2 * Unix SMB/CIFS implementation.
4 * Copyright (C) Volker Lendecke 2004
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, see <http://www.gnu.org/licenses/>.
22 #ifdef WITH_FAKE_KASERVER
24 #define NO_ASN1_TYPEDEFS 1
26 #include "system/filesys.h"
28 #include <afs/param.h>
32 #include <afs/venus.h>
33 #include <asm/unistd.h>
34 #include <openssl/des.h>
35 #include <sys/syscall.h>
37 int afs_syscall(int subcall
, const char *path
, int cmd
, char *cmarg
, int follow
)
40 return( syscall( SYS_afs_syscall, subcall, path, cmd, cmarg, follow));
44 struct afsprocdata afs_syscall_data
;
45 afs_syscall_data
.syscall
= subcall
;
46 afs_syscall_data
.param1
= (long)path
;
47 afs_syscall_data
.param2
= cmd
;
48 afs_syscall_data
.param3
= (long)cmarg
;
49 afs_syscall_data
.param4
= follow
;
50 proc_afs_file
= open(PROC_SYSCALL_FNAME
, O_RDWR
);
51 if (proc_afs_file
< 0)
52 proc_afs_file
= open(PROC_SYSCALL_ARLA_FNAME
, O_RDWR
);
53 if (proc_afs_file
< 0)
55 errcode
= ioctl(proc_afs_file
, VIOC_SYSCALL
, &afs_syscall_data
);
64 uint32 BeginTimestamp
;
68 static bool afs_decode_token(const char *string
, char **cell
,
69 DATA_BLOB
*ticket
, struct ClearToken
*ct
)
72 struct ClearToken result_ct
;
75 char *s
= SMB_STRDUP(string
);
79 if ((t
= strtok_r(s
, "\n", &saveptr
)) == NULL
) {
80 DEBUG(10, ("strtok_r failed\n"));
84 *cell
= SMB_STRDUP(t
);
86 if ((t
= strtok_r(NULL
, "\n", &saveptr
)) == NULL
) {
87 DEBUG(10, ("strtok_r failed\n"));
91 if (sscanf(t
, "%u", &result_ct
.AuthHandle
) != 1) {
92 DEBUG(10, ("sscanf AuthHandle failed\n"));
96 if ((t
= strtok_r(NULL
, "\n", &saveptr
)) == NULL
) {
97 DEBUG(10, ("strtok_r failed\n"));
101 blob
= base64_decode_data_blob(t
);
103 if ( (blob
.data
== NULL
) ||
104 (blob
.length
!= sizeof(result_ct
.HandShakeKey
) )) {
105 DEBUG(10, ("invalid key: %x/%lu\n", (uint8_t)*blob
.data
,
106 (unsigned long) blob
.length
));
110 memcpy(result_ct
.HandShakeKey
, blob
.data
, blob
.length
);
112 data_blob_free(&blob
);
114 if ((t
= strtok_r(NULL
, "\n", &saveptr
)) == NULL
) {
115 DEBUG(10, ("strtok_r failed\n"));
119 if (sscanf(t
, "%u", &result_ct
.ViceId
) != 1) {
120 DEBUG(10, ("sscanf ViceId failed\n"));
124 if ((t
= strtok_r(NULL
, "\n", &saveptr
)) == NULL
) {
125 DEBUG(10, ("strtok_r failed\n"));
129 if (sscanf(t
, "%u", &result_ct
.BeginTimestamp
) != 1) {
130 DEBUG(10, ("sscanf BeginTimestamp failed\n"));
134 if ((t
= strtok_r(NULL
, "\n", &saveptr
)) == NULL
) {
135 DEBUG(10, ("strtok_r failed\n"));
139 if (sscanf(t
, "%u", &result_ct
.EndTimestamp
) != 1) {
140 DEBUG(10, ("sscanf EndTimestamp failed\n"));
144 if ((t
= strtok_r(NULL
, "\n", &saveptr
)) == NULL
) {
145 DEBUG(10, ("strtok_r failed\n"));
149 blob
= base64_decode_data_blob(t
);
151 if (blob
.data
== NULL
) {
152 DEBUG(10, ("Could not get ticket\n"));
163 Put an AFS token into the Kernel so that it can authenticate against
164 the AFS server. This assumes correct local uid settings.
166 This is currently highly Linux and OpenAFS-specific. The correct API
167 call for this would be ktc_SetToken. But to do that we would have to
168 import a REALLY big bunch of libraries which I would currently like
172 static bool afs_settoken(const char *cell
,
173 const struct ClearToken
*ctok
,
179 uint16 in_size
, out_size
;
186 memcpy(p
, &ticket
.length
, sizeof(uint32
));
188 memcpy(p
, ticket
.data
, ticket
.length
);
191 tmp
= sizeof(struct ClearToken
);
192 memcpy(p
, &tmp
, sizeof(uint32
));
194 memcpy(p
, ctok
, tmp
);
199 memcpy(p
, &tmp
, sizeof(uint32
));
203 if (tmp
>= MAXKTCREALMLEN
) {
204 DEBUG(1, ("Realm too long\n"));
208 strncpy(p
, cell
, tmp
);
214 iob
.in_size
= PTR_DIFF(p
,buf
);
216 iob
.out_size
= sizeof(buf
);
219 file_save("/tmp/ioctlbuf", iob
.in
, iob
.in_size
);
222 ret
= afs_syscall(AFSCALL_PIOCTL
, 0, VIOCSETTOK
, (char *)&iob
, 0);
224 DEBUG(10, ("afs VIOCSETTOK returned %d\n", ret
));
228 bool afs_settoken_str(const char *token_string
)
231 struct ClearToken ct
;
235 if (!afs_decode_token(token_string
, &cell
, &ticket
, &ct
))
238 if (geteuid() != sec_initial_uid())
239 ct
.ViceId
= getuid();
241 result
= afs_settoken(cell
, &ct
, ticket
);
244 data_blob_free(&ticket
);
251 int afs_syscall(int subcall
, const char *path
, int cmd
, char *cmarg
, int follow
)
257 bool afs_settoken_str(const char *token_string
)