*** 1.1 1994/04/22 19:00:42 --- ftpd.c 1994/10/06 20:52:58 *************** *** 110,115 **** --- 110,120 ---- #include #endif + #if defined(UW) && defined(AFS) + #include + #include + #endif + #ifdef HAVE_DIRENT #include #else *************** *** 184,190 **** char remoteaddr[MAXHOSTNAMELEN]; /* log failures 27-apr-93 ehk/bm */ ! #ifdef LOG_FAILED #define MAXUSERNAMELEN 32 char the_user[MAXUSERNAMELEN]; #endif --- 189,195 ---- char remoteaddr[MAXHOSTNAMELEN]; /* log failures 27-apr-93 ehk/bm */ ! #if defined(LOG_FAILED) || ( defined(UW) && defined(AFS) ) #define MAXUSERNAMELEN 32 char the_user[MAXUSERNAMELEN]; #endif *************** *** 246,251 **** --- 251,260 ---- #ifdef ULTRIX_AUTH int ultrix_check_pass(char *passwd, char *xpasswd); #endif + #if defined(UW) && defined(AFS) + int kerberos_afs_authenticate(char *buffer, char *user); + char krb5_ccname[MAXPATHLEN]; + #endif /* ls program commands and options for lreplies on and off */ char ls_long[50]; *************** *** 704,710 **** } #endif ! #ifdef LOG_FAILED /* 06-Nov-92 EHK */ strncpy(the_user, name, MAXUSERNAMELEN - 1); #endif --- 713,719 ---- } #endif ! #if defined(LOG_FAILED) || ( defined(UW) && defined(AFS) ) /* 06-Nov-92 EHK */ strncpy(the_user, name, MAXUSERNAMELEN - 1); #endif *************** *** 915,922 **** { (void) seteuid((uid_t) 0); ! if (logged_in) logwtmp(ttyline, "", ""); pw = NULL; logged_in = 0; anonymous = 0; --- 924,939 ---- { (void) seteuid((uid_t) 0); ! if (logged_in) { ! #if defined(UW) && defined(AFS) ! /* ! * destroy kerberos ticket cache and afs token ! */ ! k5destroy(krb5_ccname); ! ktc_ForgetAllTokens(); ! #endif logwtmp(ttyline, "", ""); + } pw = NULL; logged_in = 0; anonymous = 0; *************** *** 1000,1005 **** --- 1017,1025 ---- #endif *guestpw = NULL; + #if defined(UW) && defined(AFS) + if ( kerberos_afs_authenticate(passwd, the_user) == 0 ) { + #else if (pw == NULL) salt = "xx"; else *************** *** 1017,1022 **** --- 1037,1043 ---- if (pw == NULL || *pw->pw_passwd == '\0' || strcmp(xpasswd, pw->pw_passwd)) { #endif + #endif /* UW && AFS */ reply(530, "Login incorrect."); #ifdef LOG_FAILED /* 27-Apr-93 EHK/BM */ *************** *** 2415,2420 **** --- 2436,2448 ---- dologout(int status) { if (logged_in) { + #if defined(UW) && defined(AFS) + /* + * destroy kerberos ticket cache and afs token + */ + k5destroy(krb5_ccname); + ktc_ForgetAllTokens(); + #endif (void) seteuid((uid_t) 0); logwtmp(ttyline, "", ""); } *************** *** 2816,2818 **** --- 2844,2883 ---- return -1; } #endif /* ULTRIX_AUTH */ + + #if defined(UW) && defined(AFS) + + int + kerberos_afs_authenticate(char *buffer, char *user) + { + int retval; + int retval2; + char *reason; + + sprintf(krb5_ccname, "FILE:%s", tmpnam((char *)NULL)); + + krb524_init_ets(); + + retval = k5login(krb5_ccname, user, buffer, 0, 0); + if ( retval == 0 ) { + retval2 = k5token(krb5_ccname, 1); + if ( retval2 ) { + autospout = "error stuffing AFS token -- not AFS authenticated\n"; + syslog(LOG_NOTICE, "error stuffing afs token. user = %s\n", user); + } + } else { + /* + * try afs password -- this is gross and should be removed + * as soon as we get everyone into kerberos + * + */ + retval = ka_UserAuthenticateGeneral(KA_USERAUTH_VERSION + + KA_USERAUTH_DOSETPAG, + user, "", 0, + buffer, 0, 0, 0, &reason); + } + return ( retval == 0 ); + } + + #endif /* UW && AFS */ +