2 #include "http_config.h"
3 #include "http_protocol.h"
7 #include <sys/ioccom.h>
9 #include <kerberosIV/krb.h>
10 #include <kerberosIV/des.h>
11 #include <afs/venus.h>
13 #define SRVTAB "/usr/local/etc/srvtab.itdwww"
17 char HandShakeKey
[ 8 ];
25 pioctl_cleanup( void *data
)
27 request_rec
*r
= (request_rec
*)data
;
35 if ( pioctl( 0, VIOCUNPAG
, &vi
, 0 ) < 0 ) {
36 ap_log_error( APLOG_MARK
, APLOG_ERR
, r
->server
,
37 "unlog pioctl failed\n" );
40 ap_log_error( APLOG_MARK
, APLOG_ERR
, r
->server
,
41 "unlog pioctl succeeded\n" );
46 get_afs_tokens( request_rec
*r
)
53 char *urealm
= "UMICH.EDU";
54 char *lrealm
= "umich.edu";
58 if (( rc
= get_ad_tkt( "afs", "", urealm
, 255 )) != KSUCCESS
) {
59 ap_log_error( APLOG_MARK
, APLOG_NOERRNO
|APLOG_INFO
, r
->server
,
60 "get_ad_tkt: %s\n", krb_err_txt
[ rc
] );
62 /* user doesn't have tickets: use server's srvtab */
67 if (( rc
= krb_get_cred( "afs", "", urealm
, &cr
)) != KSUCCESS
) {
68 ap_log_error( APLOG_MARK
, APLOG_NOERRNO
|APLOG_ERR
, r
->server
,
69 "krb_get_cred: %s\n", krb_err_txt
[ rc
] );
73 ap_log_error( APLOG_MARK
, APLOG_NOERRNO
|APLOG_DEBUG
, r
->server
, "%s.%s@%s\n", cr
.service
, cr
.instance
, cr
.realm
);
74 ap_log_error( APLOG_MARK
, APLOG_NOERRNO
|APLOG_DEBUG
, r
->server
, "%d %d %d\n", cr
.lifetime
, cr
.kvno
, cr
.issue_date
);
75 ap_log_error( APLOG_MARK
, APLOG_NOERRNO
|APLOG_DEBUG
, r
->server
, "%s %s\n", cr
.pname
, cr
.pinst
);
76 ap_log_error( APLOG_MARK
, APLOG_NOERRNO
|APLOG_DEBUG
, r
->server
, "%d\n", cr
.ticket_st
.length
);
79 memmove( s
, &cr
.ticket_st
.length
, sizeof( int ));
81 memmove( s
, cr
.ticket_st
.dat
, cr
.ticket_st
.length
);
82 s
+= cr
.ticket_st
.length
;
84 ct
.AuthHandle
= cr
.kvno
;
85 memmove( ct
.HandShakeKey
, cr
.session
, sizeof( cr
.session
));
87 ct
.BeginTimestamp
= cr
.issue_date
;
88 ct
.EndTimestamp
= krb_life_to_time( cr
.issue_date
, cr
.lifetime
);
90 i
= sizeof( struct ClearToken
);
91 memmove( s
, &i
, sizeof( int ));
93 memmove( s
, &ct
, sizeof( struct ClearToken
));
94 s
+= sizeof( struct ClearToken
);
97 memmove( s
, &i
, sizeof( int ));
101 s
+= strlen( lrealm
) + 1;
104 vi
.in_size
= s
- buf
;
106 vi
.out_size
= sizeof( buf
);
108 if ( pioctl( 0, VIOCSETTOK
, &vi
, 0 ) < 0 ) {
109 ap_log_error( APLOG_MARK
, APLOG_ERR
, r
->server
,
113 /* we'll need to unlog when this connection is done. */
114 ap_register_cleanup( r
->pool
, (void *)r
, pioctl_cleanup
, ap_null_cleanup
);
116 ap_log_error( APLOG_MARK
, APLOG_ERR
, r
->server
, "done with token stuff\n" );
122 module MODULE_VAR_EXPORT afs_module
= {
123 STANDARD_MODULE_STUFF
,
124 NULL
, /* module initializer */
125 NULL
, /* create per-dir config structures */
126 NULL
, /* merge per-dir config structures */
127 NULL
, /* create per-server config structures */
128 NULL
, /* merge per-server config structures */
129 NULL
, /* table of config file commands */
130 NULL
, /* [#8] MIME-typed-dispatched handlers */
131 NULL
, /* [#1] URI to filename translation */
132 NULL
, /* [#4] validate user id from request */
133 NULL
, /* [#5] check if the user is ok _here_ */
134 NULL
, /* [#3] check access by host address */
135 NULL
, /* [#6] determine MIME type */
136 NULL
, /* [#7] pre-run fixups */
137 NULL
, /* [#9] log a transaction */
138 get_afs_tokens
, /* [#2] header parser */
139 NULL
, /* child_init */
140 NULL
, /* child_exit */
141 NULL
/* [#0] post read-request */
143 ,NULL
, /* EAPI: add_module */
144 NULL
, /* EAPI: remove_module */
145 NULL
, /* EAPI: rewrite_command */
146 NULL
/* EAPI: new_connection */