afs_int32 SBOZO_AddKey(struct rx_call *acall, afs_int32 an, struct bozo_key *akey) { afs_int32 code; char caller[MAXKTCNAMELEN]; rxkad_level enc_level = rxkad_clear; int noauth; if (!afsconf_SuperUser(bozo_confdir, acall, caller)) { code = BZACCESS; goto fail; } noauth = afsconf_GetNoAuthFlag(bozo_confdir); rxkad_GetServerInfo(rx_ConnectionOf(acall), &enc_level, 0, 0, 0, 0, 0); if ((!noauth) && (enc_level != rxkad_crypt)) { code = BZENCREQ; goto fail; } if (DoLogging) bozo_Log("%s is executing AddKey\n", caller); code = afsconf_AddKey(bozo_confdir, an, akey->data, 0); if (code == AFSCONF_KEYINUSE) code = BZKEYINUSE; /* Unique code for afs rpc calls */ fail: osi_auditU(acall, BOS_AddKeyEvent, code, AUD_END); return code; }
afs_int32 SBOZO_ListKeys(struct rx_call *acall, afs_int32 an, afs_int32 *akvno, struct bozo_key *akey, struct bozo_keyInfo *akeyinfo) { struct afsconf_keys tkeys; afs_int32 code; struct stat tstat; int noauth = 0; char caller[MAXKTCNAMELEN]; rxkad_level enc_level = rxkad_clear; if (!afsconf_SuperUser(bozo_confdir, acall, caller)) { code = BZACCESS; goto fail; } if (DoLogging) bozo_Log("%s is executing ListKeys\n", caller); code = afsconf_GetKeys(bozo_confdir, &tkeys); if (code) goto fail; if (tkeys.nkeys <= an) { code = BZDOM; goto fail; } *akvno = tkeys.key[an].kvno; memset(akeyinfo, 0, sizeof(struct bozo_keyInfo)); noauth = afsconf_GetNoAuthFlag(bozo_confdir); rxkad_GetServerInfo(rx_ConnectionOf(acall), &enc_level, 0, 0, 0, 0, 0); /* * only return actual keys in noauth or if this is an encrypted connection */ if ((noauth) || (enc_level == rxkad_crypt)) { memcpy(akey, tkeys.key[an].key, 8); } else memset(akey, 0, 8); code = stat(AFSDIR_SERVER_KEY_FILEPATH, &tstat); if (code == 0) { akeyinfo->mod_sec = tstat.st_mtime; } /* This will return an error if the key is 'bad' (bad checksum, weak DES * key, etc). But we don't care, since we can still return the other * information about the key, so ignore the result. */ (void)ka_KeyCheckSum(tkeys.key[an].key, &akeyinfo->keyCheckSum); fail: if (noauth) osi_auditU(acall, BOS_UnAuthListKeysEvent, code, AUD_END); osi_auditU(acall, BOS_ListKeysEvent, code, AUD_END); return code; }
afs_int32 SBOZO_ListKeys(struct rx_call *acall, afs_int32 an, afs_int32 *akvno, struct bozo_key *akey, struct bozo_keyInfo *akeyinfo) { struct afsconf_keys tkeys; afs_int32 code; struct stat tstat; int noauth = 0; char caller[MAXKTCNAMELEN]; rxkad_level enc_level = rxkad_clear; if (!afsconf_SuperUser(bozo_confdir, acall, caller)) { code = BZACCESS; goto fail; } if (DoLogging) bozo_Log("%s is executing ListKeys\n", caller); code = afsconf_GetKeys(bozo_confdir, &tkeys); if (code) goto fail; if (tkeys.nkeys <= an) { code = BZDOM; goto fail; } *akvno = tkeys.key[an].kvno; memset(akeyinfo, 0, sizeof(struct bozo_keyInfo)); noauth = afsconf_GetNoAuthFlag(bozo_confdir); rxkad_GetServerInfo(acall->conn, &enc_level, 0, 0, 0, 0, 0); /* * only return actual keys in noauth or if this is an encrypted connection */ if ((noauth) || (enc_level == rxkad_crypt)) { memcpy(akey, tkeys.key[an].key, 8); } else memset(akey, 0, 8); code = stat(AFSDIR_SERVER_KEY_FILEPATH, &tstat); if (code == 0) { akeyinfo->mod_sec = tstat.st_mtime; } ka_KeyCheckSum(tkeys.key[an].key, &akeyinfo->keyCheckSum); /* only errors is bad key parity */ fail: if (noauth) osi_auditU(acall, BOS_UnAuthListKeysEvent, code, AUD_END); osi_auditU(acall, BOS_ListKeysEvent, code, AUD_END); return code; }
static int rxkadSuperUser(struct afsconf_dir *adir, struct rx_call *acall, char *namep) { char tname[MAXKTCNAMELEN]; /* authentication from ticket */ char tinst[MAXKTCNAMELEN]; char tcell[MAXKTCREALMLEN]; afs_uint32 exp; int code; /* get auth details from server connection */ code = rxkad_GetServerInfo(acall->conn, NULL, &exp, tname, tinst, tcell, NULL); if (code) return 0; /* bogus connection/other error */ return kerberosSuperUser(adir, tname, tinst, tcell, namep); }
/* make sure user authenticated on rx call acall is in list of valid users. Copy the "real name" of the authenticated user into namep if a pointer is passed. */ afs_int32 afsconf_SuperUser(struct afsconf_dir *adir, struct rx_call *acall, char *namep) { register struct rx_connection *tconn; register afs_int32 code; int flag; LOCK_GLOBAL_MUTEX; if (!adir) { UNLOCK_GLOBAL_MUTEX; return 0; } if (afsconf_GetNoAuthFlag(adir)) { if (namep) strcpy(namep, "<NoAuth>"); UNLOCK_GLOBAL_MUTEX; return 1; } tconn = rx_ConnectionOf(acall); code = rx_SecurityClassOf(tconn); if (code == 0) { UNLOCK_GLOBAL_MUTEX; return 0; /* not authenticated at all, answer is no */ } else if (code == 1) { /* bcrypt tokens */ UNLOCK_GLOBAL_MUTEX; return 0; /* not supported any longer */ } else if (code == 2) { char tname[MAXKTCNAMELEN]; /* authentication from ticket */ char tinst[MAXKTCNAMELEN]; char tcell[MAXKTCREALMLEN]; char tcell_l[MAXKTCREALMLEN]; char *tmp; /* keep track of which one actually authorized request */ char uname[MAXKTCNAMELEN + MAXKTCNAMELEN + MAXKTCREALMLEN + 3]; afs_uint32 exp; static char lcell[MAXCELLCHARS] = ""; static char lrealms[AFS_NUM_LREALMS][AFS_REALM_SZ]; static int num_lrealms = -1; int lrealm_match = 0, i; /* get auth details from server connection */ code = rxkad_GetServerInfo(acall->conn, NULL, &exp, tname, tinst, tcell, NULL); if (code) { UNLOCK_GLOBAL_MUTEX; return 0; /* bogus connection/other error */ } /* don't bother checking anything else if tix have expired */ #ifdef AFS_PTHREAD_ENV if (exp < clock_Sec()) { #else if (exp < FT_ApproxTime()) { #endif UNLOCK_GLOBAL_MUTEX; return 0; /* expired tix */ } /* generate lowercased version of cell name */ strcpy(tcell_l, tcell); tmp = tcell_l; while (*tmp) { *tmp = tolower(*tmp); tmp++; } /* determine local cell name. It's static, so will only get * calculated the first time through */ if (!lcell[0]) afsconf_GetLocalCell(adir, lcell, sizeof(lcell)); /* if running a krb environment, also get the local realm */ /* note - this assumes AFS_REALM_SZ <= MAXCELLCHARS */ /* just set it to lcell if it fails */ if (num_lrealms == -1) { for (i=0; i<AFS_NUM_LREALMS; i++) { if (afs_krb_get_lrealm(lrealms[i], i) != 0 /*KSUCCESS*/) break; } if (i == 0) { strncpy(lrealms[0], lcell, AFS_REALM_SZ); num_lrealms = 1; } else { num_lrealms = i; } } /* See if the ticket cell matches one of the local realms */ lrealm_match = 0; for ( i=0;i<num_lrealms;i++ ) { if (!strcasecmp(lrealms[i], tcell)) { lrealm_match = 1; break; } } /* If yes, then make sure that the name is not present in * an exclusion list */ if (lrealm_match) { if (tinst[0]) snprintf(uname,sizeof(uname),"%s.%s@%s",tname,tinst,tcell); else snprintf(uname,sizeof(uname),"%s@%s",tname,tcell); if (afs_krb_exclusion(uname)) lrealm_match = 0; } /* start with no uname and no authorization */ strcpy(uname, ""); flag = 0; /* localauth special case */ if (strlen(tinst) == 0 && strlen(tcell) == 0 && !strcmp(tname, AUTH_SUPERUSER)) { strcpy(uname, "<LocalAuth>"); flag = 1; /* cell of connection matches local cell or one of the realms */ } else if (!strcasecmp(tcell, lcell) || lrealm_match) { if ((tmp = CompFindUser(adir, tname, ".", tinst, NULL))) { strcpy(uname, tmp); flag = 1; #ifdef notyet } else if ((tmp = CompFindUser(adir, tname, "/", tinst, NULL))) { strcpy(uname, tmp); flag = 1; #endif } /* cell of conn doesn't match local cell or realm */ } else { if ((tmp = CompFindUser(adir, tname, ".", tinst, tcell))) { strcpy(uname, tmp); flag = 1; #ifdef notyet } else if ((tmp = CompFindUser(adir, tname, "/", tinst, tcell))) { strcpy(uname, tmp); flag = 1; #endif } else if ((tmp = CompFindUser(adir, tname, ".", tinst, tcell_l))) { strcpy(uname, tmp); flag = 1; #ifdef notyet } else if ((tmp = CompFindUser(adir, tname, "/", tinst, tcell_l))) { strcpy(uname, tmp); flag = 1; #endif } } if (namep) strcpy(namep, uname); UNLOCK_GLOBAL_MUTEX; return flag; } else { /* some other auth type */ UNLOCK_GLOBAL_MUTEX; return 0; /* mysterious, just say no */ } }