2 #include "http_config.h"
3 #include "http_protocol.h"
7 #include <sys/ioccom.h>
9 #include <kerberosIV/krb.h>
10 #include <kerberosIV/des.h>
11 #include <afs/venus.h>
13 #define SRVTAB "/usr/local/etc/srvtab.itdwww"
17 char HandShakeKey
[ 8 ];
24 afs_init( server_rec
*s
, pool
*p
)
28 ap_log_error( APLOG_MARK
, APLOG_INFO
|APLOG_NOERRNO
, s
,
29 "mod_afs: version %s initialized.", version
);
35 afs_child_init( server_rec
*s
, pool
*p
)
38 ap_log_error( APLOG_MARK
, APLOG_INFO
|APLOG_NOERRNO
, s
,
39 "mod_afs: setpag called in child init" );
45 pioctl_cleanup( void *data
)
47 request_rec
*r
= (request_rec
*)data
;
55 if ( pioctl( 0, VIOCUNPAG
, &vi
, 0 ) < 0 ) {
56 ap_log_error( APLOG_MARK
, APLOG_ERR
, r
->server
,
57 "mod_afs: unlog pioctl failed" );
60 ap_log_error( APLOG_MARK
, APLOG_ERR
, r
->server
,
61 "mod_afs: unlog pioctl succeeded" );
67 get_afs_tokens( request_rec
*r
)
74 char *urealm
= "UMICH.EDU";
75 char *lrealm
= "umich.edu";
79 /* ap_log_error( APLOG_MARK, APLOG_INFO|APLOG_NOERRNO, s,
80 /* "mod_afs: setpag called in get_afs_tokens" );
83 if (( rc
= get_ad_tkt( "afs", "", urealm
, 255 )) != KSUCCESS
) {
84 ap_log_error( APLOG_MARK
, APLOG_NOERRNO
|APLOG_INFO
, r
->server
,
85 "mod_afs: get_ad_tkt: %s", krb_err_txt
[ rc
] );
87 /* user doesn't have tickets: use server's srvtab */
92 if (( rc
= krb_get_cred( "afs", "", urealm
, &cr
)) != KSUCCESS
) {
93 ap_log_error( APLOG_MARK
, APLOG_NOERRNO
|APLOG_ERR
, r
->server
,
94 "mod_afs: krb_get_cred: %s", krb_err_txt
[ rc
] );
98 ap_log_error( APLOG_MARK
, APLOG_NOERRNO
|APLOG_DEBUG
, r
->server
,
99 "mod_afs: %s.%s@%s", cr
.service
, cr
.instance
, cr
.realm
);
100 ap_log_error( APLOG_MARK
, APLOG_NOERRNO
|APLOG_DEBUG
, r
->server
,
101 "mod_afs: %d %d %d", cr
.lifetime
, cr
.kvno
, cr
.issue_date
);
102 ap_log_error( APLOG_MARK
, APLOG_NOERRNO
|APLOG_DEBUG
, r
->server
,
103 "mod_afs: %s %s", cr
.pname
, cr
.pinst
);
104 ap_log_error( APLOG_MARK
, APLOG_NOERRNO
|APLOG_DEBUG
, r
->server
,
105 "mod_afs: %d", cr
.ticket_st
.length
);
108 memmove( s
, &cr
.ticket_st
.length
, sizeof( int ));
110 memmove( s
, cr
.ticket_st
.dat
, cr
.ticket_st
.length
);
111 s
+= cr
.ticket_st
.length
;
113 ct
.AuthHandle
= cr
.kvno
;
114 memmove( ct
.HandShakeKey
, cr
.session
, sizeof( cr
.session
));
116 ct
.BeginTimestamp
= cr
.issue_date
;
117 ct
.EndTimestamp
= krb_life_to_time( cr
.issue_date
, cr
.lifetime
);
119 i
= sizeof( struct ClearToken
);
120 memmove( s
, &i
, sizeof( int ));
122 memmove( s
, &ct
, sizeof( struct ClearToken
));
123 s
+= sizeof( struct ClearToken
);
126 memmove( s
, &i
, sizeof( int ));
130 s
+= strlen( lrealm
) + 1;
133 vi
.in_size
= s
- buf
;
135 vi
.out_size
= sizeof( buf
);
137 if ( pioctl( 0, VIOCSETTOK
, &vi
, 0 ) < 0 ) {
138 ap_log_error( APLOG_MARK
, APLOG_ERR
, r
->server
,
139 "mod_afs: pioctl failed" );
142 /* we'll need to unlog when this connection is done. */
143 ap_register_cleanup( r
->pool
, (void *)r
, pioctl_cleanup
, ap_null_cleanup
);
145 ap_log_error( APLOG_MARK
, APLOG_ERR
, r
->server
,
146 "mod_afs: done with token stuff" );
152 module MODULE_VAR_EXPORT afs_module
= {
153 STANDARD_MODULE_STUFF
,
154 afs_init
, /* module initializer */
155 NULL
, /* create per-dir config structures */
156 NULL
, /* merge per-dir config structures */
157 NULL
, /* create per-server config structures */
158 NULL
, /* merge per-server config structures */
159 NULL
, /* table of config file commands */
160 NULL
, /* [#8] MIME-typed-dispatched handlers */
161 NULL
, /* [#1] URI to filename translation */
162 NULL
, /* [#4] validate user id from request */
163 NULL
, /* [#5] check if the user is ok _here_ */
164 NULL
, /* [#3] check access by host address */
165 NULL
, /* [#6] determine MIME type */
166 NULL
, /* [#7] pre-run fixups */
167 NULL
, /* [#9] log a transaction */
168 get_afs_tokens
, /* [#2] header parser */
169 afs_child_init
, /* child_init */
170 NULL
, /* child_exit */
171 NULL
/* [#0] post read-request */
173 ,NULL
, /* EAPI: add_module */
174 NULL
, /* EAPI: remove_module */
175 NULL
, /* EAPI: rewrite_command */
176 NULL
/* EAPI: new_connection */