int net_afs_impersonate(struct net_context *c, int argc, const char **argv) { char *token; if (argc != 2) { d_fprintf(stderr, "%s net afs impersonate <user> <cell>\n", _("Usage:")); exit(1); } token = afs_createtoken_str(argv[0], argv[1]); if (token == NULL) { fprintf(stderr, _("Could not create token\n")); exit(1); } if (!afs_settoken_str(token)) { fprintf(stderr, _("Could not set token into kernel\n")); exit(1); } printf(_("Success: %s@%s\n"), argv[0], argv[1]); return 0; }
static bool wbinfo_klog(char *username) { struct winbindd_request request; struct winbindd_response response; NSS_STATUS result; char *p; /* Send off request */ ZERO_STRUCT(request); ZERO_STRUCT(response); p = strchr(username, '%'); if (p) { *p = 0; fstrcpy(request.data.auth.user, username); fstrcpy(request.data.auth.pass, p + 1); *p = '%'; } else { fstrcpy(request.data.auth.user, username); fstrcpy(request.data.auth.pass, getpass("Password: "******"plaintext password authentication %s\n", (result == NSS_STATUS_SUCCESS) ? "succeeded" : "failed"); if (response.data.auth.nt_status) d_fprintf(stderr, "error code was %s (0x%x)\nerror messsage was: %s\n", response.data.auth.nt_status_string, response.data.auth.nt_status, response.data.auth.error_string); if (result != NSS_STATUS_SUCCESS) return false; if (response.extra_data.data == NULL) { d_fprintf(stderr, "Did not get token data\n"); return false; } if (!afs_settoken_str((char *)response.extra_data.data)) { d_fprintf(stderr, "Could not set token\n"); return false; } d_printf("Successfully created AFS token\n"); return true; }
BOOL afs_login(connection_struct *conn) { DATA_BLOB ticket; pstring afs_username; char *cell; BOOL result; char *ticket_str; DOM_SID user_sid; struct ClearToken ct; pstrcpy(afs_username, lp_afs_username_map()); standard_sub_conn(conn, afs_username, sizeof(afs_username)); if (NT_STATUS_IS_OK(uid_to_sid(&user_sid, conn->uid))) pstring_sub(afs_username, "%s", sid_string_static(&user_sid)); /* The pts command always generates completely lower-case user * names. */ strlower_m(afs_username); cell = strchr(afs_username, '@'); if (cell == NULL) { DEBUG(1, ("AFS username doesn't contain a @, " "could not find cell\n")); return False; } *cell = '\0'; cell += 1; DEBUG(10, ("Trying to log into AFS for user %s@%s\n", afs_username, cell)); if (!afs_createtoken(afs_username, cell, &ticket, &ct)) return False; /* For which Unix-UID do we want to set the token? */ ct.ViceId = getuid(); ticket_str = afs_encode_token(cell, ticket, &ct); result = afs_settoken_str(ticket_str); SAFE_FREE(ticket_str); data_blob_free(&ticket); return result; }
static int net_afs_impersonate(int argc, const char **argv) { char *token; if (argc != 2) { fprintf(stderr, "Usage: net afs impersonate <user> <cell>\n"); exit(1); } token = afs_createtoken_str(argv[0], argv[1]); if (token == NULL) { fprintf(stderr, "Could not create token\n"); exit(1); } if (!afs_settoken_str(token)) { fprintf(stderr, "Could not set token into kernel\n"); exit(1); } printf("Success: %s@%s\n", argv[0], argv[1]); return 0; }
bool afs_login(connection_struct *conn) { DATA_BLOB ticket; char *afs_username = NULL; char *cell = NULL; bool result; char *ticket_str = NULL; const struct dom_sid *user_sid; TALLOC_CTX *ctx = talloc_tos(); struct ClearToken ct; afs_username = talloc_strdup(ctx, lp_afs_username_map()); if (!afs_username) { return false; } afs_username = talloc_sub_advanced(ctx, lp_servicename(SNUM(conn)), conn->session_info->unix_info->unix_name, conn->connectpath, conn->session_info->unix_token->gid, conn->session_info->unix_info->sanitized_username, conn->session_info->info->domain_name, afs_username); if (!afs_username) { return false; } user_sid = &conn->session_info->security_token->sids[0]; afs_username = talloc_string_sub(talloc_tos(), afs_username, "%s", sid_string_tos(user_sid)); if (!afs_username) { return false; } /* The pts command always generates completely lower-case user * names. */ strlower_m(afs_username); cell = strchr(afs_username, '@'); if (cell == NULL) { DEBUG(1, ("AFS username doesn't contain a @, " "could not find cell\n")); return false; } *cell = '\0'; cell += 1; DEBUG(10, ("Trying to log into AFS for user %s@%s\n", afs_username, cell)); if (!afs_createtoken(afs_username, cell, &ticket, &ct)) return false; /* For which Unix-UID do we want to set the token? */ ct.ViceId = getuid(); ticket_str = afs_encode_token(cell, ticket, &ct); result = afs_settoken_str(ticket_str); SAFE_FREE(ticket_str); data_blob_free(&ticket); return result; }