key from user password */ - des_key_schedule schedule; /* Key schedule from key */ - kdc_as_reply_t kdcrep; /* Our own decoded version of - * ciphertext portion of kdc reply */ - int code; - struct afsconf_dir *cdir; /* Open configuration structure */ - int i; - struct afsconf_cell cellinfo; /* Info for specified cell */ - - if ((name == NULL) || (realm == NULL) || (passwd == NULL)) { - *reason = makeString("weblog: NULL Arguments to getDCEcreds"); - return -1; - } - - cdir = afsconf_Open(AFSDIR_CLIENT_ETC_DIRPATH); - if (!cdir) { - *reason = - makeString("weblog: unable to read or open AFS client " - "configuration file"); - return -1; - } - - /* - * Resolve full name of cell and get server list. - */ - code = afsconf_GetCellInfo(cdir, realm, 0, &cellinfo); - if (code) { - *reason = makeString("-- unable to get cell info"); - return -1; - } - - if (strcmp(realm, cellinfo.name)) { - strncpy(realm, cellinfo.name, sizeof(realm) - 1); - realm[sizeof(realm) - 1] = '\0'; - } - - for (i = 0; i < cellinfo.numServers && i < MAXSERVERS; i++) { - serverList[i] = cellinfo.hostAddr[i].sin_addr.s_addr; - } - if (i < MAXSERVERS) - serverList[i] = 0; - - /* - * Make connections to all the servers. - */ - rx_Init(0); - for (i = 0; i < MAXSERVERS; i++) { - if (!serverList[i]) { - serverconns[i] = 0; - break; - } - serverconns[i] = - rx_NewConnection(serverList[i], htons(ADK_PORT), ADK_SERVICE, - rxnull_NewClientSecurityObject(), 0); - } - - /* - * Initialize ubik client gizmo to randomize the calls for us. - */ - ubik_ClientInit(serverconns, &ubik_handle); - /* - * Come up with an acceptable nonce. V5 doc says that we just need - * time of day. Actually, for this app, I don't think anything - * is really needed. Better safe than sorry (although I wonder if - * it might have been better to encode the AFS ID in the nonce - * reply field--that's the one field that the intermediate server - * has total control over, and which can be securely transmitted - * back to the client). - */ - gettimeofday(&now, 0); - nonce = now.tv_sec; - - - /* - * Ask our agent to get us a Kerberos V5 ticket. - */ - reply_p = (adk_reply_ptr) 0; - error_p = (adk_error_ptr) 0; - code = ubik_ADK_GetTicket(ubik_handle, 0, /* Ubik flags */ - name, /* IN: Principal: must be exact DCE principal */ - nonce, /* IN: Input nonce */ - lifetime, /* IN: lifetime */ - &error_p, /* OUT: Error, if any */ - &reply_p); /* OUT: KTC reply, if no error */ - - /* - * Destroy Rx connections on the off-chance this will allow less state - * to be preserved at the server. - */ - ubik_ClientDestroy(ubik_handle); - - /* - * Finalize Rx. This may allow connections at the server to wind down - * faster. - */ - rx_Finalize(); - - - /* - * Check for simple communication failures. - */ - if (code) { - *reason = makeString("-- failed to contact authentication service"); - return -1; - } - - /* - * Also check for DCE errors, which are interpreted for us by - * the translator. - */ - if (error_p && error_p->code) { - *reason = (char *)makeString(error_p->data); - fprintf(stderr, "weblog error:error_p->data:%s\n", error_p->data); - return -1; - } - - - /* - * Make sure the reply was filled in. - */ - if (!reply_p) { - *reason = (char *) - makeString - ("weblog: unexpected error in server response; aborted"); - return -1; - } - - - /* - * Convert the password into the appropriate key block, given - * the salt passed back from the ADK_GetTicket call, above. Destroy - * the password. - */ - if (strlen(passwd) + strlen(reply_p->salt) + 1 > BUFSIZ) { - *reason = (char *) - makeString("weblog: unexpectedly long passwd/salt combination"); - return -1; - } - strcat(passwd, reply_p->salt); - des_string_to_key(passwd, passwd_key); - - /* Destroy the password. */ - memset(passwd, 0, strlen(passwd)); - - - /* - * Decrypt the private data returned by the DCE KDC, and forwarded - * to us by the translator. - */ - code = des_key_sched(passwd_key, schedule); - if (!code) { - code = - des_cbc_encrypt(reply_p->private.adk_code_val, - reply_p->private.adk_code_val, - reply_p->private.adk_code_len, schedule, - passwd_key, DECRYPT); - } - if (code) { - *reason = - (char *)makeString("-- unable to decrypt reply from the DCE KDC"); - return -1; - } - - /* - * Destroy the key block: it's no longer needed. - */ - memset(schedule, 0, sizeof(schedule)); - memset(passwd_key, 0, sizeof(passwd_key)); - - - /* - * Do a very quick and dirty ASN.1 decode of the relevant parts - * of the private data. - * - * The decrypted data contains a 12-byte header (confounder and CRC-32 - * checksum). We choose to ignore this. - */ - code = decode_reply(reply_p->private.adk_code_val + 12, /* Skip header */ - reply_p->private.adk_code_len - 12, /* ditto */ - &kdcrep); - - if (code || kdcrep.nonce != nonce) { - *reason = - (char *)makeString("weblog: DCE authentication failed -- " - "password is probably incorrect"); - return -1; - } - - - /* - * Make an AFS token out of the ticket and session key, and install it - * in the cache manager. - */ - code = - store_afs_token(reply_p->unix_id, realm, reply_p->tktype, - reply_p->ticket.adk_code_val, - reply_p->ticket.adk_code_len, kdcrep.session_key, - kdcrep.starttime ? kdcrep.starttime : kdcrep.authtime, - kdcrep.endtime, 0); - - if (code) { - *reason = (char *) - makeString("weblog -- getDCEcreds:failed to store tickets"); - return -1; - } - return 0; -} -#endif /* ENABLE_DCE_DLOG */ - /* * The main procedure that waits in an infinite loop for data to @@ -921,21 +403,13 @@ CommandProc(as, arock) if (strcasecmp(type, "AFS") == 0) { authtype = 1; } -#ifdef ENABLE_DCE_DLOG - else if (strcasecmp(type, "AFS-DFS") == 0) { - authtype = 2; - } -#endif /* ENABLE_DCE_DLOG */ else { authtype = 0; } if (!authtype) { reason = (char *)malloc(sizeof(tbuffer)); - sprintf(reason, - "weblog: Unknown Authentication type:%s. AFS-DFS login " - "may not be enabled - check compile flags for ENABLE_DCE_DLOG", - type); + sprintf(reason, "weblog: Unknown Authentication type:%s.", type); goto reply_failure; } @@ -959,20 +433,6 @@ CommandProc(as, arock) NULL, cell, passwd, lifetime, &password_expires, 0, &reason); } -#ifdef ENABLE_DCE_DLOG - else if (authtype == 2) { - unlog(); - code = getDFScreds(name, cell, passwd, lifetime, &reason); - } -#ifdef DEBUG_DCE - printf("Code:%d\n", code); - if (code) { - if (reason) { - printf("FAILURE:Reason:%s\n", reason); - } - } -#endif -#endif /* ENABLE_DCE_DLOG */ if (code) { #ifdef DEBUG diff --git a/src/dauth/.cvsignore b/src/dauth/.cvsignore deleted file mode 100644 index b91902f..0000000 --- a/src/dauth/.cvsignore +++ /dev/null @@ -1,8 +0,0 @@ -AFS_component_version_number.c -Makefile -adkint.cs.c -adkint.h -adkint.ss.c -adkint.xdr.c -dlog -dpass diff --git a/src/dauth/Makefile.in b/src/dauth/Makefile.in deleted file mode 100644 index 679cf47..0000000 --- a/src/dauth/Makefile.in +++ /dev/null @@ -1,79 +0,0 @@ -# Copyright 2000, International Business Machines Corporation and others. -# All Rights Reserved. -# -# This software has been released under the terms of the IBM Public -# License. For details, see the LICENSE file in the top-level source -# directory or online at http://www.openafs.org/dl/license10.html - -srcdir=@srcdir@ -include @TOP_OBJDIR@/src/config/Makefile.config - -INCLS=${TOP_INCDIR}/ubik.h \ - ${TOP_INCDIR}/lwp.h \ - ${TOP_INCDIR}/lock.h \ - ${TOP_INCDIR}/rx/rx.h \ - ${TOP_INCDIR}/rx/xdr.h \ - ${TOP_INCDIR}/afs/com_err.h - -VERS = AFS_component_version_number.o -OBJS = adkint.cs.o adkint.xdr.o - -LIBS=${TOP_LIBDIR}/libkauth.a \ - ${TOP_LIBDIR}/libauth.a \ - ${TOP_LIBDIR}/libcmd.a \ - ${TOP_LIBDIR}/libcom_err.a \ - ${TOP_LIBDIR}/libubik.a \ - ${TOP_LIBDIR}/librxkad.a \ - ${TOP_LIBDIR}/libdes.a \ - ${TOP_LIBDIR}/librx.a \ - ${TOP_LIBDIR}/liblwp.a \ - ${TOP_LIBDIR}/libsys.a \ - ${TOP_LIBDIR}/util.a - -CELL= `pwd|awk -F/ '{print $$3}'` -USNS= cellname - -noversion: install - -all: dlog dpass - -adkint.cs.o: adkint.cs.c -adkint.xdr.o: adkint.xdr.c adkint.h - -adkint.cs.c: adkint.xg - ${RXGEN} -C -u -o $@ ${srcdir}/adkint.xg - -adkint.xdr.c: adkint.xg - ${RXGEN} -c -o $@ ${srcdir}/adkint.xg - -adkint.h: adkint.xg - ${RXGEN} -h -u -o $@ ${srcdir}/adkint.xg - -dlog: dlog.o $(VERS) $(OBJS) $(LIBS) - $(CC) ${LDFLAGS} -o dlog dlog.o $(VERS) $(OBJS) ${LIBS} \ - ${XLIBS} - -dlog.o: dlog.c adkint.h - -dpass: dpass.o $(VERS) $(LIBS) - $(CC) ${LDFLAGS} -o dpass dpass.o $(VERS) $(LIBS) ${XLIBS} - -# Test version of dlog just checks ASN.1 date conversion. -dlog_test: dlog.c $(OBJS) $(LIBS) - $(CC) $(LDFLAGS) -DDLOG_TEST -o dlog_test dlog.c $(OBJS) \ - $(LIBS) ${XLIBS} - -install: dlog dpass - ${INSTALL} -d ${DESTDIR}${bindir} - ${INSTALL_PROGRAM} dlog ${DESTDIR}${bindir}/dlog - ${INSTALL_PROGRAM} dpass ${DESTDIR}${bindir}/dpass - -dest: dlog dpass - ${INSTALL} -d ${DEST}/bin - ${INSTALL_PROGRAM} dlog ${DEST}/bin/dlog - ${INSTALL_PROGRAM} dpass ${DEST}/bin/dpass - -clean: - $(RM) -f adkint.h adkint.cs.c adkint.ss.c adkint.xdr.c *.o dlog dpass AFS_component_version_number.c - -include ../config/Makefile.version diff --git a/src/dauth/adkint.xg b/src/dauth/adkint.xg deleted file mode 100644 index 1be6d10..0000000 --- a/src/dauth/adkint.xg +++ /dev/null @@ -1,58 +0,0 @@ -/* - * Copyright 2000, International Business Machines Corporation and others. - * All Rights Reserved. - * - * This software has been released under the terms of the IBM Public - * License. For details, see the LICENSE file in the top-level source - * directory or online at http://www.openafs.org/dl/license10.html - */ - -/* - * adkint.xg -- interface definition for AFS/DFS DCE KDC ticket service. - */ - -package ADK_ -statindex 5 - -/* - * For our simplified Kerberos V5 ticket granting service, we add - * another service to the file service port (rather than having to risk - * using yet another public port). - */ -const ADK_PORT = 7000; -const ADK_SERVICE = 2; - -typedef opaque adk_code<2000>; /* Encoded byte strings */ -typedef string adk_string<2000>;/* Normal, null terminated strings */ - -/* - * This structure is returned on a DCE error, since the local system - * has no hope of interpreting the error code otherwise. - */ -struct adk_error { - afs_int32 code; /* Both the call error code AND this must be checked */ - adk_string data; /* Interpreted error code string */ -}; - -struct adk_reply { - afs_int32 unix_id; /* DCE Id of user (info only; not secured) */ - adk_string salt; /* Salt to use for string_to_key on password */ - afs_int32 tktype; /* Ticket type, from rxkad.p.h */ - adk_code ticket; /* The Kerberos V5 PAC-less ticket */ - adk_code private; /* Secured reply information from DCE KTC. Decrypt - this with key derived from user password and salt */ -}; - -/* - * Can only pass pointers to structures, if they need to be deallocated. - * This is an rxgen restriction. - */ -typedef struct adk_reply *adk_reply_ptr; -typedef struct adk_error *adk_error_ptr; - -GetTicket - (IN adk_string name, - afs_int32 nonce, - afs_int32 lifetime, - OUT adk_error_ptr *error_p, /* Not if there is a reply */ - OUT adk_reply_ptr *reply_p) = 1; /* Only if no error */ diff --git a/src/dauth/dlog.c b/src/dauth/dlog.c deleted file mode 100644 index 5848674..0000000 --- a/src/dauth/dlog.c +++ /dev/null @@ -1,898 +0,0 @@ -/* - * Copyright 2000, International Business Machines Corporation and others. - * All Rights Reserved. - * - * This software has been released under the terms of the IBM Public - * License. For details, see the LICENSE file in the top-level source - * directory or online at http://www.openafs.org/dl/license10.html - */ - -/* - * dlog - * - * This program acquires a Kerberos V5 ticket, or variant thereof, from - * the DCE KDC, using the services of an intermediary server (which happens - * to be implemented in the AFS/DFS translator). The intermediary takes - * care of most of the intricate details of the KRB5 authentication exchange, - * since it has available to it the appropriate KRB5 utilities. This program - * does have to decrypt the enciphered portion of the KDC reply to extract - * the session key to use with the ticket, and needs to know just enough ASN.1 - * to decode the decrypted result. As a side-effect of using the AFS/DFS - * translator as the intermediary, this program also does not have to access - * any KRB5 location/configuration information--it just contacts the servers - * listed in the CellServDB in the usual manner (via ubik_. - * - * This works as follows: - * - * 1. dlog sends a GetTickets request to the intermediary. - * - * 2. The intermediary reformats the request as an KRB5 AS request(asking - * for a ticket made out to the specified principal, suitable for contacting - * the AFS/DFS translator principal. This is determined by the server, and - * is by default "afs". - * - * 3. Since the AS service is used directly, an appropriate ticket will - * be passed back immediately (there is no need to get a TGT first). - * - * 4. The translator decodes the response and, in the absense of an error, - * returns some in-the-clear information about the ticket, the Unix id - * of the user, the ticket itself, encrypted in the afs principal's key, - * and the session key and ticket valid times, all encrypted in a key - * derived from the user's password and a salt. The appropriate salt to - * append to the password is returned with the result. We also return - * a ticket type, which may indicate that the ticket is a standard - * Kerberos V5 ticket (RXKAD_TICKET_TYPE_KERBEROS_V5, defined in rxkad.h) - * or that it is in a private formats reserved by the translator (this - * allows the translator to strip of unecessary in-the-clear information - * in the ticket or even to re-encrypt the ticket in another format, - * if desired, to save space). - * - * 5. Finally, this program requests the user's password and attempts - * decryption and decoding of the session key and related information. - * Included in the decrypted result is a "nonce" which was supplied - * by the client in the first place. If the nonce is retrieved undamaged, - * and if we are able to decode the result (with a very limited ASN.1 - * decoder) then it is assumed the client's password must have been correct. - * - * 6. The user id, session key, ticket, ticket type, and expiration time are - * all stored in the cache manager. - * - * NOTE 1: this program acquires only a simple ticket (no DCE PAC information), - * which is all that is required to hold a conversation with the AFS/DFS - * translator. The AFS/DFS translator must obtain another ticket for use with - * the DFS file exporter which *does* include complete user information (i.e. - * a PAC). That is another story. - * - * NOTE 2: no authentication libraries are provided which match this program. - * This program, itself, constitutes a usable authentication interface, and - * may be called by another program (such as login), using the -pipe switch. - */ - -#include -#include - -RCSID - ("$Header$"); - -#include -#include -#include -#ifdef AFS_AIX32_ENV -#include -#endif - -#ifdef HAVE_STRING_H -#include -#else -#ifdef HAVE_STRINGS_H -#include -#endif -#endif - -#include - -#include -#include -#include -#include -#include -#include -#include "adkint.h" -#include "assert.h" -#include -#include - -/* - * The password reading routine in des/readpassword.c will not work if the - * buffer size passed in is greater than BUFSIZ, so we pretty well have to - * use that constant and *HOPE* that the BUFSIZ there is the same as the - * BUFSIZ here. - */ -#define MAX_PASSWD_LEN BUFSIZ - -/* - * Read a null-terminated password from stdin, stop on \n or eof - */ -static char * -getpipepass() -{ - static char gpbuf[MAX_PASSWD_LEN]; - - register int i, tc; - memset(gpbuf, 0, sizeof(gpbuf)); - for (i = 0; i < (sizeof(gpbuf) - 1); i++) { - tc = fgetc(stdin); - if (tc == '\n' || tc == EOF) - break; - gpbuf[i] = tc; - } - return gpbuf; -} - -/* - * The un-decoded version of the encrypted portion of the kdc - * AS reply message (see Kerberos V5 spec). - */ -typedef struct kdc_as_reply { - des_cblock session_key; - afs_int32 nonce; - afs_int32 authtime; - afs_int32 starttime; - afs_int32 endtime; - char *realm; -} kdc_as_reply_t; - -int CommandProc(); - -static int zero_argc; -static char **zero_argv; - -/* - * Store the returned credentials as an AFS "token" for the user - * "AFS ID ". - */ -int -store_afs_token(unix_id, realm_p, tkt_type, ticket_p, ticket_len, session_key, - starttime, endtime, set_pag) - afs_int32 unix_id; - char *realm_p; - afs_int32 tkt_type; - unsigned char *ticket_p; - int ticket_len; - des_cblock session_key; - afs_int32 starttime; - afs_int32 endtime; - int set_pag; -{ - struct ktc_token token; - struct ktc_principal client, server; - - token.startTime = starttime; - token.endTime = endtime; - memcpy((char *)&token.sessionKey, session_key, sizeof(token.sessionKey)); - token.kvno = tkt_type; - token.ticketLen = ticket_len; - if (ticket_len > MAXKTCTICKETLEN) { - fprintf(stderr, - "dlog: DCE ticket is too long (length %d). Maximum length accepted by AFS cache manager is %d\n", - ticket_len, MAXKTCTICKETLEN); - exit(1); - } - memcpy((char *)token.ticket, (char *)ticket_p, ticket_len); - - sprintf(client.name, "AFS ID %d", unix_id); - strcpy(client.instance, ""); - strcpy(client.cell, realm_p); - - strcpy(server.name, "afs"); - strcpy(server.instance, ""); - strcpy(server.cell, realm_p); - - return (ktc_SetToken - (&server, &token, &client, set_pag ? AFS_SETTOK_SETPAG : 0)); -} - -char * -make_string(s_p, length) - char *s_p; - int length; -{ - char *new_p = (char *)malloc(length + 1); - if (new_p == NULL) { - fprintf(stderr, "dlog: out of memory\n"); - exit(1); - } - memcpy(new_p, s_p, length); - new_p[length] = '\0'; - return new_p; -} - -/* - * Decode an asn.1 GeneralizedTime, turning it into a 32-bit Unix time. - * Format is fixed at YYYYMMDDHHMMSS plus a terminating "Z". - * - * NOTE: A test for this procedure is included at the end of this file. - */ -int -decode_asn_time(buf, buflen, utime) - char *buf; - int buflen; - afs_int32 *utime; -{ - int year, month, day, hour, mina, sec; - int leapyear, days; - static mdays[11] = { 31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30 }; - int m; - - if (buflen != 15 - || sscanf(buf, "%4d%2d%2d%2d%2d%2dZ", &year, &month, &day, &hour, - &mina, &sec) != 6) { - return 1; - } - leapyear = month > 2 ? (year + 1) : year; /* Account for feb 29 if - * current year is a leap year */ - for (days = 0, m = 0; m < month - 1; m++) - days += mdays[m]; - - *utime = - ((((((year - 1970) * 365 + (leapyear - 1970 + 1) / 4 + days + day - - 1) * 24) + hour) * 60 + mina) * 60) + sec; - return 0; -} - -/* - * A quick and (very) dirty ASN.1 decode of the ciphertext portion - * of the KDC AS reply message... good enough for a product with a short - * expected lifetime (this will work as long as the message format doesn't - * change much). - * - * Assumptions: - * - * 1. The nonce is the only INTEGER with a tag of [2], at any nesting level. - * 2. The session key is the only OCTET STRING with length 8 and tag [1]. - * 3. The authtime, starttime, and endtimes are the only Generalized Time - * strings with tags 5, 6, and 7, respectively. - * 4. The realm is the only General String with tag 9. - * 5. The tags, above, are presented in ascending order. - */ - -#define ASN_INTEGER 0x2 -#define ASN_OCTET_STRING 0x4 -#define ASN_TIME 0x18 -#define ASN_GENERAL_STRING 0x1b -#define KDC_REP 0x7a - -int -decode_reply(buf, buflen, reply_p) - unsigned char *buf; /* encoded ASN.1 string */ - int buflen; /* length of encoded string */ - kdc_as_reply_t *reply_p; /* result */ -{ - unsigned char *limit = buf + buflen; - - char saw_nonce = 0; - char saw_kdc_rep = 0; - char saw_session_key = 0; - char saw_authtime = 0; - char saw_starttime = 0; - char saw_endtime = 0; - char saw_realm = 0; - - int context = -1; /* Initialize with invalid context */ - - reply_p->starttime = 0; /* This is optionally provided by kdc */ - - while (buf < limit) { - int op; - unsigned int len; - - op = *buf++; - len = *buf++; - if (len & 0x80 && len != 0x80) { - unsigned int n = (len & 0x7f); - if (n > sizeof(len)) - return 1; /* too long for us to handle */ - len = 0; - while (n) { - len = (len << 8) | *buf++; - n--; - } - } - if ((op & 0x20) == 0) { - /* Primitive encoding */ - /* Bounds check */ - if (buf + len > limit) - return 1; - } - - switch (op) { - case KDC_REP: - saw_kdc_rep++; - break; - - case ASN_INTEGER: - { - /* - * Since non ANSI C doesn't recognize the "signed" - * type attribute for chars, we have to fiddle about - * to get sign extension (the sign bit is the top bit - * of the first byte). - */ -#define SHIFTSIGN ((sizeof(afs_int32) - 1) * 8) - afs_int32 val; - val = (afs_int32) (*buf++ << SHIFTSIGN) >> SHIFTSIGN; - - while (--len) - val = (val << 8) | *buf++; - - if (context == 2) { - reply_p->nonce = val; - saw_nonce++; - } - } - break; - - case ASN_OCTET_STRING: - if (context == 1 && len == sizeof(reply_p->session_key)) { - saw_session_key++; - memcpy(reply_p->session_key, buf, len); - } - buf += len; - break; - - case ASN_GENERAL_STRING: - if (context == 9) { - saw_realm = 1; - reply_p->realm = make_string(buf, len); - goto out; /* Best to terminate now, rather than - * continue--we don't know if the entire - * request is padded with zeroes, and if - * not there is a danger of misinterpreting - * an op-code (since the request may well - * be padded somewhat, for encryption purposes) - * This would work much better if we really - * tracked constructed type boundaries. - */ - } - buf += len; - break; - - case ASN_TIME: - switch (context) { - case 5: - saw_authtime++; - if (decode_asn_time(buf, len, &reply_p->authtime)) - return 1; - break; - - case 6: - saw_starttime++; - if (decode_asn_time(buf, len, &reply_p->starttime)) - return 1; - break; - - case 7: - saw_endtime++; - if (decode_asn_time(buf, len, &reply_p->endtime)) - return 1; - break; - } - buf += len; - break; - - default: - if ((op & 0xe0) == 0xa0) { - /* Remember last context label */ - context = op & 0x1f; - } else if ((op & 0x20) == 0) { - /* Skip primitive encodings we don't understand */ - buf += len; - } - } - } - - out: - return !(saw_kdc_rep == 1 && saw_nonce == 1 && saw_session_key == 1 - && saw_authtime == 1 && (saw_starttime == 1 - || saw_starttime == 0) - && saw_endtime == 1 && saw_realm == 1); -} - -main(argc, argv) - int argc; - char *argv[]; -{ - struct cmd_syndesc *ts; - afs_int32 code; -#ifdef AFS_AIX32_ENV - /* - * The following signal action for AIX is necessary so that in case of a - * crash (i.e. core is generated) we can include the user's data section - * in the core dump. Unfortunately, by default, only a partial core is - * generated which, in many cases, isn't too useful. - */ - struct sigaction nsa; - - sigemptyset(&nsa.sa_mask); - nsa.sa_handler = SIG_DFL; - nsa.sa_flags = SA_FULLDUMP; - sigaction(SIGSEGV, &nsa, NULL); -#endif - zero_argc = argc; - zero_argv = argv; - - initialize_U_error_table(); - initialize_KTC_error_table(); - initialize_ACFG_error_table(); - - ts = cmd_CreateSyntax(NULL, CommandProc, 0, - "obtain Kerberos authentication"); - -#define aPRINCIPAL 0 -#define aCELL 1 -#define aPASSWORD 2 -#define aSERVERS 3 -#define aLIFETIME 4 -#define aSETPAG 5 -#define aPIPE 6 -#define aTEST 7 - - cmd_AddParm(ts, "-principal", CMD_SINGLE, CMD_OPTIONAL, "user name"); - cmd_AddParm(ts, "-cell", CMD_SINGLE, CMD_OPTIONAL, "cell name"); - cmd_AddParm(ts, "-password", CMD_SINGLE, CMD_OPTIONAL, "user's password"); - cmd_AddParm(ts, "-servers", CMD_LIST, CMD_OPTIONAL, - "explicit list of servers"); - cmd_AddParm(ts, "-lifetime", CMD_SINGLE, CMD_OPTIONAL, - "ticket lifetime in hh[:mm[:ss]]"); - cmd_AddParm(ts, "-setpag", CMD_FLAG, CMD_OPTIONAL, - "Create a new setpag before authenticating"); - cmd_AddParm(ts, "-pipe", CMD_FLAG, CMD_OPTIONAL, - "read password from stdin"); - -#ifdef DLOG_TEST - cmd_AddParm(ts, "-test", CMD_FLAG, CMD_OPTIONAL, "self-test"); -#endif - code = cmd_Dispatch(argc, argv); - exit(code); -} - -CommandProc(as, arock) - char *arock; - struct cmd_syndesc *as; -{ - char name[MAXKTCNAMELEN]; - char realm[MAXKTCREALMLEN]; - - extern ADK_GetTicket(); - afs_int32 serverList[MAXSERVERS]; - struct rx_connection *serverconns[MAXSERVERS]; - struct ubik_client *ubik_handle = 0; - struct timeval now; /* Current time */ - afs_int32 nonce; /* Kerberos V5 "nonce" */ - adk_error_ptr error_p; /* Error code from ktc intermediary */ - adk_reply_ptr reply_p; /* Reply from ktc intermediary */ - des_cblock passwd_key; /* des key from user password */ - des_key_schedule schedule; /* Key schedule from key */ - kdc_as_reply_t kdcrep; /* Our own decoded version of - * ciphertext portion of kdc reply */ - - int code; - int i, dosetpag; - afs_uint32 lifetime; /* requested ticket lifetime */ - char passwd[MAX_PASSWD_LEN]; - - static char rn[] = "dlog"; /*Routine name */ - static int readpipe; /* reading from a pipe */ - - int explicit_cell = 0; /* servers specified explicitly */ - int foundPassword = 0; /*Not yet, anyway */ - - struct afsconf_dir *cdir; /* Open configuration structure */ - - /* - * Discard command line arguments, in case the password is on the - * command line (to avoid it showing up from a ps command). - */ - for (i = 1; i < zero_argc; i++) - memset(zero_argv[i], 0, strlen(zero_argv[i])); - zero_argc = 0; - -#ifdef DLOG_TEST - /*; - * Do a small self test if asked. - */ - if (as->parms[aTEST].items) { - exit(self_test()); - } -#endif - - /* - * Determine if we should also do a setpag based on -setpag switch. - */ - dosetpag = (as->parms[aSETPAG].items ? 1 : 0); - - /* - * If reading the password from a pipe, don't prompt for it. - */ - readpipe = (as->parms[aPIPE].items ? 1 : 0); - - cdir = afsconf_Open(AFSDIR_CLIENT_ETC_DIRPATH); - if (!cdir) { - fprintf(stderr, - "dlog: unable to read or open AFS client configuration file\n"); - exit(1); - } - - if (as->parms[aCELL].items) { - strncpy(realm, as->parms[aCELL].items->data, sizeof(realm) - 1); - realm[sizeof(realm) - 1] = '\0'; - explicit_cell = 1; - } else { - afsconf_GetLocalCell(cdir, realm, sizeof(realm)); - } - - if (as->parms[aSERVERS].items) { - /* - * Explicit server list. Note that if servers are specified, - * we don't bother trying to look up cell information, but just - * use the specified cell name, which must be fully specified - * *or* take it out of the ticket if not specified. - */ - int i; - struct cmd_item *ip; - char *ap[MAXSERVERS + 2]; - - for (ip = as->parms[aSERVERS].items, i = 2; ip; ip = ip->next, i++) - ap[i] = ip->data; - ap[0] = ""; - ap[1] = "-servers"; - code = ubik_ParseClientList(i, ap, serverList); - if (code) { - com_err(rn, code, "-- could not parse server list"); - exit(1); - } - } else { - int i; - struct afsconf_cell cellinfo; /* Info for specified cell */ - - /* - * Resolve full name of cell and get server list. - */ - code = afsconf_GetCellInfo(cdir, realm, 0, &cellinfo); - if (code) { - com_err(rn, code, "-- unable to get cell info"); - exit(1); - } - strncpy(realm, cellinfo.name, sizeof(realm) - 1); - realm[sizeof(realm) - 1] = '\0'; - for (i = 0; i < cellinfo.numServers && i < MAXSERVERS; i++) { - serverList[i] = cellinfo.hostAddr[i].sin_addr.s_addr; - } - if (i < MAXSERVERS) - serverList[i] = 0; - } - - if (as->parms[aPRINCIPAL].items) { - strncpy(name, as->parms[aPRINCIPAL].items->data, sizeof(name) - 1); - name[sizeof(name) - 1] = '\0'; - } else { - /* No explicit name provided: use Unix uid to get a name */ - struct passwd *pw; - pw = getpwuid(getuid()); - if (pw == 0) { - fprintf(stderr, "Can't determine your name from your user id.\n"); - fprintf(stderr, "Try providing a principal name.\n"); - exit(1); - } - strncpy(name, pw->pw_name, sizeof(name) - 1); - name[sizeof(name) - 1] = '\0'; - } - - if (as->parms[aPASSWORD].items) { - /* - * Current argument is the desired password string. Remember it in - * our local buffer, and zero out the argument string - anyone can - * see it there with ps! - */ - foundPassword = 1; - strncpy(passwd, as->parms[aPASSWORD].items->data, sizeof(passwd) - 1); - passwd[sizeof(passwd) - 1] = '\0'; - memset(as->parms[aPASSWORD].items->data, 0, - strlen(as->parms[aPASSWORD].items->data)); - } - - if (as->parms[aLIFETIME].items) { - char *life = as->parms[aLIFETIME].items->data; - char *sp; /* string ptr to rest of life */ - lifetime = 3600 * strtol(life, &sp, 0); /* hours */ - if (sp == life) { - bad_lifetime: - fprintf(stderr, "%s: translating '%s' to lifetime\n", rn, life); - exit(1); - } - if (*sp == ':') { - life = sp + 1; /* skip the colon */ - lifetime += 60 * strtol(life, &sp, 0); /* minutes */ - if (sp == life) - goto bad_lifetime; - if (*sp == ':') { - life = sp + 1; - lifetime += strtol(life, &sp, 0); /* seconds */ - if (sp == life) - goto bad_lifetime; - if (*sp) - goto bad_lifetime; - } else if (*sp) - goto bad_lifetime; - } else if (*sp) - goto bad_lifetime; - } else - lifetime = 0; - - /* - * Make connections to all the servers. - */ - rx_Init(0); - for (i = 0; i < MAXSERVERS; i++) { - if (!serverList[i]) { - serverconns[i] = 0; - break; - } - serverconns[i] = - rx_NewConnection(serverList[i], htons(ADK_PORT), ADK_SERVICE, - rxnull_NewClientSecurityObject(), 0); - } - - /* - * Initialize ubik client gizmo to randomize the calls for us. - */ - ubik_ClientInit(serverconns, &ubik_handle); - - /* - * Come up with an acceptable nonce. V5 doc says that we just need - * time of day. Actually, for this app, I don't think anything - * is really needed. Better safe than sorry (although I wonder if - * it might have been better to encode the AFS ID in the nonce - * reply field--that's the one field that the intermediate server - * has total control over, and which can be securely transmitted - * back to the client). - */ - gettimeofday(&now, 0); - nonce = now.tv_sec; - - /* - * Ask our agent to get us a Kerberos V5 ticket. - */ - reply_p = (adk_reply_ptr) 0; - error_p = (adk_error_ptr) 0; - code = ubik_ADK_GetTicket(ubik_handle, 0, /* Ubik flags */ - name, /* IN: Principal: must be exact DCE principal */ - nonce, /* IN: Input nonce */ - lifetime, /* IN: lifetime */ - &error_p, /* OUT: Error, if any */ - &reply_p); /* OUT: KTC reply, if no error */ - - /* - * Destroy Rx connections on the off-chance this will allow less state - * to be preserved at the server. - */ - ubik_ClientDestroy(ubik_handle); - - /* - * Finalize Rx. This may allow connections at the server to wind down - * faster. - */ - rx_Finalize(); - - /* - * Check for simple communication failures. - */ - if (code) { - com_err(rn, code, "-- failed to contact authentication service"); - exit(1); - } - - /* - * Also check for DCE errors, which are interpreted for us by - * the translator. - */ - if (error_p && error_p->code) { - fprintf(stderr, "dlog: %s\n", error_p->data); - exit(1); - } - - /* - * Make sure the reply was filled in. - */ - if (!reply_p) { - fprintf(stderr, - "dlog: unexpected error in server response; aborted\n"); - exit(1); - } - - /* - * Get the password if it wasn't provided. - */ - if (!foundPassword) { - if (readpipe) { - strcpy(passwd, getpipepass()); - } else { - code = des_read_pw_string(passwd, sizeof(passwd), "Password:", 0); - if (code) { - com_err(rn, code, "-- couldn't read password"); - exit(1); - } - } - } - - /* - * Convert the password into the appropriate key block, given - * the salt passed back from the ADK_GetTicket call, above. Destroy - * the password. - */ - if (strlen(passwd) + strlen(reply_p->salt) + 1 > sizeof(passwd)) { - fprintf(stderr, "dlog: unexpectedly long passwd/salt combination"); - exit(1); - } - strcat(passwd, reply_p->salt); - des_string_to_key(passwd, passwd_key); - memset(passwd, 0, strlen(passwd)); - - /* - * Decrypt the private data returned by the DCE KDC, and forwarded - * to us by the translator. - */ - code = des_key_sched(passwd_key, schedule); - if (!code) { - code = - des_cbc_encrypt(reply_p->private.adk_code_val, - reply_p->private.adk_code_val, - reply_p->private.adk_code_len, schedule, - passwd_key, DECRYPT); - } - if (code) { - com_err(rn, code, "-- unable to decrypt reply from the DCE KDC"); - exit(1); - } - - /* - * Destroy the key block: it's no longer needed. - */ - memset(schedule, 0, sizeof(schedule)); - memset(passwd_key, 0, sizeof(passwd_key)); - - /* - * Do a very quick and dirty ASN.1 decode of the relevant parts - * of the private data. - * - * The decrypted data contains a 12-byte header (confounder and CRC-32 - * checksum). We choose to ignore this. - */ - code = decode_reply(reply_p->private.adk_code_val + 12, /* Skip header */ - reply_p->private.adk_code_len - 12, /* ditto */ - &kdcrep); - - if (code || kdcrep.nonce != nonce) { - fprintf(stderr, - "dlog: DCE authentication failed -- your password is probably incorrect\n"); - exit(1); - } - - /* - * If the cell was not explicitly specified, then we hope that the local - * name for the cell is the same as the one in the ticket. - * If not, we should get an error when we store it, so the user will see - * the errant name at that time. - */ - if (!explicit_cell) - strcpy(realm, kdcrep.realm); - - /* - * Make an AFS token out of the ticket and session key, and install it - * in the cache manager. - */ - code = - store_afs_token(reply_p->unix_id, realm, reply_p->tktype, - reply_p->ticket.adk_code_val, - reply_p->ticket.adk_code_len, kdcrep.session_key, - kdcrep.starttime ? kdcrep.starttime : kdcrep.authtime, - kdcrep.endtime, dosetpag); - - if (code) { - com_err("dlog", code, "-- failed to store tickets"); - exit(1); - } - - return 0; -} - -#ifdef DLOG_TEST -/* - * Check the ASN.1 generalized time conversion routine, which assumes - * the restricted format defined in the Kerberos V5 document. - */ - -/* - * The times in this array were checked independently with the following perl - * script: - * - * ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = gmtime(shift); - * $mon++; $year += 1900; - * printf("%04d%02d%02d%02d%02d%02dZ\n", $year, $mon, $mday, $hour, $min, $sec); - */ -struct test_times { - char *generalized_time_p; - afs_int32 unix_time; -} test_times[] = { - { - "19700101000000Z", 0}, { - "19930101000000Z", 725846400}, { - "19940101000000Z", 757382400}, { - "19940201000000Z", 760060800}, { - "19940301000000Z", 762480000}, { - "19940401000000Z", 765158400}, { - "19950101000000Z", 788918400}, { - "19950201000000Z", 791596800}, { - "19950301000000Z", 794016000}, { - "19950401000000Z", 796694400}, { - "19950501000000Z", 799286400}, { - "19950601000000Z", 801964800}, { - "19950701000000Z", 804556800}, { - "19950801000000Z", 807235200}, { - "19950901000000Z", 809913600}, { - "19951001000000Z", 812505600}, { - "19951101000000Z", 815184000}, { - "19951201000000Z", 817776000}, { - "19951231235959Z", 820454399}, { - "19960101000000Z", 820454400}, { - "19960131000000Z", 823046400}, { - "19960131235959Z", 823132799}, { - "19960201000000Z", 823132800}, { - "19960229000000Z", 825552000}, { - "19960229235959Z", 825638399}, { - "19960301000000Z", 825638400}, { - "19960331000000Z", 828230400}, { - "19960331235959Z", 828316799}, { - "19970101000000Z", 852076800}, { - "19980101000000Z", 883612800}, { - "19990101000000Z", 915148800}, { - "20000101000000Z", 946684800}, { - "20010101000000Z", 978307200}, { - "20020101000000Z", 1009843200}, { - "20030101000000Z", 1041379200}, { - "20040101000000Z", 1072915200}, { - "20050101000000Z", 1104537600}, { -"20380119031407Z", 2147483647},}; - -self_test() -{ - int i; - int nerrors = 0; - - for (i = 0; i < sizeof(test_times) / sizeof(test_times[0]); i++) { - struct test_times *t_p = &test_times[i]; - afs_int32 status; - afs_int32 unix_time; - - status = - decode_asn_time(t_p->generalized_time_p, - strlen(t_p->generalized_time_p), &unix_time); - if (status) { - printf("dlog: decode of ASN.1 time %s failed\n", - t_p->generalized_time_p); - nerrors++; - } else if (t_p->unix_time != unix_time) { - printf - ("dlog: ASN.1 time %s converted incorrectly to %lu (should be %lu)\n", - t_p->generalized_time_p, unix_time, t_p->unix_time); - } - } - - if (nerrors) { - fprintf(stderr, "dlog: self test failed\n"); - return 1; - } - fprintf(stderr, "dlog: self test OK\n"); - return 0; -} -#endif diff --git a/src/dauth/dpass.c b/src/dauth/dpass.c deleted file mode 100644 index 1a2a17c..0000000 --- a/src/dauth/dpass.c +++ /dev/null @@ -1,166 +0,0 @@ -/* - * Copyright 2000, International Business Machines Corporation and others. - * All Rights Reserved. - * - * This software has been released under the terms of the IBM Public - * License. For details, see the LICENSE file in the top-level source - * directory or online at http://www.openafs.org/dl/license10.html - */ - -/* - * dpass - * - * This program allows a user to discover the password generated for him - * by the migration toolkit when migrating his password information - * to the DCE. - */ - -#include -#include - -RCSID - ("$Header$"); - -#include -#include -#include -#ifdef AFS_AIX32_ENV -#include -#endif -#ifdef HAVE_STRING_H -#include -#else -#ifdef HAVE_STRINGS_H -#include -#endif -#endif - -#include - -#include -#include -#include -#include -#include -#include -#include -#include "adkint.h" -#include "assert.h" -#include - - -char *msg[] = { - "", - "Please read the following message before entering your password.", - "", - "This program will display your new, temporary DCE password on your", - "terminal, and you should change the assigned password as soon as", - "possible (from a DCE client). The program assumes that your site uses", - "the standard AFS authentication service provided by Transarc and that", - "your initial account was created from the AFS authentication", - "information by Transarc-supplied migration software. If this is not", - "the case, you should consult your system administrator. The password", - "you enter should be the AFS password that was in effect when your DCE", - "account was created; this is not necessarily the same password you", - "have at the moment. The cell name (which you may override with a", - "command line option), must be the name of the AFS cell from which the", - "authentication information was taken.", - 0 -}; - -CommandProc(as, arock) - char *arock; - struct cmd_syndesc *as; -{ - int i; - afs_int32 code; - struct ktc_encryptionKey key; - char cell[MAXKTCREALMLEN]; - char *cell_p; - char prompt[1000]; - - /* - * We suppress the message, above, if this environment variable - * is set. This allows the administrator to wrap dpass in a shell - * script, if desired, in order to display more information - * about registry conversion dates, etc. - */ - if (!getenv("DPASS_NO_MESSAGE")) { - for (i = 0; msg[i]; i++) - printf("%s\n", msg[i]); - } - - if (as->parms[0].items) { - struct afsconf_cell cellinfo; - struct afsconf_dir *cdir; - - cell_p = as->parms[0].items->data; - cdir = afsconf_Open(AFSDIR_CLIENT_ETC_DIRPATH); - if (!cdir) { - fprintf(stderr, - "\nUnable to verify that \"%s\" is a valid cell name\nProceeding on the assumption that it is correct.\n", - cell_p); - exit(1); - } - code = afsconf_GetCellInfo(cdir, cell_p, 0, &cellinfo); - if (code) { - fprintf(stderr, - "\nUnable to find information about cell \"%s\"\nProceeding on the assumption that this is a valid cell name.\n", - cell_p); - } else { - strncpy(cell, cellinfo.name, sizeof(cell) - 1); - cell[sizeof(cell)] = '\0'; - cell_p = cell; - } - } else { - struct afsconf_dir *cdir; - - cdir = afsconf_Open(AFSDIR_CLIENT_ETC_DIRPATH); - if (!cdir) { - fprintf(stderr, - "\nUnable to read the AFS client configuration file to get local cell name.\nTry specifying the cell with the -cell switch.\n"); - exit(1); - } - afsconf_GetLocalCell(cdir, cell, sizeof(cell)); - cell_p = cell; - } - - printf("\n"); - sprintf(prompt, "Original password for AFS cell %s: ", cell_p); - code = ka_ReadPassword(prompt, 1, cell_p, &key); - if (code) { - fprintf(stderr, "Error reading password\n"); - exit(1); - } -#define k(i) (key.data[i] & 0xff) -#define s(n) ((k(n) << 8) | k(n+1)) - printf("\nThe new DCE password is: %0.4x-%0.4x-%0.4x-%0.4x\n", s(0), s(2), - s(4), s(6)); -} - -main(argc, argv) - int argc; - char *argv[]; -{ - struct cmd_syndesc *ts; - afs_int32 code; -#ifdef AFS_AIX32_ENV - /* - * The following signal action for AIX is necessary so that in case of a - * crash (i.e. core is generated) we can include the user's data section - * in the core dump. Unfortunately, by default, only a partial core is - * generated which, in many cases, isn't too useful. - */ - struct sigaction nsa; - - sigemptyset(&nsa.sa_mask); - nsa.sa_handler = SIG_DFL; - nsa.sa_flags = SA_FULLDUMP; - sigaction(SIGSEGV, &nsa, NULL); -#endif - ts = cmd_CreateSyntax(NULL, CommandProc, 0, "show new DCE passord"); - cmd_AddParm(ts, "-cell", CMD_SINGLE, CMD_OPTIONAL, - "original AFS cell name"); - code = cmd_Dispatch(argc, argv); - exit(code); -} -- 1.9.4