[hcoop/zz_old/modwaklog.git] / mod_afs.c

#include "httpd.h"
#include "http_config.h"
#include "http_protocol.h"
#include "http_log.h"
#include "ap_config.h"

#include <sys/ioccom.h>
#include <stropts.h>
#include <kerberosIV/krb.h>
#include <kerberosIV/des.h>
#include <afs/venus.h>

#define SRVTAB "/usr/local/etc/srvtab.itdwww"

struct ClearToken {
    long AuthHandle;
    char HandShakeKey[ 8 ];
    long ViceId;
    long BeginTimestamp;
    long EndTimestamp;
};


    static void
pioctl_cleanup( void *data )
{
    request_rec		*r = (request_rec *)data;
    struct ViceIoctl	vi;

    vi.in = NULL;
    vi.in_size = 0;
    vi.out = NULL;
    vi.out_size = 0;

    if ( pioctl( 0, VIOCUNPAG, &vi, 0 ) < 0 ) {
	ap_log_error( APLOG_MARK, APLOG_ERR, r->server,
		"unlog pioctl failed\n" );
    }

    ap_log_error( APLOG_MARK, APLOG_ERR, r->server,
	    "unlog pioctl succeeded\n" );
}


    static int
get_afs_tokens( request_rec *r )
{
    CREDENTIALS		cr;
    struct ViceIoctl	vi;
    struct ClearToken	ct;
    int			i, rc;
    char		buf[ 1024 ], *s;
    char		*urealm = "UMICH.EDU";
    char		*lrealm = "umich.edu";

    setpag();

    if (( rc = get_ad_tkt( "afs", "", urealm, 255 )) != KSUCCESS ) {
	ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_INFO, r->server,
		"get_ad_tkt: %s\n", krb_err_txt[ rc ] );

	/* user doesn't have tickets: use server's srvtab */

	return OK;
    }

    if (( rc = krb_get_cred( "afs", "", urealm, &cr )) != KSUCCESS ) {
	ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r->server,
		"krb_get_cred: %s\n", krb_err_txt[ rc ] );
	return OK;
    }

    ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_DEBUG, r->server, "%s.%s@%s\n", cr.service, cr.instance, cr.realm );
    ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_DEBUG, r->server, "%d %d %d\n", cr.lifetime, cr.kvno, cr.issue_date );
    ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_DEBUG, r->server, "%s %s\n", cr.pname, cr.pinst );
    ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_DEBUG, r->server, "%d\n", cr.ticket_st.length );

    s = buf;
    memmove( s, &cr.ticket_st.length, sizeof( int ));
    s += sizeof( int );
    memmove( s, cr.ticket_st.dat, cr.ticket_st.length );
    s += cr.ticket_st.length;

    ct.AuthHandle = cr.kvno;
    memmove( ct.HandShakeKey, cr.session, sizeof( cr.session ));
    ct.ViceId = 0;
    ct.BeginTimestamp = cr.issue_date;
    ct.EndTimestamp = krb_life_to_time( cr.issue_date, cr.lifetime );

    i = sizeof( struct ClearToken );
    memmove( s, &i, sizeof( int ));
    s += sizeof( int );
    memmove( s, &ct, sizeof( struct ClearToken ));
    s += sizeof( struct ClearToken );

    i = 0;
    memmove( s, &i, sizeof( int ));
    s += sizeof( int );

    strcpy( s, lrealm );
    s += strlen( lrealm ) + 1;

    vi.in = buf;
    vi.in_size = s - buf;
    vi.out = buf;
    vi.out_size = sizeof( buf );

    if ( pioctl( 0, VIOCSETTOK, &vi, 0 ) < 0 ) {
	ap_log_error( APLOG_MARK, APLOG_ERR, r->server,
		"pioctl failed\n" );
    }

    /* we'll need to unlog when this connection is done. */
    ap_register_cleanup( r->pool, (void *)r, pioctl_cleanup, ap_null_cleanup );

ap_log_error( APLOG_MARK, APLOG_ERR, r->server, "done with token stuff\n" );

    return OK;
}


module MODULE_VAR_EXPORT afs_module = {
    STANDARD_MODULE_STUFF, 
    NULL,                  /* module initializer                  */
    NULL,                  /* create per-dir    config structures */
    NULL,                  /* merge  per-dir    config structures */
    NULL,                  /* create per-server config structures */
    NULL,                  /* merge  per-server config structures */
    NULL,                  /* table of config file commands       */
    NULL,                  /* [#8] MIME-typed-dispatched handlers */
    NULL,                  /* [#1] URI to filename translation    */
    NULL,                  /* [#4] validate user id from request  */
    NULL,                  /* [#5] check if the user is ok _here_ */
    NULL,                  /* [#3] check access by host address   */
    NULL,                  /* [#6] determine MIME type            */
    NULL,                  /* [#7] pre-run fixups                 */
    NULL,                  /* [#9] log a transaction              */
    get_afs_tokens,        /* [#2] header parser                  */
    NULL,                  /* child_init                          */
    NULL,                  /* child_exit                          */
    NULL                   /* [#0] post read-request              */
#ifdef EAPI
   ,NULL,                  /* EAPI: add_module                    */
    NULL,                  /* EAPI: remove_module                 */
    NULL,                  /* EAPI: rewrite_command               */
    NULL                   /* EAPI: new_connection                */
#endif
};
Commit	Line	Data
bed98ff9	1	#include "httpd.h"
	2	#include "http_config.h"
	3	#include "http_protocol.h"
	4	#include "http_log.h"
	5	#include "ap_config.h"
	6
	7	#include <sys/ioccom.h>
	8	#include <stropts.h>
	9	#include <kerberosIV/krb.h>
	10	#include <kerberosIV/des.h>
	11	#include <afs/venus.h>
	12
	13	#define SRVTAB "/usr/local/etc/srvtab.itdwww"
	14
	15	struct ClearToken {
	16	long AuthHandle;
	17	char HandShakeKey[ 8 ];
	18	long ViceId;
	19	long BeginTimestamp;
	20	long EndTimestamp;
	21	};
	22
	23
	24	static void
	25	pioctl_cleanup( void *data )
	26	{
	27	request_rec r = (request_rec )data;
	28	struct ViceIoctl vi;
	29
	30	vi.in = NULL;
	31	vi.in_size = 0;
	32	vi.out = NULL;
	33	vi.out_size = 0;
	34
	35	if ( pioctl( 0, VIOCUNPAG, &vi, 0 ) < 0 ) {
	36	ap_log_error( APLOG_MARK, APLOG_ERR, r->server,
	37	"unlog pioctl failed\n" );
	38	}
	39
	40	ap_log_error( APLOG_MARK, APLOG_ERR, r->server,
	41	"unlog pioctl succeeded\n" );
	42	}
	43
	44
	45	static int
	46	get_afs_tokens( request_rec *r )
	47	{
	48	CREDENTIALS cr;
	49	struct ViceIoctl vi;
	50	struct ClearToken ct;
	51	int i, rc;
	52	char buf[ 1024 ], *s;
	53	char *urealm = "UMICH.EDU";
	54	char *lrealm = "umich.edu";
	55
	56	setpag();
	57
	58	if (( rc = get_ad_tkt( "afs", "", urealm, 255 )) != KSUCCESS ) {
	59	ap_log_error( APLOG_MARK, APLOG_NOERRNO\|APLOG_INFO, r->server,
	60	"get_ad_tkt: %s\n", krb_err_txt[ rc ] );
	61
	62	/* user doesn't have tickets: use server's srvtab */
	63
	64	return OK;
65	}
66
67	if (( rc = krb_get_cred( "afs", "", urealm, &cr )) != KSUCCESS ) {
68	ap_log_error( APLOG_MARK, APLOG_NOERRNO\|APLOG_ERR, r->server,
69	"krb_get_cred: %s\n", krb_err_txt[ rc ] );
70	return OK;
71	}
72
73	ap_log_error( APLOG_MARK, APLOG_NOERRNO\|APLOG_DEBUG, r->server, "%s.%s@%s\n", cr.service, cr.instance, cr.realm );
74	ap_log_error( APLOG_MARK, APLOG_NOERRNO\|APLOG_DEBUG, r->server, "%d %d %d\n", cr.lifetime, cr.kvno, cr.issue_date );
75	ap_log_error( APLOG_MARK, APLOG_NOERRNO\|APLOG_DEBUG, r->server, "%s %s\n", cr.pname, cr.pinst );
76	ap_log_error( APLOG_MARK, APLOG_NOERRNO\|APLOG_DEBUG, r->server, "%d\n", cr.ticket_st.length );
77
78	s = buf;
79	memmove( s, &cr.ticket_st.length, sizeof( int ));
80	s += sizeof( int );
81	memmove( s, cr.ticket_st.dat, cr.ticket_st.length );
82	s += cr.ticket_st.length;
83
84	ct.AuthHandle = cr.kvno;
85	memmove( ct.HandShakeKey, cr.session, sizeof( cr.session ));
86	ct.ViceId = 0;
87	ct.BeginTimestamp = cr.issue_date;
88	ct.EndTimestamp = krb_life_to_time( cr.issue_date, cr.lifetime );
89
90	i = sizeof( struct ClearToken );
91	memmove( s, &i, sizeof( int ));
92	s += sizeof( int );
93	memmove( s, &ct, sizeof( struct ClearToken ));
94	s += sizeof( struct ClearToken );
95
96	i = 0;
97	memmove( s, &i, sizeof( int ));
98	s += sizeof( int );
99
100	strcpy( s, lrealm );
101	s += strlen( lrealm ) + 1;
102
103	vi.in = buf;
104	vi.in_size = s - buf;
105	vi.out = buf;
106	vi.out_size = sizeof( buf );
107
108	if ( pioctl( 0, VIOCSETTOK, &vi, 0 ) < 0 ) {
109	ap_log_error( APLOG_MARK, APLOG_ERR, r->server,
110	"pioctl failed\n" );
111	}
112
113	/* we'll need to unlog when this connection is done. */
114	ap_register_cleanup( r->pool, (void *)r, pioctl_cleanup, ap_null_cleanup );
115
116	ap_log_error( APLOG_MARK, APLOG_ERR, r->server, "done with token stuff\n" );
117
118	return OK;
119	}
120
121
122	module MODULE_VAR_EXPORT afs_module = {
123	STANDARD_MODULE_STUFF,
124	NULL, /* module initializer */
125	NULL, /* create per-dir config structures */
126	NULL, /* merge per-dir config structures */
127	NULL, /* create per-server config structures */
128	NULL, /* merge per-server config structures */
129	NULL, /* table of config file commands */
130	NULL, /* [#8] MIME-typed-dispatched handlers */
131	NULL, /* [#1] URI to filename translation */
132	NULL, /* [#4] validate user id from request */
133	NULL, /* [#5] check if the user is ok _here_ */
134	NULL, /* [#3] check access by host address */
135	NULL, /* [#6] determine MIME type */
136	NULL, /* [#7] pre-run fixups */
137	NULL, /* [#9] log a transaction */
138	get_afs_tokens, /* [#2] header parser */
139	NULL, /* child_init */
140	NULL, /* child_exit */
141	NULL /* [#0] post read-request */
142	#ifdef EAPI
143	,NULL, /* EAPI: add_module */
144	NULL, /* EAPI: remove_module */
145	NULL, /* EAPI: rewrite_command */
146	NULL /* EAPI: new_connection */
147	#endif
148	};