#include <kerberosIV/des.h>
#include <afs/venus.h>
-#define KEYTAB_PATH "/usr/local/etc/kerbero/keytab.cosign"
+#define KEYTAB_PATH "/usr/local/users/clunis/keytab.umweb.mysql"
+#define PRINCIPAL "umweb/mysql"
#define IN_TKT_SERVICE "krbtgt/UMICH.EDU"
module waklog_module;
cfg = (waklog_host_config *)ap_pcalloc( p, sizeof( waklog_host_config ));
cfg->configured = 0;
cfg->protect = 0;
- cfg->keytab = NULL;
return( cfg );
}
cfg = (waklog_host_config *)ap_pcalloc( p, sizeof( waklog_host_config ));
cfg->configured = 0;
cfg->protect = 0;
- cfg->keytab = NULL;
return( cfg );
}
cfg = (waklog_host_config *)mconfig;
}
+ ap_log_error( APLOG_MARK, APLOG_INFO|APLOG_NOERRNO, params->server,
+ "mod_waklog: using keytab: %s", file );
+
cfg->keytab = file;
cfg->configured = 1;
return( NULL );
return;
}
- if (( kerror = krb5_parse_name( kcontext, r->connection->user,
- &kprinc ))) {
+ if (( kerror = krb5_parse_name( kcontext, "PRINCIPAL", &kprinc ))) {
ap_log_error( APLOG_MARK, APLOG_ERR, r->server,
(char *)error_message( kerror ));
krb5_free_principal( kcontext, kprinc );
krb5_cc_close( kcontext, kccache );
krb5_free_context( kcontext );
+
+ return( 0 );
}
r->server->module_config, &waklog_module);
}
- if ( !cfg->protect ) {
- return( DECLINED );
- }
-
- if ( cfg->keytab ) {
+ if ( cfg->keytab != NULL ) {
ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r->server,
"mod_waklog: keytab is configured: %s", cfg->keytab );
- /* check for afs token? */
-
/* authenticate using keytab file */
-
- /* 524 */
-
- /* get afs token */
+ waklog_ktinit( r );
return OK;
+ } else {
+ ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r->server,
+ "mod_waklog: keytab is not configured" );
+ }
+
+ if ( !cfg->protect ) {
+ return( DECLINED );
}
if (( rc = krb_get_cred( "afs", "", urealm, &cr )) != KSUCCESS ) {