rxgk/rxgk-settoken.c

   1 /*
   2  * Copyright (c) 2007, Stockholms universitet
   3  * (Stockholm University, Stockholm Sweden)
   4  * All rights reserved.
   5  *
   6  * Redistribution and use in source and binary forms, with or without
   7  * modification, are permitted provided that the following conditions
   8  * are met:
   9  *
  10  * 1. Redistributions of source code must retain the above copyright
  11  *    notice, this list of conditions and the following disclaimer.
  12  *
  13  * 2. Redistributions in binary form must reproduce the above copyright
  14  *    notice, this list of conditions and the following disclaimer in the
  15  *    documentation and/or other materials provided with the distribution.
  16  *
  17  * 3. Neither the name of the university nor the names of its contributors
  18  *    may be used to endorse or promote products derived from this software
  19  *    without specific prior written permission.
  20  *
  21  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
  22  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
  25  * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
  26  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
  27  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
  28  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
  29  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  30  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  31  * POSSIBILITY OF SUCH DAMAGE.
  32  */
  33
  34 #include "rxgk_locl.h"
  35
  36 RCSID("$Id$");
  37
  38 #include "roken.h"
  39
  40 #include <ko.h>
  41 #include <kafs.h>
  42 #include <arla-pioctl.h>
  43 #include <token.h>
  44 #include <getarg.h>
  45
  46 static int version_flag;
  47 static int help_flag;
  48 static char *cell_name;
  49
  50
  51 static void
  52 rxgk_set_token(const char *target, const char *cell)
  53 {
  54     struct arlaViceIoctl vi;
  55     RXGK_Ticket_Crypt ticket;
  56     struct rxgk_keyblock key;
  57     uint32_t addr;
  58     time_t expire;
  59     rxgk_level level;
  60     int32_t flags;
  61     gss_name_t target_name = GSS_C_NO_NAME;
  62     int port, ret;
  63     token_opaque to;
  64
  65     memset(&vi, 0, sizeof(vi));
  66
  67     port = htons(7013);
  68
  69     {
  70         OM_uint32 major_status, minor_status;
  71         gss_buffer_desc n;
  72
  73         n.value = rk_UNCONST(target);
  74         n.length = strlen(target);
  75
  76         major_status = gss_import_name(&minor_status, &n,
  77                                        GSS_KRB5_NT_PRINCIPAL_NAME,
  78                                        &target_name);
  79         if (GSS_ERROR(major_status))
  80             err(1, "import name creds failed with: %d", major_status);
  81     }
  82
  83     {
  84         const cell_db_entry *db_servers;
  85         int num_db_servers, i;
  86         int32_t cellnum;
  87
  88         cellnum = cell_name2num(cell_name);
  89         if (cellnum < 0)
  90             errx(1, "no such cell?");
  91
  92         db_servers = cell_dbservers_by_id (cellnum, &num_db_servers);
  93         if (db_servers == NULL || num_db_servers == 0)
  94             errx(1, "no db servers found for cell %s", cell_name);
  95
  96         for (i = 0; i < num_db_servers; ++i) {
  97
  98             addr = db_servers[i].addr.s_addr;
  99
 100             printf("server %s\n", inet_ntoa (db_servers[i].addr));
 101
 102             ret = rxgk_get_gss_cred(addr,
 103                                     port,
 104                                     GSS_C_NO_NAME, /* client */
 105                                     target_name,
 106                                     0, /* name tag */
 107                                     &flags,
 108                                     &expire,
 109                                     &level,
 110                                     &ticket,
 111                                     &key);
 112             if (ret == 0)
 113                 break;
 114             warnx("rxgk_get_gss_cred: %d", ret);
 115         }
 116         if (i == num_db_servers)
 117             errx(1, "no dbserver happy");
 118     }
 119
 120     {
 121         token_afs at;
 122         char *ptr, *rptr;
 123         size_t sz;
 124
 125         memset(&at, 0, sizeof(at));
 126
 127         at.at_type = 4;
 128         at.u.at_gk.gk_flags = flags;
 129         at.u.at_gk.gk_viceid = 0;
 130         at.u.at_gk.gk_begintime = 0;
 131         at.u.at_gk.gk_endtime = expire;
 132         at.u.at_gk.gk_level = level;
 133         at.u.at_gk.gk_lifetime = 0;
 134         at.u.at_gk.gk_bytelife = 0;
 135         at.u.at_gk.gk_enctype = key.enctype;
 136         at.u.at_gk.gk_key.len = key.length;
 137         at.u.at_gk.gk_key.val = key.data;
 138         at.u.at_gk.gk_token.len = ticket.len;
 139         at.u.at_gk.gk_token.val = ticket.val;
 140
 141         sz = TOKEN_AFS_MAX_SIZE;
 142         ptr = emalloc(sz);
 143
 144         rptr = ydr_encode_token_afs(&at, ptr, &sz);
 145         if (rptr == NULL)
 146             errx(1, "foo");
 147
 148         to.len = TOKEN_AFS_MAX_SIZE - sz;
 149         to.val = ptr;
 150     }
 151
 152     {
 153         pioctl_set_token p;
 154         char *ptr, *rptr;
 155         size_t sz;
 156
 157         memset(&p, 0, sizeof(p));
 158         p.flags = 0;
 159         strlcpy(p.cell, cell, sizeof(p.cell));
 160         p.tokens.len = 1;
 161         p.tokens.val = emalloc(sizeof(p.tokens.val[0]));
 162
 163         p.tokens.val[0] = to;
 164
 165         sz = PIOCTL_SET_TOKEN_MAX_SIZE;
 166         ptr = malloc(sz);
 167
 168         rptr = ydr_encode_pioctl_set_token(&p, ptr, &sz);
 169         if (rptr == NULL)
 170             errx(1, "foo");
 171
 172         printf("pioctl_set_token size %d\n",
 173                (int)(PIOCTL_SET_TOKEN_MAX_SIZE - sz));
 174
 175         vi.in = ptr;
 176         vi.in_size = (int)(PIOCTL_SET_TOKEN_MAX_SIZE - sz);
 177     }
 178
 179     ret = k_pioctl(NULL, ARLA_VIOCSETTOK2, (void *)&vi, 0);
 180     if (ret)
 181         err(1, "VIOCSETTOK2");
 182 }
 183
 184
 185 static struct getargs args[] = {
 186     {"cell", 'c',       arg_string,     &cell_name,
 187      "cell name",       "call"},
 188     {"version", 0,      arg_flag,       &version_flag,
 189      NULL, NULL},
 190     {"help",    0,      arg_flag,       &help_flag,
 191      NULL, NULL}
 192 };
 193
 194 static void
 195 usage (int ret)
 196 {
 197     arg_printusage (args, sizeof(args)/sizeof(*args), NULL, "[device]");
 198     exit (ret);
 199 }
 200
 201 int
 202 main (int argc, char **argv)
 203 {
 204     char *target, *realm_name;
 205     int optind = 0;
 206
 207     setprogname (argv[0]);
 208     srand(time(NULL));
 209
 210     if (getarg (args, sizeof(args)/sizeof(*args), argc, argv, &optind))
 211         usage (1);
 212
 213     argc -= optind;
 214     argv += optind;
 215
 216     if (help_flag)
 217         usage (0);
 218
 219     if (version_flag) {
 220         print_version (NULL);
 221         exit (0);
 222     }
 223
 224     if (!k_hasafs ())
 225         errx(1, "no AFS");
 226
 227     {
 228         Log_method *method;
 229
 230         method = log_open(getprogname(), "/dev/stderr");
 231         if (method == NULL)
 232             errx (1, "log_open failed");
 233         cell_init(0, method);
 234     }
 235
 236     rx_Init(0);
 237
 238     if (cell_name == NULL)
 239         cell_name = estrdup(cell_getthiscell());
 240
 241     target = argv[1];
 242
 243     realm_name = strdup(cell_name);
 244     strupr(realm_name);
 245
 246     asprintf(&target, "rxgk/_afs.%s@%s", cell_name, realm_name);
 247     printf("target: %s\n", target);
 248
 249     rxgk_set_token(target, cell_name);
 250
 251     return 0;
 252 }