bed98ff9 |
1 | #include "httpd.h" |
2 | #include "http_config.h" |
3 | #include "http_protocol.h" |
4 | #include "http_log.h" |
5 | #include "ap_config.h" |
6 | |
7 | #include <sys/ioccom.h> |
8 | #include <stropts.h> |
9 | #include <kerberosIV/krb.h> |
10 | #include <kerberosIV/des.h> |
11 | #include <afs/venus.h> |
12 | |
13 | #define SRVTAB "/usr/local/etc/srvtab.itdwww" |
14 | |
15 | struct ClearToken { |
16 | long AuthHandle; |
17 | char HandShakeKey[ 8 ]; |
18 | long ViceId; |
19 | long BeginTimestamp; |
20 | long EndTimestamp; |
21 | }; |
22 | |
b429ae96 |
23 | static void |
24 | afs_init( server_rec *s, pool *p ) |
25 | { |
26 | extern char *version; |
27 | |
28 | ap_log_error( APLOG_MARK, APLOG_INFO|APLOG_NOERRNO, s, |
29 | "mod_afs: version %s initialized.", version ); |
30 | return; |
31 | } |
32 | |
bed98ff9 |
33 | |
b74fad73 |
34 | static void |
35 | afs_child_init( server_rec *s, pool *p ) |
36 | { |
37 | setpag(); |
38 | ap_log_error( APLOG_MARK, APLOG_INFO|APLOG_NOERRNO, s, |
39 | "mod_afs: setpag called in child init" ); |
40 | return; |
41 | } |
42 | |
43 | |
bed98ff9 |
44 | static void |
45 | pioctl_cleanup( void *data ) |
46 | { |
47 | request_rec *r = (request_rec *)data; |
48 | struct ViceIoctl vi; |
49 | |
50 | vi.in = NULL; |
51 | vi.in_size = 0; |
52 | vi.out = NULL; |
53 | vi.out_size = 0; |
54 | |
55 | if ( pioctl( 0, VIOCUNPAG, &vi, 0 ) < 0 ) { |
56 | ap_log_error( APLOG_MARK, APLOG_ERR, r->server, |
b74fad73 |
57 | "mod_afs: unlog pioctl failed" ); |
bed98ff9 |
58 | } |
59 | |
60 | ap_log_error( APLOG_MARK, APLOG_ERR, r->server, |
b74fad73 |
61 | "mod_afs: unlog pioctl succeeded" ); |
62 | return; |
bed98ff9 |
63 | } |
64 | |
65 | |
66 | static int |
67 | get_afs_tokens( request_rec *r ) |
68 | { |
69 | CREDENTIALS cr; |
70 | struct ViceIoctl vi; |
71 | struct ClearToken ct; |
72 | int i, rc; |
73 | char buf[ 1024 ], *s; |
74 | char *urealm = "UMICH.EDU"; |
75 | char *lrealm = "umich.edu"; |
76 | |
b74fad73 |
77 | /* |
78 | /* setpag(); |
79 | /* ap_log_error( APLOG_MARK, APLOG_INFO|APLOG_NOERRNO, s, |
80 | /* "mod_afs: setpag called in get_afs_tokens" ); |
81 | */ |
bed98ff9 |
82 | |
83 | if (( rc = get_ad_tkt( "afs", "", urealm, 255 )) != KSUCCESS ) { |
84 | ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_INFO, r->server, |
b74fad73 |
85 | "mod_afs: get_ad_tkt: %s", krb_err_txt[ rc ] ); |
bed98ff9 |
86 | |
87 | /* user doesn't have tickets: use server's srvtab */ |
88 | |
89 | return OK; |
90 | } |
91 | |
92 | if (( rc = krb_get_cred( "afs", "", urealm, &cr )) != KSUCCESS ) { |
93 | ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r->server, |
b74fad73 |
94 | "mod_afs: krb_get_cred: %s", krb_err_txt[ rc ] ); |
bed98ff9 |
95 | return OK; |
96 | } |
97 | |
b429ae96 |
98 | ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_DEBUG, r->server, |
b74fad73 |
99 | "mod_afs: %s.%s@%s", cr.service, cr.instance, cr.realm ); |
b429ae96 |
100 | ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_DEBUG, r->server, |
b74fad73 |
101 | "mod_afs: %d %d %d", cr.lifetime, cr.kvno, cr.issue_date ); |
b429ae96 |
102 | ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_DEBUG, r->server, |
b74fad73 |
103 | "mod_afs: %s %s", cr.pname, cr.pinst ); |
b429ae96 |
104 | ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_DEBUG, r->server, |
b74fad73 |
105 | "mod_afs: %d", cr.ticket_st.length ); |
bed98ff9 |
106 | |
107 | s = buf; |
108 | memmove( s, &cr.ticket_st.length, sizeof( int )); |
109 | s += sizeof( int ); |
110 | memmove( s, cr.ticket_st.dat, cr.ticket_st.length ); |
111 | s += cr.ticket_st.length; |
112 | |
113 | ct.AuthHandle = cr.kvno; |
114 | memmove( ct.HandShakeKey, cr.session, sizeof( cr.session )); |
115 | ct.ViceId = 0; |
116 | ct.BeginTimestamp = cr.issue_date; |
117 | ct.EndTimestamp = krb_life_to_time( cr.issue_date, cr.lifetime ); |
118 | |
119 | i = sizeof( struct ClearToken ); |
120 | memmove( s, &i, sizeof( int )); |
121 | s += sizeof( int ); |
122 | memmove( s, &ct, sizeof( struct ClearToken )); |
123 | s += sizeof( struct ClearToken ); |
124 | |
125 | i = 0; |
126 | memmove( s, &i, sizeof( int )); |
127 | s += sizeof( int ); |
128 | |
129 | strcpy( s, lrealm ); |
130 | s += strlen( lrealm ) + 1; |
131 | |
132 | vi.in = buf; |
133 | vi.in_size = s - buf; |
134 | vi.out = buf; |
135 | vi.out_size = sizeof( buf ); |
136 | |
137 | if ( pioctl( 0, VIOCSETTOK, &vi, 0 ) < 0 ) { |
138 | ap_log_error( APLOG_MARK, APLOG_ERR, r->server, |
b74fad73 |
139 | "mod_afs: pioctl failed" ); |
bed98ff9 |
140 | } |
141 | |
142 | /* we'll need to unlog when this connection is done. */ |
143 | ap_register_cleanup( r->pool, (void *)r, pioctl_cleanup, ap_null_cleanup ); |
144 | |
b74fad73 |
145 | ap_log_error( APLOG_MARK, APLOG_ERR, r->server, |
146 | "mod_afs: done with token stuff" ); |
bed98ff9 |
147 | |
148 | return OK; |
149 | } |
150 | |
151 | |
152 | module MODULE_VAR_EXPORT afs_module = { |
153 | STANDARD_MODULE_STUFF, |
b429ae96 |
154 | afs_init, /* module initializer */ |
bed98ff9 |
155 | NULL, /* create per-dir config structures */ |
156 | NULL, /* merge per-dir config structures */ |
157 | NULL, /* create per-server config structures */ |
158 | NULL, /* merge per-server config structures */ |
159 | NULL, /* table of config file commands */ |
160 | NULL, /* [#8] MIME-typed-dispatched handlers */ |
161 | NULL, /* [#1] URI to filename translation */ |
162 | NULL, /* [#4] validate user id from request */ |
163 | NULL, /* [#5] check if the user is ok _here_ */ |
164 | NULL, /* [#3] check access by host address */ |
165 | NULL, /* [#6] determine MIME type */ |
166 | NULL, /* [#7] pre-run fixups */ |
167 | NULL, /* [#9] log a transaction */ |
168 | get_afs_tokens, /* [#2] header parser */ |
b74fad73 |
169 | afs_child_init, /* child_init */ |
bed98ff9 |
170 | NULL, /* child_exit */ |
171 | NULL /* [#0] post read-request */ |
172 | #ifdef EAPI |
173 | ,NULL, /* EAPI: add_module */ |
174 | NULL, /* EAPI: remove_module */ |
175 | NULL, /* EAPI: rewrite_command */ |
176 | NULL /* EAPI: new_connection */ |
177 | #endif |
178 | }; |