2 * Unix SMB/CIFS implementation.
4 * Copyright (C) Volker Lendecke 2004
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, see <http://www.gnu.org/licenses/>.
22 #ifdef WITH_FAKE_KASERVER
24 #define NO_ASN1_TYPEDEFS 1
29 #include <afs/venus.h>
30 #include <asm/unistd.h>
31 #include <openssl/des.h>
32 #include <sys/syscall.h>
34 int afs_syscall( int subcall,
40 return( syscall( SYS_afs_syscall, subcall, path, cmd, cmarg, follow));
47 uint32 BeginTimestamp;
51 static bool afs_decode_token(const char *string, char **cell,
52 DATA_BLOB *ticket, struct ClearToken *ct)
55 struct ClearToken result_ct;
57 char *s = SMB_STRDUP(string);
61 if ((t = strtok(s, "\n")) == NULL) {
62 DEBUG(10, ("strtok failed\n"));
66 *cell = SMB_STRDUP(t);
68 if ((t = strtok(NULL, "\n")) == NULL) {
69 DEBUG(10, ("strtok failed\n"));
73 if (sscanf(t, "%u", &result_ct.AuthHandle) != 1) {
74 DEBUG(10, ("sscanf AuthHandle failed\n"));
78 if ((t = strtok(NULL, "\n")) == NULL) {
79 DEBUG(10, ("strtok failed\n"));
83 blob = base64_decode_data_blob(t);
85 if ( (blob.data == NULL) ||
86 (blob.length != sizeof(result_ct.HandShakeKey) )) {
87 DEBUG(10, ("invalid key: %x/%d\n", (uint32)blob.data,
92 memcpy(result_ct.HandShakeKey, blob.data, blob.length);
94 data_blob_free(&blob);
96 if ((t = strtok(NULL, "\n")) == NULL) {
97 DEBUG(10, ("strtok failed\n"));
101 if (sscanf(t, "%u", &result_ct.ViceId) != 1) {
102 DEBUG(10, ("sscanf ViceId failed\n"));
106 if ((t = strtok(NULL, "\n")) == NULL) {
107 DEBUG(10, ("strtok failed\n"));
111 if (sscanf(t, "%u", &result_ct.BeginTimestamp) != 1) {
112 DEBUG(10, ("sscanf BeginTimestamp failed\n"));
116 if ((t = strtok(NULL, "\n")) == NULL) {
117 DEBUG(10, ("strtok failed\n"));
121 if (sscanf(t, "%u", &result_ct.EndTimestamp) != 1) {
122 DEBUG(10, ("sscanf EndTimestamp failed\n"));
126 if ((t = strtok(NULL, "\n")) == NULL) {
127 DEBUG(10, ("strtok failed\n"));
131 blob = base64_decode_data_blob(t);
133 if (blob.data == NULL) {
134 DEBUG(10, ("Could not get ticket\n"));
145 Put an AFS token into the Kernel so that it can authenticate against
146 the AFS server. This assumes correct local uid settings.
148 This is currently highly Linux and OpenAFS-specific. The correct API
149 call for this would be ktc_SetToken. But to do that we would have to
150 import a REALLY big bunch of libraries which I would currently like
154 static bool afs_settoken(const char *cell,
155 const struct ClearToken *ctok,
161 uint16 in_size, out_size;
168 memcpy(p, &ticket.length, sizeof(uint32));
170 memcpy(p, ticket.data, ticket.length);
173 tmp = sizeof(struct ClearToken);
174 memcpy(p, &tmp, sizeof(uint32));
176 memcpy(p, ctok, tmp);
181 memcpy(p, &tmp, sizeof(uint32));
185 if (tmp >= MAXKTCREALMLEN) {
186 DEBUG(1, ("Realm too long\n"));
190 strncpy(p, cell, tmp);
196 iob.in_size = PTR_DIFF(p,buf);
198 iob.out_size = sizeof(buf);
201 file_save("/tmp/ioctlbuf", iob.in, iob.in_size);
204 ret = afs_syscall(AFSCALL_PIOCTL, 0, VIOCSETTOK, (char *)&iob, 0);
206 DEBUG(10, ("afs VIOCSETTOK returned %d\n", ret));
210 bool afs_settoken_str(const char *token_string)
213 struct ClearToken ct;
217 if (!afs_decode_token(token_string, &cell, &ticket, &ct))
221 ct.ViceId = getuid();
223 result = afs_settoken(cell, &ct, ticket);
226 data_blob_free(&ticket);
233 bool afs_settoken_str(const char *token_string)