BOOL afs_login(connection_struct *conn)
{
DATA_BLOB ticket;
pstring afs_username;
char *cell;
BOOL result;
char *ticket_str;
DOM_SID user_sid;
struct ClearToken ct;
pstrcpy(afs_username, lp_afs_username_map());
standard_sub_conn(conn, afs_username, sizeof(afs_username));
if (NT_STATUS_IS_OK(uid_to_sid(&user_sid, conn->uid)))
pstring_sub(afs_username, "%s", sid_string_static(&user_sid));
/* The pts command always generates completely lower-case user
* names. */
strlower_m(afs_username);
cell = strchr(afs_username, '@');
if (cell == NULL) {
DEBUG(1, ("AFS username doesn't contain a @, "
"could not find cell\n"));
return False;
}
*cell = '\0';
cell += 1;
DEBUG(10, ("Trying to log into AFS for user %s@%s\n",
afs_username, cell));
if (!afs_createtoken(afs_username, cell, &ticket, &ct))
return False;
/* For which Unix-UID do we want to set the token? */
ct.ViceId = getuid();
ticket_str = afs_encode_token(cell, ticket, &ct);
result = afs_settoken_str(ticket_str);
SAFE_FREE(ticket_str);
data_blob_free(&ticket);
return result;
}
static BOOL expand_msdfs_target(connection_struct* conn, pstring target)
{
pstring mapfilename;
char *filename_start = strchr_m(target, '@');
char *filename_end;
int filename_len;
pstring targethost;
pstring new_target;
if (filename_start == NULL) {
DEBUG(10, ("No filename start in %s\n", target));
return False;
}
filename_end = strchr_m(filename_start+1, '@');
if (filename_end == NULL) {
DEBUG(10, ("No filename end in %s\n", target));
return False;
}
filename_len = PTR_DIFF(filename_end, filename_start+1);
pstrcpy(mapfilename, filename_start+1);
mapfilename[filename_len] = '\0';
DEBUG(10, ("Expanding from table [%s]\n", mapfilename));
if (!read_target_host(mapfilename, targethost)) {
DEBUG(1, ("Could not expand target host from file %s\n",
mapfilename));
return False;
}
standard_sub_conn(conn, mapfilename, sizeof(mapfilename));
DEBUG(10, ("Expanded targethost to %s\n", targethost));
*filename_start = '\0';
pstrcpy(new_target, target);
pstrcat(new_target, targethost);
pstrcat(new_target, filename_end+1);
DEBUG(10, ("New DFS target: %s\n", new_target));
pstrcpy(target, new_target);
return True;
}
BOOL afs_login(connection_struct *conn)
{
DATA_BLOB ticket;
pstring afs_username;
char *cell;
BOOL result;
struct ClearToken ct;
pstrcpy(afs_username, lp_afs_username_map());
standard_sub_conn(conn, afs_username, sizeof(afs_username));
/* The pts command always generates completely lower-case user
* names. */
strlower_m(afs_username);
cell = strchr(afs_username, '@');
if (cell == NULL) {
DEBUG(1, ("AFS username doesn't contain a @, "
"could not find cell\n"));
return False;
}
*cell = '\0';
cell += 1;
DEBUG(10, ("Trying to log into AFS for user %s@%s\n",
afs_username, cell));
if (!afs_createtoken(afs_username, cell, &ticket, &ct))
return False;
/* For which Unix-UID do we want to set the token? */
ct.ViceId = getuid();
{
char *str, *new_cell;
DATA_BLOB test_ticket;
struct ClearToken test_ct;
hex_encode(ct.HandShakeKey, sizeof(ct.HandShakeKey), &str);
DEBUG(10, ("Key: %s\n", str));
free(str);
str = afs_encode_token(cell, ticket, &ct);
if (!afs_decode_token(str, &new_cell, &test_ticket,
&test_ct)) {
DEBUG(0, ("Could not decode token"));
goto decode_failed;
}
if (strcmp(cell, new_cell) != 0) {
DEBUG(0, ("cell changed\n"));
}
if ((ticket.length != test_ticket.length) ||
(memcmp(ticket.data, test_ticket.data,
ticket.length) != 0)) {
DEBUG(0, ("Ticket changed\n"));
}
if (memcmp(&ct, &test_ct, sizeof(ct)) != 0) {
DEBUG(0, ("ClearToken changed\n"));
}
data_blob_free(&test_ticket);
decode_failed:
SAFE_FREE(str);
SAFE_FREE(new_cell);
}
result = afs_settoken(cell, &ct, ticket);
data_blob_free(&ticket);
return result;
}
