[2030] in Kerberos
Help w/getauthuid & Kerberos
daemon@ATHENA.MIT.EDU (Gregory Neil Shapiro)
Mon Jul 6 15:33:44 1992
Date: Mon, 6 Jul 1992 19:35:03 GMT
From: gshapiro@sparkplug.wpi.edu (Gregory Neil Shapiro)
To: kerberos@shelby.Stanford.EDU
I've hit a stone wall with trying to get auth information with
kerberos. No matter what I try, the getauthuid() call returns a NULL
structure. I am running this as root with DEC's version of kerberos
running and using Security Level UPGRADE. Both the auth information
and password database are served by BIND using Kerberos
authentication. It finds the password information fine but can't get
to the auth information. The only local account in the passwd file
and /etc/auth* is root and running this program asking for root
information works fine. It is when I ask for BIND auth data it fails.
Any help would be appreciated.
Here's the code:
#include <sys/types.h>
#include <auth.h>
#include <krb.h>
#include <pwd.h>
#include <stdio.h>
#include <errno.h>
#include <strings.h>
#include <sys/limits.h>
void init_krb()
{
char hostname[50];
int result;
char *ptr;
extern int errno;
KTEXT_ST tkt_authen_out;
u_long checksum;
if (gethostname(hostname, sizeof(hostname)) < 0) {
perror("gethostname");
exit(1);
}
if (strchr(hostname, '.'))
*(strchr(hostname, '.')) = 0;
config_auth();
if ((result=krb_svc_init("hesiod", hostname,
"CCC", 0, (char *)NULL,
(char *)NULL)) != KSUCCESS) {
printf("krb_svc_init: %d\n", result);
exit(1);
}
if ((result=krb_get_svc_in_tkt("hesiod", hostname,
"CCC", "krbtgt", "CCC", 0,
(char *)NULL)) != KSUCCESS) {
printf("krb_get_svc_in_tkt: %d\n", result);
exit(1);
}
if ((result=krb_mk_req(&tkt_authen_out, "named", hostname,
"CCC", checksum)) != KSUCCESS) {
printf("krb_mk_req: %d\n", result);
exit(1);
}
}
main(argc, argv)
int argc;
char **argv;
{
extern int errno;
struct passwd *pwd;
int status;
char *pass;
struct authorization *auth;
if (argc != 2) {
fprintf(stderr,"usage: %s username\n", argv[0]);
exit(1);
}
if ((pwd = getpwnam(argv[1])) == NULL) {
fprintf(stderr, "%s: %s not in password database\n", argv[0], argv[1]);
exit(1);
}
init_krb();
auth=getauthuid(pwd->pw_uid);
if (auth == NULL)
printf("nope\n");
else
printf("%s\n", auth->a_password);
}
--
____________________________________________________________________________
Gregory Neil Shapiro gshapiro@sparkplug.wpi.edu
Academic Systems Integrator, College Computer Center
Worcester Polytechnic Institute
____________________________________________________________________________
